It’s a question we’re all having to deal with on some level. How far do we allow technology into our lives so we can enjoy the convenience and health (even life-saving) benefits it offers? The question deepens when many of these benefits depend on how much personal information you’re willing to share.
The Internet of Things (IoT) refers to the vast array of devices that are connected to the internet and handle an increasing number of our daily tasks online. These devices include everything from thermostats, toasters, and automatic door locks to health and fitness devices such as blood glucose meters and heart rate monitors.
One excellent example of how we’re incorporating IoT into our lives is the Apple Watch, which received recent attention after the Apple Heart Study conducted by Stanford Medicine showed that its heart rate monitor accurately detects irregular heartbeats, an indication of atrial fibrillation (AF), which is a leading cause of stroke. The Apple Watch shows how devices and health apps have the potential to cross over from consumer-side gadgets into technology of real clinical value with extended application in healthcare.
But the same question that looms over IoT, in general, applies here: how good are these health apps at keeping our information secure?
This post takes a look at how IoT is affecting the way we manage our health and the security issues that are coming up, as apps become more sophisticated and we become more familiar with them, allowing multiple apps to assist in highly personal areas of our lives.
IoT case study - the Apple Watch heart rate monitor
When the Apple Watch came on the scene, wearables such as the Fitbit had already taken hold of the fitness/health market, providing a way to track heart rate during exercise and throughout the day. Many of these wearables use something called photoplethysmography to monitor the heartbeat through blood flow in the wrist using infrared and green LEDs with sensors.
Apple refined the technology to enable tracking sensitive enough to recognize irregular heartbeats. The Apple Heart Study, involving over 400,000 participants, showed that the Apple Watch’s detection of irregular heartbeats matched up to the results of an electrocardiogram (ECG) patch 84 percent of the time. Incidentally, Apple Watch now incorporates an ECG, but this feature wasn’t included at the time of the study.
How your data is kept secure
As a company specializing in online security, we are always looking at the security angle when reviewing new technology. When it comes to IoT technology, there are two things to consider when keeping your data secure. First, what are the safeguards that will secure your information on the device? This is the most basic form of security, similar to protecting a confidential file you keep in a briefcase. Second, what are the safeguards when your data is collected by a third-party app?
The data collected with your Apple Watch is on the watch and your iPhone. It is also anywhere else you choose to put it – on your laptop, for example. You can safeguard your data by securing these devices with a passcode. Adding the Find My Apple Watch, iPhone, and Mac feature is also a good idea. Your level of exposure in this situation is similar to when you carry around a confidential printed document. You have direct control over how you keep that data safe.
If you’re using third-party apps to manage your data, it’s another story. This is because it’s often difficult to determine precisely how these apps will use or distribute your data. Testing conducted by the Wall Street Journal recently showed that several third-party apps were sharing highly personal information, including ovulation times and heart rates, with Facebook.
The test was conducted by reviewing 70 apps to find out how they handled the user data they collected. Of those 70, it was found that 11 of them were sending data to Facebook, even if the user didn’t have a Facebook account. The data was sent using Facebook’s software development kit (SDK) that includes analytics to help app developers better understand their users’ behavior.
Do the benefits of IoT outweigh the risks?
If the idea of your personal health details being sent to a social media platform makes you nervous, you’re not alone. According to a recent survey conducted by Aetna, more people are concerned about security and privacy issues than the cost of their healthcare.
However, there are considerable benefits from IoT, especially in the area of personal health management, that we should consider. The Apple Watch’s ability to send accurate irregular heartbeat warnings to users who can then ask their physician about AF is a glimpse into what could be ahead. Although both developers and healthcare practitioners strongly advise that the technology should not be used for diagnostic purposes, its ability to allow for more individual participation in health monitoring could provide substantial benefits to the healthcare community.
In the future, such technology could be close enough to the capabilities of medical grade technology (the FDA has already cleared the Apple Watch ECG) to enable various forms of monitoring at home or on the go. These advanced devices could untie patients from the inconvenience of appointments, allow more data to be collected consistently, and contribute to valuable repositories of health data.
But are these benefits worth the risk of losing control of your protected health information? Most of us would probably say no. While it might be common to share pieces of our personal lives on social media, losing control of our health information is a concept that still makes many of us cringe. So what’s the answer?
What you can do to ensure data security
Even if we could stuff the IoT genie back into the bottle, it probably isn’t something we want or need to do. The best option we have right now is to educate ourselves about how our data is handled and exercise caution when choosing our devices and applications. Here are some practical tips you can implement immediately, whether you’re connecting a camera to your refrigerator to let you know when you’re out of milk or tracking your pulse for irregular heartbeats.
Do your research. Read up on the company that created the app and get a sense of their reputation. Think carefully before handing your personal information to an unknown, and possibly disreputable company.
Read the terms of service. Every app has them and even if the dense prose makes your eyes cross, get into the habit of reading them and the updates. You’d be surprised by how much the updates could change the initial agreement, so stay up to date. It’s worth it to take the time to understand what the app considers appropriate data sharing.
Be aware of the type of information you’re entering into the app. Even if you read the terms of service, you might misinterpret the wording, or the document might have neglected to mention that using your data to improve the app means handing your data over to a social media platform. Good laugh It’s best to always be aware of the information you’re sharing. Is it highly sensitive to you? Conduct a personal risk analysis. How would you be affected if this information fell into the wrong hands?
Read the news (from reputable sources). Stay informed about how different companies are handling their customers’ data. Personal data security is still a relatively new concept, and as long as technology continues to expand, we’ll be in uncharted waters. Businesses are still learning what is and isn’t OK when it comes to collecting and sharing data. Educating ourselves about their mistakes provides real case guidelines for how cautious we need to be when using IoT.
What do you think?
|The Internet of Things (IoT) refers to the vast array of devices that are connected to the internet and handle an increasing number of our daily tasks online. The benefits are great, but they don’t come without security risks. If we’re using IoT in our daily lives, it’s important to educate ourselves about how our data is handled and exercise caution when choosing our devices and applications.|