Compliance and Regulations

In the healthcare industry, protected health information (PHI) is the primary focus of information technology (IT) risk management practices. Traditionally, sensitive health information has been tracked and managed via paper records. The maintenance and protection of these records relied heavily on people and processes. The risk of unauthorized access, modification, or destruction of information existed, but on average, it would impact just a handful of individuals. The increased adoption of technology in healthcare (e.g., electronic medical records, health information exchanges, networked medical devices) increases the risk of PHI becoming vulnerable to unauthorized disclosures because of the greater amount of data now accessible.

As per BitSight's security ratingfl 21], healthcare is one of the more poorly performing industries. Healthcare data is susceptible and private, so any loMT solution has the utmost responsibility to secure patient information. However, some challenges for loMT are bigger than just protecting stored patient information. For example, the transmission of data from device-to-cloud storage through a network and its intermediate points also needs to be secured. Most importantly, healthcare solutions must сотру with several compliance standards to ensure the security of PHI:


HIPPA was introduced in 1996 and applies to healthcare providers involved in electronic transactions (e.g., health plans, etc.), as well as service providers granting access to any third party associates.


Introduced in 2009, this act extended HIPPA to a set of federal standards intended to protect the security and privacy of PHI. HIPAA and HITECH impose requirements related to the use and disclosure of PHI, appropriate safeguards to protect PHI, individual rights, and administrative responsibilities.


Both the Health Information Trust Alliance (HITRUST), and the HITRUST Common Security Framework (CSF) are recent additions to the healthcare information security and compliance landscape. HITRUST was established in 2008 to enable trust in the healthcare industry. The CSF is a framework designed to provide prescriptive, comprehensive guidance for implementing reasonable and appropriate security controls based on risk and agreed to by the broader industry.


The Payment Card Industry (PCI) and the PCI Data Security Standard (DSS) are more broadly focused, international industry groups that have set requirements for payment card (e.g., credit card) processors and the merchants accepting those cards. The reason this compliance is important is that many healthcare organizations, such as hospitals and physician practices, accept credit cards as a form of payment for healthcare services. In a typical healthcare monitoring system, the cloud is the preferred platform to aggregate, store, and analyze data collected from the Medical Internet of Things (or MIoT) devices used by patients or medical facilities. However, remote cloud servers and storage can be a source of delay and due to distant communication and networking. Particularly, in case of an emergency, a minor delay or response on analyzed data can result in inaccurate treatment decisions that may put the patient's life at risk. An intermediate layer of fog or edge nodes are used to overcome network and communication delays and storage of MIoT data. To this end, an association of MIoT devices, fog computing and cloud computing have now become the most preferred solution for a typical healthcare monitoring system.

What We See in Future

The following topics cover the broad area of loT and smart healthcare future trends.

Healthcare Robots

What if the person providing personal care at home is not a person at all but a robot instead? Japan, with its One Child per Family policy, faces a much more significant ageing problem than we do, and they are turning to healthcare robots for help. Japan is pioneering the early development of healthcare robots and in a survey conducted in 2018 by Orix Living Corp., over 80 percent of people said they are ready to or want to receive nursing care from robots. South Korea also faces an ageing issue, as does most of the globe, and they have mandated a robot in every home by 2020. They do this because robots can easily do repetitive tasks or ones that are too dangerous or difficult for humans. They can easily lift and transfer heavy patients, but their strong arms lack sensitivity today. That will be fixed with improved sensors. What's especially attractive about robots is that they can work 24/7 without complaining about low wages or the lack of benefits; and while they're expensive to buy now, those costs will fall as technology allows. Robots can be directed by humans or made to learn and operate on their own. Moreover, they can serve as personal assistants (e.g., Roomba vacuum or Paro companion robot seal), can be something we wear or ride in (e.g., exoskeleton or Google's self-driving car), or even something inside our bodies (nano-scale bots in our bloodstream).

The Brain Computer Interface

The ability to sense electrical activity of nerve endings is already leading to advanced prosthetics for amputees, and so people with quadriplegia can control robot arms just by thinking about it. A brain-computer interface could also be used to control an exoskeleton or robot, and the military is already envisioning soldiers with telepathic helmets by 2020. So what might be the result of converging Information and Cognitive Computing? Futurist Ray Kurzweil has studied this field and foresees a supercomputer exceeding the computational and analytically power of the human brain in the early of 2013 and now in 2020 the research going to next level by leveraging Artificial intelligence and machine learning. In many ways, IBM's Watson already has. However, by simply extrapolating Moore's Law into the future, Kurzweil predicts that by 2023, a $1,000 computer will have the power of the human brain and by 2037 a $0.01 computer will too. By 2049 (still possible in my lifetime), a $1,000 computer will exceed the power of the human race, and ten years later a $0.01 computer will. Way before then, we will see improvements in the brain-computer interface, so changes in healthcare beyond 10-20 years get much harder to imagine. Fig.11.4 represents the human brain-computer interfacing. By the end of 2020s, most diseases will go away as

Source: NYC MEDIA LAB,Human-Computer Interaction Figure 11.4: The Brain-Computer Interface

nanobots become smarter than current medical technology. Nanosystems can replace normal human eating. The Turing test begins to be passable. Self-driving cars begin to take over the roads, and people will not be allowed to drive on highways. By the 2030s, virtual reality will begin to feel 100% real. We will be able to upload our mind/consciousness by the end of the decade. By the 2040s, non-biological intelligence will be a billion times more capable than biological intelligence. Nanotech froglets will be able to make food out of thin air and create any object in the physical world at a whim. By 2045, we will multiply our intelligence a billionfold by linking wirelessly from our neocortex to a synthetic neocortex in the cloud.

< Prev   CONTENTS   Source   Next >