Table of contents:
- Executive Summary
- Implementation Challenges
- IoT Security and Privacy; Concerns and Challenges
- Remote Medical Examination Trial Using 5G Technologies
- Health-Related Internet of Things and the Internetworks of Everything
- Common IT Modernization Mistakes
- The Importance of Security Awareness Training
- Future Trends and Challenges
- 5G Technologies, a Catalyst for Connected Care
5G Next-Generation Wireless Networks and the Twenty-First-Century Internetworks of Everything, and Addressing Associated Security Challenges
While the healthcare industry is adopting new technologies like 5G and the Health-related Internet of Things (H-IoT) many issues and challenges are being exposed that need to be addressed. The future of healthcare internet of things appears to be promising.
Like the rest of the industry, the Veterans Health Administration (VHA) is adopting new technologies as well. This paper addresses the use of new technologies within the VHA and recommends appropriate implementation strategies.
It also highlights research findings and challenges that have been brought to light during the early years of the adoption of emerging and evolving technologies within the healthcare arena.
This paper notes the importance of planning, execution, and maintenance when implementing new technologies. The findings and recommendations in this paper are based on facts, diligent research, and investigatory theories.
This paper explores and analyzes the current and future roles of evolving technologies. It discusses the implementation practices that are recommended to successfully incorporate new technologies methodically while addressing current and anticipated security challenges. It defines the need for standardization and the sharing of new developments and concepts within the whole healthcare industry.
Real case scenarios have been analyzed and the lessons learned exposed. It highlights the need to embrace new technologies in the healthcare field while maintaining security and privacy. The paper discusses the main concerns being addressed within the industry and provides solutions, recommendations, and resources to be used for correction and further analysis. It examines the legal and ethical aspects of implementing these new technologies as well as the standards and guidelines being developed.
Also discussed are current trends and anticipated challenges for the future. It also reveals processes that can be utilized by the VHA to add to the overall effectiveness of patient care and provide additional convenience for patients while improving the quality of their lives. The paper also brings to light some solutions that are often overlooked and improperly implemented.
Keywords: 5G next-generation networks, internet of things, internet of medical things, programmable networks, remote surgery, 3gpp, mobile technologies, IoT vulnerabilities, HIPAA, fog computing, edge computing, 5G trends, wi-fi 6, 5G deployment, healthcare regulations, 5G challenges, IPv6, cloud security, 5G trials, converged networks, next-generation programmable core, IoT security frameworks
- This report is directed to VHA management, decision-makers, and other stakeholders. A list of suggested interested parties can be found in Appendix A.
- Leaders in hybrid infrastructure design and architecture are making serious commitments to 5G and the Internet of Things (IoT) technologies. Cisco® has recently made a commitment to invest $5 billion during the next three years focusing on enabling new technologies. The healthcare industry is embracing new technologies to provide better care for patients and streamline business operations.
- With advances in technology comes uncertainties and challenges. This research paper can assist the VHA in making the important decisions of how to best embrace new technologies in a methodical, logical, and secure manner.
- Existing infrastructures that are the backbone of the operational environment must be modified or redesigned to accommodate evolving 5G and health-related IoT technologies. A focus on virtualized infrastructure designs and architectures will lead to new state-of-art capabilities within the VHA. A well-planned and properly implemented infrastructure will offer opportunities for advanced technologies like remote surgery and other techniques to be successfully deployed.
- Cybersecurity must remain a priority while introducing the new technologies that can greatly improve patient care. This report includes information to assist in deploying new technologies while complying with healthcare industry privacy laws and regulations, domestically and internationally.
- The talent within the VHA will require new skillsets and capabilities to take advantage of evolving technologies. Now is the time to update the technologies and train the workforce for the future. A logical and systematic approach is needed to effectively deploy new and evolving technologies. This paper provides the information required to move the VHA into 2020, and beyond.
Photo by Mohamed Hassan
Implementing 5G Next-Generation Wireless Networks
Can the Veterans Health Administration (VHA) effectively and securely adopt and implement evolving technologies to improve patient care and streamline day-to-day business operations? In 2017, the Trump administration attempted to make the current military and veterans’ health care systems and processes seamless. The multibillion-dollar initiative enacted by President Trump, according to him, would deliver “faster, better, and far better-quality care.”
As the administration implemented the $4.3 billion-dollar plan and put the first hospitals online it was obvious that the plan was failing to produce the desired results (Allen, 2018). It is now obvious that additional solutions need to be used to fix the veterans’ healthcare system. The system is not broken to the extent of being unrepairable. President Trump’s plan focused on current military and VA processes and did not focus on implementing new technologies that will improve the care and the day to day lives of patients, the real goal.
There are evolving technologies that offer solutions, not just for enterprises and large organizations like the VHA, but for smaller and upcoming organizations. These technologies are changing the world, and the way healthcare providers can offer services to their patients.
To ensure The VHA can successfully deploy the new technologies successfully on a large scale it is important to prove the methodologies used in an environment that challenges the concepts in their entirety. An environment that meets this need is the Veterans Administration Pacific Islands Health Care System that consists of facilities in Hawaii, Guam, American Samoa, and throughout the Pacific Islands. Successful deployment in that environment will prove that new technologies can benefit facilities that are challenged when providing quality and timely health care to veterans in remote areas.
A list of stakeholders that can benefit from reading this report are noted in Appendix A. Anyone who is invested in the project or may be affected by the project in some way is a stakeholder. A stakeholder’s input can directly impact the project in many positive ways. Communication with stakeholders is key to project success (Larson & Larson, 2017). Listed in Appendix B is a listing of roles and responsibilities that can be used to form the required project teams.
Current Information and Communication Technologies (ICTs) provide the ability to send and receive information via a wide range of technologies using many types of devices. This includes communication mediums like the Internet, cell phone networks, and other wireless networks and infrastructures. Telecommunications companies are deploying new technologies to meet the global demands for additional bandwidth and processing capabilities that are necessary requirements to take advantage of the technologies being developed and tested.
These new technologies will benefit all industries, but the most important advances will be made in the healthcare industry. By implementing 5G Next-Generation (5G) wireless networks the healthcare industry can transform the way it provides care for its patients. The healthcare industry will be using the Internet of Things (IoT) and 5G technologies to create inter-networks of everything. In 2018 there were more than 7 billion actively connected IoT devices worldwide (Lueth, 2018). That number is expected to reach more than 21 billion by 2025. Old technologies and methods must make way for innovative and evolving technologies.
5G networks will improve the connectivity and overall effectiveness of IoT devices and offer the opportunity for major technological advances in the healthcare industry. It is key that new policies and standards are developed to allow these technologies to reach full potential. One of the largest integrated health care systems in the world is the Veterans Health Administration (VHA). The VHA provides care for more than 9 million Veterans each year at more than 1,250 healthcare facilities, including 1,074 outpatient sites and 170 high capacity medical hospitals (U.S. Department of Veterans Affairs, 2019).
New technologies are creating solutions to existing problems, like the ability to practice telemedicine securely and cost-effectively for patients in remote locations (eVisit® Telemedicine Solution, 2018). New wireless technologies will enable better use of the IoT and improve virtual diagnostic and treatment procedures. The monitoring and treatments that once required a visit to a facility will be done remotely, often requiring only the presence of a medical assistant or caregiver.
Many problems like non-adherence to medication schedules and unnecessary emergency room visits can be avoided; resulting in better healthcare for the patients, and significant overall organizational cost savings.
Can the new technologies be implemented by the VHA in a cost-effective, efficient, and secure manner? Security issues surrounding 5G technologies and IoT devices are a justified concern and must be addressed. If the technologies and devices cannot be secured, then they of little use in the healthcare industry. To realize the benefits of the new devices there must be a way to securely implement them using 5G technologies and a more flexible and robust, yet simpler, enterprise infrastructure.
This paper provides research findings that the VHA can use to determine the feasibility of adopting emerging Health-related IoT (H-IoT) technologies throughout the entire VHA healthcare system. This paper identifies the challenges that will be encountered and the available solutions that can be implemented. The care of Veterans can be improved while reducing costs, saving resources, and improving the daily lives of the patients. Contrary to some public opinions, H-IoT technologies can be implemented securely in a global environment while meeting local, national, and international patient privacy laws and regulations.
The findings of this paper are based on facts, professional opinions, and investigational theories. The processes and recommendations take into consideration what is, what can be, or what may be, although what is happening in the industry now is the foremost indicator of what will come to be in the future.
In this era of intelligent connectivity, technologies are awkwardly emerging and indicating that the way people live, and work are changing drastically. Technologies like 5G next-generation networks, the Internet of Things (IoT), and artificial intelligence (AI) are beginning to define the present times as the new era of hyper-connectivity (Pasqua, 2019). With advances in technology comes uncertainties and challenges.
The fusion of emerging technologies offers opportunities for never seen before applications and services. The IoT can be used to create simple to manage and flexible interconnected smart networks in various sectors. As shown in figure 1.
The fusion of emerging technologies offers opportunities for never seen before applications and services. The IoT can be used to create simple to manage and flexible interconnected smart networks in various sectors. As shown in figure 1.
Figure 1. The scenarios of IoT. Source: (Wu, Huang, & Xiang, 2019)
Intelligent connectivity will accelerate technological advances, and at the same time enable new disruptive digital services that will result in an increase of attack surfaces that will become potential security vulnerability points. When 5G technologies are widely deployed, AI advanced algorithms and IoT devices will allow for technologies to rise to new levels and the intelligent interconnectivity that visionaries expect will be enabled. A list of conducted 5G trials can be seen in table 1.
Table 1. List of recent 5G trials Source: (Pasqua, 2019)
Intelligent inter-connectivity will offer opportunities for major advancement in several key areas:
- Industrial and Manufacturing Operations – Increased connectivity and intelligence will result in better quality products and increased productivity, and fewer human mistakes, while creating safer workplaces and lowering operating costs. Factory automation will be more efficient because of the high data rates, low latency, and high reliability of 5G networks. Artificial intelligence alerts can be sent by industrial robots to human operators immediately when errors in the processes are detected, and in some cases, the robots will be able to correct the errors without human assistance.
- Logistics and Transportation – The combination of 5G and AI will allow traffic monitoring systems to provide driver assistance, helping the driver avoid collisions and accidents. These technologies will also be used in the development of safe and reliable self-driving vehicles including applications in mass-transit and rideshare services. Many of these solutions are currently being tested with good results, showing future potential.
- Public Safety and Security – Intelligent hyper-connectivity will improve emergency services, video surveillance and security systems. Video systems that incorporate AI will be able to detect threatening articles like guns and knives and be able to recognize mischievous and threatening body language and facial expressions.
- Healthcare – There exists the potential to significantly improve preventative care and diagnostic procedures. This is by far is the area that can benefit the most from 5G, AI, and IoT, resulting in better, and more available, global healthcare. The ability to conduct remote medical examinations will be available in countries across the globe in places where there are no other (or insufficient) resources available.
- Other Sectors – Intelligent connectivity has the potential to enable innovation in many other areas; Cloud-based gaming servers, virtual personal assistants, 3D hologram displays, and more.
The era of intelligent connectivity will create many opportunities for those who operate within the telecommunications sector and related industries, and the developments that will benefit mankind will far exceed any benefit realized by the corporate giants (WGR, 2019). There have been several recent 5G trials in several areas with positive results.
The emerging technologies working in conjunction with one another have the potential to produce some amazing breakthroughs. The implementation of just one of these technologies in any one of several applications requires careful consideration of underlying systems, their capabilities, and associated security implications.
When these technologies are combined the potential benefits increase, but so do the security challenges. The emerging 5G technology has the potential to significantly increase the rate of development related to IoT, virtual reality, Artificial Intelligence, Machine-to-Machine (M2M) communications, and all mission-critical communications.
Network architectures and infrastructures must meet certain requirements to accommodate these emerging technologies. In the case of the VA healthcare system a major update of existing infrastructure, and/or the adoption of new architectural philosophies and methods will be required (Nokia, 2016). The network architecture goals need to shift from being a network of entities to a network of capabilities. In addition, a concentration should be put on creating a network for services model, a shift from the current network that is based on connectivity philosophies.
Security is a big issue when implementing a single technology, and when technologies are converged the challenges increase and are more technical in nature (Fortane, 2018). A recent intelligence report published by GSMA (Granryd, 2019) states that 5G connections globally will increase by a minimum of 10 percent each year during the next 10 years.
The report goes on to say that 16 major markets worldwide will implement 5G networks this year. Billions of dollars will be spent on networks and infrastructures to move from complexity to simplicity, by designing and implementing programmable and scalable networks.
Blockchain technologies have inherent characteristics that indicate they have a place in the implementation of 5G and IoT technologies. Evolving 5G, IoT and blockchain technologies are well-suited to work with one another, in synergy (Innovation®, 2019). The technology behind blockchain concepts reaches far beyond digital currencies.
Blockchain, because of its decentralized nature, is resistant to most security issues. The full benefits of 5G and IoT technologies can only be realized by infusing the blockchain technology. Scalability issues will need to be overcome to ensure 5G, IoT, and blockchain technologies can work seamlessly together, maintaining a network of technologies that offer flexibility, speed, and security.
Will 5G replace traditional Wi-Fi?
The 5G standard promises to provide enhanced broadband connectivity and speed for many services and applications. Industry professionals and technology consumers are in an ongoing discussion about whether 5G will replace traditional Wi-Fi networks, or perhaps, in some way cause problems with existing Wi-Fi deployments (SDX Central, 2018).
Many experts, including the professionals at Cisco®, believe that 5G and Wi-fi technologies will each continue along their own separate paths (Cisco®, 2019). There are over 20 billion Wi-fi enabled devices in use, according to Wi-Fi® Alliances Christopher Szymanski (2018). The vast number of devices in use is a clear sign that Wi-fi is here to stay for quite some time.
