Wearables take security concerns to a 'different level'

Consumer fitness devices and company-sponsored wellness programs that use them pose a "whole different level of security and privacy concern," Stephen Cobb, senior security researcher at ESET, tells HealthcareInfoSecurity.com.

"A lot of the data is fairly benign, but the architecture within which these devices operate--there are apps that talk to them, there is data that is transmitted and stored and some sort of portal though which you go and access your  information--it introduces multiple points where potentially sensitive, private information could be intercepted and stolen," he says in the interview.

Cobb says he's not too concerned about data at rest on these devices or data shared through smartphones, but it becomes more vulnerable when it's stored in the cloud or in a database. He cites the breach at toy maker Vetch as an example of a company not adequately protecting information on servers.

The Federal Trade Commission, Department of Health and Human Services and Food and Drug Administration are all looking at the status of data collected and transmitted through these devices, Cobbs adds, and he does see vendors working toward providing HIPAA-compliant devices. However, regulation could limit how these devices are used.

"Once you move from a sort of informal wellness program to a doctor-enrolled supervised healthcare project, then the rules change considerably," he says.

Consumers are showing interest in wearable devices, but health wearables must be engaging, interoperable and intelligent if they are to succeed, according to a recent PwC report.

Providers and payers must focus on security before allowing data exchange from patient and consumer devices, Suzanne Widup, a senior analyst with Verizon, said previously.

To learn more:
- listen to the interview

Suggested Articles

The newly launched Center for Connected Health will be largest telehealth hub in the Philadelphia region, according to Penn Medicine.

The FDA commissioner wants to use additional funding under Trump's budget to advance digital health initiatives and integrate real-world data.

The FDA's approval of an app that uses AI to notify specialists of a potential stroke offers new possibilities for triage software that uses CDS.