Healthcare systems are accelerating adoption of artificial intelligence and connected medical devices, and leadership teams must ensure that innovation strengthens outcomes without increasing exposure to harm. At New York Technology Innovation, Florence Hudson, Executive Director of the Northeast Big Data Innovation Hub at Columbia University and founder of FD Hint, LLC, presented TIPPS as a design discipline that protects people, data, devices, and institutions while enabling the interoperability required for modern care.

The Convergence of Promise and Peril

Hudson opened with a core observation that reflects the reality facing healthcare executives and technology leaders. Advanced technologies can harness and analyze vast amounts of data to enable precision medicine and improve outcomes, and the same innovations introduce new vulnerabilities. The proliferation of connected devices including implanted cardiac monitors, insulin pumps, patient monitoring systems, and mobile health applications expands the attack surface available to malicious actors.

Hudson drew on her background as an aerospace engineer and former IBM executive to connect healthcare risk to lessons from other cyber physical systems. Digital twin technology has long supported aviation and automotive engineering, and the same concept is now being applied to humans. Virtual human twins can enable simulation driven precision medicine, and they also become attractive targets because compromised models can influence real world decisions.

Any medical device connected to a communications network, like Wi Fi or public or home internet, may have cybersecurity vulnerabilities that could be exploited by unauthorized users.

Dr. Suzanne Schwartz, Director, Office of Strategic Partnerships and Technology Innovation, U.S. Food and Drug Administration

A History of Vulnerabilities

Hudson outlined a timeline of cybersecurity vulnerabilities in healthcare that underscores the urgency of a stronger operating model. The U.S. Food and Drug Administration identified software vulnerabilities in personal medical devices in 2008. In 2017, the agency recalled 465,000 pacemakers due to cyber hacking concerns. In 2018, voluntary recalls covered certain internet connected programmers for implanted cardiac devices and certain insulin pumps. More recently, alerts have highlighted patient monitor vulnerabilities that can enable remote code execution and data exfiltration.

These incidents represent more than technical breakdowns because compromised devices can create immediate harm. Hudson noted that hacking an implanted medical device can directly endanger a patient. The scope extends to connected hospitals, campuses, cities, and vehicles, and it also includes the integrity of clinical and research data that informs medical decision making.

Introducing TIPPS

Hudson defined TIPPS as an acronym for trust, identity, privacy, protection, safety, and security. She described TIPPS as a new cybersecurity paradigm developed with IEEE and Underwriters Laboratories that began as a standards effort in 2019 and was published in 2024. Hudson said the work received an IEEE Emerging Technology Award and is now being extended to additional domains.

Hudson framed each element of TIPPS in operational terms that connect directly to healthcare responsibility.

• Trust allowing only designated people and services to have device or data access.
• Identity validating the identity of people, services, and things so access decisions are reliable.
• Privacy ensuring device, personal, and sensitive data remains private.
• Protection safeguarding devices and users from physical, digital, financial, and reputational harm.
• Safety maintaining the safety of devices, infrastructure, and people.
• Security maintaining security across devices, data flows, and services.

Hudson emphasized the global relevance of this work, noting participation from more than 300 contributors across 33 countries and six continents. Hudson connected this engagement to the need for a consistent umbrella approach because connected medical devices travel with patients and must remain secure across geographies.

Defense in Depth and Design Discipline

Hudson described a defense in depth approach that addresses security at multiple levels including hardware, firmware, software, and service. The strategy reflects the reality that vulnerabilities can emerge at any layer of a connected system and that durable protection depends on coordinated controls that operate across the full stack.

Hudson also highlighted the range of motivations that drive attacks on healthcare systems. Financial incentives such as ransomware remain a central risk, and political, personal, and institutional motivations can also shape malicious behavior. Hudson stressed that artificial intelligence can strengthen defense capabilities while introducing additional risks when it is used by adversaries or when AI components become new points of vulnerability.

Hudson summarized the operating posture with ABS, which stands for Always Be Suspicious.

Virtual Human Twins and High Value Assets

Hudson extended the security discussion to virtual human twins, an evolution of digital twins that have been used for decades in aerospace and automotive engineering. Hudson described virtual human twins as digital replicas of real humans that can support precision medicine, precision oncology, and personalized care. Hudson emphasized that compromised inputs, data, models, or research can create wrong recommendations that affect real clinical decisions, making the protection of these assets a leadership priority.

