U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

White Paper (Draft)

[Project Description] Mitigating Cybersecurity Risk in Telehealth Smart Home Integration: Cybersecurity for the Healthcare Sector

Date Published: August 2021
Comments Due: October 4, 2021 (public comment period is CLOSED)
Email Questions to: hit_nccoe@nist.gov


Nakia Grayson (NIST), Ronald Pulivarti (NIST), Bronwyn Hodges (MITRE), Kevin Littlefield (MITRE), Julie Snyder (MITRE), Sue Wang (MITRE), Ryan Williams (MITRE)


The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description for Mitigating Cybersecurity Risk in Telehealth Smart Home Integration. The publication of this project description begins a process to further identify project requirements, scope, and hardware and software components for use in a laboratory environment.

We want your feedback on this draft to help refine the project. The comment period is now open and will close on October 4th, 2021.

What is this Project About?

Telehealth technology and its use has advanced alongside the "Internet of Things (IoT)". Healthcare solutions may allow patients to use consumer-grade IoT devices to review their health information and interact with systems operated by a healthcare delivery organization (HDO). Individuals may use IoT devices to obtain lab results, schedule visitations with their care team, set reminders for appointments, or request prescription refills, for example.

IoT brings novel capabilities to consumers in their homes. However, with those capabilities, IoT compels technology adopters to re-think how they may need to secure their home environment and the networks with which their homes interconnect. This project will result in a practice guide that describes a reference architecture for smart home integration with healthcare systems as part of a telehealth program.

We Want to Hear from You!

Review the project description and submit comments online on or before October 4th, 2021. You can also help shape and contribute to this project by joining the NCCoE’s Healthcare Community of Interest. Send an email to hit_nccoe@nist.gov detailing your interest. We value and welcome your input and look forward to your comments.



application programming interface; API; application security; cybersecurity; data privacy; data privacy and security risks; health delivery organization; HDO; Internet of Things; IoT; smart home; telehealth
Control Families

Access Control; Configuration Management; Identification and Authentication; Risk Assessment


Draft Project Description

Supplemental Material:
Submit comments (web)
Project homepage (web)

Document History:
08/31/21: White Paper (Draft)