The Evolution of Healthcare for the Internet of Things

The Internet of Things holds great promise to improve our health and wellbeing. Internet-connected infusion pumps, imaging machines, blood-glucose sensors (and myriad more devices) can automatically share valuable data to a person’s electronic health record. That said, with new devices comes the need for speed and manageability, which requires careful network planning.

Security needs to be front and center

Hackers continue to dominate the headlines, as they expose vulnerabilities across verticals. Healthcare providers hold some of the world’s most sensitive information—medical records—making them a particularly high-value target.

Reporters at Computerworld recently demonstrated the risk of “medjacking,” where hackers are able to exploit Internet-connected medical devices, such as infusion pumps, to administer deadly levels of an otherwise helpful drug into an unsuspecting patient, without triggering an alarm to medical professionals.

The network represents one of the largest avenues of attack, and every possible effort should be made to secure it.

On some legacy networks, people can connect devices without prior authorization. In the most extreme cases, healthcare administrators admit they have no idea exactly how many devices are accessing their network at any given time.

Attacks come in many forms—from the so-called ‘Sneakernet’ via USB keys to infected devices brought from home by oblivious patients or employees.

Another major challenge is that Internet-connected devices and end-user applications are evolving faster than the legacy network. The traditional approach of securing the Internet gate with a firewall isn’t enough. Once a device is connected to the network with an IP address, all other devices on the same network segment can be easily exposed (and possibly hacked), as many administrators of hacked environments have learned the hard way.

Software-defined networking represents a crucial layer in a multi-layered security plan. Traffic dynamically flows across the network, picking the shortest path to its destination. The network can be easily segmented into areas that remain invisible to devices on the edge. One physical network can create numerous virtual networks on the fly. Network connections open as approved devices connect, and dynamically close as those devices are disconnected. Getting a complete picture of every device on the network at that moment is a single click away.

Reducing the size of the network footprint and obscuring the network core can provide important, added security benefits.

Segmenting and filtering are crucial

By segmenting the network at the routing table level, data can be filtered and contained to flow from approved devices to pre-defined applications. Without segmentation, all devices in a single, flat routing table, can communicate with all other connected devices and users.

In a healthcare setting, does the network that transports data from the MRI machine to the electronic health record system need to share the same path options as the payment card system? No. By segmenting the network and isolating various systems, you create additional protections against a single intrusion infecting multiple systems.

To quote the lead hacker at the NSA, who recently gave a presentation on how companies can protect themselves from the NSA: “Segment networks and important data to make it harder for hackers to reach your jewels.”

All this together helps secure the network from an arbitrary number of edge devices creating an exponentially insecure network– leading to a more secure edge. This becomes more important in a software-defined perimeter approach to securing the edge, with a central policy and filtering enforcement model, as well as segmenting it from other network services.

Automation ties it all together

Implementations where security requires too much effort or results in added complexity often fail, because the human element gets in the way of the need for a quick deployment. How many times have shortcuts and the human element led to failures in systems? Automating connectivity of Internet-connected devices means security is simpler and far easier to implement.

It’s not all about automating the connection to the edge; healthcare providers need to make sure their system puts devices and users into their proper virtual network segment and have the proper profile rules enforced. That way, administrators can prevent devices from becoming points in a myriad of concerns to the future of the organization.

I hope to see you at HIMSS 2016, either at booth #11325, or at the session “Internet of Things for Healthcare” (March 1 from 1-2 p.m.), where I will be presenting with Eric Miller of Ascension.

Related Articles:

Enabling Smart Vertical Solutions in a Smart Digital World

Watch as Jean “JT” Turgeon discusses the path Avaya is taking into the Smart Digital World and how the company enables digital transformation.


In his previous video, Turgeon introduced Avaya’s smart vertical solutions and now returns for a deeper dive. He also elaborates on the importance of the secure and automated end-to-end network infrastructure that Avaya provides, assuring viewers that there are “no other competitors that can do what Avaya can do today.”

Turgeon continues, “Avaya enables Digital Transformation at customer speed. The digitization of global enterprises is a reality in the marketplace and Avaya is delivering vertical solutions today that can help them transform.”

