Secure remote patient sensors

Jon Lawson

Gives clinicians access to vital information that could help keep patients healthy and out of hospital. Nick Flaherty reports

Leading brain-computer interface and healthcare sensor company NeuroSky has created a cost-effective and secure medical monitoring solution that could radically improve remote patient care for people with long term chronic illnesses.

The company is working with processor design company ARM on a trusted system that allows the user full control over the data from sensors while giving clinicians access to vital information that could help keep patients healthy and out of hospital.

Remote sensors currently use Bluetooth Link Layer encryption to secure data from a patient monitor to a mobile device before it is sent to an Accountable Care Organization (ACO). This can leave data vulnerable to malware on the mobile device.  Other solutions transfer data to the cloud without any kind of user validation before it is sent, leaving data security and privacy in the hands of third party cloud service providers.

NeuroSky has improved this system by integrating an ARM processor into its medical sensor so that the data can be encrypted using ARM’s mbed TLS transport layer security and sent to the phone to be decrypted in a trusted area. The information then has to be validated by the user before data is sent to their ACO.

“Working with readily-available and secure ARM based technology will help to expand the scope of remote health monitoring,” said Stanley Yang, CEO, NeuroSky. “Providing a secure path for data transmission is vital in unlocking remote care at scale and the right systems aren’t yet in place. We believe our solution can change that and making even greater use of cardiovascular and neurological monitoring solutions will have a direct benefit for patients living with serious health conditions."

This will help medical device manufacturers create new monitoring products for a variety of tasks including heartrate analysis, monitoring glucose and blood oxygen levels, gathering wellness data and sleep tracking.

“The use of trusted off-the-shelf mobile technology in medical sensors can cut billions of dollars a year from the cost of providing remote healthcare services,” said Karthik Ranjan, director of healthcare technology at ARM. “NeuroSky is the first healthcare device company to take this approach in a medical application but these technologies are already widely-used and proven for data sensitive applications such as banking. The healthcare industry is facing a real challenge managing long term chronic illnesses and post-operative care and remotely monitoring patients can lead to improved clinical outcomes as well as saving ACOs money.”

The TLS encryption is part of the mbed development environment and is based on the PolarSSL technology acquired by ARM in November 2014. This provides he core for secure communications and cryptography to the rest of the mbed products. Although the mbed ecosystem is primarily targeted at the world of the Internet of Things (IoT), mbed TLS operates on regular embedded and non-embedded systems and so is available as a separate module on its own website in addition to being integrated into other mbed products.

The other difference from PolarSSL is that the license for mbed TLS has moved from GPL to the liberal Apache license. This allows even easier use of mbed TLS in open source projects and no more commercial license is needed to use the technology in commercial projects.

NeuroSky is in discussions with healthcare providers to start a technology pilot in 2016.