Monday, April 6, 2015

Harvard Study: Hospital Computerization Does Not Improve Performance (Updated 6 Apr 2015)

A republication of an earlier posting of this study. It's timely in the light of New York Times Opinion piece, "Why is health care tech still so bad?"

Title: Hospital Computing and the Costs and Quality of Care: A National Study
Authors: David U. Himmelstein, MD, Adam Wright, PhD, Steffie Woolhandler, MD, MPH Department of Medicine, Cambridge Hospital/Harvard Medical School, Cambridge, Mass;  Clinical Informatics Research and Development, Partners Healthcare System, Boston, Mass.


BACKGROUND: Many believe that computerization will improve health care quality, reduce costs, and increase administrative efficiency. However, no previous studies have examined computerization’s cost and quality impacts at a diverse national sample of hospitals.
METHODS: We linked data from an annual survey of computerization at approximately 4000 hospitals for the period from 2003 to 2007 with administrative cost data from Medicare Cost Reports and cost and quality data from the 2008 Dartmouth Health Atlas. We also compared hospitals included on a list of the “100 Most Wired” with others.
RESULTS: Hospitals on the “Most Wired” list performed no better than others on quality, costs, or administrative costs.
CONCLUSION: As currently implemented, hospital computing might modestly improve process measures of quality but does not reduce administrative or overall costs.
© 2009 Elsevier Inc. All rights reserved. • The American Journal of Medicine (2009)
KEYWORDS: Hospital costs; Hospital quality; Information systems

Summary and Critique of the Study

Researchers from Harvard University collected data over 5 years (2003 to 2007) from a variety of different hospital data repositories

The hospital computer applications considered for this study included:

Clinical applications subscore (8 applications)

  • Clinical data repository
  • Computerized practitioner order entry
  • Data warehousing and mining, clinical
  • Electronic medical record
  • Laboratory information system
  • Nursing documentation
  • Order entry
  • Physician documentation
Administrative applications (patient-related) subscore (4 applications)

  • Nurse acuity
  • Nurse staffing scheduling
  • Patient billing
  • Patient scheduling
Administrative applications (other) sub-score (12 applications)

  • Case mix management
  • Cost accounting
  • Credit collections
  • Eligibility
  • Data warehousing and mining, financial
  • Electronic data interchange
  • Executive information system
  • General ledger
  • Materials management
  • Personnel management
  • Staff scheduling 
The authors created a overall computerization score and three subscores on the basis of determining whether or not the hospital had computerized the areas listed above.  

Concerns regarding the construction and use of computerization score(s).
  • No details were disclosed on how they created the level of computerization score.  
  • Furthermore, no details were disclosed regarding the score distribution.  
  • >> This is particularly important because correlation depends on a wide distribution of values as well as a reasonably even distribution across the range of values.  
  • No information was forthcoming from the authors about these characteristics of the data set.   
  • If the computerization scores were tightly clustered, then the r values (Pearson product-moment correlations) would hover around zero - and they did.

Suggested that increases in computerization may not be having the desired effects in reducing costs and increasing productivity and performance.

With respect to clinical significance of hospital computerization, the authors concluded that:

  • Hospital computerization has not, thus far, achieved savings on clinical or administrative costs. 
  • More computerized hospitals might have a slight quality advantage for some conditions.
  • No reliable data support claims of cost savings or dramatic quality improvement from electronic medical records.

** Title/Author reference and abstract. Material below is edited for length and quoted. This study 
is available at no cost online. 

The following later post provides additional information about the effects of computerized medical records systems.

Sunday, April 5, 2015

Notice: Editing and Updating Articles

I've noticed a significant increase in traffic recently. I have been putting additional time, attention and effort into this blog, and apparently, it shows. I've noticed that people are reading many of the older articles as well as the new ones. Some of the information in several of the older articles is out of date and requires updating.

I am beginning the process of editing and updating many of my older articles. If you see in the title "(Updated Date)," you'll know that the article has been newly edited and updated.

Also, I am unsettled about the color scheme for the blog. Expect frequent changes if you visit regularly.

Saturday, April 4, 2015

UK Perspective Regarding FDA Regulatory Requirements

A Linked-In colleague posted a link to this article. I read it and found it interesting enough to post the link and comment on it. It's by a UK publication and discusses the FDA regulatory process as it relates to Human Engineering requirements for device approval for commercialization.