HIMSS 2016: Big Show, Big Problems, Big Opportunities

The HIMSS 2016 healthcare tradeshow that took place last week in Las Vegas is simply massive. With more than 1,300 exhibitors, 26,000 attendees and huge booths (some of which look more like small cities), this is the place to be for healthcare IT.

Avaya was fortunate to have a significant customer speaking slot at the show: Eric Miller of Ascension (the third-largest nonprofit healthcare system in the U.S.) and Avaya Chief Networking Architect Paul Unbehagen took center stage in a packed, 700-seat auditorium to speak about the “Internet of Things” in healthcare.

Eric shared his journey of getting his arms around securing thousands of medical devices without crushing his IT staff. He shared how he was able to realize a 30 percent savings in capital replacement costs and a 60 percent reduction in maintenance costs by implementing Avaya networking.

Unbehagen introduced a new solution called Avaya SDN Fx Healthcare that automates much of the on-boarding, flow management, and inventory tracking of medical devices. New to the market, the solution comprises a new, pocket-sized appliance called an Open Networking Adapter, an SDN controller and an Avaya fabric network, which is planned to run on an optional basis in later releases.

Many of the panel’s attendees took the opportunity to speak with Eric and Paul after their presentation and at the Avaya booth. Booth visitors got hands-on demonstrations of on-boarding an infusion pump, moving it from location to location without losing its network segment, and managing inventory and flow screens.  Also featured were Mobile Care Team Coordination, Remote Care Team and Patient Consultation.

“Many Avaya healthcare customers do not realize the power that they have in their current communication solution,” said Michael Wallace, Avaya Sales Engineer, who spoke to customers inside the Avaya booth. “When we start to show them how they use their Avaya solutions in the same ways that non-healthcare companies do to improve customer experience and increase loyalty, they start to get really excited.”

Thanks to everyone who attended the presentation and visited us inside our booth at HIMSS 2016. Next stop: Enterprise Connect, which starts this week in Orlando.

Why Healthcare Providers Need to Deliver Uber-Like Service

I have a confession to make: I’ve never used Uber. Personally, I like to order my taxis the old fashioned way – by calling the local service on my smartphone and paying via credit card. I know, so 2009.

But while seemingly all my friends are now Uber converts, I’ve yet to download the app, because I know it would be used once, or never, and then just sit on my phone. While there are now literally millions of apps available to us, not many of them actually get used. According to data from Nielsen, the average U.S. smartphone user accesses less than 30 apps per month, with 70 percent of total app usage coming from the top 200 apps.

So, which app would get my vote? A recent unfortunate event has made up my mind for me. The event was my son breaking his arm, and the dream app for me would be one that simplified my healthcare journey.

That dream healthcare smartphone app is yet to be created. After we rushed my son to the emergency room, we had to present his insurance card, answer questions about his previous medical history, any allergies to medication, list his emergency contacts and so on, all before he could be admitted to see a physician. By the time he did actually see a doctor, he was in so much pain his screams echoed through the hospital, and I was in tears.

Even worse, when we got to the operating room, the doctor went through the same list of questions. Fast forward another few hours and my son has now been transferred to a hospital room for two days of observation. With each doctor and nurse on duty, most of the questions asked before are asked again.

Now, if I had my dream app available, we would have clicked a single button to instantly talk to emergency responders, who could access my son’s up-to-date medical and healthcare profile. My phone could be geolocated and an ambulance dispatched, with skilled medical staff available who could relay information about my son’s condition to physicians while en route to the hospital. That information might prompt the hospital to make an emergency room available and prep the surgical team for an immediate operation–with the entire procedure being completed in a few hours, and questions restricted to immediate medical issues.

Admittedly, this is expecting a lot from one app: Uber doesn’t especially care about what happens to you once you reach your destination, after all. Is it too much to expect our healthcare providers to focus on providing a seamless experience for their users? The ordeal I suffered with my son recently was made worse because the hospital hadn’t done enough to ensure that I wasn’t frustrated as I progressed through the system, and to link its various points of contact… it lacked an omnichannel customer experience.

This seamless experience in healthcare is what each one of us should expect and healthcare providers should aspire to deliver. We take for granted that when we use Uber, we are going to get a reliable and safe journey that will get us to where we want to be. In the future, healthcare providers that don’t deliver the best possible experience to their customers are going to find themselves left behind by those providers who do.