When enterprise environments are considered, many rely on Wi-fi as part of their overall multi-connectivity scenario. In a lot of applications and services like Software-Defined Wide Area Networks (SD-WAN) the availability of Wi-fi is sometimes used for control and configuration purposes. Here are other reasons that reinforce the opinion of the experts:
- The Wi-Fi Market is Not Shrinking, It’s Growing – According to a published report (MarketsandMarkets™, 2017), the Wi-Fi global market will be worth over $2 trillion by 2020.
- Wi-Fi is Densely Deployed – Meaning that Wi-Fi is already used in a wide variety of close-proximity applications, so it will continue to have its place in many residential and enterprise environments.
There is a new wireless specification; Wi-Fi 6, which uses the 6-GHz band. The Federal Communications Commission (FCC) is considering designating 1.2 GHz of spectrum in the 6 GHz band for unlicensed use (Teschler, 2019). This commitment by the FCC can move Wi-Fi technology to the new era of ultra-high performance. This sixth generation of Wi-Fi is a new standard known as 802.11ax, or Wi-Fi 6. It will provide additional bandwidth with increased speed, lower latency, and the ability to connect more devices.
All Mobile and IoT devices used within a network should support both 5G and Wi-Fi 6 technologies and have the ability to incorporate strong passwords.
When private 4G LTE is better than Wi-Fi. In most enterprise networks traditional Wi-Fi is currently the most prevalent wireless technology (Doyle, 2019). There are cases when the specific requirements of an organization require dedicated cellular networks to connect to, that include cell sites and core network servers that are independent of the networks of service providers. Private 4G LTE cellular technology can be the solution for mobile and remote deployments that demand high-capacity services, including the needs of IoT devices.
Private 4G LTE services allow organizations to customize the network to accommodate mission-critical services and applications to optimize the network for low latency and address specific service level agreements while reducing interference introduced by the congested public wireless spectrum.
Why enterprises might need private 4G LTE and 5G. Public 4G and 5G cellular networks can be stressed under the heavy data transfer demands of specific services. Private LTE can eliminate the high costs associated with public LTE networks. The ability to optimize private LTE networks can be used to guarantee the quality of service requirements demanded by some IoT real-time applications.
Private LTE is not as susceptible to interference and spectrum noise found in environments that incorporate steel wall structures. Private LTE can be used in high-definition video surveillance and remote vehicle applications (automated delivery carts). The large numbers of IoT devices found throughout the healthcare industry are candidates for using private LTE networks.
The 5G journey is about developing the next generation of mobile services and future technologies. Data-intensive processes will be enabled as 5G networks become a common reality. Security and network management will be impacted by 5G technologies (Robinson, 2018).
As shown in figure 2, ever since mobile wireless technologies began to be deployed there has been a revolution, and evolution, resulting in first-generation (1G), then 2G, 3G, 4G, and now the fifth-generation (5G). The first wave of 5G networks being implemented are Non-Standalone (NSA) networks and rely on the support of existing 4G infrastructure (MediaTek, 2018). The devices operating on these networks will typically use 4G for non-data needs like communicating with servers and cell towers.
Figure 2. The evolution from 1G to 5G. Source: (Wu, Huang, & Xiang, 2019)
There are currently 5 different deployment options when implementing 5G. There are standalone (SA) options consisting of only a single generation of technology, and there are non-standalone (NSA) options consisting of two generations of technologies (4G LTE and 5G). As 5G technologies are developing, standards are being created to maintain global compatibility and compliance. The group taking the lead for these duties is the 3rd Generation Partnership Project (3GPP) and their Organizational Partners. The partnership consists of seven organizations (3GPP, 2019).
The project will be discussed in more detail in a later section, Standards Organizations. Standardization has been completed for the non-standalone option 3 and the standalone option 2 and most current deployments will be adopting one of those (GSMA, 2019). As shown in Figure 3, each option incorporates a different high-level architecture.
Figure 3. High-level architecture of SA Option 2 and NSA Option 3 Source: (GSMA, 2019)
Currently, the preferred implementation option is SA option 2 because it can fully support all 5G use cases via a cloud-native service-based architecture by implementing network slicing techniques. Although standards are created to help ensure global compatibility, the same does not apply for the specific allocation of the frequency spectrums; varying from country to country as detailed in appendix B. There are 5 separate bands, and global harmonization is feasible in the lower parts of the bands (Rabey, 2019). The International Telecommunications Union IMT-2020 requirements base the maximum throughput on the assumption that a 100MHz channel is being used, but not all countries will have that much of the spectrum available. So, that must be taken into consideration when deploying 5G technologies in a global environment.
Early testing has shown that 5G technology is typically twenty times faster than 4G. The main advantages of 5G are speed and bandwidth, and the ability to accommodate bigger numbers of devices, therefore being well suited for the IoT. 5G signals do not travel as efficiently as 4G. The high-frequency 5G signals (millimeter wavelength) travel only about 1000 yards without significant degradation, while 4G radio waves can typically travel from 5 to 10 miles and can penetrate walls and work around other obstacles better than 5G. There is a 5G band available in a lower frequency band that offers better distance and travels around obstacles, but some speed and bandwidth are sacrificed.
Theoretically. a single 4G Macro-cell tower can cover 10 square miles, whereas 5G technology requires hundreds of small cells to provide the same amount of coverage. Building a 5G infrastructure is labor-intensive and expensive but the performance and capabilities it promises are worth the resources invested. Widespread deployment of 5G also requires a vast infrastructure of fiberoptic cabling to be in place (Mullaley, 2018). Fiber-rich network infrastructure is needed to ensure key performance; supporting more connected devices, providing higher data rates, offering ultra-high reliability, and lower latency.
The International Telecommunications Union (ITU) uses eight key performance indicators to define the required capabilities of 5G. As seen in figure 4, the capabilities of 4G are used as baselines for comparison. The eight key capabilities are all important but each one may
influence the overall performance and effectiveness differently depending on the use cases and the application. One capability that is interesting to note is mobility. Mobility refers to how fast a moving object, like a train or airplane, can be moving and still maintain an uninterrupted communication connection on the network. This is a challenge for 5G networks given the limited transmission range of the mm-Wave signal (MumTaz, Rodriquez, & Dai, 2017).
Figure 4. Capability requirements of 5G as defined by the ITU.
Source: (MumTaz, Rodriquez, & Dai, 2017)
An antenna system based on mm-Wave Massive Multi-Input Multi-output (MIMO) helps to solve transmission range issues (RF-Wireless World, 2017). The system utilizes hybrid beamforming and tracking technology to maintain a connection with a moving object while limiting potential interference.
World-class experts have come together to develop or reinvent multi-gigabit millimeter-wave networks. These experts have formed a company called Movandi. It was founded by two internationally recognized siblings; Maryam and Reza Rofougaran (Movandi Corporation, 2019). These experts are contributing to the success of 5G by utilizing their expertise in antenna systems and beamforming technologies to develop the radio frequency front-end technology for 5G and beyond (DeMartino, 2017).
Effective planning is necessary to form the basis of understanding the project and the processes within the project. A properly created project plan reveals answers to a variety of questions. The main reason for most project failures is the failure to properly plan the processes and being prepared for the unexpected (Webster, n.d.). Other reasons for failure are getting sidetracked from the goal and a lack of support from management. Some of the questions concerning the project that get answered during the planning process are:
|What are the costs involved?||Will it deliver the expected benefits?|
|Can it be completed on time?||Do we need backup processes?|
|Can it even be accomplished?||Can a timeline be maintained?|
|Will it satisfy the requirements?||Can changes be handled properly?|
Project planning does not have to be overly complex by accounting for every possible situation. However, it is an essential activity that helps to ensure goals are achieved, and it produces documents that are useful during the project lifecycle. A project plan is a tool that can be used to gain the support of senior management. Project planning includes defining scope; what will get done, by whom, and what is not necessary to accomplish. A project plan can be used to ensure everyone understands what is required, how it will be accomplished, who will do it, and when it will get done.
Challenges for 5G network engineers. The principal goal of 5G is to overcome the current limitations of 4G. 5G next-generation networks will be capable of meeting future demands and offer flexibility and scalability. 5G networks are beginning to be deployed on a large scale and network engineers are being challenged in several key areas (Anritsu Ltd, n.d.). Currently, network engineers are using existing and affordable technologies to implement a network that can meet all the performance criteria, and here are the main challenges they are experiencing:
- The number of IoT devices connected – 3GPP-based networks have control plane limitations on the number of devices that can be connected. The massive increase in IoT devices expected in the future will create a need for additional access control mechanisms. In 2015 there were 5 billion connected devices; five years after, in 2020, there will be almost 50 billion connected devices.
- Increased data volumes – Data capacity in the end to end network must be increased to keep up with the growth of data being carried on mobile networks. The amount of data is growing between 25 to 50 percent a year and expected to grow at that rate until 2030. The massive amounts of connected devices are creating 25 exabytes (25 followed by18 zeros) of data per month. That’s five times as much as all words ever spoken by human beings (Hoff, 2012).
- Increasing network capacity affordably – Users are demanding more data availability but are not willing to pay the appropriate increase in costs. So, new technologies must be used to increase network capacity without increasing operating costs. A solution being used is to separate the distribution of control and user data planes as can be seen in figure 5. In addition to the separation of planes this architecture uses access specific control functions and a shared data layer. When using this architecture design, additional capacity can be realized at little cost.
Figure 5. 5G system architecture for converged network services. Source: (IPv6 Council, 2016)
- Real-time information for critical services – Critical services need high-reliability service without the issues of data loss. Dedicated networks address these problems, but more innovative network technologies will be required to fulfill these needs. The network design will need to be flexible and easily reconfigured.
- Accommodating augmented reality – Portable devices are being made with augmented reality capabilities and the demand on networks is being dramatically increased. New signal routing techniques and architectures will be required to address this issue.
- Automotive and M2M – Machine to machine communications demands and requirements are increasing as self-driving automobiles are being developed. 5G Heterogeneous network (HetNet) technologies should be able to deliver the coverage, capacity, and low-latency demands required. A HetNet is a wireless network that uses nodes that have diverse coverage size and transmission powers.
There are many research activities that show promise of creating technologies that will become part of the standards being developed that will alleviate most of the anticipated issues. Staying abreast of new research findings and developments in the field is necessary. And, incorporating Software Defined Networks (SDNs) and utilizing Network Function Virtualization (NFV) technologies will be key to maintaining a flexible network architecture (IPv6 Council, 2016). Nokia has designed an architecture that utilizes an SDN / Load balancer and a programmable core that is illustrated in figure 6.
Figure 6. Next Generation Programmable Core. Source: (IPv6 Council, 2016)
Software-Defined Wide Area Network (SD-WAN) Vendors. Service providers and independent contractors must be vetted for compliance with organizational security requirements. They must provide products and services that have been thoroughly tested for safeguards that will eliminate current and future exploits. Choosing the right SD-WAN vendor for an organization can be overwhelming. There are several given requirements that all Software-Defined Wide Area Network (SD-WAN) Vendors should fulfill (English, 2019):
To select the right vendor for organizational needs there are several factors to consider; these are available deployment options, Cloud connectivity options, pricing, and others. A comparison of SD-WAN vendors is illustrated in appendix G, vendors are listed in alphabetical order.
5G network slicing technologies. Virtual dedicated networks can be created using a technique called network slicing. Network slicing aids in providing a network infrastructure that is service-oriented (Kavanagh, 2018). A multitude of services can be provided over a single common infrastructure. For large organizations, like the VHA, such technologies create a flexible, more efficient, and simpler network. Network slicing is a virtual function like network functions virtualization (NFV) and software-defined networking (SDN) principles that are used in fixed networks. In 5G applications, a single radio access network (RAN) can handle a multitude of various services using network slicing techniques.
Network slicing is dynamic in nature and allows 5G applications to operate on a flexible zone on a network. Depending on the specific application this technique allows for adaptable levels of reliability and bandwidth. It means that an application that utilizes a simple sensor and only requires sporadic network access does not waste resources, leaving resources available for more bandwidth-intensive applications like remote surgery (Nelson, 2017). Resource intensive applications like remote surgery will be guaranteed the necessary bandwidth, level of reliability, and low latency that is demanded.
The world of IoT and IoMT (Internet of Medical Things) do not have to solely rely on 5G technologies; Other solutions are in development and alternate (but less effective) solutions already exist. There are traditional cellular, low-power wide-area networks (LPWAN), and Random Pulse Multiple Access (RPMA) technologies. Each technology has various distinct advantages and uses. The goal of LPWAN and RPMA technologies is to provide seamless operation between devices created by different manufacturers and take advantage of long-distance capabilities while requiring a minimum of power (LoRA Alliance®, 2019). Figure 7 shows the concepts involved in the strategy. The purpose of these techniques is to define the device-to-infrastructure physical layer conditions and protocols while maintaining security, compatibility, and reliability.
Figure 7. Defining the physical layer and protocols. Source: (LoRA Alliance®, 2019)
The important role of IPv6 in 5G and IoT technologies. This era of intelligent connectivity would not exist without the Internet Protocol version 6 (IPv6). IPv6 is gradually replacing IPv4 (Ray, 2015). Eventually, IPv6 will be used everywhere there is a need for IP addresses. Every device needs an IP address to connect to the Internet. The old protocol (IPv4) only allows for 4.3 billion unique IP addresses. Those were exhausted years ago. By 2020 there will be almost 31 billion connected devices in use globally (Statista, 2019). Since 2015, the number has double.
