Cyber Considerations for Assistive Technology

Photo by Anna Shvets on


Organisational inclusion of individuals requiring assistive technology potentially incurs and assumes cyber risks for both parties. Care and consideration must be taken to protect the assistive technology user and the integrating organisation’s environment.


In November 2020, a patient died whilst their hospital was in the throes of ransomware, sparking investigation into negligent homicide against the cyber criminals. Police since ruled the delay being irrelevant in the individual’s death, though it raises questions: what impacts could cyber threats have for patients entrusting care to internal or external devices? With greater connectivity integrated into devices for use by those with disability, what risks are they assuming into their personal lives? By integrating a person using those devices into an organisation’s environment, what risks might be incurred?

When looking at inclusion from a cyber perspective, disability and assistive technology are often overlooked. Whilst a few studies address the overarching themes and challenges faced from the users of assistive tech, cyber is absent. Going beyond the challenges of integrating these devices into the normal work milieu, we need to start talking about cyber risks and considerations on both sides – to the user from integrating devices with a business’s network, and to the business considerations of what’s being introduced into the environment. No doubt organisations need the minds and efforts of individuals who use assistive technology, but to create an equitable opportunity for their inclusion, we need to honestly find what risks are brought and assumed for both parties.

This post is merely an introduction to the topic, mindful of the potentially delicate nature. Future posts will delve into assistive tech and potential cyber concerns related to these categories of disabilities, mindful that not all will pose the same risks and indeed not all will be risky at all as they may be standalone, non-networked tech:

  1. Biological requirements
  2. Vision
  3. Hearing
  4. Physical/motor
  5. Learning
  6. Communication

Each of these areas has many different devices, apps etc involved. The idea is not to look at each one, but the composite of what is used and what risks are present. I fully expect to be corrected, and will be happy to put many of these to rest.