Here's the link:

In addition, I provide my own perspective on the article in the "Commentary" section below. I do not critique the article. I only attempt to expand on a few points from it.

But first, a brief summary of the article.

Article Summary

Medical errors have become an increasing concern of the FDA. I became interested in medical errors when I was a consultant at St. Jude Medical Cardiac Rhythm Division in Sylmar, CA. During my time at St. Jude (2009-2010), deaths by medical error were being reported as being 100,000 to 120,000 per year. Last year, I posted links to two articles that stated that deaths by medical errors could be closer to 400,000 per year. (

It has been noted by the FDA a large proportion of medical errors can be attributed to poorly designed medical device user interfaces. Since a fundamental mission of the FDA is increasing patient safety and reducing injuries and fatalities in the practice of medicine, the FDA has begun placing greater emphasis on improving the usability of medical device user interfaces.

This article provides measures that show the FDA's increasing emphasis on usability and human factors issues by showing the increasing frequency that companies seeking medical device clearance for the US market mention the terms "usability" and "human factors." Figure 1 from the article clearly shows the increasing usage of these terms in company filings.

The focus should be on the trends, not the absolute numbers because not all filing documents have been included in the count. But the trend clearly shows an increased emphasis by companies to increasingly use the terms "usability" and "human factors" in their filings with the FDA. The two figures that follow suggest the degree that companies have incorporated the FDA prescribed human factors engineering process and design guidance documentation.

The documents listed below are specifically targeted to defining and supporting the human factors engineering process and the development of the Human Engineer File that's included as part of a company's filing to the FDA.

  • ISO 62366, Medical Devices - Application of Usability Engineering to Medical Devices
  • AAMI / ANSI HE75:2009, Human Factors Engineering - Design of Medical Devices (General)

I'll discuss the documents above in greater detail and describe how they're intended to fit within the human factors engineering process when developing medical devices.

  • IEC 60601-1-6 Medical electrical equipment - Part 1-6 General requirements for Safety - Collateral standard: Usability
  • IEC 60601-1-8 Ed. 1, Medical Electrical Equipment - Part 1-8: General Requirements for Safety - Collateral Standard: Alarm Systems - Requirements, Tests and Guidance - General Requirements and Guidelines for Alarm Systems in Medical Equipment (General)

The two documents above are engineering standards. They're engineering specifications that medical devices must meet. They are technical and specific.

I show Figure 3 from the article before showing Figure 2. 

The increasing reference of 60601-1-8 is not surprising given the increased emphasis on safety. My real interest is in the significant increase in reference to ISO 62366. As mentioned, this is process standard the lays out how human factors engineering should be engaged to reduce "use errors." The emphasis in this standard is on the reduction of risk. Risk management is extremely well embedded in the medical device design and engineering process. It would seem that from a cultural perspective, ISO 62366 fits with the medical device engineering process. 

I want to contrast the dramatic, increasing references to ISO 62366 with the references to AAMI/ANSI HE75 shown in Figure 2 below.

References to AAMI/ANSI HE75 rise and fall from 2010 to 2013 instead of a steady upward trend that you see with ISO 62366 in Figure 3. I would like to emphasize that ISO 62366 and AAMI/ANSI HE75 should be considered as companion documents. (I'll expand on this in the Commentary section below.)


The article does support the contention that the FDA and the companies it regulates are paying increasing attention to usability and human factors. That they're paying enough attention is another matter entirely. As new medical devices are introduced we should see two things. First, the use error rate for the newly introduced medical devices (once users have adapted to them) should decline in relationship to other similar devices currently in use. Second, we should see over time the number of per year of deaths and injuries from medical errors begin to decline. This will take time to detect.

Without a doubt, the push by the FDA to define a human engineering process in the design and testing of medical devices, and to press for testing under actual or simulated conditions is needed. In many ways the FDA is mirroring many of the processes that have already been adopted by the US Department of Defense (DoD) in the area of human engineering. Admittedly, the DoD doesn't always get it right, there is an understanding within the DoD that it is important ... life saving, battle-winning important ... to insure that those at the controls can do their jobs quickly, effectively and with as few errors as possible.  So from that standpoint, the FDA has adopted processes from programs that have proven effective. But the FDA has just passed the starting line. And much more will be required going forward.

