Securing medical data has become more complex than ever due to the wide adoption of connected medical devices including wearables. Data coming from wearable devices are particularly challenging to protect because the wearer can wander around and be almost anywhere. It can be difficult to determine if the device is on the right person. It can be hard to confirm the authenticity of wearable devices and the data they generate. How can you tell if there is a different device sending data? Or say it is the correct device, is it sending the right data? Is it sending data accurately? Is data taken at the right time?
These concerns underscore the significance of embedding security in medical wearables using data security technologies such as cryptography, SRAM PUF, and blockchain.
Cryptographic functions such as encryption, authentication, and data protection help secure and mask wearable data, making it harder for cybercriminals to compromise and exploit it.
Authentication helps protect data from forgery and modification. It allows devices that exchange data to validate or confirm the identity of each other using digital signatures and authentication codes. Data protection, on the other hand, secures data that is being transmitted between devices by masking it. Encryption obscures data so that only those with the key can unscramble and read the encrypted data.
An SRAM physical unclonable function (PUF) provides a “device-unique, unclonable fingerprint” which helps authenticate wearable devices, secures the highly sensitive health information that wearables generate, and prevents other users from stealing the identities of the wearable owner/user.
SRAM PUF is suitable for flexible key generation and storage. It protects wearable devices and users from counterfeiting, cloning, and software reverse engineering. It helps wearable owners and users to ensure that no one steals their identity and compromises their health record.
Medical wearable users that want to share their records with other people or organizations such as healthcare providers and medical researchers can take advantage of blockchain-based data security. Blockchain offers an immutable data storage that prevents anyone from stealing or compromising medical records throughout their entire life cycle.
Blockchain protects data by hashing it and then storing it in a block that is connected to an unchangeable chain of nodes. Breaching data stored in a blockchain is nearly impossible because every user has a copy of the record.
Security is not an option for medical devices. The FDA requires certain security measures. The requirements differ for different types of devices. Additionally, security requirements are ever-changing, so it is crucial to stay up-to-date on the requirements. The current advice from the FDA can be found here https://www.fda.gov/regulatory-information/search-fda-guidance-documents/content-premarket-submissions-management-cybersecurity-medical-devices.
Contact Voler to get expert advice on how to build your wearables with a security-by-design approach.