Featured Research

from universities, journals, and other organizations

The Dark Side Of Telemedicine -- Hacking Into Medical Data

Date:
June 21, 1999
Source:
Sandia National Laboratories
Summary:
People worry that the string of numbers that identify their credit card accounts, if sent via the Net, could be intercepted by hackers to finance the purchases of strangers. A worse problem is the potential for illegal access and misuse of online medical or psychiatric data, whether in transit or stored.

Improved on-line medical "architecture" to thwart hackers, assemble like home-stereo system, lower health care cost

Albuquerque, N.M. -- People worry that the string of numbers that identify their credit card accounts, if sent via the Net, could be intercepted by hackers to finance the purchases of strangers.

A worse problem is the potential for illegal access and misuse of online medical or psychiatric data, whether in transit or stored.

People with long-term diseases like diabetes, or even those only genetically predisposed to them, could lose job opportunities and be rebuffed for insurance if information stolen from data banks were sold to corporate bidders.

Politicians and celebrities would be particularly susceptible to scandals and blackmail arising from intercepted data. More distant in time, patients relying upon intravenously delivered medicine, remotely controlled via the Net, could have their lives threatened by a cyber attacker who altered their medicinal flow rate.

Yet because of its versatility, online medicine has the potential to widen health care choices, cut costs, and provide maximum care to a large number of people.

Because the amount of medical data sent across the Net is increasing, researchers at Sandia National Laboratories, a U.S. Department of Energy research facility, have developed and now applied for an intellectual property patent on a computer "architecture" that incorporates built-in security mechanisms to protect information sent between medical system components.

In addition, the Sandia framework, rather than relying on turn-key systems, encourages hospitals and individual patients to buy and assemble off-the-shelf medical equipment--that is, only the equipment needed --the same way home stereo components are bought individually and assembled. Competition between suppliers of subcomponents should lower prices and rescue consumers from the need to buy all the features manufacturers of entire systems might incorporate. Sandia researchers are interested in the storage and transmission of medical information because they believe that the capability to use the Net to send uncorrupted medical data throughout the United States will substantially reduce the potentially large numbers of civilian casualties that could be expected from a natural disaster or terrorist event.

Given the current state of online medical security, according to Dr. Leon Hoffman, spokesperson for the American Psychoanalytic Association, "We recommend not sending out identifiable data over the Net. We are fighting so hard over the privacy issue. It's a terribly frightening proposition for people to have records out there in cyberspace."

Dr. Dena McFadden, deputy medical director of the Massachusetts region of Brookline-headquartered Harvard Pilgrim Health Care, described the effect of an incident reported several years ago in which a patient discovered detailed mental health notes in his own electronic record, along with physical health data. Since then, she says, "We've put in audit trails to tell us who's accessed what, we've enhanced passwords and installed encryption, firewalls and dedicated lines. One of the things we've learned is that in addition to all of that, we need to manage the human factor and put in controls around unauthorized access by authorized users."

The Sandia architecture deals with that "very difficult problem" by enforcing strict role-based access, says Sandia project leader Steve Warren.

Equipment complying with the Sandia architecture will be used at New Orleans's Alton Ochsner Medical Foundation in the care of patients suffering from hypertension. The formal clinical tests, conducted over the next eight months, will be used in part to evaluate the cost-effectiveness and diagnostic feasibility of telemedicine in this arena.

"When I started this project four years ago, I wanted to identify a strong medical partner to complement our expertise in sensors and information systems," says Sam Varnado, director of Sandia's Energy and Critical Infrastructure Technology Center. "We selected Ochsner after a competitive bidding process, and they have been truly outstanding partners."

Some of the technological issues were detailed in papers presented in April in Rockville, Maryland, at the "Workshops on Future Medical Devices: Home Care Technologies for the 21st Century," and in early May at the "Toward An Electronic Patient Record -99" conference in Orlando, Florida.

Lowered costs, better security

The reason for interest in plug-and-play--a term for adding or subtracting computer components at will--is driven by the high expense of current telemedicine systems. As Sandia authors wrote in the abstract of a paper delivered in early May, "Most telemedicine systems are custom-designed and do not inter-operate with other commercial offerings. Users are limited to a set of functionality that a single vendor provides and must often pay high prices to obtain this functionality, since vendors in this marketplace must deliver entire systems in order to compete. Besides increasing corporate research and development costs, this inhibits the ability of the user to make intelligent purchasing decisions regarding best-of-breed technologies."

The second goal is to demonstrate that proper use of security technology can allow medical information to be transmitted electronically, maintaining strict patient confidentiality while information is in transit to a physician, billing agency, or other medical entity.

Says Sandia researcher Richard Craft, lead architect for the project, "We have leading-edge cryptography libraries. These will strengthen the toolkit of telemedicine security algorithms. The Sandia-proprietary telemedicine architecture will be licensed for off-the-shelf devices manufactured by a large number of companies. We are currently laying the ground rules for how telemedicine devices will talk with one another within this secure environment. It's like a card game: first you lay the ground rules, then you play."

Service areas that are supported within the Sandia-designed telemedicine architecture include user interfaces; medical devices for acquiring patient data, delivering therapy, or analyzing specimens; electronic patient records that store information collected by devices; processing services that can analyze and interpret data; communication mechanisms and the supporting directory services; protocols that dictate orders of operation for medical instruments; and a backplane, a service similar to an operating system that stitches the other service areas together.

