Enhancing the Cybersecurity and Privacy of Medical Wearables

Abstract

In recent years, the medical world has seen rapid digitalisation. Digitalisation of healthcare and the opportunities of remote monitoring can help to keep the healthcare system affordable and accessible. A promising application of remote monitoring is the use of consumer-grade wearables for clinical care. However, vulnerabilities leave consumer-grade wearables susceptible to cybersecurity and privacy risks. When the wearables gain clinical care functionality, increased risks are problematic for the success of the technology. This research examined this problem by analysing the role of users in the cybersecurity and privacy environment and the impact of human factors on the cybersecurity and privacy system of medical wearables. Vulnerabilities and associated risks were identified with the help of notions from human-centric cybersecurity. To establish a user-centred approach to tackle these risks, the user needs and limitations were examined by performing a quantitative survey research. Based on the results of the survey and the human-centric components of user, usage, and usability, guidelines for the user-centred approach were formulated. These guidelines were subsequently linked with the challenges and attacker-oriented and user-oriented risks to establish recommendations for medical wearable providers. Providers can use these to steer the design of the cybersecurity and privacy system and the structuring of the system environment. The research showed that by taking into account the needs and limitations of users, the cybersecurity and privacy system design can be more effective in tackling user-oriented risks. The research concludes that a user-centred approach to cybersecurity and privacy can contribute to the successful use of consumer-grade wearables for clinical care purposes.