Fitness Data Breach Could Kill? !! Watch out who is shadow tracking your Fitness – “FIT LEAKING”!!.
In a first of it’s kind reported incident a Fitness app was supposedly used to track Data and induce a fatality.
Scary as it may seem, if this is proven to be true, it also brings to fore a majorly neglected issue of Data and Information Security in Wearable Devices and connected Fitness/ Health Apps.
Canadian CLRFTP – Citizen Lab Research on Fitness Tracker Privacy had published about the possibilities of FIT LEAKING. https://citizenlab.ca/2018/01/fit-leaking-citizen-lab-research-fitness-tracker-privacy/
Internet of things (IoT), Cyber security and Software as A Health and Wellness Device or SaMD / Solution needs a detailed re-look in terms of Regulations, especially in times where advances in AI are so rapidly evolving. AI has already shown the ability to intrude personal data and data breach is a real possibility.
It also reignites the debate about equating Consumer Electronics Goods & standards with their Medical Device/ Wearable counterparts. Software and Cybersecurity in Healthcare needs much more Nuanced, Stringent controls for Data Protection and Prevention of Cyber Attacks / Hacks. Data breach in a large Hospital or large EMR / Medical Records systems could leave extremely private and confidential Patient Health Data and also be utilized by negative groups and cyber criminals too cause real harm. Physical and Mental Harm and even cases of targeted Hazards can not be ruled out in such cases.
Wearable Smart watches, Fitness trackers and many new age Point of Care Monitoring Medical Devices an Diagnostics are designed to collect massive amounts of Patient/ User data. Over the entire process of Data Acquisition, Storage and Analysis and Reporting, there could be many layers of Data Exchange Interfaces which could be susceptible to Data breach and leakages. There are dozens of brands in India and Asian Markets which are very popular and millions of Consumers use them. Coupled with them are major Fitness /Healthcare/ Wellness Apps which many a times camouflage under unclear Regulations and end up intruding into Personal Privacy.
It is perhaps right time for Industry and Regulators to work closely to establish clear Guidelines and Standards and Risk Mgmt. Controls on wearable and Companion apps. US FDA and EU MDR do list many measures to try and include Cyber security related controls and guidelines. Social and research organizations also have an equal say in these matters as most of these Healthcare/ Fitness/ Wellness Domain Apps are built around the concepts of “Communities”.
How can Data Privacy and Cybersecurity measures be further strengthened ?? This need immediate attention and update.
Reference:
https://www.eurasiantimes.com/tracked-online-killed-russian-submarine-commander-falls