IoT Security Reference Architecture for the Healthcare Industry - 05 Jun 2019

One of a series of architecture and policy proposal documents, this paper provides an IoT security reference architecture for the healthcare industry. Based on well-known security principles and best practices, the paper develops four use cases and reference architectures to explore how to adopt security best practices in a healthcare ecosystem.

This document is not aimed at doctors or healthcare professionals. However, it is aimed at a wide audience including CxOs and IoT purchasers, IT departments, developers and OEM product management.

This architecture focuses on IoT devices and solutions implemented and managed a healthcare environment. The document first explores four IoT use cases:

  • Fixed use case
  • Portable local use case
  • Portable loaned use case
  • Personal device use case

It also presents reference architectures and highlights security considerations:

  • Bounded Network with high integrity zone
  • Boundaryless network
  • Hybrid with different network technologies
  • General security considerations for health-related IoT devices and platforms

The IoT Security Foundation security architecture series intends to:

  • Reduce/manage complexity of IoT systems by simplifying implementation options
  • Demonstrate what a good security regime looks like, by example
  • Demonstrate how to support security in IoT for health with minimal reliance on healthcare professionals and patients
  • Explain the benefits of a hub-based approach including achieving security goals, maintaining system hygiene and resilience, managing extensions and life-cycle provisioning
  • Help foster growth and demand in the healthcare IoT marketplace and promote a security mindset for better-informed procurement decisions
Download this report

This report is available as a free download from this website.


  • Publisher: IoTSF
  • File Type: PDF
  • Page Count: 49
  • File Size: 2.2 MB