Benefits of online medicine

Telemedicine uses technology to provide an alternative to traditional, in-person physician visits, and provide medical care at a patient's location, regardless of the location of the medical team.

Computer scientists familiar with the medical field believe that within the next five years, computers at remote locations will control vital sign monitoring and limited types of medical treatment. Medical care will travel with patients, whether they are in the home, the office, or on travel, so their electronic medical records must be accessible from any location.

"Sensors attached to patients will transmit signals to computers, either in the home or at a remote location, for state-of-health analysis," says Warren. "Because these vital-signs sensors will be non-invasive and comfortable to wear, they will acquire medical information from the patient around the clock instead of a few times a day. This approach to continuous physiological monitoring and trend analysis will lead to a preventive health care model where the future health of an individual will be predicted based on information acquired from these sensors. This differs from the primary care delivery model employed today, where a patient visits a physician only after suffering discomfort or experiencing a health emergency."

The ongoing effort

The research team at Ochsner Clinic is currently using a commercial, turnkey telemedicine system manufactured by TelAssist Corporation, Ridgefield, NJ, for its hypertension study. Sandia, in an effort to test the effectiveness of the "plug-and-play" approach to telemedicine, is renovating that commercial system for use on Sandia's secure telemedicine device architecture. The new system will be tested jointly by Sandia and Ochsner Clinic in a controlled clinical study that assesses the cost-effectiveness and diagnostic feasibility of the approach.

###

Principal investigator Dr. Richard N. Re and Dr. Marie A. Krousel-Wood lead the Ochsner effort.

The work is supported by the Telemedicine and Advanced Technology Research Center, U.S. Army Medical Research and Materiel Command, Fort Detrick, Frederick, Md.

Sandia is a multiprogram DOE laboratory, operated by a subsidiary of Lockheed Martin Corp. With main facilities in Albuquerque, N.M., and Livermore, Calif., Sandia has major research and development responsibilities in national security, energy, and environmental technologies.


Story Source:

The above story is based on materials provided by Sandia National Laboratories. Note: Materials may be edited for content and length.


Cite This Page:

Sandia National Laboratories. "The Dark Side Of Telemedicine -- Hacking Into Medical Data." ScienceDaily. ScienceDaily, 21 June 1999. <www.sciencedaily.com/releases/1999/06/990621042830.htm>.
Sandia National Laboratories. (1999, June 21). The Dark Side Of Telemedicine -- Hacking Into Medical Data. ScienceDaily. Retrieved October 22, 2014 from www.sciencedaily.com/releases/1999/06/990621042830.htm
Sandia National Laboratories. "The Dark Side Of Telemedicine -- Hacking Into Medical Data." ScienceDaily. www.sciencedaily.com/releases/1999/06/990621042830.htm (accessed October 22, 2014).

Share This



More Health & Medicine News

Wednesday, October 22, 2014

Featured Research

from universities, journals, and other organizations


Featured Videos

from AP, Reuters, AFP, and other news services

CDC Revamps Ebola Guidelines After Criticism

CDC Revamps Ebola Guidelines After Criticism

Newsy (Oct. 21, 2014) The Centers for Disease Control and Prevention have issued new protocols for healthcare workers interacting with Ebola patients. Video provided by Newsy
Powered by NewsLook.com
WHO: Ebola Vaccine Trials to Start a in January

WHO: Ebola Vaccine Trials to Start a in January

AP (Oct. 21, 2014) Tens of thousands of doses of experimental Ebola vaccines could be available for "real-world" testing in West Africa as soon as January as long as they are deemed safe in soon to start trials, the World Health Organization said Tuesday. (Oct. 21) Video provided by AP
Powered by NewsLook.com
First-Of-Its-Kind Treatment Gives Man Ability To Walk Again

First-Of-Its-Kind Treatment Gives Man Ability To Walk Again

Newsy (Oct. 21, 2014) A medical team has for the first time given a man the ability to walk again after transplanting cells from his brain onto his severed spinal cord. Video provided by Newsy
Powered by NewsLook.com
CDC Issues New Ebola Guidelines for Health Workers

CDC Issues New Ebola Guidelines for Health Workers

Reuters - US Online Video (Oct. 21, 2014) The U.S. Centers for Disease Control and Prevention has set up new guidelines for health workers taking care of patients infected with Ebola. Linda So reports. Video provided by Reuters
Powered by NewsLook.com

Search ScienceDaily

Number of stories in archives: 140,361

Find with keyword(s):
Enter a keyword or phrase to search ScienceDaily for related topics and research stories.

Save/Print:
Share:

Breaking News:

Strange & Offbeat Stories


Health & Medicine

Mind & Brain

Living & Well

In Other News

... from NewsDaily.com

Science News

Health News

Environment News

Technology News



Save/Print:
Share:

Free Subscriptions


Get the latest science news with ScienceDaily's free email newsletters, updated daily and weekly. Or view hourly updated newsfeeds in your RSS reader:

Get Social & Mobile


Keep up to date with the latest news from ScienceDaily via social networks and mobile apps:

Have Feedback?


Tell us what you think of ScienceDaily -- we welcome both positive and negative comments. Have any problems using the site? Questions?
Mobile: iPhone Android Web
Follow: Facebook Twitter Google+
Subscribe: RSS Feeds Email Newsletters
Latest Headlines Health & Medicine Mind & Brain Space & Time Matter & Energy Computers & Math Plants & Animals Earth & Climate Fossils & Ruins