ISO 62366 vs AAMI/ANSI HE75

As I mentioned earlier ISO 62366 and AAMI/ANSI HE75 should be consider complementary or companion documents. HE75 is a much larger document than 62366 and includes a significant amount of device design guidance and guidelines. 62366 is almost entirely a process document that's devoted to directing how to go about managing the research and development process of a medical device. In addition, the focus of 62366 is managing risks, risks in the realm of reducing use errors.

I found it interesting that references to HE75 were not increasing at the rate as references to 62366. I would have expected Figures 2 and 3 to have a similar appearance with respect to 62366 and HE75 in large part because the documents significantly overlap. In fact I might have reasonably expected references to HE75 to outpace 62366 because HE75 includes design specific guidelines in addition.

One possible reason for references to HE75 not being referenced in the same accelerated way as HE75 may have to do with the fact that the European Union has not adopted HE75, so it's required for medical devices that will be marketed in the EU (CE).  (I am currently unaware of the regulatory requirements of other countries on this matter.) Medical device companies are international companies and the documents that they file in one country are generally the same in each country. Thus since the EU hasn't adopted HE75, references to HE75 and HE75's use as a foundational process and design document may be less.


I'm not sure that this is true at this point in time, but I am certain that the following will be true going forward at some time in the future. I believe that the FDA will hold companies to account for their user interface designs. I believe that the FDA will demand that companies clearly define how they came up with their user interface designs and that those designs are well-grounded in empirical evidence.

This is what I mean ... the FDA will demand that the design choices ... these include: controls, placement of controls, number of controls, actions performed by controls, the way the control responds, methods for interacting with the device (e. g., touch screen, buttons, mouse), size of the display, etc. ... for medical device user interfaces must be grounded in empirical data.

Commercial websites are often designed by graphic artists. Often times the design of webpages reflect the artist's aesthetic sensibilities. Layout appear they way that they do because they look good.

I believe that the FDA will require that user interface designs for medical devices have an empirically grounded design rationale. Companies will be required to point to specific research finding to justify the design and the design choices that they made. Furthermore, as the design of the user interface evolves with each iteration of testing, the FDA will require that changes to the design be based on research findings.

Finally, I believe that soon if it is not occurring already, that the FDA will require:

  1. That companies submit documentation to show in detail the full evolutionary design process beginning from product inception, including ...
  2. Detailed pre-design research ... population(s), method(s), research questions and rationale, etc ... as well as the findings and what they suggest for the design of the user interface
  3. A design that includes with a full discussion of the design rationale ... why was it designed the way it was ... 
  4. A detailed description of the evolution of the design that include full and clear justification(s) for each change in the design ... and require that changes be grounded empirical data 
  5. A full description of pre-commercialization testing process and method ... with a clear justification for why this testing meets FDA testing requirements
  6. And a complete and clear analysis of the testing data.
What I'm suggesting above is that the process of designing and testing a medical device user interface should be more than going through the prescribed steps, collecting the data, doing the tests, etc. There should be a clear thread that ties all the steps together. When in a subsequent step, one should be able to point back to the previous steps for the rationale to explain why the user interface was designed to appear and operate the way it does ... to this point.

As near as I can tell, what I described above is rigorous than is currently required by the FDA. However, I believe that it would be in any company's best interest to follow what I've suggested because there may come a time when the FDA's enforcement becomes more rigorous. 

Another reason may be lawsuits. If a company can show that it went beyond the FDA's regulatory requirements at the time, those suing would likely have less of a chance of collecting damages. And if damages were awarded, they may likely be lower. Also, if the company went beyond the FDA requirements, it would be likely that there would be fewer people injured and that should lower damages.


This article has been a springboard for me to discuss a number of topics related to human engineering for medical devices user interfaces. This topic will remain a central part of this blog. I'll return this within a week or two, and discuss in depth other topics related to the human engineering process for medical device user interfaces. 

Saturday, March 28, 2015

From The Hindu: Indian Product Team has Produced Star Trek-Like Medical Hand-Held Scanner

This development is something worth watching ...

