SecureCare for healthcare and elderly care staff
Nexus has participated in the research project SecureCare together with the City of Solna, RISE and Alleato. The SecureCare project has shown how an IoT application can collect data from resource-limited healthcare equipment in a secure way, for example, battery-powered sensors that detect if a patient falls out of bed. The project also showed how secure access to collected sensor data for different users can be achieved with maintained security and integrity.
In a previous post, we discussed the "secure collection of data from resource-limited IoT devices" and how its challenges are addressed. In this post, I will focus on the need for secure access to the collected data, where integrity and confidentiality are crucial to enable the secure use of the collected information.
Healthcare professionals use the collected data in their daily work, via healthcare IT systems and apps. It can be functions such as receiving information about alarms regarding a user's personal data (for example body temperature, breathing, or heart rate), or that the front door is opened without a provided code. Today it is possible to use motion detectors and video to monitor a user's movements in the home, all to increase the safety of our elderly and ill.
At the same time, this type of personal information enforces high demands on systems and apps regarding privacy protection, accuracy, and who should have access to the functions and data provided. The number of systems and electronic functions will increase over time, to be able to meet the increased demands for better quality. In parallel with increasing demands for efficiency and cost savings in health and elderly care.
So how do we secure who will be able to access this data? This is achieved by using trusted identities, two-factor authentication (2FA), and access control for staff who must have access to these functions and the information connected to them. It is crucial to have individual users and traceability in the systems to ensure that information is not misused.
A flexible two-factor authentication solution with Single Sign-On (SSO) for staff gives them a simple and secure login, allowing their focus to be on taking care of the sick and elderly instead of security or password strength, also in scenarios where shared devices among the staff are used.
Every IT organization should aim for making it easy for the user to do the correct thing, not needing to invent shortcuts that put data at risk. In this case, the users shall have the necessary tools that provide easy and secure authentication, for example, a smart card with a 6-digit pin code providing a single secure login into the various systems and healthcare apps through SSO.
In the SecureCare video, we show how healthcare staff logs in with a smart card to their healthcare application, using a device shared with other staff members.