Figure 8. The projected growth of connected devices by the year 2025. Source: (Statista, 2019)
The allocated number of IP addresses in IPv6 is 42 undecillions (4.2×10^37). In retrospect, if a person scans one million IPv6 addresses per second it would take 69,683 years to scan them all. IPv6 offers many advantages over IPv4; here are the most important reasons IPv6 is important for 5G and the IoT:
- Security – IoT engineers are now acknowledging the fact that their devices need to be designed securely. IoT security is very important; what if someone hacked into a smart city? Perhaps a self-driving vehicle (it has happened). The consequences could be catastrophic. IPv6 offers much better security than its predecessor, mostly due to Internet Protocol Security (IPsec). IPv6 can run end to end encryption. Of course, without the proper design and implementation, the security may be easily compromised. If properly configured it is significantly more secure than IPv4.
- Scalability – As stated earlier, by the year 2020 there will be 25 billion Things connected to the Internet. That’s a 300% increase since 2015. The same exponential growth should be expected for the next few decades, at least. IPv6 ensures there will a unique IP address available for every device for a long, long time.
- Connect-ability – Billions of IoT devices will need to talk to each other and to systems on a continuous basis. IPv4 uses Network Address Translation (NAT) which creates an identity issue for the IoT devices. IoT devices are uniquely addressable with IPv6.
IPv6 is not a perfect solution for 5G and IoT because some devices will be using the old IPv4 and that creates communication issues. There are current research and development activities underway in hopes of creating a more ideal solution.
Cloud and fog computing in 5G mobile networks. 5G cell networks are capable of extra-low latency and transmission speeds of 1 Gbit/s. However, the delivery model in the cloud does not guarantee this quality of service because of the computational methods used in the Cloud. In addition, the hops across the wired networks between the 5G-base stations and the Cloud create a significant increase in latency (Markakis, Mastorakis, Mavromoustakis, & Pallis, 2017).
Forwarding the generated data directly to the cloud devours bandwidth which leads to network congestion. When the processing is done closer to the source of the data the cloud and transmission mediums are not burdened with extra unfiltered data. Cloud computing can be extended to the edge by using Fog Computing techniques over 5G networks.
The development of IoT technologies is transforming the way humans connect with the Internet, and the IoT is going to connect people, devices, virtual objects, and machines using methods that have never been used before. Fog computing allows applications to be processed in the proximity of the users, cutting down latency and improving the quality of service (QoS).
The emerging Internet of Everything (IoE) applications demand real-time and predictable latency and since fog computing is a distributed process, which is ideal for mobility, it assists in filling the high demands of the applications. Fog computing utilizes similar mechanisms as the Cloud does and provides the same services. Fog computing concepts make it possible for developers to create applications that can use the interplay between the fog and the cloud. Fog computing was developed to support applications and devices that can’t provide QoS levels in a Cloud environment. An example of such devices and applications is shown in figure 9.
Fifth-generation networks will require the use of fog computing technologies to provide the expected performance level while processing services through Cloud environments. Fog and edge computing concepts will always exist within 5G architecture designs and methodologies. It should be noted that there is a difference between fog computing and edge computing, although the terms are often considered interchangeable.
There is not an accepted standard that specifically defines the techniques and the definitions of each technique are often correlated with the way a service or application is deployed (Pod Group, 2019). During the last few decades, there has been a shift from local software doing the work to Cloud computing solutions being tasked with the heavy computations.
As technologies like remote healthcare and self-driving cars become more prevalent there will be a shift of computing resources away from the Cloud and towards the edge of the network. The closer proximity to end devices ensures lower latency.
Figure 9. Applications supported by fog computing.
Fog and edge computing both have the same goal; they move the processing of data closer to where the data is generated. In mission-critical applications, high reliability and increased security are the targeted benefits. In data-intensive applications, the main benefit is the use of fewer network bandwidth resources and therefore realizing savings in costs. The definitive difference between fog an edge computing is that fog computing utilizes the local area network architecture for processing resources whereas edge computing will process most of the data on the IoT device itself. This concept is important to grasp.
Cloud Security Considerations
When 5G and IoT devices begin to be used in conjunction everywhere, the devices will be collecting data quickly, often with very thin structure (very small amounts of internal memory) and will need to transport that data to other devices for analysis and storage. The destination most likely will be in the cloud, whether a shared environment or a specially designed environment for connecting devices and machines (Linthicum, 2014).
Edge computing, or fog computing techniques will be used before the data is transported. Most IoT deployments now require a mix of edge, fog, and cloud computing. It is important to understand what processes will execute at the edge and what processes will execute in the cloud (Byers, 2018). Edge computing involves taking processes and tasks that often reside in the cloud and move them to IoT enabled endpoints or mobile devices.
Utilizing an edge-computing architecture creates a distributed intelligence in the IoT network(s) and improves performance, reliability, and most importantly, security. Effectively designing and building IoT solutions that can be easily scaled requires a balanced use of edge, fog, and Cloud computing (Carroll & Chandramouli, 2019). The better the access to the information the faster key decisions can be made, allowing services and the companies that use them to become more agile.
As increased numbers of 5G and IoT technologies require specific cloud solutions to be deployed, potential security vulnerabilities may surface, as happens during most new technology deployments (IDG Communications, 2015). The Cloud Security Alliance recommends the following best practices:
- Proactively Protect Privacy – Inform users of data being collected and allow them to opt-out of the data collection processes. Perform assessments that consider any data that may be affected before implementing IoT technologies.
- Ensure Security Controls are in Place – To guarantee the confidentiality and integrity of collected and stored data ensure that encryption, authentication, and integrity protections are in place.
- Use Layered Security Protections – Attackers will seek to use the IoT to access the main network so segmentation and appropriate defenses should be used to protect the IT infrastructure.
Collecting data utilizing IoT devices and using 5G technologies to transport the data amongst other devices and the cloud create logistical issues that must be addressed, including mitigating the risks before they become compromised vulnerabilities.
5G and the introduction of new security vulnerabilities. A massive increase of connected devices on a 5G network creates a significant increase in bandwidth requirements, usually burdening an LTE network, and can create an exposed landscape vulnerable to threats and attacks. The landscape presents different security challenges than traditional networks. The beneficial attributes that make 5G such an improvement is what creates additional security challenges (Dell EMC, 2019).
As 5G networks are widely deployed they create a potential for vertical industries to enable many new services, all of which will require new and varying levels of security. An example would be autonomous vehicles and sentries (used in hospitals). As the number of vehicles increases, there are more attack surfaces for hackers. To mitigate these threats on the highways the National Highway Traffic Safety Administration (NHTSA) is employing a layered approach to ensure cybersecurity measures are incorporated into the design and manufacturing of driver-assisted technologies (US Dept of Transportation, 2019).
In the healthcare field, 5G capabilities allow for faster transfer of patient files, performing remote surgery, patient monitoring via IoT devices, and other traffic-intensive services. The advances create a need for better security measures. 5G introduces risks of medical information and identity theft, breach of Patient Health Information (PHI), and requires more resources for medical data management and analysis.
The healthcare industry was the target of 40% of all data breaches in 2017 (Mehta, 2019). And that’s not all, in 2016 the US was targeted more than any other country. Figure 10 shows the least affected and most affected regions across the globe.
Figure 10. Worldwide data breach heatmap 2016. Source: (Mehta, 2019)
One of the main concerns about 5G security is that 5G enables the IoT devices to have a much bigger presence on the network than previously with less efficient 4G networks. Also, the vast number of devices are difficult to monitor without well-defined and automated controls, policies, and procedures in place.
Analyzing encrypted network traffic. As more IoT and mobile devices are utilized on networks, there is a need for the adoption of complex multi-could environments. The day of being able to monitor data and traffic within static and secured network segments is a thing of the past. In industries like healthcare, most of the data and workflows are sensitive in nature and must be protected during transport using encryption methods. In 2018 more than 72% of all network traffic was encrypted, up from 55% in 2017 (Madison, 2018).
This trend is good for security, but higher encryption rates also introduce challenges when inspecting and monitoring traffic to detect threats. Malicious actors use encryption to hide the presence of malicious software and to evade detection. The obvious solution is to decrypt all network traffic and inspect it. With the vast amount of data and workflows in modern era environments devices like firewalls and intrusion prevention systems (IPSs) are overwork and often meet their performance limitations.
Recent test results conducted by NSS Labs indicates that few security devices can decrypt and analyze the current amounts of encrypted data without network performance being impacted (NSS Labs, 2018). To overcome these limitations new approaches are required to gain traffic insights without the use of decryption. Methods are required that allow the inspection of traffic without decrypting it, like guessing what’s in a Christmas present without unwrapping it and opening the box. A technology that can transform raw data into critical outputs that can be used to detect malicious content is required.
There are products available, like Zeek offered by a company called Corelight, that operates as an out-of-band network security monitor (Corelight, 2019). These types of tools can create comprehensive logs, extracted files, and automated insights that can be analyzed. These tools can create dozens of logs covering more than 55 protocols, including Secure Socket Layer (SSL), Secure Shell (SSH), and Kerberos. These types of solutions can be used where resource cost and performance are limiting issues while accelerating incident response and threat hunting processes.
IoT Security and Privacy; Concerns and Challenges
Researchers and cybersecurity experts have identified a rise in attacks and breaches related to the Internet of Things. In 2018 the number of IoT breaches reported during a recent study conducted by Santa Fe Group (2019) rose by 30%, compared to 2017. It was also found that some of the breaches were due to devices running out-of-date software and firmware. An IoT device update control should be included in company security policies and procedures, alongside policies for other connected devices.
In August 2019, the National Institute of Standards and Technology (NIST) made a new guide available for manufacturers of IoT devices (NIST, 2019). The goal of the guide is to ensure proper cybersecurity controls are built into the devices that will offer protection against threats when users connect them to internetworks and the Internet (HIPAA, 2019). The guide is the second publication release in an ongoing series of guides.
The guide, Core Cybersecurity Feature Baseline for Securable IoT Devices: A Starting Point for IoT Device Manufacturers, can help developers design devices with core cybersecurity features. It recommends a core baseline of features that should be included within the design of all IoT devices, reducing the risks of IoT devices being exploited. The guide recommends a level of protection that is above the baseline necessary for most customers. At the minimum, the following features should be included by designers and developers:
- The device must have the ability to be identified or have a unique address used to connect to internetworks and the Internet.
- An administrator, once properly authenticated, should have the ability to perform software and firmware updates, using a secure method.
- The technical documentation must include a description of how the device transmits and stores data.
- The device must have the ability to segment itself from local interfaces on the network.
- There should be a feature that logs all cybersecurity events.
Users of IoT devices must ensure the devices are configured properly before deployment in a network environment. If the appropriate security controls are not incorporated by developers and activated by users, there may be vulnerabilities that can be exploited by hackers and malicious users.
The NIST is accepting comments on the guide, NISTIR 8259 (Draft) until September 2019 (Fagan, Megas, Scarfone, & Smith, 2019). The first guide in this series, Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks was released in June 2019. That guide, NISTIR 8228, does a good job of helping organizations that use IoT devices realize they already may have many devices in use that need to be addressed and checked for security vulnerabilities (Boeckl, Fagan, & Fisher, 2019). Organizations are encouraged to evaluate all IoT devices that are already in use, perform updates, and to include the devices in their inventory tracking system and security policy enforcement procedures.
Security and privacy are important subjects in the 5G-enabled IoT. Security and privacy threats are part of the IoT landscape and can be costly if not mitigated. In addition to monetary damages, information breaches can have devastating effects on the reputation of a company, or organization (VHA), and consumer and patient confidence (Wu, Huang, & Xiang, 2019). Security and privacy are not the same things.
Security is the technologies and methods that protect against unauthorized access to data.
Privacy is the act of protecting Personally Identifiable Information (PII) and other sensitive information.
Common traditional security and privacy challenges apply to IoT devices, and the 5G-IoT environment has some additional and unique security and privacy challenges. Most security threats involve the hijacking of unsecured devices. In today’s landscape manufacturers must get serious about security issues and design their products with security in mind. Users of these devices, like the healthcare industry, must be aware of the latest security standards and ensure their vendors are designing their products in accordance with the latest security standards (InterTek, 2019). Traditional vulnerability and penetration testing procedures should be used to verify the security integrity of all IoT devices used within the organizations.
There are industry recommendations for testing procedures that are currently being used for vulnerability scanning and penetration testing of IoT devices. The IoT arena and technologies are in their infancy, but there exist many opportunities to research and learn from others’ mistakes (Chothia & de Ruiter, 2017). Organizations should test IoT deployments regularly for at least the top ten known vulnerabilities.
The Information Security Institute (INFOSEC) publishes bulletins exposing the top ten IoT device vulnerabilities (Bhattacharya, 2018). The vulnerabilities range from poorly designed user interfaces to improper handling of sensitive data. The Open Web Application Security Project (OWASP) has created the OWASP Internet of Things Project to help developers, manufacturers, and end-users realize security concerns associated with IoT devices (OWASP, 2018). This project has also started publishing a list of the top ten IoT vulnerabilities and can be viewed in appendix E of this paper.
READ MORE: SECURING DATA IB TRANSIT USING A VPN
Health-related Internet of Things (H-IoT) devices must be authenticated just like a user accessing a privileged asset. As seen in figure 11 the different devices on the left need to authenticate with the local gateway to send data (Madsen, 2015). Then the gateway needs to authenticate to the Cloud endpoint to forward this data. And, then to analyze and render the data
Figure 11. Health care services gateway architecture to the Cloud.
the applications on the right must authenticate to the cloud. Passwords have drawbacks when used for Internet-scale authentication and no matter how complex they are passwords are even less practical for IoT-scale authentication. To support the IoT authentication model, tokens can be issued and used for subsequent interactions. If no tokens are issued there is no authentication and no data can flow. Two standardized frameworks for authentication and authorization that are suited for this model are OpenID Connect 1.0 and OAuth 2.0. As the 5G and IoT technologies evolve, suitable protocols like the Message Queuing Telemetry Transport (MQTT) protocol should be used in H-IoT deployments (MC Lab, 2018).
