Risk Assessment Framework of mHealth System Vulnerabilities: A Multilayer Analysis of the Patient Hub

Abstract

Although there have been remarkable technological developments in healthcare, the privacy and security of mobile health systems (mHealth) still raise many concerns with considerable consequences for patients using these technologies. For instance, potential security and privacy threats in wireless devices, such as Wi-Fi and Bluetooth connected to a patient hub at the application, middleware and sensory layers, may result in the disclosure of private and sensitive data. This paper explores the security and privacy of the patient hub, including patient applications and their connections to sensors and cloud technology. Addressing the privacy and security concerns of the patient hub called for a comprehensive risk assessment by using the OCTAVE risk assessment framework. Findings reveal that the highest risk concerned data exposure at the sensory layer. In spite of the countermeasures presented in this paper, most served as a means to identify risk early as opposed to mitigating them. The findings can serve to inform users of the potential vulnerabilities in the patient hub before they arise.