Recent News

Navigating challenges of IoMT devices in hospitals: Ensuring safety and efficiency


The integration of internet of medical things devices in complex healthcare landscape represents a rallying cry for progress. With the ability to revolutionise patient care through enhanced diagnostics, real-time monitoring, streamlined operations and more, these ingenious gadgets and systems hold the promise of dramatically reshaping the healthcare industry. From hypervigilant smart monitors that oversee vital signs to sophisticated sensors tracking the administering of medication, the IoMT (internet of medical things) narrative has the potential to rewrite the rules of healthcare delivery, unveiling possibilities that were previously thought to be unattainable only a few years ago, says Miguel Perez, OEM (original equipment manufacturer) product manager, Digi International.

As it currently stands, the IoMT ecosystem is poised for exponential growth, with forecasts predicting a remarkable $187 billion valuation by 2028. Still, boldly going into this new era is not without its challenges. While projections indicate that the number of IoMT devices in hospitals will exceed 7 million by 2026, a cautionary tale unfolds. As IoMT devices are continuously woven into the fabric of the modern healthcare environment, reaching from patient rooms to surgical centres and beyond, they bring with them a host of challenges that demand meticulous attention to ensure patient safety, protect confidential data and optimise the efficacy of hospital operations.

Closer look at the challenges 

  • Interoperability and standardisation 

The sheer diversity of IoMT devices each designed with their own distinct communication protocols, including those at the application layer impedes the effortless sharing of data as well as collaborative decision-making. This fragmentation underscores the urgent need for standardised application layer communication protocols, facilitating easy integration and efficient data exchange across various stakeholders, including healthcare providers, administrators, and patients.

  • Data security and privacy 

As the proliferation of IoMT devices continues, the interconnected nature of these solutions creates an intricate web of data flow. Unfortunately, such widespread connectivity exposes considerable weaknesses that can be exploited by cybercriminals. In fact, a jaw-dropping 53% of connected medical devices have been identified with vulnerabilities. These known susceptibilities, and those that are about to emerge, can be utilised by nefarious actors to breach patient data, manipulate medical equipment or even gain unauthorised access to critical hospital networks, creating absolute chaos. Without question, safeguarding sensitive patient information and ensuring data privacy are imperative challenges to address. It’s critical to not only design secure devices, but also to protect them from emerging threats throughout the medical devices’ lifecycle. 

  • Regulatory landscape 

A harmonious coexistence of innovation and safety remains a formidable challenge. Policymakers are tasked with having to strike a delicate balance between encouraging forward-thinking technological advancements in healthcare and making patient safety a top priority. Government regulation is essential in this regard, ensuring that device manufacturers and healthcare organisations play their part in addressing these challenges. For example, new regulations now require the removal of patient data from a device before it’s disposed of, underlining the importance of patient data security. 

  • Reliability and infrastructure 

The operational efficiency of IoMT systems hinges upon the availability, resilience, and maintainability of their underlying infrastructure. Network connectivity, data transmission and system downtime can potentially disrupt patient care and jeopardise operational continuity obviously unacceptable in the world of healthcare, where people’s lives could be at stake. 

Overcoming Challenges: Forging a path forward 

  • From inception: Security, interoperability and failover mechanisms 

Above all else, the most pressing concern revolves around security ensuring that devices are inherently shielded by design from potential threats. The objective is to establish a design framework that renders devices protected from hacking, piracy or any form of manipulation that could compromise patient data or transform the device into a conduit for malicious entities to breach an entire hospital or healthcare facility’s network.

This security challenge appears in two ways. Firstly, the device’s creation must be based on a design that prevents vulnerabilities, thus blocking any intrusions. Secondly, this security stance must endure over time, requiring consistent updates and an unwavering dedication to ongoing security maintenance. This involves deploying security services that actively monitor and guard against emerging threats that arise after the device’s introduction.

Just as security must be built into these products from the start, IoMT device manufacturers must prioritise interoperability and standardised communication protocols during the design phase as well. By creating a framework that allows IoMT devices to enjoy glitch-free communication with one another and other hospital systems, the healthcare industry can unlock the full potential of these devices.

Similarly, IoMT device manufacturers should prioritise redundancy in network connectivity and data transmission from the get-go to ensure uninterrupted operations. This proactive approach safeguards patient care during critical moments. 

  • Safeguarding information flow with data encryption 

Ensuring the comprehensive encryption of patient data originating from IoMT devices and extending its protection throughout its journey to various applications is of the utmost importance. Therefore, whenever patient data is in transit and even temporarily stored, the highest standard for encryption is essential. This entails verifying that the devices are equipped with the latest encryption protocols, thereby safeguarding sensitive information from potential breaches. Such encryption standards, along with other vital privacy mandates, are under the purview of the Health Insurance Portability and Accountability Act (HIPAA) in the United States.

These standards reverberate across the global landscape, a prime directive respected by entities worldwide. By adhering to these stringent encryption standards, healthcare systems uphold patient privacy and data integrity in compliance with regulatory requirements, fostering an environment of trust and security. 

  1. Accountability through Regulation 

Government regulations are crucial in shaping the security landscape of IoMT devices, as they exert a pivotal influence on the level of protection these devices must afford. In a noteworthy transformation, the FDA took decisive action earlier this year by mandating specific cybersecurity guidelines that have been enshrined into law. These regulations stem from a proactive stance against the escalating vulnerabilities associated with cyberattacks on hospitals and internet-connected medical devices. A significant departure from past practices, this shift compels all new medical device applicants to divulge their strategies for monitoring, identifying and effectively managing cybersecurity concerns. This new approach extends beyond the typical lifecycle of medical devices, requiring manufacturers to prioritise security from inception throughout a device’s life cycle. 

The cornerstone of the new Food and Drug Administration (FDA) medical device security requirement comprises a documented process to ensure vigorous protection for medical devices, timely deployment of security updates and patches, and transparency through a comprehensive software bill of materials (SBOM), encompassing open-source and commercial software elements. Additionally, the FDA’s commitment to ensuring medical device cybersecurity is highlighted by its decision to refresh this guidance every two years.

Collaboration and expertise 

Miguel Perez

Addressing these many challenges necessitates a collaborative approach among IoMT device manufacturers, healthcare institutions, security professionals and policymakers. Expert guidance can aid device designers and manufacturers in embedding security features, forming a fortified defence with the ability to adapt over time. Ongoing collaboration can address both new and evolving threats, ensuring medical devices remain secure and operational throughout their lifecycle. 

Undoubtedly, IoMT devices have the potential to revolutionise healthcare and, in doing so, usher in a new era of patient care and operational efficiency. However, the expanded use of these devices within hospitals brings forth significant challenges that require immediate attention. By prioritising device security, implementing data encryption adhering to regulatory frameworks, and fostering industry collaboration, the healthcare sector can navigate these challenges successfully.

The author is Miguel Perez, OEM product manager, Digi International.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

This UrIoTNews article is syndicated fromIoT-Now

About Post Author