When healthcare managers and decision-makers are selecting and vetting suppliers it is necessary to ensure the IoT devices have been designed with security in mind, according to any existing laws and regulations. Currently, regulators in the United States are more concerned about insecure IoT devices finding their way into government applications by means of subcontractors than with the security risks to consumers (Montalbano, 2019). Congress is proposing new security standards for IoT devices sold to government agencies, introduced in both the House (H.R. 1668) and the Senate (S.734).
The National Institute of Standards and Technology (NIST), in accordance with proposed legislation, is currently conducting a risk assessment and have accepted the task of making recommendations concerning minimum security requirements for utilizing IoT devices by the end of March 2020. After the assessment is completed the NIST will publish policies for publishing, reporting, and receiving information about security vulnerabilities involving devices used by the federal government. The VA is already governed by regulations regarding IoT devices, but more must be done. The VA Office of Inspector General (OIG), in a report issued last month, has found security issues relating to medical devices and the transferring and integration of patient device information (Office of Inspector General, 2019).
During this time of national security concerns, the OIG has also revealed that the U.S. Department of Defense (DoD) purchased security cameras, computers, and thousands of other devices that contained known cybersecurity vulnerabilities (Ferguson, 2019). As the VA sets out to adopt new technologies to improve patient care and efficiency it must abide by laws and guidelines and manage 3rd party risks diligently.
According to Finite State (2019), the firmware of more than 500 networking products manufactured by Huawei is designed with security vulnerabilities that make them risky to use in 5G next-generation networks (Kirk, 2019). The 55-page report released by Finite State claims Huawei engineers left potential backdoors in the code and used deceptive labels in the code, citing poor design decisions. In Huawei’s defense, there has never been a major cybersecurity incident involving them, and they have said they will invest $2 billion over the next five years to bolster the security of their equipment.
The use of IoT in healthcare involves the collection, analysis, and transport of potentially sensitive data. This data is often the Personal Health Information (PHI) of patients and must always be protected. When the security of the IoT is discussed it is sometimes compared to individuals communicating using the internet and the Web. In a way that seems similar but the IoT is devices connecting to devices, and when more devices become interconnected the attack surface is expanded, offering more opportunities for attackers to find and target vulnerabilities. The IoT is a lot of internetworks within networks that are within networks.
Standards like ANSI/UL 2900 are standards referencing specific criteria used for testing connected and interconnected devices. Designing products around standards like them can prevent future breaches, liabilities. The ANSI/UL 2900 standard along with other standards and security-product certification programs like FIPS 140-2, run by the government, can help ensure IoT devices used in the healthcare field are compliant and meet security design requirements.
It is important to select device vendors that are in countries where standards and certification are mandated. Such certification programs are mandated in the US and strictly enforced in Canada. When FIPS 140-2 is mentioned in the industry often Common Criteria (CC) is mentioned in the same statement. It covers topics like software development practices and what the government requires for different types of products. Common Criteria is more of an international standard. It is recommended that vendor certification is verified before allowing them as part of a supply chain, and never use a device in an operational environment that is using the default password. IoT password management should also be part of the administration’s security policies and procedures.
Domestic and International 5G Standards
In October 2018, Us-based Verizon launched the world’s first 5G service. The service is Verizon 5G Home and was launched in four metropolitan areas including Houston, Los Angeles, Sacramento, and Indianapolis (Fujitsu, 2018). To date, Verizon has only launched the service in an additional five markets. The service offers a residential wireless home internet connection with speeds of 940 Mbps, combining existing wired networks with a wireless network operating in the millimeter-wave frequency band. This service is an indicator that 5G technologies will be widely adopted in multi-use environments.
Verizon 5G Home, as the name implies, is used to connect home devices and not for mobile devices like smartphones (Verizon✓, 2019). Any Wi-fi enabled device can connect to the super-fast Wi-fi service. The service requires a dedicated home appliance that is installed by Verizon within the residence. This technology will have a place in industrial environments, including healthcare, at least during the transition period.
Verizon 5G Home does not conform to international standards developed by the 3rd Generation Partnership Project (3GPP) and the ITU Radio communication Sector (ITU-R). The specifications used were developed at the Verizon 5G Technology Forum (V5GTF) in collaboration with 5G device vendors, including Sweden-based Ericsson. However, enterprise-wide global adoption of 5G technologies will require strict adherence to international standards. This service demonstrates that manufactures and service providers are shifting away from being the first 5G service available and are competing to create unique services.
The 5th Generation wireless technologies can be used to enhance the speed and efficiency of wireless networks offering connection speeds up to 20 times faster than 4G, and low latency of 1 millisecond or less. In 2017, a coalition led by Qualcomm committed its resources to expedite the creation of global 5G New Radio (5G NR) standards (Qualcomm technologies, 2018). The first 5G standard is complete, but there is a lot of work left to do before the full potential of the 5G evolution will be realized, offering a $12.3 trillion opportunity for the global economies.
3GPP and 5G New Radio (5G NR) standards
A system of parallel Releases provides a stable platform to assist developers while implementing current features and allowing the addition of added functionality in subsequent releases (3GPP, 2019). These ongoing releases allow industries, like healthcare providers, to plan and implement 5G technologies in a systematic and standardized process to ensure effective deployment throughout the enterprise environment.
The mechanisms for maintaining specifications are described in TR 21:900, referred to as the Technical Specification Group working methods (Specification #: 21.900, 2019). The partnership project uses stages and phases to create and analyze standards and make recommendations that are logical and allow for the effective implementation of abstract architectures and functionalities. Appendix C outlines a 3GPP standardization timeline for completion of phases and stages.
Remote Medical Examination Trial Using 5G Technologies
In Japan, two organizations, NEC and NTT DOCOMO are conducting field trials using a new system architecture utilizing 5G and IoT technologies. In April 2017 NEC provided a base station antenna system as part of an experiment that comprehensively tested the application of 5G during a remote medical examination (NEC; TSE:6701, 2018). Hosted by the Ministry of Internal Affairs and Communications, NTT DOCOMO carried out the experiment with the Wakayama Medical University in conjunction with the Wakayama Prefectural Government.
Like areas in the Veterans Administration Pacific Islands Health Care System, including Hawaii, Guam, American Samoa, and throughout the Pacific Islands, Wakayama Prefectural is a mountainous sparsely populated region in Japan. As with some of the regions of the Pacific Islands, there is little access to advanced medical institutions in that region of Japan.
The remote medical support system included in the experiment was a video conferencing capability that connected 13 medical institutions and the Wakayama Medical University using a traditional internet connection. Doctors at the remote location, Hidakagawa Kokuho Kawakami Clinic, received advice from specialists at the university.
Problems and Issues
During the experiment, the system frequently experienced problems, including transmission delays and unclear images. To address these issues NEC set up a large multi-element Active Antenna System (AAS) that supported a 28 GHz band to create a 5G wireless network (refer to figure 12). Verification tests were first conducted, and benchmarks were established using a fiber optic cable system and 5G wireless technologies to connect the Hidakagawa Kokuho Kawakami Clinic to Wakayama Medical University, which is about 30 kilometers from the clinic.
The large-capacity 5G transmission system allowed a 4K video conference system to provide high-definition echocardiographic video and MRI images in real-time. In addition, a 4K close-up camera allowed the locations to share HD images. High-definition large-screen monitors were used to view every minute detail during the patient’s procedure.
Figure 12. Conceptual image of a remote medical diagnosis field trial.
Specialists that participated in the experiment included doctors from the orthopedic surgery and cardiovascular internal medicine departments. During a trial examination, the doctors noted that due to the realistic feeling of the patient’s expressions and reactions there was a more personal sense of communication. The large-capacity 5G system fulfilled the necessary requirements.
Health-Related Internet of Things and the Internetworks of Everything
The healthcare industry has begun to see the advantages of increased connectivity associated with the Health-related Internet of Things (H-IoT). In hospitals and other healthcare facilities, the IoT takes on a critical role and requires a different infrastructure than a residential setting; the IoT is transformed into the internetworks of everything (Gaskell, 2017). An internetwork of everything can provide a holistic view of a patient’s current condition through the convergence of data generated by many devices.
H-IoT currently used to improve patient care. The Internet of Things is a simple concept. Just take all devices in a specific scenario and interconnect them and then connect them to the Internet. When a device is connected to the Internet it can send and receive information, store data, and track stats (Bernier, 2018). As 5G networks are deployed healthcare providers can take advantage of developing technologies being designed specifically for them.
The IoT has the capability of reaching out to every human being no matter where they are in the world. Some exciting advancements are happening because of the rise of the Internet of Things. IoT development is transforming the healthcare IT industry (Matthews, 2018). The benefits that can be appreciated by the industry is yet to be seen. Here are some real-world use cases that have been implemented in facilities throughout the country:
- Reduced Emergency Room Wait Times – A visit to the emergency room can sometimes take hours to complete. A hospital in New York City, Mt. Sinai Medical Center, was able to reduce wait times for more than 50% of emergency room patients who needed inpatient care. They used the IoT with a little ingenuity to accomplish that.
In partnership with GE Healthcare, they used a new IoT-driven software solution, called AutoBed (Health IT, 2013). It factors in 15 different metrics and assesses individual patients and their needs while tracking the occupancy of 1,200 hospital rooms. This effective solution displays some exciting and innovative uses of the IoT.
- Remote Health Monitoring – Sometimes known as telehealth, IoT is used for remote monitoring and in some cases, the patient does not even have to visit the hospital. Not only does it eliminate unnecessary visits, but it saves money. It also spares the patient the inconvenience of travel while improving their overall quality of life. This is especially beneficial if the patient relies on public transportation or has limited mobility, it’s a simple thing that can make a big difference.
- Ensure Availability of Critical Equipment – Hospitals are using a new IoT-driven software solution created by Phillips (ITN, 2017), called e-alert. It helps to ensure the availability of equipment by constantly monitoring it for proper operation. Applications like this are proactive solutions instead of reactive solutions.
- Track Inventory, Patients, and Staff – Many hospitals are using an IoT and real-time location (CenTrak, 2019) system to monitor day-to-day activities. It’s effective and unobtrusive.
- Enhanced Drug Management – IoT healthcare is available in pill form. A microscopic sensor (Kuzela, 2015) the size of a grain of rice inside a pill sends a signal to an external device to make sure it’s the proper dosage and used properly.
- Addressing Chronic Disease – This IoT technology uses next-gen analytics (Pal, 2016), in combination with wearable tech and connects using mobile technology. The continuous sharing of information can assist in ending recurring health problems.
The main benefits of IoT in healthcare. The Internet of Things is creating changes in the healthcare industry. Healthcare solutions are utilizing apps and devices to interact with patients creating a new integrated platform that can provide patients with a fresh look and improved healthcare (INFISIM, 2017). Healthcare facilities are using IoT in many capacities, including environmental control and the automation of other tasks, eliminating the possibility of human error. The healthcare industry has used IoT in some capacity for years and has realized some major benefits:
- Homecare – Patients are being monitored in their own homes by means of machine-to-machine communication. Data is gathered from a variety of healthcare devices and is sent to the hospital or doctor’s office where it is analyzed by a staff member, for abnormalities. In some cases, the data can be analyzed using augmented artificial intelligence and a recommendation is then sent to the healthcare professional to be used for treatment and to determine any additional analysis that may be required.
- Improved Disease Management – IoT devices allow practitioners to continuously monitor patients and relevant indicators in order to predict the spread of a serious disease.
- Patients experience a better overall experience – Enhanced treatment options and better diagnosis accuracy makes for a better experience. The availability of connected devices and services creates an environment that meets each patient’s needs.
- Decreased costs – IoT patient monitoring avoids visits to the home by the doctor and eliminate the need for some office visits. Home care facilitation also allows patients to leave the hospital early and recover in their homes while being remotely monitored in real-time.
- Reduced Errors – IoT devices collect data accurately as per instructions.
When collecting, transporting, and processing data, care must be taken to protect the confidentiality and integrity of the sensitive data. Healthcare facilities must assess current infrastructure and security policies and procedures before deploying IoT and remote applications and services. The implementation of fixed IP addresses and IPsec VPNs for remote patient monitoring should be ensured.
Ethical issues and patient considerations. Health-related internet of things (H-IoT) technology has advanced far beyond a wristband that checks your blood pressure using an app downloaded to your phone. There are several ethical problems introduced by H-IoT technologies. Internet-enabled devices have inherent risks; health-related data is sensitive in nature, and the proper delivery of healthcare information must be ensured.
All utilized devices must be scientifically reliable and technologically robust along with the protocols used to transport and share the data (Mittelstadt, 2017). It comes down to analyzing the ethics of the device design, the care of the data, and the practices used. Also, the increased availability and ease of use of H-IoT devices may dictate the procedure used and the condition being evaluated by the healthcare provider, perhaps overlooking the most important and urgent existing health condition.
Personal privacy must be guaranteed when H-IoT devices are operating in a public environment. Large amounts of data can be generated regarding a person’s health and personal behaviors so the protocols used to handle the data must ensure third party access does not result in the exposure of captured data. Many existing H-IoT applications exist that lack effective data protection controls. Healthcare-related devices and technologies must be designed following strict security policies and using effective privacy practices.
A plan must be in place to enforce these policies throughout the healthcare industry, including vendors and manufacturers. Another ethical concern when implementing H-IoT solutions is the possibility of increased social isolation. Because H-IoT devices are so capable of monitoring and sometimes correcting abnormal conditions the visits by medical personnel become necessary less often.
H-IoTs must be used in such a way as to not compromise the patient’s health, socially emotional states, or mental wellbeing. Although the potential benefits of H-IoT devices show promise the future ethical impacts must be considered, and not ignored. The ethical impacts that should be considered include the possible adverse health effects that the 5G cellular stations, that will be located everywhere, may have on the average citizen, not to mention someone surrounded by the many H-IoT devices that are available. Along with 5G networks comes an increase in connected devices.
