I was particularly interested in the low-power (under 1v) short-range (couple of metres) "body area networks" that are under development by a number of companies (such as Toumaz, for example). I think I will amend the Consult Hyperion technology timeline that we use to help customers to plan their IT strategies so that it separates personal area networks (PANs) from BANs from now on, especially as a new standard (which is IEEE 802.15.6) is under development for BANs and is expected sometime in 2010. The driver for this is that PANs requires too much power (the "smart bandage" that I saw at the event has a 7 day lifetime with no external power) and the PAN protocols do not handle the requirements of the sector terribly well. The BAN protocol is specifically designed for low data rate and intermittent connections and will one day connect your pacemaker to your iPhone to your insurance company.
They're not here yet, but these things will come, and I rather like the idea of my band-aids chatting to each other and dropping a note to my doctor if things aren't healing properly. Of course, I would expect their communications to be encrypted and digitally-signed since I wouldn't want counterfeit medical equipment in the loop. But I'm sure the technology will be used for other things as well: some positive (helping monitor fitness regimes) and some stupid (such as having your body and your clothes have a dialog).
I also saw a presentation about some medicines that are taken internally (pills) that contain RFID tags that only activate once the pill has dissolved (ie, is in your stomach). The idea is to help to monitor old people to make sure that they are taking the right medicine at the right times. Fascinating stuff, and particularly fascinating to me because I am interested in the identity infrastructure that will be needed to support safe, smart healthcare.
I was at the Summit because I was sitting on a panel discussing the use of consumer devices to support healthcare applications and services. I can see that some our customers will want to be active in this space in the relatively near future. I was specifically looking to see how the identity infrastructure was developing to encompass these developments (it isn't) because I think that some of the organisations that we advise might make a living out of either providing some of this infrastructure or using it develop new businesses.
Since i spend too much of my time reading security reports, blogs, news and other material, I thought it was odd that much of the stuff that I saw or heard about at the conference had no security built in to it at all. In fact, I thought that there was some complacency around the whole issue. As I said a couple of times during the event, we haven't had the Chernobyl yet.
The Key to Health IT’s Success: A Comprehensive Privacy and Security Framework[From ACS Blog | The Key to Health IT’s Success: A Comprehensive Privacy and Security Framework | American Constitution Society]
This is, I think, true. And, as we never tire of saying, you can't the privacy without the security.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]