December 24, 2019
The “consumerization of healthcare” may not have made it into Merriam-Webster or the Oxford English Dictionary yet. Still, it is a term that people throw around a lot when referring to the future of the healthcare industry. In the always-connected world of big data, more and more consumers are looking for a personalized approach to managing their health, a wish that consumer technology has been pleased to provide.
But, what does the consumerization of healthcare mean and what’s the role of medical devices in a consumerized healthcare’s future?
Inside UL spoke with UL’s Anura Fernando, chief innovation architect for medical systems, interoperability and security, to learn more about how healthcare’s focus on the individual consumer is reshaping the entire healthcare landscape.
[Inside UL] Many people believe that the consumerization of medical devices reflects the rise of consumer health wearables, but you and others in the healthcare industry see it differently. Can you explain where we’re getting it wrong to help us understand the meaning of “consumerization of medical devices?”
[Anura Fernando] We’re looking at a much more complicated process of integration with medical devices and Health IT systems than just focusing on consumer wearables. This process goes beyond the simple acquisition of physiological data by-products that are somehow on your body or close to your body. To completely understand the difference, you have to look through the entire value chain of health-related data to see not only how the data is acquired, but how it's managed through the entire healthcare value chain.
With medical wearable devices, patient data might get uploaded to a cloud platform to support clinical decision software. This support software might use artificial intelligence for analysis, with other technologies layered onto it — data encryption to ensure that they take the appropriate privacy measures, and firewalls and intrusion protection to monitor system resources continuously. These measures help protect the integrity of the technology stack. Add in regulatory compliance such as the Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR), and the entire process becomes very complicated.
With consumer wearable technology, there are similarities in that consumer technology also includes information technology and cloud-based infrastructure, but there are also considerable differences. First, for many in the healthcare industry, there is concern about the privacy and security of personal data generated by consumer wearables. Much of their use remains in a grey area, not subject to regulatory compliance or medical device standards.
In healthcare, clinicians have to decide whether to trust the data they receive, or not, in order to use it when making therapy decisions, drug prescribing decisions and other medicine-related decisions. For data that's potentially coming from consumer technologies like smartwatches and other consumer products, there are concerns with the accuracy of the data. Did the user put the device on correctly? Do they know how to use the device?
But, it’s a much different scenario with medical wearables. For example, Holter monitors are regulated medical devices as are insulin pumps. These devices are also wearables, but, as stated above, they're a very differently managed type of wearable. Ultimately, we’re fundamentally talking about patient safety whenever a clinician chooses to integrate that information into the practice of medicine, and that's why we have representation from the FDA, the American Telemedicine Association, an actual hospital clinician, and a technology integrator on the panel.
[Inside UL] Healthcare is a crowded space with many moving parts — regulatory agencies, component vendors, medical device manufacturers, and on and on. What should someone new to this space know about the health care industry as it relates to medical devices?
[Anura Fernando] Being a highly regulated market, new entrants need to understand what markets they want to go after because every market has nuances, especially when you start looking at issues around data security and, even more so, data privacy. The main difference between privacy and security is that privacy has a robust jurisdictional regulation component to it; it's driven by societal norms of privacy expectations and so forth.
So, manufacturers looking to make a move from the consumer space to the healthcare space need to understand what regulations they are going to be working through to get legal market access. What are the expectations of regulators concerning how the technology is managed? How it's deployed in the marketplace? And, even how it's decommissioned in some cases?
[Inside UL] You mentioned regulatory concerns, especially as it involves the integrity of data, but isn’t physical safety important as well?
[Anura Fernando] Keeping patient safety as a central focus is probably one of the biggest changes in thinking that a manufacturer should work on as they transition from the consumer sector into the healthcare sector because, in many instances, consumer products have only a relatively small set of defined safety considerations. It might be electrical safety, mechanical hazards, or possibly electromagnetic concerns having to do with interference with communication, like FCC considerations. But when you think about the products used to provide health care, then basic safety can take on a very different perspective because the people who are using those technologies may already be sick, elderly, or generally more susceptible to harm.
[Inside UL] Do you also see standards as an essential aspect for manufacturers?
[Anura Fernando] Yes, of course! Manufacturers who are looking to get into the healthcare space should recognize that standards play an even more vital role in healthcare than they do in many industries because the standards define the things that the regulators will be looking for. Building an intimate understanding of the standards will help manufacturers understand some of the rationale and regulatory thinking that they'll be facing as they try to get their products on the market legally.
[Inside UL] Cybersecurity is, of course, top of mind for most industries today, if not all industries. Are the threats more significant with medical devices or about the same when compared to other sectors?
[Anura Fernando] There are some statistics out there that demonstrate that healthcare records are on the order of about ten times more valuable than financial records. If you look at a credit card record or credit card number used by a hacker, for example, it has a limited term of use before the credit card company shuts it down. On the black market, those types of records are worth on the order of $25 per record [on the dark web,] whereas the black market value of a healthcare record is potentially on the order of $300 per record.
[Inside UL] What precautions do these medical device companies and healthcare, in general, take to help improve their cybersecurity?
[Anura Fernando] The first element is to have a “defense-in-depth” architecture for the whole system. When you look at a medical device, it's important to look at how it fits into the entire ecosystem. Ask what other parts of that system the device exchanges data with and what kinds of security controls are available elsewhere in the system. Use that understanding and that definition to help define what capabilities and limitations should be reflected in product design.
[Inside UL] We’re closing out one decade and into a new one. What does the future hold over the next ten years for the medical device industry?
[Anura Fernando] We started off talking about the convergence of consumer and medical technologies, and really, that's the next stage in evolution. We now have technologies like ubiquitous low-power sensors, and the data provided by those sensors can be processed to manage patient care securely. Technologies like artificial intelligence can be used to secure that data. Better authentication, authorization, and encryption is on the healthcare horizon, and the use of emerging technologies like blockchain can potentially propel improvements in healthcare transactions similar to how we currently see those technologies used with cryptocurrencies exchange.
Finally, with precision medicine, where we now have the whole human genome mapped, we will see new ways to customize health care regimens very, very specifically to patients and not only their current states of health but also addressing conditions to which they're predisposed.
So, pulling all of those pieces together, we see that the future of healthcare hinges on the safe, effective and trusted use of data. If we continue to build trust models, and clinicians can trust this ubiquitous data in the practice of medicine, then many of the things that we see as science fiction now — body scanners, injected nanoparticles for doing cellular level diagnostics and potentially cellular level therapies, and ingestible robots that can be externally controlled — are all on the near horizon for implementation. So, over the next decade, as long as we can get these data issues figured out, we should see many of those things becoming available to patients.
Want to learn more? Our technical, regulatory and clinical expertise substantiates trust in medical technology, healthcare delivery networks and consumer wellness devices. Discover how we can help you manage regulatory challenges and bring safer products to market faster.