Practitioners that use utilize the Internet of Things must not only make ethical considerations but must also be aware of the local, national, and international laws that dictate the use of the devices and the care of the data that is collected (Kemp, 2017). Data collected should be deleted as soon as it used for analysis. Manufactures must utilize the principles of privacy by design and security by default (Cisco®, 2017). As new laws are introduced the obligations that practitioners and data custodians must acknowledge will become broader and deeper in range. The United States and the European Union appear to be taking similar approaches when creating and enforcing IoT privacy laws and security recommendations and apparently intend to continue to make it a high-priority issue on their agendas.
Predictive Analytics can Save Lives
Based in Oakland California, the health care giant Kaiser Permanente operates 39 medical centers and 690 medical facilities. The organization is not as large as the VHA, but they are faced with similar challenges and are utilizing new technologies and methodologies to improve their practices and save more lives. They have also adopted a philosophical approach; healthcare isn’t just an industry, it’s a cause (Kaiser Permanente®, 2019).
The VHA must operate within the cause in a similar manner, keeping a patient con-centric approach to transforming their systems and approaches. There is no doubt that the VHA embraces the simple idea that everyone deserves a chance to live a long and healthy life. The billions of dollars being spent within the organization is not enough to improve the level of patient care. Overcoming bureaucratic discontent and ineffective policies will be a challenge but must be addressed.
Kaiser Permanente is providing high-quality care because they were founded on basic ideas and continually make patient care a priority. They provide care in a seamless manner with an emphasis on connected teams; health plans, doctors, specialists, and nurses function with a single goal in mind, providing quality care and enhancing the patient experience. The teams include 217,000 people, including more than 23,000 doctors and almost 60,000 nurses.
Predictive Analytics for Proactive Care
There are many patient cases where the hospital environment (outside of intensive care, ICU) has caused the deterioration of a patient’s health, resulting in the need to transfer the patient to an ICU (Olavsurd, 2019). According to the regional director, Hospital Operations Research, Kaiser Permanente Northern California, Dr. Gabriel Escobar; patients who are admitted directly to the ICU have better outcomes than those moved there later in the treatment process. Kaiser Permanente began looking more closely at this issue in 2006. Researchers looked at decades of medical information within its electronic health system, and that analysis revealed key weaknesses with the system.
The process led to the development of a proprietary Linux-based system that applies algorithms to evaluate patient data and generate alerts that notify caregivers when a patient is at risk of critical deterioration (death). This is a difficult topic to address but in the healthcare cause arena, it must be addressed. The developed system, the Advance Alert Monitor (AAM) system, was fully operational in 21 medical facilities as of January 2019. The system has been validated and it has been concluded that patients identified by the system were likely to die within the next twelve hours, without immediate intervention. It should be noted that these types of tools are only as effective as the processes that are intended to ensure that the information collected is used in a way that allows immediate action to be executed.
Traits of a Highly Effective Data Analytics Team
Once business priorities are clearly defined data teams can be created by ensuring the team members have cross-functional skillsets and possess diverse competencies that will permeate ongoing learning and telling experimentation (Violino, 2017). An effective data analytics team will provide insights into trends and patient characteristics that may not be otherwise possible. The healthcare cause is an intense data-driven environment. The VHA can ensure the vast amount of data that is available is used in the most beneficial manner by adding data scientists to their workforce. To prevent actions from being never-ending an emphasis must be put on predictive reporting, and not reactive reporting. This can be accomplished by creating data analytics teams composed of people with both IT and functional skills, including statisticians and machine learning experts.
Healthcare Industry Privacy Laws and Regulations
During the first half of 2018, the Veterans Administration had to send out more than 4,000 letters to veterans notifying them that their Private Health Information (PHI) might have been breached (Marks, 2018). The VA no longer consistently publishes statistics about data breaches. However, according to the 2006 Veterans Benefits, Healthcare, and Information Technology Act, authored by the 109th Congress (2006), they are required to share quarterly reports with Congress.
Health Insurance Portability and Accountability Act (HIPAA)
In 1995 the Department of Health and Human Services (DHHS) promulgated standards to help ensure the privacy and protection of personal health information (PHI). The set of standards, rules, and regulations is called the Health Insurance Portability and Accountability Act (HIPAA), Public Law 104-191 (Office for Civil Rights, 2015). Congress realized that with advanced electronic technology being widely utilized the privacy of health information could be compromised.
There are two main documents that were published by the DHSS; the HIPAA Security Rule, and the HIPAA Privacy Rule. The HIPAA Security Rule is found in the Code of Federal Regulations (CFR) 45, Part 164, Subpart C (LLI, n.d.). The section that lists standards for wireless networks and devices concerning access control, audit controls, authentication, integrity, and transmission security is included in section 164.312. The deployment of H-IoT devices adds to the complexity of the section, presenting additional regulatory challenges for the VHA and other healthcare providers (Laird Technologies, 2016). The HIPAA rules must be reviewed regularly during the planning and deployment of 5G services and H-IoT devices to ensure compliance.
International healthcare data protection. There are international directives that are in place to protect the healthcare data of patients in other countries like Europe and Canada. For instance, the European Union has the European General Data Protection Regulation (GDPR) and Canada has the Personal Information Protection and Electronic Documents Act (PIPEDA). International healthcare organizations must be aware of all global directives and regulations when offering services internationally (Roy, 2017). It is essential that healthcare providers like the VHA are diligent and address patient privacy during the entire lifecycle of new projects like 5G and H-IoT deployments. Like HIPAA regulations in the United States, international directives also require compliance. No provider is always going to be a hundred percent secure and compliant, but blatant disregard of applicable directives and regulations can result in large fines, and in some cases criminal charges.
Compliance and regulatory frameworks. To improve processes, enhance security, and meet regulatory requirements there are a variety of frameworks that can be used by organizations like the VHA to evaluate the effectiveness of controls that are in place within the organization and evaluate risks that may be introduced to the environment by business partners and other third-party entities. As part of a holistic process, there exists a need for a regularly executed security awareness training program (Rapid7, n.d.). All members of an organization represent an attack vector that can be exploited, and at times may be the easiest point of entry for an attacker. The topic of security awareness training will be discussed in a later section of this paper.
Operational environments are constantly changing and achieving and maintaining compliance is an ongoing task. Most large organizations, like the VHA, must meet many regulatory requirements. Following is a list of some the regulatory frameworks that may be applicable, and useful when verifying compliance:
- Sarbanes-Oxley (SOX) – Enacted in 2002, SOX was created to counteract fraud, and has mandatory requirements and controls for most public companies.
- The Payment Card Industry Data Security Standard (PCI DSS) – The purpose is to protect the information of customers and patients who use electronic payment processes. Compliance may require quarterly network scans and independent audits.
- The National Institute of Standards and Technology (NIST) – offers a set of controls that can be used to manage critical infrastructures and evaluate cybersecurity risks. The NIST offers many publications that are available to assist organizations. For example, NIST 800-53 includes a list of best practices for vulnerability scans and the recommended frequency of scans. It also outlines how to evaluate results and recommends appropriate actions.
- Federal Risk and Authorization Management Program (FEDRAMP) – Intended to promote processes that can ensure a secure environment in the Cloud. Can assist in the integration of Cloud services within the Federal Government using an approach that standardizes security methodologies and risk assessment.
Additional frameworks are available to both private and government organizations like the International Organization for Standardization (ISO) and the Privacy Shield. Both frameworks can assist in implementing security and privacy controls to ensure compliance in the global business environment.
Common IT Modernization Mistakes
As the healthcare industry is embracing the evolution of new technologies it is realizing that modernizing information technologies is more than just replacing old technologies with newer models. The new technical capabilities must be implemented using a strategy that takes into consideration overall objectives and business needs (Pratt, 2019).
Large organizations like the VHA have decades’ worth of legacy systems that must undergo a transition, redesigning architectures and shifting to the cloud. Solutions must be centered around the care of the patients while addressing organizational needs. As modernization is in the planning stage it is important to acknowledge the risks and challenges that will be encountered. Learning from consultants and researchers, along with industry leaders, missteps can be avoided or overcome.
The shift to the Cloud and utilizing the IoT and 5G technologies is more difficult than traditional changes of past decades. To realize the benefits of current trends in the healthcare industry large-scale efforts are necessary. According to a recent survey, the Mckinsey Global Survey on digital transformation (Unlocking success in digital transformations, 2018), eight in ten respondents surveyed said their companies have begun the process of digital transformation.
The survey has found that less than 30% of these efforts have been successful. Successful digital transformation in the healthcare industry can be defined as an increase in overall operational performance and improved patient care. When the challenges are known before implementing a transformation plan business risks can be mitigated, or at least minimized. Digital transformations are wide in scope, especially in the healthcare industry. By learning from case studies involving similar circumstances companies can reduce the issues that result in failures.
Learning from the Mistakes of Others
By looking at the efforts of companies that are deep into the digital transformation process, like the 125-year-old Sentara Healthcare, insights can be gained as to what can be expected (Sentara Healthcare, 2019). According to transformational leaders and experts, there are several common IT modernization mistakes that lead to failure:
Modernization is an ongoing project and is a journey without an endpoint. It’s not a typical project and should not be executed as one. Digital transformation projects tend to be wide in scope and associated goals. For that reason, a broader suite of technologies is used and could result in transformation initiatives that are more complex in nature. Neural machine-learning techniques, artificial intelligence, and IoT technologies will become the norm. Using the right tools and technologies will have a direct effect on the success of digital transformation projects, as shown in appendix H (Digital technologies, tools and methods used by organizations).
Secrets for a Successful Digital Transformation
As previously discussed, digital transformation must be done while improving a client’s (or patients) experience. Once again, it should not be treated as a technology-first approach. Following is an example of traits that can make a digital transformation successful and allow an organization to focus on what digital transformation really is (Shein, 2017):
The Importance of Security Awareness Training
The number of corporate data breaches increased by 45% from 2016 to 2017, and the trend continued into 2018, with more than 600 data breaches just halfway through the year (Patterson, 2019). In March 2018, the Under Armour (Aiello, 2018) data breach affected more than 150 million people. After the company notified users of the data breach the company’s stock fell by over 4%.
There were several large data breaches in 2018 that were like the Under Armour attack. The large data breaches of 2018 all had a common element involved. It was determined that the common element was human error. The affected companies were not practicing security-first culture. Companies must ensure employees have access to security awareness educational resources and deploy a security awareness training program.
Employees must have the knowledge to protect themselves and their organizations from constant and increasing threats. Security awareness programs must be a part of a quarterly training agenda. Providing employees with an annual training program is not enough to effectively train personnel and maintain their attitude about defending against social engineering attacks (Francis, 2017).
There are situations where an organization should consider using a third-party resource to conduct security awareness evaluations and training programs. A breakdown of industry leaders in the field can be found in appendix F of this paper.
With the increase in the use of IoT devices within an organization, there is more justification to implement a security awareness program and verify its effectiveness. A specialized training program should be put in place that has a concentration on IoT devices and the vulnerabilities they introduce, especially in critical industries like healthcare. Bring Your Own Devices (BYODs) should be incorporated into multi-factor authentication schemes.
READ MORE: Multi-Factor Authentication
These types of training programs can be very effective and are offered by several reputable companies (Tonex, Inc., 2019). With specialized security awareness training, a company can send a representative(s) to the in-depth training seminars and develop a specialized training program to incorporate enterprise-wide based on the education and skillsets now held by the company representatives. The healthcare industry must seek out new and trending security solutions just like they stay abreast of new medical treatments.
In August 2019, healthcare organizations became aware of the recently verified cure for Ebola and how the new treatments work to cure the affected patients, and not just preventing the spread (Molteni, 2019). Often. the very same organizations are not aware of the new methods and trends that can be used to stop data breaches and the spread of computer virus infections.
Future Trends and Challenges
In the healthcare industry, the diagnosis, treatment, and delivery of healthcare will change dramatically because of new and evolving technologies. As machines and software begin to function more like the human mind using Artificial Intelligence (AI) healthcare practitioners will be assisted in using medical knowledge (Das, 2016).
New systems will thoroughly analyze data in real-time using stored medical knowledge. By 2025, 90% of the U.S hospitals and insurance companies are expected to implement AI systems to provide better and cheaper care to 70% of patients. Technologies like 3D printing have enormous potential for organ and tissue repair.
3D printing in healthcare is expected to become a $6 billion business by 2025. Robotics, Augmented Reality (AR), and AI will provide solutions using evidence-based approaches. New and evolving technologies will be used for early detection and improve treatment. Patience will stay more fit and active as a result of AI monitoring their overall fitness level and providing recommendations for daily routines.
The University of Michigan recently conducted a study showing that the cost of outpatient care is reduced by 3% by using electronic health records instead of paper records (OSP Labs, 2018). Electronic records must be of a secure and available nature and this presents one of the biggest challenges in healthcare and associated information technology systems. There will be a new model for health information exchanges (HIE) that will make electronic medical records more accurate and secure by using blockchain technologies.
It is predicted that by 2025 more than 55% percent of healthcare applications will be commercially deployed through the adoption of blockchain technologies. However, blockchains are immutable, so personal health information can’t be deleted without compromising the integrity of the chain. This presents compliance and privacy concerns so the blockchain architecture used must be designed using established privacy principles.
As new technologies lead to an increase in innovative projects in the industry a shortage of competent professionals may exist due to the rate of change with these new technologies. It’s a challenge because applying some of these innovations will become more of an art than a science (Panetta, 2018). In the case of the VHA, it must be realized that new opportunities exist surrounding 5G and IoT technologies.
It is important for the VHA to focus on developing virtualized networks and embrace technologies that take advantage of mobile capabilities as a primary and reliable data source for organizations. Vendors like Cisco® can be of assistance in guiding organizations in the direction of developing capabilities brought about by new technologies (Kapko, 2019). Cisco® has committed $5 billion in 5G technologies during the next three years.
