By automating patient monitoring and greatly improving the accuracy of readings compared to written records, wireless communications promises to serve as a key medical technology. Industry standards for securely storing and communicating patient readings will help physicians deal with a growing volume of data from wirelessly connected devices.
Keeping these standards in mind, this article will outline three types of wireless interfaces that can be useful in connected medical devices: Bluetooth, Wi-Fi, and ZigBee and discuss different levels of security and interoperability.
Already in use in connected devices such as blood glucose monitors (BGMs) and insulin pumps, wireless communications offers significant advantages for medical care through simplifying data gathering, patient monitoring, and device control. By bringing greater convenience and higher accuracy to these activities, wireless devices are becoming essential to 21st -century medicine, yet the technology raises questions about security.
Can physicians and researchers trust wireless devices? Given the benefits of wireless communications, can physicians and researchers afford not to trust wireless devices? Perhaps more useful questions are:
- Which wireless technologies are appropriate for medical devices?
- What roles can these technologies play?
- Should medical devices implement wireless security measures over and above those used in general-purpose applications?
- How can industry standards for data gathering make wireless devices more useful?
These devices may be used by patients at home, in hospitals, and in assisted-living environments.
Bluetooth, Wi-Fi, and ZigBee (see Fig. 1 ) are commercially available, open-standard wireless technologies and are the main choices for use in medical devices. Each uses a portion of the industrial/scientific/medical (ISM) radio bands that are reserved internationally for the use of unlicensed devices. Each is covered by industry standards and industry consortiums that help ensure the interoperation of devices made by different manufacturers.
Fig. 1: Bluetooth, Wi-Fi, and ZigBee technologies enable wireless medical devices in homes and institutional settings.
The chip inside the device
The microcontroller is the mainstay of medical devices. Common peripherals include timers, A/D converters, and USB interface. By integrating almost all of the functionality needed to implement devices such as blood glucose monitors, an MCU provides a reliable, low-cost hardware platform that allows medical device manufacturers to focus on developing software.
To meet FDA requirements for safety, many designers separate communications functions from the device's main medical function. A blood glucose monitor (BGM) must continue to make readings, for example, even if the wireless transceiver fails.
However, a new generation of wearable devices has severe space constraints and must reduce component count to a minimum. These devices must use a single MCU.
Security measures
Security begins with protection of the data inside the medical device and extends to protecting data during communication. Inside a medical device, security measures ensure the devices operating parameters are not tampered with. The user must be assured the device is operating as planned and protection is needed for both the software that calculates results and the data. To help protect the software, some microcontrollers provide a “lock” on the flash memory inside the chip. This prevents anyone from reading or modifying the code in the chip. The same feature provides security to protect the medical data stored in this memory.
The secured protocols are available to protect data that is transferred wirelessly. Keep in mind that security is a moving target. Just as software applications and operating systems are updated routinely to correct potential security vulnerabilities, these wireless standards continue to evolve to provide up-to-date security. Medical device designers can rely on these standards for basic transport security.
Additional protections are available from higher-level protocols. Continua (more on Continua later), an industry consortium for connected medical devices uses security standards to manage:
- Confidentiality — data is accessible only to those who have the right to know.
- Integrity — data has not been tampered with or modified in any way to undermine its authenticity.
- Availability — users have timely access to information.
- Identity management — identifies users across the end-to-end system architecture, associating health information with the correct individual.
- Non-repudiation of origin — digital signatures guarantee that the sender of information cannot later deny (or repudiate) having sent the information.
- Consent management — patients can provide and manage their consent preferences, which serve as a basis for governing access to and usage of their individually identifiable health information.
Security requirements depend on the application. For example, a Bluetooth-based personal area network used to connect a BGM to a cellular phone requires only confidentiality, integrity, and authentication protection because they are personal devices. These requirements are supported by the wireless standards for the personal area network.
Bluetooth
Each of the three wireless technologies in this paper use specific security mechanisms to provide data integrity and have other characteristics that suit different types of applications. Compared to Wi-Fi and ZigBee, Bluetooth provides the simplest type of wireless link for a medical device — a one-to-one connection (typically) between the medical device and some other device.
Bluetooth devices connect to each other using pairing, which ensures that the right devices connect. Bluetooth typically has a short range (10's of meters) and uses adaptive frequency hopping to avoid interference between devices sharing the spectrum. When used by a patient at home, Bluetooth is a good choice for linking a BGM with an insulin pump, for example. Also, a BGM could use it to upload readings to a phone or PC application, which can then send the readings to a storage location in the cloud for retrieval by a physician. The latest version of the Bluetooth standard (4.0) features Bluetooth Low Energy; a lower power implementation made possible through simplifications of the protocol. This standard also includes multiple profiles for different data types that simplify the wireless collection of readings from medical devices and promote interoperability.
Wi-Fi
In hospitals, a Wi-Fi WLAN is often a better choice than Bluetooth because most hospitals have deployed Wi-Fi as part of the infrastructure. Wi-Fi can easily handle the large amounts of data involved. However, Wi-Fi consumes significantly more power than Bluetooth.
Wi-Fi offers longer range and much higher data rates than Bluetooth and can cover large areas through the use of multiple access points with overlapping coverage on different channels. It is possible to automatically hand-off a moving device from one access point to another, similar to the way cellular telephone systems work, allowing equipment to be easily moved from room to room.
ZigBee
ZigBee creates self-forming, self-healing wireless mesh networks that allow all participating devices to communicate with one another and act as repeaters to transfer data between devices. These capabilities enable ZigBee to support thousands of devices on a single wireless network. ZigBee is designed to handle quite small amounts of data over long distances, and can operate at low power levels. The industry consortium that sets ZigBee standards has developed the ZigBee Health Care public application profile.
Data standards help shape the future
Communicating medical data wirelessly promises significant improvements in patient care, but only if physicians have effective ways to deal with the data. The Continua industry consortium is opening up this arrangement by defining standard ways to store and communicate data for specific medical purposes. Continua has a data profile for BGMs, for example. Physicians can use a single Continua-compliant software application to monitor readings from any Continua-compliant BGM. Continua standards specify how medical devices work via any of the three wireless technologies discussed, ensuring interoperability between patient devices and the tools physicians use to access the device data.
With these types of devices sending results wirelessly, physicians and researchers can get accurate results in a timely way no matter where patients are. Further, a new generation of smart monitoring software will doubtlessly track patients' vital signs continuously — no matter what type of monitor patients wear — and send alerts when readings are over or under specified values.
Learn more about Renesas Electronics America