Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Emerging Health Apps Pose Major Security Risk

Posted on May 18, 2015 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

As new technologies like fitness bands, telemedicine and smartphone apps have become more important to healthcare, the issue of how to protect the privacy of the data they generate has become more important, too.

After all, all of these devices use the public Internet to broadcast data, at least at some point in the transmission. Typically, telemedicine involves a direct connection via an unsecured Internet connection with a remote server (Although, they are offering doing some sort of encryption of the data that’s being sent on the unsecured connection).  If they’re being used clinically, monitoring technologies such as fitness bands use hop from the band across wireless spectrum to a smartphone, which also uses the public Internet to communicate data to clinicians. Plus, using the public internet is just the pathway that leads to a myriad of ways that hackers could get access to this health data.

My hunch is that this exposure of data to potential thieves hasn’t generated a lot of discussion because the technology isn’t mature. And what’s more, few doctors actually work with wearables data or offer telemedicine services as a routine part of their practice.

But it won’t be long before these emerging channels for tracking and caring for patients become a standard part of medical practice.  For example, the use of wearable fitness bands is exploding, and middleware like Apple’s HealthKit is increasingly making it possible to collect and mine the data that they produce. (And the fact that Apple is working with Epic on HealthKit has lured a hefty percentage of the nation’s leading hospitals to give it a try.)

Telemedicine is growing at a monster pace as well.  One study from last year by Deloitte concluded that the market for virtual consults in 2014 would hit 70 million, and that the market for overall telemedical visits could climb to 300 million over time.

Given that the data generated by these technologies is medical, private and presumably protected by HIPAA, where’s the hue and cry over protecting this form of patient data?

After all, though a patient’s HIV or mental health status won’t be revealed by a health band’s activity status, telemedicine consults certainly can betray those concerns. And while a telemedicine consult won’t provide data on a patient’s current cardiovascular health, wearables can, and that data that might be of interest to payers or even life insurers.

I admit that when the data being broadcast isn’t clear text summaries of a patient’s condition, possibly with their personal identity, credit card and health plan information, it doesn’t seem as likely that patients’ well-being can be compromised by medical data theft.

But all you have to do is look at human nature to see the flaw in this logic. I’d argue that if medical information can be intercepted and stolen, someone can find a way to make money at it. It’d be a good idea to prepare for this eventuality before a patient’s privacy is betrayed.

Cerner Wellness Integrates with Apple’s HealthKit

Posted on October 1, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

When Apple announced HealthKit, they announced a few healthcare partners including Epic. Many thought this was an interesting announcement, but I was (and still am) skeptical that anything really meaningful will come. As one person put it, we’re suppose to be excited that two of the most closed companies in the world are working together?

I recently saw the news come out that Epic’s main competitor, Cerner, announced that they’d integrated with Apple’s HealthKit. In fact, I believe their integration seems to have come out before Epic’s integration (unless I missed it, or maybe Epic just likes to keep quiet). Here’s a short excerpt from the Cerner announcement:

To me, HealthKit is about making it more convenient to manage your health and wellness, and share that information with the people that are helping you reach your goals. It’s less about trying to get real-time clinical insights or make new diagnoses. HealthyNow has the features that consumers and wellness experts are looking for in these apps, and by integrating with HealthKit, we’ve opened up the experience to a whole array of health apps for our members to choose from. This integration enables the feeding of key health metrics into our platform for sharing with health coaches, earning of incentive points, and identification of new opportunities to improve your health. By promoting healthier habits, consumers lower their premiums, health plans reduce their spend on treating avoidable diseases, and everyone lives a healthier life. (emphasis added)

The details on what Apple’s HealthKit would really do have been pretty foggy. Although, this paragraph illustrates where I figured HealthKit was going. Notice the part of the quote where I added emphasis. Cerner is just looking to suck data from HealthKit into Cerner. Maybe they have future plans to make Cerner data available to HealthKit, but the announcement seems to say they haven’t done so yet. This one way interface is exactly why I’m skeptical that HealthKit will really have a huge impact on healthcare.

What do you think? Have any of you integrated with HealthKit? I’d love to see if you have other views of where HealthKit might be headed.