Guest post by Dr Michael Abrams
For all the talk about connectivity, security and analytics, the IoT is ultimately about the information; where it flows, who owns it, and how it’s used. Nowhere are these IoT questions more immediately relevant to us than in Healthcare. The term “Connected Health” was even coined to ease the process of our being woven into the IoT web, and in the hope it would encourage us to trust the architects of that process. But should we?
Connected Health offers to collect our medical information in real-time, return real-time analytics, help medicine become a ‘predictive’ science and ultimately, to improve our clinical outcomes. The question is, where does this information go and how is it used? Does it go to the doctor – who would use that information to provide the best possible care to every patient, one patient at a time… or does it go to the insurance company, who would use it to refine actuarial analysis and to improve its profit margins? Let’s consider an example.
Electronic Medical Records (EMR) is an IoT gateway that connects the caregiver and the patient to the underlying Information Systems. Designed properly, an EMR would provide the doctor with real-time analytics as they examined the patient, improve workflows, and allow patient information to be shared securely with other caregivers. Instead, EMRs have been designed to use our health information to improve business systems, and most doctors will tell you that EMRs have made it much more difficult to care for patients… and patients will tell you they hate seeing a doctor with their face buried in the computer screen. EMRs are an Epic IoT failure, because the architects failed to first consider how the information should flow and be used. So what else is in store for us?
What happens if the information derived from clinical analytics is used incorrectly? Population Health – a growing science defined as “the health outcomes of a group of individuals, including the distribution of such outcomes within the group”, aims to improve the health of whole populations. Used properly, this information helps a doctor understand how their decision is likely to affect a given patient, but cannot be used to determine a clinical decision in advance, or to predict an outcome. An insurance company would use this information to optimize the outcomes for a group of patients (‘covered lives’) using the allotted resources, and thereby increase their profit margins – not ideal if you happen to be different from the ‘average’ patient in their population of covered lives.
Unfortunately, it’s difficult to get patients engaged in decisions about their medical information, particularly when we coin terms like ‘Connected Health’ and ‘Population Health’ that are designed to encourage patients to trust the architects. But there is clearly a growing distrust. Much like we fear the looming intersection of artificial intelligence and robotics – because we’ve all seen the Terminator, Vice President Cheney turned off the wireless platform in his pacemaker because Barnaby Jack proved he could hack it, and conspiracy theories appeared when Barnaby Jack mysteriously died a week before he was going reveal the vulnerabilities of wireless implanted medical devices at the Black Hat convention. We’ve begun to sense the gravity of this issue. So, what about those wireless medical devices? Have our Connected Health architects thought any more carefully about how to connect them to the IoT? Clearly not.
Ideally, the medical information in a wireless link should be visible only to the linked devices. Unfortunately, we currently use tiny radios, such as Bluetooth, to transmit that information. Radios are designed to transmit information over great distances, and are therefore call “Far-field” transmitters. That’s why Bluetooth devices have been hacked over a mile away. So why would anyone in their right mind want their medical devices to be connected with Bluetooth, and why are medical device manufacturers putting it in their devices anyway? It’s because Bluetooth is cheap and easy, and because the architects did not begin by defining ‘secure and reliable’ as primary features when designing the systems. If they did, they would have looked to “Near-field” solutions to connect medical devices, since Near-field signals decay a thousand times faster than Bluetooth. Near Field Magnetic Induction (NFMI) has been used safely in hearing aids and pacemakers for over a decade, and NFMI is far superior to Bluetooth by almost every measure for medical devices. Again, there’s been a failure to begin by asking fundamental questions about the information.
The IoT is already well under way, and enormous battles over the control of our Protected Health Information have already begun. Unfortunately, our Healthcare system has devolved to a point where the two most important stakeholders in that debate – the doctor and the patient, no longer have a voice… and I’m not sure I believe the architects even want to listen.
“There are only two jobs in medicine; taking care of the patient, and taking care of those that do” (Dr. George Beauchamp, RIP)