The VHA will need to acknowledge the changing environment and focus on Its workforce. The professional technical talent within the VHA will require new skills and capabilities to take advantage of evolving technologies. It is necessary to realize the skills and roles that will be important in the future and begin preparing their workforce to take advantage of the opportunities the future will hold.
Virtual care environments are improving patient care by making care more convenient and more cost-effective. These virtual care models will be widely implemented in a world short of clinicians, and a world that focuses more on outcomes. As the future of healthcare is defined it must be acknowledged that it’s not just how innovations are created; it’s just as important how society anticipates and responds to the consequences and challenges that will be revealed (Bourla, 2018).
New therapies like gene therapy and immune-oncology (cancer research) will present the industry with new questions that must be addressed. A recent report published by PriceWaterHouseCoopers (PWC, 2018) indicates that by using a genetic test can reduce the amount of chemotherapy used on breast cancer patients by 34%, so overcoming the challenges and questions in a prompt manner will help to expand the access to more patients that can benefit from the advantages.
Internet of Medical Things – Forecast to 2020 and Beyond
The Internet of Medical Things (IoMT), also known as Health-related Internet of Things (H-IoT) is a technological advancement but it also is also disrupting many industries, including healthcare. In 2018, almost 60% of healthcare organizations were already realizing improved patient experience, visibility, and profitability by using technologies in an IoMT space (Frost & Sullivan, 2018). It’s estimated that IoMT devices account for more than 30% of all IoT devices globally. The number of IoMT devices is expected to grow to more than 25 billion by 2020, up from 4.5 billion in 2016.
To survive the fierce competition healthcare stakeholders will need to utilize relevant business models using the right applications for the right customers. Within the VHA organization it is not so much competition that drives the use of new technologies, but the opportunity to reduce costs and provide better care for veterans around the world. In an in-home environment, IoMT devices enable remote monitoring and diagnosis. The VA hospitals can benefit from the IoMT by real-time location services, inventory management, resource utilization, and smart connected medical equipment.
5G Technologies, a Catalyst for Connected Care
Challenges like security, availability, and reliability are receiving the forefront of concern in the healthcare environment. 5G technologies not only offer the opportunity to overcome healthcare communication and data collection challenges but they are a catalyst in improving patient treatment and creating a more efficient care model. Within the industry, 5G technologies can enable IoMT applications, enhance logistics and transportation, and assist in optimizing resources (Ericsson AB, 2018).
5G enables remote healthcare and lessens the workload within hospitals and clinics. Healthcare environments are critical in nature and 5G technologies must remain case driven, providing the level of security, availability, and reliability required in such environments. Eventually, a well-planned and implemented infrastructure will offer opportunities for advancement in technologies like remote surgery and advanced techniques will be widely deployed.
As infrastructures are defined and improved to accommodate new and evolving technologies there will be seven main digital trends that will shape the healthcare industry. Organizations must keep key considerations in mind (AT&T Editorial Team, 2019). Here are the biggest trends:
- IoMT devices and applications – Includes virtual assistants, automated kiosks, patient wearables, and more. The VHA needs to address patient needs and decide what combination of IoMT devices and applications will have the largest impact, and which technology partners are best suited to address the needs of the patients.
- Quality of data – There is a desire to utilize data more effectively, but it is only beginning to be realized what collecting data really looks like. Big Data is getting bigger. The biggest challenge in collecting and using data is maintaining the quality of the data. Another challenge will be data entry and a lack of privacy systems for the collected data.
- Artificial intelligence – according to Stanford Medicine (2018) the artificial intelligence health market will reach $6.6 billion by 2021. Within the healthcare industry, it must be acknowledged that in terms of automation potential it is the fourth-lowest within all other industries. Healthcare tasks that are human-centered are not at risk because patients always require, and desire, human-to-human interaction. The biggest benefit of AI will be the ability to analyze mass amounts of data efficiently.
- Telemedicine – In the current era, Millennials outnumber Baby Boomers by 7.7 million (Vogenberg & Santilli, 2018). Younger patients are typically more accepting of digitally savvy healthcare methods and procedures. Telemedicine is being innovated and adopted because of demand for tech-facilitated options, decreased costs, personalization, and convenience.
- Augmented reality and virtual reality (AV/VR) – With the combination of emerging technologies discussed earlier in this paper augmented reality will have a role in the healthcare industry. According to IndustryARC (2018), it could take 4 years or so before the healthcare industry widely embraces augmented and virtual reality. Real-world applications include training medical students and mentally transporting a distressed patient to a sunny and peaceful beach.
- Cybersecurity – Before the year ended in 2018 there were 369 disclosed data breaches that affected over 8.5 million records belonging to patients (Protenus, Inc., 2018). There were 117 disclosed health data breaches in the third quarter alone. This trend is continually exposing itself. The VHA must continually conduct risk assessments while deploying new technologies. Healthcare breach costs are amongst the highest of all industries. New Cloud architectures and virtual environments dictate careful consideration when choosing a managed security solution provider (MSSP).
- The power of 5G – This trend is what will enable the effective deployment of technologies like the IoMT, AR/VR, AI, remote healthcare and surgery. For integrated healthcare networks like the VHA, 5G can improve hospital operations, and improve patient and staff experiences. Implementing these new technologies on a large-scale introduces a unique set of challenges. As the VHA incorporates them it is essential that both technology experts and medical experts are involved in the process; to ensure that the patient experience takes the front stage.
As future trends and challenges are addressed it is important to consult industry experts and conduct a review of publicly available information and analysis from a variety of media and academic sources. Although evolving trends present challenges they have the potential to assist in the distribution of sophisticated medical knowledge globally, and not just within local clinical environments. The future trends can provide a long-term solution for patients and physicians if due diligence is applied through honest effort and practical consideration. The deployment of industrial IoT technologies will take longer than the consumer equivalent. Because of a lack of standards and a high demand for security and reliability the integration of the new technologies will be a challenge.
As the healthcare industry adopts new technologies like 5G and the Health-related Internet of Things (H-IoT) it is being realized that the secure implementation of the technologies will be a challenge. The new technologies have the potential for improved patient care and increased efficiency of day-to-day business operations.
The Veterans Health Administration (VHA) must follow suit with the rest of the industry while addressing current inefficiencies and adopt new technologies to improve healthcare and reduce costs. By incorporating 5G and other evolving technologies the VHA can provide patients with better care using virtual diagnostics and remote treatment procedures. There is an opportunity to improve veterans’ lives by providing better, less expensive, and more convenient healthcare.
As new technologies evolve in this era of intelligent hyper-connectivity the way services like healthcare are provided will change drastically. The increased communication between interconnected devices and services will present security and privacy challenges for the healthcare industry. Evolving technologies can benefit mankind greatly, but the implementation must be methodical and based on tried and proven techniques.
5G and IoT technologies have been tested in many industries with positive results. The use of these technologies requires unique processes and infrastructure. Globally, the use of 5G technologies will increase by 10% each year for the next ten years (Granryd, 2019). The 5G technologies will be implemented by 16 major markets worldwide this year.
New network architecture and infrastructure design must focus on programmable and scalable networks and evolve from overly complex solutions to simpler and more easily managed solutions. The VHA will have to focus on Software Defined Networks (SDNs) and Network Function Virtualization (NFV) while deploying hybrid Cloud architectures.
The technical personnel will have to be trained in these new technologies and methods. Upper management will need to consult industry experts to successfully deploy 5G, IoT, Artificial Intelligence (AI), and Augmented Reality/Virtual Reality (AR/VR) technologies. As standards are defined the VHA can plan accordingly to benefit from the evolution of these evolving technologies.
The VHA must realize that the fastest possible implementation of advanced services made possible by these new technologies is not the goal. The goal is to implement new services and procedures using methodical, secure, and reliable methods. There will be new government regulations that will apply and will have to be complied with. The new technologies can be implemented using a staged approach. Utilizing the proper approach will allow for continuous compatibility between old and new technologies.
Designing and implementing hybrid Cloud infrastructures that can incorporate edge-computing techniques is the first stage. As the core infrastructure is tested it can be used to connect existing systems and networks together using new methods and technologies. The connection of the vast and varied collection of internetworks of everything can be completed as new local and remote systems are put in place. The transformation to the new era of intelligent connectivity will take a matter of years, not months.
Incorporating new technologies and services effectively and securely will require the proactive protection of privacy, ensuring appropriate security controls are in place and the use of a layered security approach. The vast amount of data that will need to be analyzed will require the use of artificial intelligence for analysis and will require new data storage, transport, and deletion policies and practices. All H-IoT devices must be vetted for compliance with security policies and applicable regulations and must be secured with end-to-end protection solutions, in real-time.
Published guides like the NISTIR 8259 should be followed to ensure the secure deployment of all IoT devices. Security and privacy are not the same things, but each must be addressed. Security is a technology that protects against unauthorized access to data. Privacy is the act of protecting Personally Identifiable Information (PII). Existing vulnerability and penetration testing techniques can be used to scan for security issues in internetworks of everything, like traditional networks and devices.
Although the new 5G and IoT technologies are in limited use in the healthcare industry they are already proving to be beneficial in many ways, including the delivery of better and more convenient patient care. The industry is just beginning to see the benefits, and the future will hold many beneficial applications not yet realized. Many believe the industry has overreached and overpromised on the capabilities of these new and evolving technologies.
It is a major undertaking to deploy new network technologies, and it must be done methodically and logically. 5G and the IoT are not going away, it may just take longer than anticipated to realize the benefits and experience the rewards. Changes in healthcare happen overtime and evolving technologies can’t be expected to change it all at one time.
If you think that the internet has changed your life, think again.
The Internet of Things is about to change it all over again!Chief Architect & Co-founder of Aria Systems,
Mr. Brendan O’Brien
Read more: How to Keep Our Children Safe While Online
109th Congress. (2006). PUBLIC LAW 109–461—DEC. 22, 2006. Retrieved from Government Publishing Office: https://www.govinfo.gov/content/pkg/PLAW-109publ461/pdf/PLAW-109publ461.pdf#page=55
3GPP. (2019). About 3GPP Home. Retrieved from 3GPP.org: https://www.3gpp.org/about-3gpp/about-3gpp
3GPP. (2019). Specification #: 21.900. Retrieved from 3GPP Portal: https://www.3gpp.org/specifications/releases
3GPP. (2019). The Mobile Broadband Standard. Retrieved from 3GPP – A Global Initiative: https://www.3gpp.org/specifications/releases
Aiello, C. (2018). Under Armour says data breach affected about 150 million MyFitnessPal accounts. Retrieved from CNBC Markets: https://www.cnbc.com/2018/03/29/under-armour-stock-falls-after-company-admits-data-breach.html
Allen, A. (2018). We took a broken system and just broke it completely. Retrieved from Politico: https://www.politico.com/story/2018/03/08/veterans-military-health-system-trump-386232
Al-Namari, M. A., Mansoor, A. M., & Idna Idris, M. Y. (2017). A Brief Survey on 5G Wireless Mobile Network. (IJACSA) International Journal of Advanced Computer Science and Applications, 8(11), 52-59. Retrieved from https://thesai.org/Downloads/Volume8No11/Paper_7-A_Brief_Survey_on_5G_Wireless_Mobile_Network.pdf
Anritsu Ltd. (n.d.). Ten 5G Challenges for Engineers to Overcome. Retrieved from Anritsu — Envision : Ensure: https://pages.anritsu-emearesponse.com/rs/937-UWP-683/images/10-5G-challenges.pdf
AT&T Editorial Team. (2019). The top 7 digital healthcare trends in 2019. Retrieved from AT&T Business: https://www.business.att.com/learn/research-reports/the-top-7-digital-healthcare-trends-in-2019.html
Atkinson, D. (2018). How IoT Affects Network Management and Monitoring. Retrieved from Solutions Review – Network Monitoring: https://solutionsreview.com/network-monitoring/iot-network-management-monitoring/
Bernier, P. (2018). How 5G Could Help Transform Health Care. Retrieved from IoT Evolution Health+: https://www.iotevolutionhealth.com/topics/iotevolutionhealth/articles/436795-how-5g-could-help-transform-health-care.htm
Bhattacharya, S. (2018). The Top Ten IoT Vulnerabilities. Retrieved from INFOSEC Resources: https://resources.infosecinstitute.com/the-top-ten-iot-vulnerabilities/
Boeckl, K., Fagan, M., & Fisher, W. (2019). Considerations for Managing the Internet of Things (IoT) Cybersecurity and Privacy Risks. Retrieved from The Computer Security Resource Center: https://csrc.nist.gov/publications/detail/nistir/8228/final#pubs-abstract-header
Bourla, A. (2018). 5 key trends for the future of healthcare. Retrieved from World Economic Forum: https://www.weforum.org/agenda/2018/01/this-is-what-the-future-of-healthcare-looks-like/
Byers, C. (2018). Challenges in real-world edge computing architecture. Retrieved from Cisco – Solutions – IoT: https://www.cisco.com/c/en/us/solutions/internet-of-things/iot-edge-computing-architecture.html
Carroll, K., & Chandramouli, M. (2019). Scaling IoT to meet enterprise needs. Retrieved from Deloitte Insights: https://www2.deloitte.com/insights/us/en/focus/internet-of-things/enterprise-iot-solutions-edge-computing-cloud.html?id=us:2pm:3em:di5104:eng:di:062719:ad2
CenTrak. (2019). Real-Time Location Services – Real-Time Location System for Hospitals. Retrieved from CenTrak: https://www.centrak.com/products/real-time-location-services/
Chothia, T., & de Ruiter, J. (2017). Learning From Others’ Mistakes: Penetration Testing IoT Devices in the. Retrieved from USENIX Security: https://www.usenix.org/system/files/conference/ase16/ase16-paper-chothia.pdf
Cisco®. (2017). How cloud security keeps patient and employee data safe. Retrieved from https://creatives.techrepublic.com/whitepapers/memorial-hermann-health-system-customer-story.pdf
Cisco®. (2019). 5 Things to Know About. Retrieved from Cisco – Enterprise Networks: https://www.cisco.com/c/m/en_us/solutions/enterprise-networks/802-11ax-solution/nb-06-5-things-WiFi6-5G-infograph-cte-en.html
Corelight. (2019). Shake the Box: How to Get Encrypted Traffic Insights Without Decryption. Retrieved from Corelight: https://www3.corelight.com/e/420832/on-insights-without-decryption/hwf2p8/704822012
Das, R. (2016). Five Technologies That Will Disrupt Healthcare By 2020. Retrieved from Forbes: https://www.forbes.com/sites/reenitadas/2016/03/30/top-5-technologies-disrupting-healthcare-by-2020/#71bd016e6826
Dell EMC. (2019). What Are the Top 5G Security Challenges? Retrieved from SDX Central: https://www.sdxcentral.com/5g/definitions/top-5g-security-challenges/
DeMartino, C. (2017). Millimeter-Wave Technology for 5G and Beyond. Retrieved from Microwaves & RF: https://www.mwrf.com/systems/millimeter-wave-technology-5g-and-beyond
Doyle, L. (2019). When private 4G LTE is better than Wi-Fi. Retrieved from Network World from IDG: https://www.networkworld.com/article/3432938/when-private-lte-is-better-than-wi-fi.html?utm_source=Adestra&utm_medium=email&utm_content=Title%3A%20When%20private%204G%20LTE%20is%20better%20than%20Wi-Fi&utm_campaign=IDG%20Insider&utm_term=Editorial%20-%20I
English, J. (2019). Infographic: Compare the leading SD-WAN Vendors Before You Buy. Retrieved from Tech Target – Search Networking: https://techtarget.qualtrics.com/jfe/form/SV_8xdBJPdzjMykk9T?