Here's the link to the article:

Here are some quotes:

An Indian team is close to developing an electrical device that can diagnose 15 different medical conditions and can monitor vital signs for around 72 hours.
Chennai-based American Megatrends India is developing a medical hand-held scanner that is worthy to be included in the television show Star Trek. 
American Megatrends’ medical device is a wireless health monitoring tool that can monitor a battery of vital statistics that include blood pressure, heart rate, oxygen saturation, respiratory rate and temperature, as well as atrial fibulation, sleep apnea, stroke, diabetes, etc. The device can collect large volumes of data from ongoing measurement of health states through a combination of wireless sensors, imaging technologies, and portable, non-invasive techniques. The stream of data generated will be stored in the cloud, currently on AMI’s own servers, with plans afoot to work with major cloud operators such as Apple and Google.

Article speaks for itself. No commentary necessary.

Friday, March 27, 2015

Welch Allyn Published Patent Application: Continuous Patient Monitoring

I decided to review this patent application in light of the New York Times Opinion piece I commented on. Here's the to my commentary:

Also, I've gone back to the origins of this blog ... reviewing patents. The first patent I reviewed was one from Medtronic. Here's the link:

The issue raised of particular interest was the high "false alarm" rate generated reported by the author that would lead medical professionals to disregard warnings generated by their computer systems. I wrote that I wanted to follow-up on the issue of false alarms.

The patent application (the application has been published, but a patent has not yet been granted) describes an invention intended to 1) perform continuous automated monitoring and 2) lower the rate of false alarms.

Here are the details of the patent application so that you can find it yourself if you wish:

The continuous monitoring process from a technical standpoint is not all that interesting or new. What is interesting is the process they propose to lower the false alarm rate and determine whether this process in turn will not lower the false negative rate.

Proposed Process of Lowering False Alarms

As mentioned in my earlier article, it appears that false alarms have been a significant issue for medical devices and technology. Systems that issue too many false alarms issue warnings that are often dismissed or ignored. Or waste the time and attention of caregivers who spend time and energy on responding to a false alarm. This patent application is intended to reduce the number of false alarms. However, as I mentioned earlier, can it do that by not increasing the number of false negatives, that is, failure to detect when there is a real event where an alarm should be going off.

Getting through all the details of the patent application and trying to make sense of what they're trying to convey, the following is what I believe is the essence of the invention:

  • Measurement a sensor indicates an adverse patient conditions and an alarm should be initiated.
  • Before the alarm is initiated, the system cross-checks against other measurements that are: 
              1) from another sensor measuring essentially the same physiological condition as the
                  sensor that detected the adverse condition, the measurement from the second sensor
                  would confirm the alarm condition or indicate that an alarm condition should not exist; or
              2) from another sensor or sensors that take physiological measurements that would confirm
                  the alarm condition from the first sensor or indicate that an alarm condition should not

In this model at least two sensors must provide measurements that point to an alarm state.

Acceptable Model for Suppressing False Alarms and Not Increasing False Negatives?

Whatever you do in this domain of detecting adverse patient conditions, you don't want to lower your accuracy of detecting the adverse condition. That is, increase your false negative rate.

So is this one way of at least maintaining your currently level of detecting adverse events and lowering your false alarm rate? On the face of it, I don't know. But it does appear that it might be possible.

One of the conditions the inventors suggest that initiates false alarms are those times when patients move or turn over in their beds. This could disconnect a sensor or cause it to malfunction. A second sensor taking the identical measurement may not functioning normally and have a measurement from the patient indicating that nothing was wrong. The alarm would be suppressed ... although, if a sensor was disconnected, one would expect that there would be a disconnected sensor indicator would be turned on.

Under the conditions the inventors suggest, it would appear that cross checking measurements might reduce false positives without increasing false negatives. I would suggest that care should be given to insure that a rise in false negative rates do not increase. With array of new sensors and sensor technology becoming available, we're going to need to do a lot of research. Much of it would be computer simulations to identify those conditions were an adverse patient condition goes undetected or suppressed by cross-checking measurements.

Post Script

For those who do not know, I am on numerous patents and patent applications (pending patents). Not only that I have written the description section of a few patent applications. So I have a reasonable sense of what is what is not patentable ... this is in spite of the fact that I'm an experimental, cognitive psychologist and we're not general known for our patents.

