Only once while I attended IoT Evolution Expo 2023 (part of ITEXPO, held last week in Fort Lauderdale, FL) did I hear the phrase “This is presentation is a love letter from me.”
This curious quote came from expo speaker Joel Maloff, Senior Vice President and CCO of Phone.com and Assistant Professor at Colorado Tech University. Maloff’s professional journey took off circa 1985; since then, he’s accrued experience in telecommunications, sales and marketing and, as mentioned, education and at Phone.com. There, Maloff is responsible for ensuring HIPAA-compliant regulations and proper coordination with law enforcement’s requests for procedural information.
How this fits into IoT is what’s especially curious; specifically the Medical Internet of Things, or MIoT. With a forecast of 32% growth by 2026, MIoT is expected to reach $447 billion as the connected medical device market blossoms.
Yet, not everything’s spruced-up MIoT flowers. Because while the reach of MIoT covers vital remote patient monitoring, improvements to personalized patient care and their outcomes, and boosted efficiencies in smart hospitals, clinics and home healthcare, with these futuristic-turned-attainable advancements come risks.
Because of his role at Phone.com, Maloff began looking into these MIoT risks. The topic of study eventually became the foundation for his doctoral dissertation.
And, having listened to and spoken with him, Maloff’s passions in these areas are as clear as day. Hence, his love letter.
“First, some statistics clarification,” he said. Maloff clarified that, more broadly, the global IoT market in 2020 was at approximately $762 billion, whereas the MIoT-specific market was around $72 billion that same year. So when referencing the previous 32%-growth-by-2026 stat, that is undeniably huge.
So, what in MIoT is cause for such a stir?
In MIoT, devices most frequently discussed include pacemakers, insulin pumps, and ingestible devices that send real-time data for analysis. But as he conducted research, Maloff wondered about those devices’ securities; what if they get hacked? It’s a scary question, but that doesn’t deem it unworthy of asking.
If anything, it’s the opposite. (Especially with patient wellness at the forefront.)
Are doctors and their IT personnel aware of MIoT device vulnerabilities? Not nearly as much as they could be, Maloff found. So who actually is responsible for fulfilling the requisite privacy and security for these technologies and the data they generate?
This is what Maloff explored intentfully.
“Does HIPAA monitor it?” Maloff asked the session’s audience. “No, as a matter of fact. I deal with HIPAA all the time and, despite how it may sound, not only are they not at all responsible for this but it’s actually the U.S. Department of Education’s Office of Civil Rights that’s responsible for HIPAA.”
This was an extremely crucial point. “Health information is a civil right,” Maloff asserted. “It’s unequivocally your civil right.”
But HIPAA – in terms of MIoT information like devices’ sensors, electronic health and medical records, and WBANs (Wireless Body Area Networks) with transmitted data – is less proactive and more reactive.
“My research found,” Maloff said, “that this creates disconcerting knowledge gaps. The MIoT constituencies involved here are many; doctors, medical IT, interconnected device manufacturers insurance companies, and of course the patients themselves who receive MIoT aid. But what if a threat actor were to attempt a ransomware attack on somebody’s pacemaker? Or the hijacking of another type of medical device? This gets unbelievably serious, and the security provisions for these MIoT devices require our attention. It should be a civil right.”
Still, Maloff followed this up with hope for the future. “While data exposure or device compromisation risks rise with the proliferation of MIoT devices, that doesn’t mean folks should run or mobs should storm the castle, so to speak. On the contrary, this sector of healthcare represents a problem so worth solving for everyone’s betterment. The incentive to invest in MIoT connects to the very fabric of peoples’ well-beings. That’s a cause worth the time.”
It is Maloff’s well-researched hope that, with the recognition of this problem and of what’s missing, can come the arrival of incredible solutions that protect patients and increase genuine awareness. This requires sufficient expertise, sure, but also real diligence and empathy.
“Adversity creates opportunity,” he said. “So why not take the opportunity to invest more in MIoT?”
That’s how Maloff concluded, and on the whole the dialogue between him and the session’s audience was enlightening and productive.
For any interested in learning more, Maloff’s full doctoral dissertation can be found here. He can also be reached at [email protected].
Edited by
Alex Passett
