Remote Patient Monitoring and Data Security

John Carey, Foliage

Within the patient-monitoring spectrum, the importance of remote or home monitoring technologies is growing rapidly. Such technologies are usually associated with the treatment of chronic healthcare conditions such as diabetes or cardiac disease. Patients with these disease management issues are increasingly being monitored outside of the clinical environment. For example, patients with pacemakers or Holter monitors are more likely to undergo continuous remote monitoring with a wearable patient monitor than to go to a doctor’s office several times a month to be monitored. The patient-monitoring design and development space is being driven by this trend, which is being fueled by the mandate to reduce healthcare costs and prevent readmissions.

See main article:
"Teaching Patient Monitors Communication Skills"

When a wearable patient-monitoring device detects an aberrant condition in a cardiac patient, this information is usually relayed to a cell network by the wearable device and then transferred to a call center, where a clinician can examine the information. If the clinician concludes that the patient is suffering from overexertion due to exercise activity, the patient can be contacted and advised to curtail the activity. However, if the information from the monitor indicates a true emergency situation, immediate medical care could be ordered.

One of the main challenges facing continuous, remote monitoring—basically a form of personalized medicine—is ensuring that the data transmitted from patient monitors to doctors and clinicians are secure. Of paramount concern is securing the volumes of data that are transmitted from continuous patient monitors through cell networks to cloud-based data-warehousing systems. Thus, ensuring data security and complying with the Health Insurance Portability and Accountability Act (HIPAA) are two of the main challenges facing software designers and developers in this space.

Cloud-based systems are extremely flexible in their ability to retrieve medical information and make it available to physicians and clinicians on a patient-by-patient basis. By the same token, these data can be collected, anonymized, and then used for research purposes. For example, if a new drug is being prescribed for cardiology patients, cloud-based systems can collect patient-centric information from wearable patient monitors, and that same data can be anonymized and concentrated in order to provide information that will help assess the effectiveness of the drug across a patient population.

While development efforts in the remote-patient-monitoring area are usually associated with the treatment of chronic diseases, one of the challenges facing the healthcare industry is that such monitoring generates mountains of data. You can compare it with the financial industry. When people started to withdraw money from ATMs rather than go to a bank a few decades ago, copious amounts of data were suddenly being collected on every street corner. But what happened to those data? Who cared about them? Where did they eventually end up? In fact, those data have been harnessed by the banking industry, and today it helps banks design better products and improve customer access. The same potential exists in healthcare and could result in improved patient outcomes.

Because of all the government regulations surrounding patient data—otherwise known as protected health information (PHI)—these kinds of data-security issues are especially sensitive when it comes to the healthcare industry. Securing patient information is challenging for anyone involved with the development of remote-patient monitors that communicate with cloud-based systems, call centers, or healthcare personnel. Thus, ensuring data security is of key importance for those of us on the software side.