The Risks of IoT in Medicine and Healthcare

Travelers umbrella bio.
By Travelers
3 minutes
Doctor using medical IoT to see patient X-rays.

From the smallest sensors to entire operating room systems, the Internet of Things (IoT) is helping to save lives and changing the practice of medicine. By remotely capturing medical data, facilitating medication delivery and enabling digital health applications, the IoT delivers greater convenience and functionality to patients and their physicians.

Along with opportunity, the IoT also presents new and emerging risks for technology companies. Should the technology fail to work as intended, a patient could be injured or sensitive personal health information may be exposed. Building in safeguards can help technology companies who produce IoT products, component parts and related software mitigate those risks.

1. Bodily injury. If an IoT device does not operate as planned, technology companies could be liable for resulting injuries, or even the death, of a user or patient. Companies who produce IoT technology should understand their exposure to bodily injury risk due to defective design, a manufacturing defect, product misuse or a failure to warn consumers about a potential danger related to the use of the product.

For example, if a doctor prescribes a pill with a swallowable chip to verify compliance for a patient with a memory impairment, and a flaw prevents the transmitter from sending compliance data to the physician, the doctor may not receive alerts that the patient is not taking the medication. If the patient’s condition worsens and the patient needs expensive surgery, the patient might sue the company that made the connected pill for failure to transmit compliance data in a timely fashion.

Medical IoT global technology risk advisor's series white paper.

The Risks of Healthcare IoT

Explore the opportunities and risks to companies who are developing IoT tech for the medical and healthcare industries.

2. Technology errors and omissions. The IoT technology may fail to work as intended due to an error, omission or negligent act in the design of the technology. If the purchaser sustains economic losses, such as lost profits or business disruption, they may file a liability claim. Defense expenses alone may be catastrophic to a technology business.

For example, if a health insurer offers an incentive to customers using a fitness tracker, and an error in the tracking software overstates the number of steps, then the company may give more discounts than it should. The insurance company may attribute the financial loss to incorrect step counts as a result of external fitness tracker manipulation.

3. Cyber risk. Thieves find protected medical information an attractive target for cyber attack and are breaking into IoT-based information systems. If that data is exposed, businesses might face financial losses, business interruption or reputational damage for failing to properly secure data held within their information systems.

For example, a company that makes wearable cardiac monitors could have medical readings uploaded to a cloud. If the engineers responsible for cloud security fail to properly configure a security patch, it could create a vulnerability. If hackers gain entry, they could then sell a patient’s sensitive health data.

Managing IoT Risks

Just as new applications continue to be discovered for medical IoT, so are new risks emerging. Companies can be held liable for bodily injury, economic losses to third parties and the failure to properly secure data. But technology companies can take steps to help protect against these three main categories of risk.

Here are actions to consider in minimizing exposure to these risks:

  • Evaluate and implement appropriate quality and risk management systems.
  • Build in cyber security.
  • Evaluate company contract practices.

It can also be helpful to discuss relevant insurance coverage with an agent or broker. Product liability coverage, errors and omissions liability coverage and cyber liability and cyber related first-party coverage can help protect against potential liability.

High-tech manufacturer looking through microscope.

Top Stories

How High-Tech Manufacturers Can Prepare for Global Risks

Operating internationally brings new business risks, from global product liability to supply chain interruption. Learn about global risk management.

Related Products & Services

Travelers offers insurance products and services that keep up with the quickly changing needs of technology companies.

More Prepare & Prevent

Preparing for the Risks of 3D Printing in Manufacturing

From property damage risks to intellectual property risks, learn four key risk categories for 3D printing that technology companies should understand.

Worker examining 3D printing object.

More Prepare & Prevent

5 Shadow IT Practices That Put Technology Companies at Risk

Shadow IT can leave the virtual door open to hackers and cyber thieves. Learn five common risks and how you can help avoid them.

Shadow IT practice of using a USB on a laptop.

More Prepare & Prevent

Managing Cyber Risk for Life Sciences Companies

Life sciences companies are a growing target for cybercriminals. Learn how to prevent an attack and protect your interests.

scientist in scrubs tending to a screen.