Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Protecting patient confidentiality in the Internet of Medical Things through confidential computing
Journal of Data Protection & Privacy,
5
(4),
347-362
(2023)
Abstract
The Internet of Medical Things (IoMT) provides a network of distributed devices that generate a wealth of data for clinicians and medical researchers. The global COVID-19 pandemic has demonstrated the benefits that IoMT data has brought about for remote medical services and clinical diagnosis. While the security of remote IoMT devices is an established area of concern, enforcing the privacy of the data that they both generate and process requires a data-first approach to network design. How can a distributed IoMT network simultaneously ensure the integrity of distributed devices and maintain the privacy and confidentiality of protected healthcare information (PHI)? In this positioning paper, we outline the issues that must be addressed by manufacturers of IoMT devices and those responsible for the system architectures that process gathered healthcare and contextual data. We consider how the nascent technology of confidential computing addresses the dual requirements of systemic security and data confidentiality, and we provide a conceptual architecture based on current developments within the field. Our analysis of the practical considerations associated with IoMT deployment reveals a fundamental requirement for a data-first approach to security that is governed by patient consent and zero-trust principles.
Keywords: IoMT; data security; confidential computing; privacy; consent
The full article is available to subscribers to the journal.
Author's Biography
Richard Searle With an extensive background in complex systems engineering and the application of machine learning for data discovery, Richard leads the deployment of confidential computing technology for customers of Fortanix. Richard has served as both General Members' Representative to the Governing Board and Chair of the End-User Advisory Council of the Confidential Computing Consortium of the Linux Foundation, and he is recognised as a thought leader on the applications of confidential computing to provide data privacy and security.
Prabhanjan Gururaj Focusing on confidential computing, data security and machine learning, Prabhanjan works with Global 2000 companies, solving problems with data privacy, security and regulatory compliance. Prior to leading the Fortanix solutions team, Prabhanjan held engineering roles at HPE and IBM. He has nine patents awarded and is an author of publications in the field of data availability and discovery.
