 |
In case you haven’t noticed, everything is going wireless. The telephone has gone wireless. Your computers can be connected to the Internet via wireless. Your stereo speakers can now be wireless. And your television, which was wireless, then was wired to cable, is going wireless again. It seems inevitable that these same technologies enabling wireless applications in your home will creep into the hospital. Oops, look again. It is already happening!
It is surprising to many, but the fact is, hospitals have been using a wide variety of wireless technologies for decades. The list of applications is long and includes cellular telephones, two-way radios, medical telemetry, wireless computers, and much more. In terms of services regulated by the Federal Communications Commission (FCC), as shown in Table 1, just about all services are included except broadcast television and radio. In the past, management of these systems involved nothing more than having the vendor of the radio system file for an FCC license when it was needed and sticking the license in a filing cabinet to be forgotten.
Today, management of the proliferation of radios and wireless systems used in the modern health care environment is more involved and requires active oversight. Of particular concern is the security of the information being sent over such systems, interference among radio systems as well as interference to non-radio medical devices, and ensuring the data-handling capacity of such systems is not exceeded. Let us take a closer look at each of these.
Effective Security
In the past, security of communications sent over radio systems has been problematic, even for military applications. Good security required many skilled people, expensive equipment, and a great deal of secrecy. It is not surprising, then, that only governments and large corporations performing work for them could afford good communications security. Civilian applications then had to rely on “security through obscurity” by trying to hide frequencies being used, using low power to prevent being detected, or using proprietary encryption schemes that usually contained significant flaws.
 |
Traditionally, medical device manufacturers have included into their systems those security features they believed were necessary, leaving little for health care facilities to do themselves. With the growing use of standardized communications systems such as Bluetooth, Zigbee, and Wi-Fi LANs, this approach is now in question, especially when we begin to consider the possibility of connecting the medical devices directly to the hospital’s IS network. Further, the recent publication of a paper outlining the successful “hack” of a wireless, implantable pacemaker/defibrillator1 raises the question as to what level of security is needed in a medical device or system. While health care facilities have little or no recourse in the selection of proprietary security mechanisms embedded in medical devices, they do have both a choice and a responsibility to address security in wireless networks such as the Wi-Fi networks they might implement for medical systems.
Wi-Fi security is comprised of two actions: authentication and encryption. Authentication is the act of ensuring the person or device connecting to the network is authorized to do so, while data encryption protects the data being sent between the devices and the network. Authentication is usually divided into personal and enterprise modes. The personal mode uses preshared keys to identify a group of devices sharing a common password and is easy to implement in the home or small office environment. The enterprise mode, which uses an authentication protocol with unique user IDs and passwords checked by an authentication server to identify individual users, is more appropriate for large-scale, health care environments.
Data encryption uses one of four different protocols. The four types are—from least secure to most secure—open, wired equivalent protocol (WEP), Wi-Fi protected access (WPA), and Wi-Fi protected access 2 (WPA2). As one would expect by the name, the open mode uses no encryption and is usually combined with no authentication protocol, to allow anyone to connect to a publicly available “hot spot.” WEP, the original Wi-Fi encryption protocol, is easily hacked with commonly available tools due to a flaw in the implementation and is no longer recommended for any application requiring real security. WPA is an enhanced encryption algorithm designed expressly to be backward compatible with older hardware, at the expense of some security. WPA2 is the most secure protocol and is capable of meeting the most stringent government requirements; however, it is not backward compatible with older hardware. Compatible with the techniques of public-key encryption, WPA and WPA2 offer a wide variety of options meeting any level of security desired by the modern health care facility, up to those meeting the requirements of the National Security Agency.
Managing Interference
Interference, while a concern to all wireless systems, has been taken into consideration in the newer, standards-based systems. Earlier systems required a separate frequency for each transmitter to prevent co-channel interference. The presence of multiple signals on the same frequency virtually guaranteed interference to all systems on that frequency. In contrast, IEEE 802.XX-based systems use flow control protocol, collision detection, and error recovery techniques to minimize co-channel interference and maximize the chances of recovery when it does happen. As a result, not only are the standards-based systems more resistant to interference than older systems, they often operate at power levels below those associated with interference to nonwireless medical devices.
The technical definition of bandwidth for a communications system is the amount of spectrum required by the signal and is proportional to the signaling rate or data rate. This relationship eventually led to the synonymous but mistaken use of bandwidth in reference to data throughput or data-handling capacity. With IEEE 802.XX-based systems, ensuring available data-handling capacity for applications requires careful design of the wireless infrastructure and management of the types and numbers of wireless clients.
IEEE 802.11b/g systems effectively have only three orthogonal (nonoverlapping) channels that avoid data collisions among them. Since the most efficient reuse of frequencies for maximizing communications requires a minimum of four channels, 802.11b/g systems require a compromise solution for high utilization. IEEE 802.11a systems have 24 available orthogonal channels and can easily support frequency reuse. The up-and-coming 802.11n standard requires twice the bandwidth as the a/b/g protocol and, therefore, the number of available channels is reduced by half. As a result, 802.11n is not practical on the 2.4 GHz bands used by 802.11b/g for anything but home use, since frequency reuse cannot be accomplished. In a paper published earlier, Baker and Hoglund2 describe a method for assuring data capacity in 802.11 networks and should be referenced by anyone planning to implement such technologies for medical systems.
In conclusion, new wireless technologies promise to allow greatly increased communications capabilities in the modern health care facility. In order to take advantage of these systems, hospital personnel must carefully weigh the requirements of the facility in terms of security, interference, and data capacity, then design, install, and maintain the systems to meet those requirements.
Rick Hampton is the wireless communications manager for Partners HealthCare System, Boston. For more information, contact .
References
- Halperin D, Heydt-Benjamin T, Ransford B, et al. Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses. Proceedings of the 2008 IEEE Symposium on Security and Privacy. www.secure-medicine.org. Accessed August 13, 2008.
- Baker SD, Hoglund DH. Medical-grade, mission-critical wireless networks. IEEE Eng Med Biol Mag. 2008;27(2):86-95.
