NIST urges for security guidelines for Remote Patient Monitoring Programs

Telehealth providers are increasingly been sought after by federal regulators for advice on how to secure remote patient monitoring systems.

Recent report suggests, the National Institute of Standards and Technology (NIST) is urging for guidance from the connected healthcare industry, “to provide an architecture that can be referenced and guidance for securing a telehealth remote patient monitoring (RPM) ecosystem in healthcare delivery organizations (HDOs) and patient home environments, including an example solution that uses existing, commercially, and open-source available cybersecurity products.”

It was supported by several payers, including the Medicare, and other hospitals, health systems, improved telemedicine technology which are launching RPM programs in order to gain knowledge about the patient’s activities outside the healthcare site.

Moreover, to gather information based on physiological and other data, to boost care management and coordination. Such programs, however, are supplemented with security concerns and goes beyond the compounds of a hospital or a doctor’s office. In addition, there is a growing threat that the wireless platforms, devices, and networks are likely to be hacked, thus becoming vulnerable to the exposure of sensitive health information.

Experts hence believe that the main challenge is in adapting to new technologies which do not meet the security standards and rigorous privacy settings standards expected in the healthcare industry. This is mainly because it has been created by innovators from industries dedicated to healthcare. Consumer-facing mHealth devices such as Apple Watch, Fitbit, YouTube, and Skype are part of this.

Based on the reports, the project is controlled by NIST’s National Cybersecurity Center of Excellence.

“Traditionally, patient monitoring systems have been deployed in healthcare facilities, in controlled environments,” the NCCoE commented on its website. “Remote patient monitoring (RPM), however, is different in that monitoring equipment is deployed in the patient’s home. These new capabilities, which can involve third-party platform providers utilizing video conferencing capabilities, and leveraging cloud and internet technologies coupled with RPM devices, are used to treat numerous conditions, such as patients battling a chronic illness or requiring post-operative monitoring.”

The project aims in creating a NIST Cybersecurity Practice Guide, especially for RPM programs. Reports allege comments on the proposal will be available to NIST by September 30.

, , , , , , , , , , , , , , ,