As I walk into the building, the sheer grandiosity of the room is one to withhold — it’s as if I’m walking into Grand Central station. There’s a small army of people, all busy at their desks, working to carry out the next wave of innovations helping more than a million lives within the Greater Philadelphia region. However, I’m not here to catch a train or enjoy the sights. I’m at the office of the President and CEO of Thomas Jefferson University, Dr. Stephen Klasko, currently at the helm of one of the largest healthcare systems in the U.S.
Let me backup a little.
The theme of nearly every conversation about the future of technology now revolves around Artificial Intelligence (AI). Much weight is placed on the potential capacity of AI to disrupt industries and change them to the very core. This pressure has been felt to a large extent within nearly every aspect of healthcare where AI has been projected to improve patient care delivery while saving billions of dollars.
Unfortunately, most discussions exploring the implications of AI only superficially look at either the product or the algorithm that powers these products. The short-sightedness of this approach is not an easy one to fix. Yes, clinical studies validating AI backed products are vital but AI cannot be viewed just like any other drug or a medical device. There’s much more to be considered when we examine the broader role of this technology, because this technology can shape the entire healthcare system. To place the impact of a far reaching technology, you need an even longer sighted vision. It’s a rare breed of people that have experienced the tumultuous history of change within medicine but can still call upon the lessons learned to execute innovations and bring meaningful results.
In the coming years, the number of devices around the world connected to the Internet of Things (IoT) will grow rapidly. Sensors located in buildings, vehicles, appliances, and clothing will create enormous quantities of data for consumers, corporations, and governments to analyze. Maximizing the benefits of IoT will require thoughtful policies. Given that IoT policy cuts across many disciplines and levels of government, who should coordinate the development of new IoT platforms? How will we secure billions of connected devices from cyberattacks? Who will have access to the data created by these devices? Below, Brookings scholars contribute their individual perspectives on the policy challenges and opportunities associated with the Internet of Things.
The Internet of Things will be Everywhere
Humans are lovable creatures, but prone to inefficiency, ineffectiveness, and distraction. They like to do other things when they are driving such as listening to music, talking on the phone, texting, or checking email. Judging from the frequency of accidents though, many individuals believe they are more effective at multi-tasking than is actually the case.
The reality of these all too human traits is encouraging a movement from communication between computers to communication between machines. Driverless cars soon will appear on the highways in large numbers, and not just as a demonstration project. Remote monitoring devices will transmit vital signs to health providers, who then can let people know if their blood pressure has spiked or heart rhythm has shifted in a dangerous direction. Sensors in appliances will let individuals know when they are running low on milk, bread, or cereal. Thermostats will adjust their energy settings to the times when people actually are in the house, thereby saving substantial amounts of money while also protecting natural resources.
With the coming rise of a 5G network, the Internet of Things will unleash high-speed devices and a fully connected society. Advanced digital devices will enable a wide range of new applications from energy and transportation to home security and healthcare. They will help humans manage the annoyances of daily lives such as traffic jams, not being able to find parking places, or keeping track of physical fitness. The widespread adoption of smart appliances, smart energy grids, resource management tools, and health sensors will improve how people connect with one another and their electronic devices. But they also will raise serious security, privacy, and policy issues.
As government involvement in U.S. health care deepens—through the Affordable Care Act, Meaningful Use, and the continued revisions and expansions of Medicaid and Medicare—the politically electric watchword is “socialism.”
Online, of course, social media is not a latent communist threat, but rather the most popular destination for internet users around the world.
People, whether out of fear for being left behind, or simply tickled by the ease with which they can publicize their lives, have been sharing every element of their public (and very often, their private) lives with ever-increasing zeal. Pictures, videos, by-the-minute commentary and updates, idle musings, blogs—the means by which people broadcast themselves are as numerous and diverse as sites on the web itself.
Even as the public decries government spying programs and panics at the news of the latest massive data-breach, the daily traffic to sites like Facebook and Twitter—especially through mobile devices—not only stays high, but continues to grow. These sites are designed around users volunteering personal information, from work and education information, to preferences in music, movies, politics, and even romantic partners.
Over a year ago, the Federal Trade Commission held an Internet of Thingsworkshop and it has finally issued a report summarizing comments and recommendations that came out of that conclave.
As in the case of the HITECH Act’s attempt to increase public confidence in electronic health records by ramping up privacy and security protections for health data, the IoT report — and an accompanying publication with recommendations to industry regarding taking a risk-based approach to development, adhering to industry best practices (encryption, authentication, etc.) — seeks to increase the public’s confidence, but is doing it the FTC way: no actual rules, just guidance that can be used later by the FTC in enforcement cases. The FTC can take action against an entity that engages in unfair or deceptive business practices, but such practices are defined by case law (administrative and judicial), not regulations, thus creating the U.S. Supreme Court and pornography conundrum — I can’t define it, but I know it when I see it (see Justice Stewart’s timeless concurring opinion in Jacobellis v. Ohio).
To anyone actively involved in data privacy and security, the recommendations seem frighteningly basic:
–build security into devices at the outset, rather than as an afterthought in the design process;
– train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization;
– ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers;
– when a security risk is identified, consider a “defense-in-depth” strategy whereby multiple layers of security may be used to defend against a particular risk;
–consider measures to keep unauthorized users from accessing a consumer’s device, data, or personal information stored on the network;
–monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks.
–consider data minimization – that is, limiting the collection of consumer data, and retaining that information only for a set period of time, and not indefinitely;
– notify consumers and give them choices about how their information will be used, particularly when the data collection is beyond consumers’ reasonable expectations.