Data privacy and security considerations for the future of wearables

With health services facing ever increasing budget deficits, the NHS is looking for innovative ways technology can help to ease financial pressures. In December 2016, Simon Stevens, chief executive of NHS England, put his support behind wearable technology. This initiative was further supported by the recent Government Digital strategy which promised an investment of £4.2 billion over the next five years in areas such as electronic patient records, apps, wearable devices, telehealth and assistive technologies. 

The background 

From a YouGov survey in 2015, 81% of respondents said they would like to see more connected and wearable devices used in healthcare, with half of the respondents saying they thought wearables were potentially most useful to monitor vulnerable people. Given that the average 65 year old costs the NHS 2.5 times more than the average 30 year old and an 85 year old costs more than five times as much (source: IFS), then any way that wearable technologies can help the NHS and patients must be welcomed.  

Whist wearables help people increase better awareness when it comes to their own health, there is an opportunity for medical relevant wearable technology to promote patient self-care and preventative medicine management. The Department of Health estimates that patients not adhering to their physician’s guidance cost the NHS up to £300 million a year in unused medicines. In a patient with a chronic condition, such as diabetes or chronic obstructive pulmonary disease, a wearable monitoring device can alert them earlier to a change in their health which needs medical attention. 

Devices with sensors worn by patients can collect data on glucose levels, blood pressure, blood oxygen levels, sleep patterns and coagulation rates. The connected medical wearables and implants can also check patients are taking their prescribed medicines and perhaps even administer drugs too. 

Wearable Potential   

The potential to integrate wearable patient monitoring devices into existing patient care record systems, healthcare diagnostic and prescription systems would also make it easier to track patient recovery and health outcomes. Future medical-grade wearables can connect into a system of regular or constant monitoring, improving healthcare by collecting real-time biometrics from the body. Additionally, with the development of the Internet of Things and the deployment of sensor technologies to collect data from our homes, our cities and across all aspects of our surroundings there are even greater opportunities to correlate between our environment and our well being. For example the connection between air pollution and chronic asthma sufferers in potentially deprived areas is being evaluated across a number of council areas.

Information can be fed back to the patient’s physician, creating an ongoing record of how their condition is progressing and alerting them if it is deteriorating or flagging if a face-to-face consultation or if a hospital visit may be required. It will also enable the patient to take a more active role in managing their own condition. 

However, if we are to take advantage of these opportunities, safeguarding of personal and sensitive data, including data from wearables must be a prime concern. Companies developing wearable technology must provide features to support privacy and protection against misuse of data. Collection and usage of this data must be lawful and ethical. The UK Data Protection Act and the EU General Data Protection Regulation (GDPR) require that information is only collected for a specific purpose, is stored securely and only as long as it is needed. It must be relevant and up to date and individuals must be able to see the information held about them on request. Transparency (clearly explaining to individuals the context for use of their personal data) and explicit consent are becoming increasingly important. Health and social care organisations will need to demonstrate that they are managing personal information appropriately and protecting it against cyber security threats. 

It will be essential that citizens have access to all their data in health and care, and the ability to write into it so that their own preferences and data from other relevant sources, like wearable devices, can be included. 

BT is a partner supporting the PETRAS IoT Research Hub, a consortium of nine leading UK universities working together to explore critical issues in Privacy, Ethics, Trust, Reliability, Acceptability and Security. An important theme of its research is healthcare. As part of this, PETRAS is developing an understanding of the security of “body sensor networks” including both wearable and implantable devices, combining human, cyber and physical elements with the aim of developing secure sensors. In addition, PETRAS is investigating current privacy and transparency protocols for data collection in health-related IoT and seeks to provide ethical guidelines for data controllers so that patient-level data can be used effectively while respecting individual rights. 

BT is part of CityVerve, the UK IoT cities demonstrator in Manchester. This is combining environmental sensors in the city; in lamp posts and street furniture for example, with wearable sensors and sensors inside the home. This will provide information to individuals and clinicians to support management of COPD and other respiratory problems. A particular focus is on encouraging patients to manage their respiratory conditions in a variety of ways – improving their use of medications, encouraging physical activity such as walking, and getting more involved in making decisions that affect them. Identifying technology in a connected city that is both useful and acceptable is the goal. As part of the programme, BT is working with application developers to define how patients can control how and where their personal data is shared and to allow them to make informed decisions on how their personal information is shared. 

Wearables are starting to play a significant role across the health and care sector both within hospitals for primary and acute care but also secondary care within the community. Self-care and self-monitoring enabled through medical wearables can reduce the average cost per patient. However, the need to ensure data privacy concerns and personal data is protected will be a key dependency for ongoing success. Address these data security challenges and wearables can and should become the norm for every patient or health-aware citizen of the future. 

By Phil Brunkard, CIO, Local Government and Health, BT

Image Credit: Everything Possible