So, what is my take on the likelihood that this applications will be issued a patent? My sense is not likely. As far as I can tell there's nothing really new described in this application. The core of the invention, the method for reducing false alarms, is not new. Cross-checking, cross-verifying measurements to determine if the system should be in an alarm state is not new. As someone who has analyzed datasets for decades, one of first things that one does with a new dataset is to check for outliers and anomalies - these are similar alarm conditions. One of the ways to determine whether an outlier is real, is to cross check against other measures to determine if they're consistent with and predictive of the outlier. I do not see anything that is particularly new or passes what known in patent review process as the "obviousness test." For me cross checking measures does not reach the grade of patentability.

Wednesday, March 25, 2015

Frontline Documentary: The Vaccine War

This doesn't have much to do with medical monitoring or remote programming, but if you're interested in vaccination and public health, this is a must-see documentary.

Here's the link:

New York Times Opinion: Why Health Care Tech Is Still So Bad

This was an opinion piece published 21 March 2015 in the New York Times written by Robert M. Wachter, Professor of Medicine, University of California, San Francisco and author of "The Digital Doctor: Hope, Hype, and Harm at the Dawn of Medicine’s Computer Age” also published in the New York Times.

Here's the link to the article:

I have commented on several quotes from the article.

1. "Even in preventing medical mistakes — a central rationale for computerization — technology has let us down. (My emphasis.) A recent study of more than one million medication errors reported to a national database between 2003 and 2010 found that 6 percent were related to the computerized prescribing system.

At my own hospital, in 2013 we gave a teenager a 39-fold overdose of a common antibiotic. The initial glitch was innocent enough: A doctor failed to recognize that a screen was set on “milligrams per kilogram” rather than just “milligrams.” But the jaw-dropping part of the error involved alerts that were ignored by both physician and pharmacist. The error caused a grand mal seizure that sent the boy to the I.C.U. and nearly killed him.

How could they do such a thing? It’s because providers receive tens of thousands of such alerts each month, a vast majority of them false alarms. (My emphasis.) In one month, the electronic monitors in our five intensive care units, which track things like heart rate and oxygen level, produced more than 2.5 million alerts. It’s little wonder that health care providers have grown numb to them."

Comments: Before I read the third paragraph, I was thinking How can you blame the computer when it provided you with an alert regarding the prescribing error that you made? 

It is well known that systems that produce a high percentage of false alarms, that those alarms over time will be ignored or discounted. I consider this is a devastating indictment. We must do better.

I have been a human factors engineer and researcher for decades. One of the mantras of human factors is preventing errors. That's central to what we're about. But if the systems we help engineer generate false alarms at a rate that has our users ignoring the correct ones, then we have failed and failed miserably.

I think the problem of false alarms requires further research and commentary.

2. "... despite the problems, the evidence shows that care is better and safer with computers than without them."

Commentary: This is nice to read, but we as medical technologists need to do better. We really need to follow up on the repercussions of our technology we create when it's deployed and used in the field.

3. "Moreover, the digitization of health care promises, eventually, to be transformative. Patients who today sit in hospital beds will one day receive telemedicine-enabled care in their homes and workplaces."

Commentary: I agree. Of course that's a central theme of this blog.

4. "Big-data techniques will guide the treatment of individual patients, as well as the best ways to organize our systems of care. ... Some improvements will come with refinement of the software. Today’s health care technology has that Version 1.0 feel, and it is sure to get better.

... training students and physicians to focus on the patient despite the demands of the computers.

We also need far better collaboration between academic researchers and software developers to weed out bugs and reimagine how our work can be accomplished in a digital environment."

Commentary: Agreed again. But, I believe that technologist just can't dump these systems into the healthcare environments without significant follow-up research to insure that these systems provide or suggest the correct treatment programs and effectively monitor patients. Investment in systems like these will be cost effective and improve lives, but only if the necessary level of care and follow-up is performed.

5. "... Boeing’s top cockpit designers, who wouldn’t dream of green-lighting a new plane until they had spent thousands of hours watching pilots in simulators and on test flights. This principle of user-centered design is part of aviation’s DNA, yet has been woefully lacking in health care software design."

