Security and Privacy
The NHS has taken a bit of a bashing lately over its agreement to allow Google to access 1.6 million patient records – un-anonymised. Smarter people than I have written at length on the potential risks and the ethics. There have also been many news stories about IoT devices like home cameras, smart door locks etc, which have poor security and are easy to hack into to disable or misuse. It is therefore perhaps a good time to set out Kraydel’s principles with regard to both security (preventing unauthorised access) and privacy (limiting the exposure of confidential information to appropriate persons and purposes).
As the Kraydel device sits in a home it learns a lot about a person’s normal behaviours, for example: when they rise, when they go to bed, when they cook, when they watch TV and whether they are currently at home. If the Kraydel wristband is being worn then the device also knows a lot of medical stuff too – heart-rate, temperature, level of activity and location. That’s personal information and shouldn’t be available to anyone that the elder, or the buyer of the system hasn’t approved. Some of the undesired uses are obvious – a thief would like to know there’s no-one home, a burglar would like to know that you’re probably asleep (useless fact: in the UK burglary is breaking and entering at night specifically). But other use cases are more insidious: an insurance company might like to know about tachycardia before insuring you, a double-glazing company might like to know that the house gets very cold in the winter. And if the system isn’t secure, could someone hack into it and set reminders that wake you up at night, tell you to take medication that you’re not supposed to, or instruct you to do something inappropriate like unlock the front door, or maybe they would just turn on the camera and watch. Eeeek. So how can we be confident that this sort of stuff isn’t going to happen?
These are the steps we are taking:
- All communication between the Kraydel device and our cloud app is fully encrypted.
- The device has a unique identity held on a secure chip – we know that the device talking to us is one of ours (or we won’t talk to it).
- The device can validate that the software running on it hasn’t been tampered with (it’s digitally signed)
- The cloud platform is secure – we carry out “penetration testing” to ensure that hackers can’t get in
- We have “roles based access” – users of the system can only access those parts of the system to which they have been granted access by primary users
- We will not make personal data available to third parties in any way that allows an individual to be identified
Now you may ask why third parties would have access to any data at all. One of things we would like to be able to do is to identify outbreaks of infection – if Kraydel is tracking skin temperature, hearing coughs and sneezes, then we may among the first to know that a nasty ‘flu has arrived. So without identifying individuals we could provide health care professionals with data about the possible number of infections within the Kraydel user population and how it is changing. There are probably many other useful things we could do if we have a lot of information about the health of the population and we think almost everyone would be happy to have their data used to benefit others.