Ericsson. (2019). This is 5G. Retrieved from Ericsson: https://www.ericsson.com/assets/local/newsroom/media-kits/5g/doc/ericsson_this-is-5g_pdf_2019.pdf
Ericsson AB. (2018). 5G Connected Care Stockholm Conference 2018. In T. C. Care (Ed.). Stockholm: Ericsson. Retrieved from https://se.ramboll.com/-/media/files/rse/sverige/presentationer/sjukhuskonferensen-2018/per-ljungberg-ericsson.pdf
eVisit® Telemedicine Solution. (2018). The Ultimate Telemedicine Guide | What Is Telemedicine? Retrieved from eVisit: https://evisit.com/resources/what-is-telemedicine/
Fagan, M., Megas, K., Scarfone, K., & Smith, M. (2019). NISTIR 8259 (DRAFT). Retrieved from Computer Security Resouce Center: https://csrc.nist.gov/publications/detail/nistir/8259/draft
Ferguson, S. (2019). Pentagon Buys Equipment With Known Vulnerabilities: Audit. Retrieved from Ismg nETWORK: https://www.govinfosecurity.com/pentagon-buys-equipment-known-vulnerabilities-audit-a-12866
Finite State. (2019). The IoT Era Secured. Retrieved from Finite State: https://finitestate.io/
Fortane, S. (2018). Intelligent Connectivity: How 5G is Boosting AI, IoT, and Self-driving Cars. Retrieved from Interesting Engineering: https://interestingengineering.com/intelligent-connectivity-how-5g-is-boosting-ai-iot-and-self-driving-cars
Francis, R. (2017). 7 tips for better security awareness training sessions. Retrieved from CSO – IDG Communications: https://www.csoonline.com/article/3154760/7-tips-for-better-security-awareness-training-sessions.html
Frost & Sullivan. (2018). Internet of Medical Things – Forecast to 2021. Retrieved from Research and Markets: https://www.researchandmarkets.com/research/j9nm37/internet_of
Fujitsu. (2018). What Is 5G, the Next Generation Wireless System?5G Launch Eve: Rapid Preparations from Use Case Verification to Network Construction. Retrieved from Fujitsu Journal: https://journal.jp.fujitsu.com/en/2019/01/21/01/
Gartner. (2019). A Leader in Security Awareness Computer-Based Training. Retrieved from InfoSec Institute: https://www2.infosecinstitute.com/l/12882/2019-07-23/f78wxg
Gaskell, A. (2017). The Ethics Of IoT Usage In Healthcare. Retrieved from HuffPost News: https://www.huffpost.com/entry/the-ethics-of-iot-usage-in-healthcare_b_58da21c1e4b0e6062d9230b6
Granryd, M. (2019). Intelligent Connectivity. GSMA. Retrieved from https://www.gsma.com/IC/wp-content/uploads/2018/09/21494-MWC-Americas-report.pdf
GSMA. (2019). 5G Implementation Guidelines. Retrieved from Global Systems Mobile Association: https://www.gsma.com/futurenetworks/wp-content/uploads/2019/03/5G-Implementation-Guidelines_v1_nonconfidential-R2.pdf
Health IT. (2013). How Bed-Tracking Technology Allowed Mt. Sinai Medical Center to Reduce Admission Wait Times. Retrieved from Beckers Hospital Review: https://www.beckershospitalreview.com/healthcare-information-technology/how-bed-tracking-technology-allowed-mt-sinai-medical-center-to-reduce-admission-wait-times.html
HIPAA. (2019). NIST Releases New Guidance on Securing IoT Devices. Retrieved from HIPAA Journal: https://www.hipaajournal.com/nist-releases-new-guidance-for-securing-iot-devices/
Hoff, T. (2012). How Big Is A Petabyte, Exabyte, Zettabyte, Or A Yottabyte? Retrieved from High Scalability: http://highscalability.com/blog/2012/9/11/how-big-is-a-petabyte-exabyte-zettabyte-or-a-yottabyte.html
IDG Communications. (2015). The IoT, Cloud, and Security. Retrieved from CIO from IDG: https://www.cio.com/article/2933046/the-iot-cloud-and-security.html
IndustryARC. (2018). Augmented Reality & Virtual Reality in Healthcare Market – Forecast(2019 – 2024). Madhapur, Hyderabad, Telangana: Furion analytics Research & Consulting LLP. Retrieved from https://www.industryarc.com/Report/78/augmented-reality-and-virtual-reality.html
INFISIM. (2017). What are the main benefits of IoT in healthcare? Retrieved from InfiSIM: https://www.infisim.com/main-benefits-iot-healthcare/
Innovation®. (2019). The impact of 5G and IoT on blockchain technology. Retrieved from Innovation Enterprise – Channels: https://channels.theinnovationenterprise.com/articles/impact-of-5g-iot-on-blockchain-technology
InterDigital. Inc. (2018). 5G 3GPP Standardization Timeline. Retrieved from IEEE – Sites: http://sites.ieee.org/alabama/files/2018/08/5G_Alabama_Birmingham_2018_v4.pdf
InterTek. (2019). Cybersecurity Considerations for IoT Product Design. Retrieved from IoT for All: https://www.iotforall.com/cybersecurity-considerations-iot-product-design/
IPv6 Council. (2016). IPv6 in 4G, 5G, and IoT. Retrieved from IPv6 Council – Nokia: https://www.ipv6council.be/IMG/pdf/08_160503_role_of_IPv6_in_4G_5G_and_IoT.pdf
ITN. (2017). Philips e-Alert for MRI Systems Receives Most Innovative IoT Solution Award. Retrieved from Imaging Technology News: Philips e-Alert for MRI Systems Receives Most Innovative IoT Solution Award
Kaiser Permanente®. (2019). Why choose Kaiser Permanente? Retrieved from KP – Why: https://healthy.kaiserpermanente.org/why-kp
Kapko, M. (2019). Cisco Recommits $5B to 5G Amid Rapid Workforce Changes. Retrieved from Sdx Central: https://www.sdxcentral.com/articles/news/cisco-recommits-5b-to-5g-amid-rapid-workforce-changes/2019/08/?utm_source=SDxCentral.com+Mailing+List&utm_campaign=94792a5148-WEEKEND_EMAIL_CAMPAIGN_2019_08_17&utm_medium=email&utm_term=0_c2b6e504a2-94792a5148-8224
Kavanagh, S. (2018). What is Network Slicing? Retrieved from 5G Guides: https://5g.co.uk/guides/what-is-network-slicing/
Kemp, R. (2017). Legal Aspects of the Internet of Things. Retrieved from Kemp IT Law: http://www.kempitlaw.com/wp-content/uploads/2017/06/Legal-Aspects-of-the-Internet-of-Things-KITL-20170610.pdf
Kirk, J. (2019). Report: Huawei’s Firmware Riddled With Problems. Retrieved from ISMG – Gov Info Security: https://www.govinfosecurity.com/report-huaweis-firmware-riddled-problems-a-12703?rf=2019-07-01_ENEWS_SUB_GIS__Slot1_ART12703
Kuzela, C. (2015). Smart drugs: Where IoT meets healthcare, a market snapshot. Retrieved from Silicon Angle: https://siliconangle.com/2015/06/30/smart-drugs-where-iot-meets-healthcare-a-market-snapshot/
Laird Technologies. (2016). Wi-Fi Security and HIPAA. Retrieved from ECN Mag: https://www.ecnmag.com/blog/2012/06/wi-fi-security-and-hipaa
Larson, E., & Larson, R. (2017). 10 Steps To Creating A Project Plan. Retrieved from Project Management Times: https://www.projecttimes.com/articles/10-steps-to-creating-a-project-plan.html
Linthicum, D. (2014). The cloud is the secret weapon in the Internet of things. Retrieved from InfoWorld from IDG: https://www.infoworld.com/article/2608029/the-cloud-is-the-secret-weapon-in-the-internet-of-things.html?nsdr=true
LLI. (n.d.). 45 CFR Subpart C – Security Standards for the Protection of Electronic Protected Health Information. Retrieved from Cornell Law School: https://www.law.cornell.edu/cfr/text/45/part-164/subpart-C
LoRA Alliance®. (2019). LoRaWAN. Retrieved from Lora Alliance: https://lora-alliance.org/about-lorawan
Lueth, K. L. (2018). State of the IoT 2018: Number of IoT devices now at 7B – Market accelerating. Retrieved from IoT-Analytics: https://iot-analytics.com/state-of-the-iot-update-q1-q2-2018-number-of-iot-devices-now-7b/
Madison, J. (2018). Encrypted Traffic Reaches A New Threshold. Retrieved from Network Computing – Network Security: https://www.networkcomputing.com/network-security/encrypted-traffic-reaches-new-threshold
Madsen, P. (2015). Authentication in the IoT – challenges, and opportunities. Retrieved from Secure ID News: https://www.secureidnews.com/news-item/authentication-in-the-iot-challenges-and-opportunities/
Markakis, E., Mastorakis, G., Mavromoustakis, C. X., & Pallis, E. (2017). Cloud and Fog Computing in 5G Mobile Networks. London: The Institution of Engineering and Technology.
MarketsandMarkets™. (2017). Wi-Fi Market worth 15.60 Billion USD by 2022. Retrieved from MarketsandMarkets: https://www.marketsandmarkets.com/PressReleases/global-wi-fi.asp
Marks, J. (2018). VA Stopped Publishing Breach Reports About Vets’ Data for Nine Months. Retrieved from Next Gov: https://www.nextgov.com/cybersecurity/2018/08/va-stopped-publishing-breach-reports-about-vets-data-nine-months/150809/
Matthews, K. (2018). 6 Exciting IoT Use Cases in Healthcare. Retrieved from IoT for All: https://www.iotforall.com/exciting-iot-use-cases-in-healthcare/
Mayer, C. (2016). New M2M portable project arrives at Eclipse – welcome Mihini. Retrieved from JAX: https://jaxenter.com/new-m2m-portable-project-arrives-at-eclipse-welcome-mihini-104770.html
MC Lab. (2018). Introduction to MQTT protocol for IoT. Retrieved from Microcontrollers Lab: https://microcontrollerslab.com/introduction-to-mqtt-protocol-for-iot/
McKinsey & Company. (2018). Unlocking success in digital transformations. Retrieved from Mckinsey Organization: https://www.mckinsey.com/business-functions/organization/our-insights/unlocking-success-in-digital-transformations
MediaTek. (2018). 5G: What is Standalone (SA) vs Non-Standalone (NSA) Networks? Retrieved from MediaTek – Technology: https://www.mediatek.com/blog/5g-what-is-standalone-sa-vs-non-standalone-nsa
Mehta, S. S. (2019). State of Cybersecurity Report 2018. Retrieved from Wipro: https://www.wipro.com/content/dam/nexus/en/service-lines/applications/latest-thinking/state-of-cybersecurity-report-2018.pdf
Mittelstadt, B. (2017). Ethics of the Health-related Internet of Things: A narrative review. Ethics and Information Technology. doi:10.2139/ssrn.2932221
Molteni, M. (2019). Ebola is Now Curable – Here’s How the New Treatments Work. Retrieved from Wired: https://www.wired.com/story/ebola-is-now-curable-heres-how-the-new-treatments-work/
Montalbano, E. (2019). Cyber Security News, Analysis and Opinion for The Internet Of Things. Retrieved from The Security Ledger: https://securityledger.com/2019/05/new-iot-security-regulations-on-tap-in-u-s-u-k/
Movandi Corporation. (2019). Revolutionizing 5G Everywhere. Retrieved from Movandi: https://movandi.com/
Mullaley, K. (2018). 5G networks’ impact on fiber-optic cabling requirements. Retrieved from Cabling Magazine: https://www.cablinginstall.com/wireless-5g/article/16468593/5g-networks-impact-on-fiberoptic-cabling-requirements
MumTaz, S., Rodriquez, J., & Dai, L. (2017). Introduction to mmWave. In mmWave Massive (pp. 2-16). Amsterdam: Elsevier.