Commentary: All this is true. And as noted above that it would be a good idea to do more extensive research on medical systems before we deploy them to the field as well. That this is not done may be a regulatory issue that the FDA has not required the kind of rigorous research as performed in aircraft cockpit design. They should require more research in real or simulated environments. Right now, all that appears to be required is a single verification and single validation test before allowing commercialization. I think it would be valuable for regulators to require more research in real or simulated settings before allowing companies to commercialize their products.

Or, requiring more extensive follow-up research. Grant companies the right to sell their medical products on a probationary basis for (say) 1 year after receiving initial commercialization certification. During that year, the company must perform follow-up research on how their medical product performs in real environments. If there are no significant problems ... such as overly abundant number of false alarms ... then the product no longer on probation and would be considered fully certified for commercialization.
However, if significant problems emerge, the FDA could:

a) continue to keep the product in a probationary status pending correction of those problems and another year of follow-up research or

b) it could require the withdrawal of the product from sale. A product that had been withdrawn would have to go through the entire commercialization certification process just as if it were a new product before commercialization and sale would be allowed.

A final thought ... I think there's a reality in commercial aviation that is not true in medicine. If commercial aircraft killed and injured as many people as are killed and injured by medical practitioners, then the commercial aviation would come to a halt. People would refuse to fly because they perceive it to be too dangerous. But, if you're sick, then you have little choice but the clinic, ER or hospital.

Tuesday, March 24, 2015

Benefits of Remote Monitoring & Mayo Clinic Announcement

I've been arguing for some time that remote monitoring can not only lower medical costs, but it show itself to be of benefit to the patient as well. Here's an article that not only shows that remote monitoring can be of benefit to the patient, but to the physician as well.

Remote monitoring can not only provide better and more data ... that can lead to better analysis and conclusions. It can provide that data to the physician before the patient comes in for a visit. Furthermore, if an adverse medical event occurs, that data is captured and available to the attending health care providers. Admittedly the patient would have needed to have been wearing the monitoring device at the time, but if the person was wearing the monitoring device that information would be available.

Here's the link to the article:

Here are a few quotes from the article that I found interesting ...

... if you spend $100 a month to monitor patients remotely – over a year it would cost much less then what you would pay if they have to come back to the hospital.

[T]here are two waves of activity. The more traditional top down wave extends the reach of hospitals with FDA approved medical devices that are deployed out in the home by providers by doctors to keep track of these patients.
There is also an increasing consumer wave where people are going out and buying the sensors and devices on their own and tracking their fitness and health and bringing that information to their healthcare providers.
=== I find this quote interesting in light of the Apple Watch and other similar devices ======
Some physicians, Kleinberg asserted, don’t need and don’t want that data from the patient and claim that they don't have a place to put the data and they don't have time to look at it.
=== Actually, machines can monitor this data on a continual basis. The machines can alert physicians as needed and provide summaries. Physicians need not review raw data. ======
"There's a push back to this consumer-up bottom-up wave. But over time I think we're going to see that the sensors and the data that’s coming from these devices is going to have more and more value and providers are going to put more faith in it," said Kleinberg. "They're going to look at it and make some sense of it and part of the way they are going to do that is if they have more confidence about that data."
=== I think the last sentence may be one of the most significant in the article. Confidence in the data and automated analysis will build and become mainstream. And I think that cost considerations will be a factor. =====

Announcement Title: Mayo Clinic To Develop Wireless Sensors To Treat Obesity

I found this quite interesting when I came across it. The sensors are far from being developed but I thought it worth posting the announcement link.

Here's a quote from the announcement.

The goal is to produce the first wearable patch sensor – the size of a bandage – that is wireless, disposable, and can remotely monitor patient movements via smartphone. This new technology would simplify tracking with greater accuracy of patients and clinical trial subjects for whom a certain level of activity is prescribed to achieve their goals.

Internet of Things ... From a Connected Medical Device Perspective

Before I dive into the issues regarding the possible means for connecting medical devices to the Internet, I would like to provide you with a little background on two relevant research programs I have lead. I was the principal investigator on two Federally supported research programs described below.

The first was a NIST Research grant to support the development of a secure and commercially viable wireless data communications technology. Much of that technology has been incorporated into today's smartphones, although not all of what we created has yet found its way into the current generation of smartphones. But with each iteration, more of what we created gets incorporated.