Beyond Healthcare and a Roadmap for Expansion

Hudson described how TIPPS is being extended beyond connected healthcare into additional domains. A TIPPS Roadmap task group is developing new TIPPS related standards that include AI based coaching for healthcare security education, remote subject monitoring for clinical trials, and protections for virtual human twins. Hudson also described work to apply TIPPS to distributed energy resources in the smart grid through collaboration with the IEEE Power and Energy Society, and to research infrastructure design including a U.S. Department of Energy project at Brookhaven National Laboratory.

Hudson noted that she will discuss broader smart cities applications on a panel at the Consumer Electronics Show on January 8, 2026.

Building Collaborative Infrastructure Through Commons and Networks

Hudson framed collaboration infrastructure as a strategic accelerant for both innovation and safety. The Northeast Big Data Innovation Hub at Columbia University serves as a convener and catalyst for open education, programming, innovation, and collaboration. Hudson said the Hub is funded by the U.S. National Science Foundation, the Department of Transportation Federal Highway Administration, the National Institutes of Health, and DARPA, and she said the Hub community includes more than 25,000 individuals across more than 2,000 academic, industry, nonprofit, and government institutions.

Hudson described the COVID Information Commons as a model for open discovery and collaboration. She said the portal was created at the request of the National Science Foundation in 2020 to help researchers find government funded COVID related projects and collaborate. Hudson said the resource grew from 32 awards early in the pandemic to more than 14,000 research grants, supported by webinars, topical working groups, and a video library.

Hudson argued that similar information commons can support emerging domains such as virtual human twins by enabling discovery, knowledge sharing, and community development, while creating a foundation for responsible AI applications that depend on data interoperability.

Open Knowledge Networks and Interoperable Intelligence

Hudson also highlighted the Prototype Open Knowledge Network, a National Science Foundation program launched in 2023. Hudson described open knowledge networks as publicly accessible systems of interconnected data repositories and knowledge graphs designed to support data driven, AI powered solutions for societal and economic challenges. Hudson noted collaboration that includes NASA, the National Institutes of Health, the National Institute of Justice, NOAA, and the U.S. Geological Survey.

Hudson pointed to bio and health use cases that include BioBricks and SPOKE, which she described as the Scalable Precision Medicine Open Knowledge Engine. Hudson noted that SPOKE connects data that includes genetics, electronic health records, drug discovery, large language models, precision data, and prescriptions, and she described how exposure contexts such as isolation, constrained mobility, limited fresh food, and bone health in space can inform understanding of determinants of health on Earth.

Strategic Imperatives for Healthcare Leaders

Hudson closed with recommendations that translate directly into leadership priorities. Organizations can apply TIPPS to strengthen trust, identity, privacy, protection, safety, and security across data, devices, humans, research, and institutions with AI enablement. Leaders can also build or participate in AI enabled virtual human twins open knowledge networks that include information commons portals and communities designed for interoperability, discovery, and collaboration.

Hudson noted that a TIPPS maturity model is being developed to help organizations assess current posture and build an improvement roadmap. Hudson also invited stakeholders to participate in ongoing work through the TIPPS initiative.

Designing Security from the Ground Up

Hudson’s message balanced urgency with a practical path forward. The convergence of artificial intelligence, big data, and connected devices can materially improve outcomes, and the same convergence can expand the probability and the impact of cyber incidents. TIPPS positions cybersecurity as a human safety discipline, and it reinforces that trust must be built through design, standards, and shared operating practices rather than patched into systems after deployment.

Hudson concluded by encouraging leaders to view TIPPS as a framework that extends across cyber physical systems. That perspective fits a world where digital compromise can create physical harm, and where resilient healthcare depends on secure interoperability that clinicians, patients, and researchers can trust.

About the Speaker

Florence Hudson serves as Executive Director of the Northeast Big Data Innovation Hub at Columbia University and is the founder and CEO of FD Hint, LLC. Hudson is Vice Chair of the IEEE Engineering, Medicine, and Biology Society Standards Committee. Hudson described her background as an aerospace engineer by training and referenced prior executive roles at IBM, including a period as a VP of Marketing.

About New York Technology Innovation

New York Technology Innovation convenes leaders across technology, business, and innovation to examine emerging trends shaping industry and society. The platform brings executives, entrepreneurs, researchers, and policymakers into a shared environment for applied insight and responsible progress.

Further Resources

• TIPPS Initiative nebigdatahub.org/tips
• Northeast Big Data Innovation Hub nebigdatahub.org
• COVID Information Commons covidinfocommons.org
• Prototype Open Knowledge Network protokn.net
• IEEE TIPPS standard publications and related books referenced by Hudson are available through IEEE and Springer Nature.