NEC; TSE:6701. (2018). NEC uses 5G to contribute to remote medical examination trials. Retrieved from NEC Corporation: https://www.nec.com/en/press/201804/global_20180418_01.html
Nelson, P. (2017). Network slicing will play a key role in 5G networks. Retrieved from Network World from IDG: https://www.networkworld.com/article/3214638/network-slicing-will-play-key-role-in-5g-networks.html
NIST. (2019). NIST Releases Draft Security Feature Recommendations for IoT Devices. Retrieved from NIST – News: https://www.nist.gov/news-events/news/2019/08/nist-releases-draft-security-feature-recommendations-iot-devices
Nokia. (2016). Dynamic end-to-end network. Finland. Retrieved from http://www.hit.bme.hu/~jakab/edu/litr/5G/NOKIA_dynamic_network_slicing_WP.pdf
NSS Labs. (2018). SSL/TLS Performance Test Methodology V1.3. Retrieved from NSS Labs – Research and Publications: https://research.nsslabs.com/library/methodologies/ssltls-performance—test-methodology-v1.3/
Office for Civil Rights. (2015). Summary of the HIPAA Privacy Rule. Retrieved from Health and Human Services: https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html
Office of Inspector General. (2019). Episodes of Non-Adherence. Long Beach, California: Department of Veterans Affairs.
Olavsurd, T. (2019). Kaiser Permanente reduces patient mortality with predictive analytics. Retrieved from CIO – Insider: https://www.cio.com/article/3432129/kaiser-permanente-reduces-patient-mortality-with-predictive-analytics.html
OSP Labs. (2018). The Future of Healthcare: Five Technologies To Look Forward in 2019. Retrieved from OSP Laboratories: https://www.osplabs.com/insights/healthcare-technology-trends-2018/
OWASP. (2018). OWASP Internet of Things – Top Ten. Retrieved from OWASP Internet of Things (IoT) Project: https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project
OWASP. (2018). OWASP Internet of Things (IoT) Project. Retrieved from Open Web Application Security Project: https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project
Pal, S. (2016). How IoT is Helping to Address Chronic Disease Management. Retrieved from Electronic Health Reporter: https://electronichealthreporter.com/iot-helping-address-chronic-disease-management/
Panetta, K. (2018). Gartner Top Strategic Predictions for 2019 and Beyond. Retrieved from Gartner: https://www.gartner.com/smarterwithgartner/gartner-top-strategic-predictions-for-2019-and-beyond/
Pasqua, E. (2019). How 5G, AI and IoT enable “Intelligent Connectivity”. Retrieved from IoT Analytics: https://iot-analytics.com/how-5g-ai-and-iot-enable-intelligent-connectivity/
Patterson, A. (2019). 2018 Data Breaches Reveal Lack of Security Awareness. Retrieved from Converge – Technology + Business: Appendix F: 2019 Gartner – leaders in awareness training.
Paul, F. (2019). Top 10 IoT vulnerabilities. Retrieved from NetWork World from IDG: https://www.networkworld.com/article/3332032/top-10-iot-vulnerabilities.html
Pod Group. (2019). Fog Vs. Edge Computing: What Are the Differences that Matter? Retrieved from IoT for All: https://www.iotforall.com/fog-vs-edge-computing-do-differences-matter/
Pratt, M. K. (2019). 10 IT modernization mistakes to avoid. Retrieved from CIO – Insider: https://www.cio.com/article/3432126/10-it-modernization-mistakes-to-avoid.html
Protenus, Inc. (2018). Insider-wrongdoing accounts for an increasing number of breached patient records over the course of 2018. Retrieved from HubSpot: https://cdn2.hubspot.net/hubfs/2331613/Breach_Barometer/2018/Q3%202018/Q3%202018%20Protenus%20Breach%20Barometer%20-%20final.pdf
PWC. (2018). New Health: A Vision for Sustainability. Retrieved from Price WaterHouse Cooper: https://www.pwc.com/gx/en/healthcare/pdf/pwc-new-health-a-vision-for-sustainability.pdf
Qualcomm technologies. (2018). The first 5G standard is complete — so what’s next? Retrieved from Qualcomm – OnQ Blog: https://www.qualcomm.com/news/onq/2018/03/21/first-5g-standard-complete-so-whats-next
Qualcomm®. (2019). Spectrum for. Retrieved from Qualcomm – Media – Documents: https://www.qualcomm.com/media/documents/files/spectrum-for-4g-and-5g.pdf
Rabey, J. (2019). What is 5G? The next generation of wireless explained. Retrieved from The Conversation – Academic rigor, jpurnalistic flare: https://theconversation.com/what-is-5g-the-next-generation-of-wireless-explained-96165
Rapid7. (n.d.). Security Awareness Training. Retrieved August 11, 2019, from Rapid7: https://www.rapid7.com/fundamentals/security-awareness-training/
Ray, B. (2015). 3 Reasons Why IPv6 Is Important For the Internet Of Things. Retrieved from LinkLabs: https://www.link-labs.com/blog/why-ipv6-is-important-for-internet-of-things
RF-Wireless World. (2017). Massive MIMO | M-MIMO basics | Massive MIMO advantages. Retrieved from RF Wireless: https://www.rfwireless-world.com/Terminology/Massive-MIMO-basics.html
Robinson, S. (2018). The impact of 5G technology on security and network management. Retrieved from Cisco Digital Network Architecture: https://www.cisco.com/c/en/us/solutions/enterprise-networks/impact-of-5g-technology.html
Roy, M. (2017). GDPR rules putting a spotlight on consumer data privacy. Retrieved from TechTarget – Compliance: https://searchcompliance.techtarget.com/video/GDPR-rules-putting-a-spotlight-on-consumer-data-privacy
Santa Fe Group. (2019). Cybersecurity. Retrieved from Santa Fe Group: https://www.santa-fe-group.com/services/cyber-security/
SDX Central. (2018). Will 5G Replace WiFi? Retrieved from SDX Central: https://www.sdxcentral.com/5g/definitions/will-5g-wifi/
Security Experts. (2019). The Cybersecurity Issues With 5G-Enabled IoT. Retrieved from Information Security Buzz: https://www.informationsecuritybuzz.com/expert-comments/the-cybersecurity-issues-with-5g-enabled-iot/
Sentara Healthcare. (2019). About us – Our Mission -Our Vision. Retrieved from Sentara: https://www.sentaracareers.com/explore-sentara/mission-vision-values-history/
Shein, E. (2017). 7 secrets for getting digital transformation right. Retrieved from CIO – Insider: https://www.cio.com/article/3235958/secrets-for-getting-digital-transformation-right.html?nsdr=true
Stanford Medicine. (2018). The Democratization of Healthcare. Retrieved from Stanford Medicine 2018 Health Trends Report: http://med.stanford.edu/content/dam/sm/school/documents/Health-Trends-Report/Stanford-Medicine-Health-Trends-Report-2018.pdf
Statista. (2019). Internet of Things (IoT) connected devices installed base worldwide from 2015 to 2025 (in billions). Retrieved from Statista: https://www.statista.com/statistics/471264/iot-number-of-connected-devices-worldwide/
Szymanski, C. (2018). Wi-Fi on track to unlock $3.5 trillion in economic value by 2023 – but first, we need more spectrum to maximize societal benefits. Retrieved from Wi-Fi Alliance: https://www.wi-fi.org/beacon/christopher-szymanski/wi-fi-on-track-to-unlock-35-trillion-in-economic-value-by-2023-but
Teschler, L. (2019). What you should know about Wi-Fi 6 and the 6-GHz band. Retrieved from Test and Measurement Tips: https://www.testandmeasurementtips.com/what-you-should-know-about-wi-fi-6-and-the-6-ghz-band/
Tonex, Inc. (2019). IoT Security Training – IoT Security Awareness. Retrieved from Tonex – Technology Management Training Courses and Seminars: https://www.tonex.com/training-courses/iot-security-training-iot-security-awareness/
Transport Layer Security. (2018). In J.-P. Aumasson, Serious Cryptography – A Practical Introduction to Modern Encryption (pp. 346-366). San Francisco: No Starch Press.
U.S. Department of Veterans Affairs. (2019). Veterans Health Administration. Retrieved from Veterans Administration: https://www.va.gov/health/
US Dept of Transportation. (2019). Vehicle Cybersecurity. Retrieved from NHTSA: https://www.nhtsa.gov/technology-innovation/vehicle-cybersecurity
Verizon✓. (2019). Verizon 5G Home Internet FAQs. Retrieved from Verizon✓: https://www.verizonwireless.com/support/5g-home-faqs/
Violino, B. (2017). The secrets of highly successful data analytics teams. Retrieved from CIO – IDG Insider Pro: https://www.idginsiderpro.com/article/3234353/the-secrets-of-highly-successful-data-analytics-teams.html
Vogenberg, R. F., & Santilli, J. (2018). Healthcare Trends for 2018. Am Health and Drug Benefits, 48-54. Retrieved from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5902765/
Webster, M. (n.d.). How to Write a Killer Project Plan That Gets Results. Retrieved from WorkFront: https://www.workfront.com/blog/how-to-write-a-killer-project-plan-that-gets-results
WGR. (2019). Global IoT Market 2025, Data Management, 5G, and Artificial Intelligence. Retrieved from SpaceFlight News: https://newsspaceflight.com/global-iot-market-2025-data-management-5g-and-artificial-intelligence/
Wu, Y., Huang, H., & Xiang, C. (2019). 5G-Enabled Internet of Things. CRC Press. Retrieved from https://ebookcentral-proquest-com.library.capella.edu
List of recommended stakeholders and decision-makers.
- Veterans Administration Pacific Islands Health Care System Administrators – The agency is providing funding for the project and have additional resources available if needed by the project team. Although they are not defining project requirements, communication and collaboration are still necessary.
- Kauai VA Clinic Chief Administrator– Once again, this person does not define technology requirements but offers access to the clinic and other resources like personnel.
- Chief Security Officer– He and his team are familiar with the current security landscape and will be responsible for security when the new technologies are implemented in their environment.
- Senior Network Administrator– Their team will be responsible for the installation and maintenance of new devices and can provide input regarding the current environment.
- Doctors and Nurses – They will be using these new technologies daily and interpreting the vast amounts of data that will be generated. A data analyst will be available to assist them during the transition period. The need will diminish as augmented artificial intelligence is trained to analyze and evaluate the data.
- Patients – They can offer input regarding how willing they are to use the new technologies. Most patients are not familiar with Health-related internet of things (H-IoT) technologies but patient input can help to develop devices and methodologies that are more user-friendly and less obtrusive.
List of team roles and responsibilities.
- Project Manager – Responsible for creating, executing, and controlling the project in accordance with the master plan. The project plan is built by the project manager. The project manager assigns team members to appropriate processes during the project life-cycle.
- Project Team – Responsible for creating or acquiring the end deliverable products. Team members should exhibit expertise in one or more areas of the project. They must be able to identify risks, verify quality, and recognize design issues.
- IT Managers and System Owners – A high level of communication and collaboration with these roles is necessary.
- Designated Technology Experts – Often a member of the research/development team defines the requirements for the end deliverable. They approve documents generated during the process and offer input that helps meet timelines.
- End Users – Often overlooked as a requirement during the development stage of the project, they can provide input that can prove to be invaluable during the final sign-off phase.
- Other Roles – Duties can include risk analysis, quality assurance, and auditing services.
Interview with a 5G Expert detailing cybersecurity issues. (Security Experts, 2019)
Matthew Aldridge Senior Solutions Architect at Webroot
“As the deployment of 5G becomes widespread, industries such as healthcare and transport will be able to truly explore the benefits that improved connectivity brings. The decreased latency and increased bandwidth which 5G provides will make technology such as eHealth and autonomous vehicles a reality through connected devices and IoT. However, with each device that is added to an IoT network, the attack surface area increases exponentially. There must be a clear understanding of how and what a device collects, stores and communicates. Businesses need to be clear on the associated risks and the possible consequences of the network being compromised through a malicious attack on one or more of these devices.
Routinely making security checks for the latest firmware updates on all devices is essential. Ultimately, businesses must ensure IoT devices are configured to be as secure as possible – moving away from the “set-up and forget” mentality. Manufacturers of these devices also have a responsibility to businesses and consumers to build in security features during the development phase. It is critical for appropriate security controls to be in place with regards to the processing, storing and transmission of end-user data, whether locally or in a private or public cloud service using best practice end-to-end encryption and secure authentication. Updates should be simple to apply, or better, automated and devices should security-hardened out of the box – the mandatory changing or eradication of default passwords for example.
These devices and the network need to be continuously monitored, utilizing the latest threat intelligence solutions. An informed and tactical security approach will pay dividends towards keeping the whole organization’s environment safe during this phase of technological advancement.”
Spectrum allocation for S, C, and mm-wave by country. Source: (Qualcomm®, 2019)
5G 3GPP standardization timeline. Source: (InterDigital. Inc, 2018)
Technical expectations of 5G Source: (Ericsson, 2019)
Technical expectations of 5G Source: (Ericsson, 2019)
|Peak rate data |
|Area traffic capacity |
|User experience data rate |
99.999% (of time)
|Spectral efficiency |
|Battery life |
99.999% (of packets)
|Position accuracy |
10m < 1m
|Connection Density |
|Network energy efficiency |
Stronger subscriber authentication, user privacy and network security
2019 Gartner – leaders in awareness training. Source: (Gartner, 2019)
Digital technologies, tools, and methods used. Source: (McKinsey & Company, 2018)
5G Next-Generation Wireless Networks and the Twenty-First-Century Inter-networks of Everything, and Addressing Associated Security Challenges
Kirby Allen Malkemus (2019)