A central part of our program was to insure secure and private data communications. It would be secure from infiltration by malware and impenetrable by snoops ... including the NSA. The system worked by securing and controlling both ends of the communication. It was capable of sending a single file to over multiple communications channels simultaneously, the packets could be sent out of order using multiple forms of encryption including nonstandard or private encryption methods -- that are much harder to break. By securing and controlling both ends of the connection between devices, we could completely control what went in and out of the channel. Nothing would flow to the other end that was out of our view or control.

The second Federal grant was for a data security program. VoIP communications channels are lightly secured largely due to the requirements to insure that audio is clear and voices understandable. This fact makes VoIP channels particularly vulnerable vectors to use for an attack. There have been attempts to logically divide voice and data channels; however, there have been several demonstrations that this does not always work. Our research focused on methods to detect the presence of an intruder without disrupting or significantly lowering audio quality. And when we detected a possible intruder, we attacked this apparent intruder through a series of escalating techniques that could finally end with terminating the connection when it was clearly apparent that an intruder was using the VoIP connection to do something nefarious.

Architectures for the Internet of Things

The two architectures I would like to review are direct and mediated connections that could be used in the realm of the Internet of Things.

Direct and mediated connections are illustrated in the figure below.

The real difference between the two diagrams is the way the Apple Watch is connected to the Internet. On the left the Watch is directly connected to the Internet. When connected, it is an addressable device on the Internet. On the right, the Watch is connected to the Internet through the iPhone. The iPhone mediates the connection to the Internet through the iPhone. All the data traffic to and from the Watch goes through the iPhone.

A mediated connection through the device can be as simple and unmanaged as one through a router. However, with the appropriate software on the iPhone, the iPhone should be able to manage the connection with and security of the Watch.

In the case of the direct connection, management of the connection to the Internet including security must be done by the Watch itself. The Watch could be subject to a direct attack and must defend against such an attack by itself.

Best Architecture for Medical Devices?

In the diagram above, I'm treating the Watch as if it were a medical device ... and a medical device it could be. It would seem that the safest connection to the Internet would be a mediated connection. However, there are hybrid scenarios. For example, incoming communications including software updates could require a mediated connection. Encrypted uploads from the Watch to a centralized server system could use a direct connection.

This is a brief introduction into this topic. I'll have further explorations into this issue in future articles.

Monday, March 23, 2015

More on Apple Watch as a Medical Monitoring Device

I recently ran across an article about Apple's continuing work to make the Watch a medical monitoring device. Here's a link to that article:

According to the article Apple considered including a number of medical monitoring devices/capabilities for their first generation Watch. For the first generation, those have been scrapped for reliability and regulatory reasons. Apparently Apple is still interested in adding more physiological sensors to the Watch, but if those capabilities appear, they'll be included in next generation Watches.

However, there was something that caught my interest from the article:

"Aside from catchall smartwatch devices, a number of standalone solutions for off-the-shelf medical style monitoring already exist in the form of products — usually wrist-worn — from smaller manufacturers and startups. For example, the W/Me band incorporates a specialized sensor to measure a user's autonomic nervous system for keeping track of stress levels, while the latest products from Fitbit tout all-day heart rate monitoring."

There are lots of other companies making sensors that would be useful for medical monitoring purposes. For Apple and the Watch there are many ways this can play out. Frankly none of these are mutually exclusive.

  1. Apple can purchase the sensing technology to incorporate into Apple-produced sensors.
  2. Apple can purchase the sensors and integrated them into the Watch 
  3. The third-party sensors can communicate with the Apple Watch over WiFi. 
The data collected by the Apple Watch could be:

  1. Analyzed and presented locally ... by the Watch
  2. Uploaded to the iPhone were the iPhone would process the data and either communicate it back to the Watch for display or be displayed on the iPhone ... or both.
  3. Uploaded to the iPhone that intern uploads it to a centralized system for processing. The results of that analysis could be communicated back for display on the iPhone or Watch. If so indicated an alert could be included if conditions warranted. 
Again, none of these are mutually exclusive. Data could be processed and displayed on the Watch and communicated back to a centralized system.

More updates on the Apple Watch to come ...