Arto

Thanks for another very interesting blog. This is outside my area(seem to keep saying that lately) but isn’t there an argument to say that the measurement data only really becomes sensitive once it has been tied to a particular patient which I would assume would be post the Bluetooth connection. If the argument is that a potential backdoor is being left open could that not be solved by having a register of Bluetooth addresses.
As an aside what are the regulations with regard to the interference from wireless devices in hospitals?

Paul,

Like most things governmental and all things electromagnetic, "the regulations" that apply are less than clear cut. The good news is that, at least in the US, government regulations on electromagnetic compatibility in health care settings recognize that it's an engineering process that can't possibly be codified by a legislative body.

Here is the guideline from the US Food and Drug Administration/Center for Devices and Radiological Health (no kidding -- that's their name): http://www.fda.gov/cdrh/emc/emc-in-hcf.html

The Mobile Health Care Alliance has an interesting overview of international standards here.: http://www.mohca.org/presentations/JimConrad.ppt

Paul,

Your argument is correct that most likely there is no patient data stored in measurement device. And if someone gets somehow the information, it cannot be tied to certain person just by looking the values. Information stealing gets even more difficult when measurement devices have Bluetooth active only when ready to transfer. Also the use of proprietary communication protocol is effective way to block unwanted data collection. Perhaps I’m little paranoid about this but I’ll still emphasize that if there is an easy backdoor like this, someone can and will use it. Perhaps this is not a big problem today but when Bluetooth medical devices, especially those that people are carrying along, will become more common this will pop up.

This kind of backdoor could be easily blocked as you mentioned by storing paired device to the medical device memory and allow connections only with that device. I totally agree with you but reality is that this is not used. Why? Perhaps because the most of current medical measurement device Bluetooth implementations are just serial cable replacements to existing devices and nobody has paid any attention how Bluetooth device should actually work.

About interference inside hospitals, it could be summarised as in study done in 2001 (www.chatterboxsoftware.com/MedReport.htm):

“Until recently (1/9/2001), the standard for EMC, IEC 60601-1-2 (8), was only specified for electromagnetic waves up to 1 GHz. This means that no electronic medical devices used in hospitals today are tested for disturbances of higher electromagnetic frequencies. It is therefore necessary to do clinical studies of new wireless communications technologies using higher frequencies than 1 GHz, such as General Packet Radio Service (GPRS), Bluetooth, Wireless Local Area Network (WLAN), and Universal Mobile Telecommunications System.”

In that study no interference were found. Surely there might be still some medical devices that take disturbance with higher frequency communication like Bluetooth. Anyway nowadays Bluetooth is quite well approved inside hospital. There are even some cases where Bluetooth hotspots are used to relay connections for longer distances (quite similarly as WiFi hotspots works).

I hope you get something out of my reasoning... Keep up commenting!

Arto

Thanks for the information its all very interesting and as you say gratifying that the process in being viewed from the engineering perspective. I am interested to see Bluetooth Hotspots are being used I have always though that there was an obvious potential there and did some work in this are but was disappointed when the PAN profile disappeared of a lot of the phones.

Hi Arto

I share your view that not much attention has been paid to how Bluetooth medical devices should work in practice.

Part of the problem is that Bluetooth in medical devices implies a mass market for personal use medical devices - eHealth for the masses. Here, we need to consider a wide range of use case scenarios that meet the needs of patients, health care service providers and carers. I am pretty sure that issues relating to device management, device sharing amongst patients and ease with which devices can be linked to other communication protocols and devices will rank along side device paring and securty of data as the issues that need to be solved before Bluetooth medical devices enjoys mass market acceptance.

So whilst the new Bluetooth Medical Device SIG will help focus and clarify the technical standards as far as Bluetooth implementation in devices goes, business process, workflows and technology integration are still the issues that need to be solved.

Ade Bamgboye, Wireless Matters, UK