IoT in Healthcare – Connections Big and Small

The Internet of Things (IoT) is quickly becoming a mainstream term, thanks to the popularity of smartphones, connected home appliances, and wearable trackers like those sold by Fitbit and Jawbone. This post explores the opportunities and watch-outs for IoT adoption in healthcare, specifically for improving patient care and engagement, as well as what can be done to set up an organization for success when formulating an IoT strategy.

When applied to the healthcare setting, the Internet of Things (IoT) holds immense possibilities for new dynamics in the patient-provider relationship as well as for the coordination and optimization of care. These benefits have already begun to appear through the arrival of “smart” beds that dynamically monitor patient weight and other vitals, and help medical staff monitor utilization. Future possibilities include “smart” pills and nanometer-scale robotics that will revolutionize the medical field, literally from the inside-out.

The Promise of Healthcare IoT

Internet-connected (or at least network-connected) devices have been present in healthcare for nearly two decades. Forward-looking hospitals started rolling out Pyxis Medstations and “smart” beds in the 1990s and 2000s, which could relay continuous data feeds on events like the drugs dispensed or patient activity. It was possible to update displays at nursing stations or send reports to case managers when deviations were detected from the norm, such as when an inappropriate drug was dispensed.

As miniaturized, connected devices become commonplace, like wearable trackers and “smart” pills (sensors compact enough to be swallowed that can relay information through a tiny, wireless transceiver), it will be possible to monitor patients’ vitals closer to real-time, including the presence or absence of specific compounds, such as glucose levels in diabetics (Silicon Angle). With this sensor data at their fingertips, healthcare workers will have new abilities to spot anomalies and apply preventative measures without the manually intensive efforts often required to collect and perform lab work. This has the potential to cut down on operational costs dramatically while at the same time increase quality of care with real-time monitoring and response. Through instant feedback loops, patients given access to their own data could also learn about the connection between the decisions they make and its effect on their health.

The Perils of Healthcare IoT

Common themes emerge when dealing with any new solution built on devices generating large sets of data. Here are some specific challenges we see for healthcare providers:

Standards and Integration

Bespoke Information Technology (IT) solutions are common in healthcare; there are many flavors of EHRs, billing systems, and so on. Standards like HL7 and ASC X12 have helped to bring order but IoT will introduce additional semantics that are not captured with existing protocols. At present, device manufacturers have not yet agreed to communication standards (TechTarget), resulting in redundant efforts whenever a new category of device needs to be integrated.

 Security and Privacy

These are particularly thorny topics since IT departments are often under-resourced to proactively address them, but the success of IoT solutions depends on open access to data by both patients and their caregivers. Compared to other industries healthcare lags in security spending, accounting for only 6% of IT budgets versus 12% in banking and 16% in government (Healthcare IT News). The fallout is staggering: the Brookings Institute reported nearly 90% of healthcare organizations had some sort of data breach between 2013 and 2015 (Lexology). Also concerning is that device manufacturers may not enable commonsense security measures by default, like encryption-at-rest. A recent example was the loss of 412 medical records with the theft of a single, unencrypted smartphone used by a Catholic Health Care Services (CHCS) employee in Philadelphia. It is noteworthy that CHCS – not the phone’s manufacturer – was fined $650,000 for the HIPAA violation (InformationWeek).

 Storage and Analysis

There is an often-cited myth among purveyors of “big data” solutions that data can be stored cheaply on commodity hardware, implying that it is better to capture everything generated by IoT devices now and decide what to do with it later. While the cost of storage is a tiny fraction of what it was two decades ago (Statistic Brain), what this perspective fails to take into consideration is that the analytical expertise and computational power required to spot trends and make decisions on such large volumes of data (particularly when all sensor data is saved in an un-optimized, raw form) can exceed the capabilities of many IT groups, and may require specialized hardware, software, and professionals skilled in data science, who are currently in high demand across all industries.

Toward a Clear Strategy for IoT Adoption

How do you demonstrate and guide your organization’s use of IoT to provide the most value while avoiding the pitfalls? We recommend four key practices for developing an IoT strategy.

  • Align your posture toward IoT with your overall business strategy and capabilities

A research hospital has very different goals than a corner store clinic, and this should be reflected in the kinds of IoT solutions selected. How will the unique needs of your patient population or other constituents be met best? To avoid technological overload it is also important to adopt only those technologies that provide clear benefits (financial, operational, care quality, etc.) after administrative overhead and user training are taken into consideration.

  • Take time to architect IoT solutions – including how they will be implemented and monitored

Make sure you understand the platform, gateways, and integration challenges that IT will face building an IoT solution. Assess vendors on their ability to meet the needs of your organization as well as awareness of HIPAA and other regulations. Given that no IT department has endless funding or talent, decide up front where you will focus your efforts initially to prove the value and work out any kinks before expanding adoption.

  • Set forward a mobile and device management policy

This includes but is not limited to standards for asset management, encryption, permitted vendors, user access lists, passwords, and remote lock-and-wipe features on devices. One size does not fit all, so be sure to consider the strengths and weaknesses of each category of device.

  • Assess and provide training and audits for all end users

Once standards are established and an IoT solution is being implemented, begin educating all levels of the organization. In the same way you expect frontline workers and support staff to keep up with continuing education on the latest treatment protocols, consider topics like HIPAA privacy rules, mobile security, and proper device destruction as important to their professional conduct in an increasingly connected world.

Still have questions about connecting an IoT solution to your organization’s strategic direction in order to maximize its value? Contact SEI and let’s talk!

Eric Spaulding

About Eric Spaulding