Are Smart Pills a Smart Idea for the IoT?

Cloud Security Health

Smart Pills and IoT

It stands to reason that the medical industry would be the most likely place for groundbreaking and disruptive tech advancement. An aging baby boomer population—a huge slice of America

as we know it—is seeking to prolong their parents’ lives and eventually their own. To put it lightly, there’s a lot of money in medicine.

Healthcare accounts for about 17 percent of the nation’s GDP, and an ever-ballooning part of the American healthcare product is a suite of tech innovations collectively called telehealth, a term we’re seeing a lot of these days. Regis College defines telehealth not as a particular thing, but as something people do:

Medical professionals use the Internet to gather and share information as well as monitor the health conditions of patients by using peripheral equipment and software such as video conferencing devices, store-and-forward imaging, and streaming media.”

In that sense, there’s huge concern about whether the gathering and sharing of information through telehealth meets the Health Insurance Portability and Accountability Act (HIPAA) standards. These are rigorous standards designed to protect patient information. Now, the smart pill, a new entrant to the internet of things, seem to have it all figured out.

Abilify MyCite relies on a silicon chip in each pill to relay information to a wearable patch. When you take a pill your stomach acid activates the chip, which then tells the wearable patch what time you took the pill along with information about your “activity and stress levels at the point of ingestion,” according to MD Connect. How the chip is able to measure your activity and stress levels is unclear. After the patch receives data from the chip, it encrypts them and transmits them via Bluetooth to an app on your phone. From there, the app encrypts the data once more, and MD Connect points out you have the choice to either share the data with your physician or simply keep track of your own compliance over time.

Compliance is important for patients who take Abilify because they can have a hard time functioning without it. The drug treats symptoms of schizophrenia and bipolar disorder. Yet the FDA notes that “the ability of the product to improve patient compliance with their treatment regimen has not been shown.” Moreover, “Abilify MyCite should not be used to track drug ingestion in real-time or during an emergency because detection may be delayed or may not occur.

In other words, the pill may be able to provide info about compliance but there’s no guarantee the patient will take it, nor is there any guarantee the pill’s silicon sensor will work once it’s in your system.

The symptoms of schizophrenia include paranoia, so it’s not hard to imagine a paranoid person feeling squeamish about taking a pill with a chip embedded in it. The worry, as the New York Times points out, is over a “Biomedical Big Brother.” What if data is leaked to a government entity or even advertisers? MD Connect maintains that the short amount of transmission time between the pill and the wearable patch make it nearly impossible to intercept that signal, while end-to-end encryption provides security between the patch, the app, and the endpoint at the doctor’s office.

The patient who takes the pill can give up to four people access to their data. From the patient’s perspective, concerns over privacy would revolve around the veracity of the app’s claim that data is only shared with the patient’s treatment team—that is, the family members, caretakers, and medical personnel with whom the patient wants to share data.

For the pill to comply with HIPAA, the patient’s data absolutely must remain private according to the patient’s wishes. If the data ends up in a third party’s hands, it’s a violation of the law. Tell that to a hacker seeking to profit from medical data.

As this infographic from University of Illinois at Chicago shows, data security is a huge concern for the healthcare industry:

Smart Pills and IoT

(Infographic Source: healthinformatics.uic.edu)

In 2018, about 50 percent of smartphone users will have health apps on their phones. At the same time, 1 out of 3 people had their data compromised by a security breach of some sort in 2016. In 2015, nearly 112 million people saw their data end up in unknown hands due to a hacking or IT incident.

What’s at stake here for Abilify MyCite and other future pills with embedded sensors? Treatment teams can access Abilify MyCite’s data from a web portal, so the app does transmit patient data to the cloud. This opens up the whole host of issues surrounding security when it comes to each person’s use of a personal device to access electronic health info. Passwords have to be tough to crack; operating systems, firewalls and security software must be up-to-date; the cloud provider must enable remote wiping; and the data provider must conduct an annual HIPAA security risk analysis.

Overall, there’s a reason why experts recommend people shouldn’t use their personal devices to access electronic health records. People get all sorts of viruses on their computers, and cybersecurity threats are multiplying. Abilify MyCite has the right idea with end-to-end encryption. Now it’s up to each member of a patient’s treatment team to keep the data safe.

By Daniel Matthews

Suraj Gupta

The Rise of the “Ecosystem of Ecosystems”

Ecosystems Emergence Even during these uncertain times, once fierce competitors are now collaborating and co-existing to not only survive, but thrive. Salesforce is partnering with Microsoft and AWS for better customer success. Apple is partnering ...
Mark Casey Apcela

Why CloudHubs are an Important Ingredient to Optimizing Performance of Cloud-based Applications

CloudHubs - Optimizing Application Performance It may seem hard to believe, but even in this day and age, there are still some enterprises that are cloud-averse. For whatever reason, they are hesitant to have their ...
Martin Mendelsohn

The Growth of Third Party Risk Management (TPRM) Firms

Cybersecurity and the Continued Risks Back in the day, we played cops and robbers with sticks and plastic squirt guns.  Sometimes you were pursued, at other times you were the pursuer.  There wasn’t much more ...
Patrick Joggerst

Session Border Control as a Service: Faster, More Secure and Dramatically Less Complex Enterprise Communications

Session Border Control as a Service As businesses are increasingly moving to cloud-based unified communications (UC) for improved collaboration and productivity, they must also ensure that their networks and systems are as secure as possible ...
Christian Buckley

The Evolution of SharePoint Customization

When I started working with SharePoint back in 2005, deploying WSS 2.0 followed and then SharePoint Portal Server 2003 for a large client, the concept of "customization" as we define it today was not really ...
Sangeeta Chhabra

What Accountants Should Know About The Cloud

Cloud Accounting Cloud technology has been at the top of the charts of new-age technologies for a long time now. Almost every industry in the world has started realizing its capabilities and integrating cloud strategies ...