The National Institute of Standards Technology (NIST) announced a project that will eventually result in a Cybersecurity Practice Guide to help smart home device users safely access their healthcare information digitally. NIST’s National Cybersecurity Center of Excellence finished the final project description late last month.
“Mitigating Cybersecurity Risk in Telehealth Smart Home Integration: Cybersecurity for the Healthcare Sector” will provide healthcare delivery organizations with practical solutions for securing an ecosystem that incorporates consumer-owned smart home devices into telehealth.
According to their website, telehealth technology has evolved alongside the “Internet of Things (IoT)” – devices that can be used to obtain lab results, schedule appointments or request prescription refills. These devices can also become vulnerable to hacks since they share data in a network.
“As patients adopt IoT use when interacting with health systems, technologists may need to apply new approaches in safeguarding systems and environments,” the final project description says.
NIST will use three frameworks to complete the project: Privacy, Cybersecurity, and Risk Management.
“Applying concepts from these frameworks enables the project to identify risks and select appropriate controls that support telehealth smart home integration,” the report says.
According to the final project description, NIST will focus on three common scenarios that involve smart home devices that use voice assistant technology. The project team will develop a reference design and a detailed description of the practical steps needed to implement a secure solution based on standards and best practices.