Secure and Simple: Designing Home Health Devices for Real-World Use

Home health technology is transforming care, extending monitoring, treatment and support beyond hospital walls. But as medical devices become more connected, the need to protect them from cyber threats is rising fast. The real challenge? Making sure those protections don’t get in the way of the people who rely on them. 

When Medical Device Cybersecurity Gets in the Way of Care 

In a clinical setting, trained staff can navigate complex security protocols with ease. But at home, it’s a different story. Devices are used by patients and caregivers with varying levels of technical skill, often under stressful or unfamiliar conditions. And unlike hospital environments, there’s no IT team on call when something goes wrong. 

That’s why medical device usability and cybersecurity can’t be treated as separate concerns. Security features (like password protection, software updates, device pairing and threat alerts) depend on users doing something right. When those actions are too confusing, too time-consuming or poorly explained, people take shortcuts: They skip updates. They disable alerts. They write passwords on sticky notes. And in some cases, they stop using the device altogether. 

In these moments, a usability failure becomes a security failure. And in home health tech, that failure can put patient safety, data privacy and trust at risk. Common points of friction include: 

These challenges reflect a core reality of home-based care: if security features are difficult to understand or use, people will make decisions that compromise both data protection and patient safety. In connected medical devices, design missteps aren’t just inconvenient; they can erode trust, interrupt care and leave patients vulnerable at their most critical moments. 

An Integrated Approach to Medical Device Security and Usability 

The most effective way to prevent security–usability conflicts is to treat them as a single, shared design challenge from day one. When cybersecurity is embedded into the usability engineering process—rather than layered on top—it’s possible to create devices that are both well protected and easy to operate, even in high-stress or low-tech environments. 

1. Start with real users. 

Usability and security decisions should be informed by the people who will actually use the device. Early formative studies involving patients, caregivers and clinicians help uncover how users interpret and interact with security features like logins, updates and wireless connectivity. These insights often reveal friction points that engineers and designers would never catch on their own (and they’re much easier to resolve before the design is finalized). 

2. Iterate early and often. 

Initial feedback should guide refinements in both security design and user interface. Something as simple as the order of prompts or the wording of an alert can make the difference between a smooth experience and a serious user error. With each design cycle, the product becomes stronger, more resilient against cyber threats and more intuitive for the people relying on it every day. 

3. Analyze use-related risks. 

Cybersecurity controls can introduce new risks if they aren’t evaluated through a usability lens. A forgotten password might result in missed doses; a failed update could halt critical functions. Proactive risk analysis helps teams identify these scenarios and implement mitigations such as guided error recovery, backup access methods or workflows that prevent harmful user actions. 

4. Communicate clearly. 

No matter how well a feature is designed, users still need to understand what’s happening and what they’re expected to do. That means translating technical security processes into clear, actionable instructions—on screen, in the manual and wherever the user might need support. Effective labeling and visual cues help guide behavior, reduce errors and build confidence. 

5. Validate in the real world. 

Before launch, manufacturers must demonstrate that representative users can safely and reliably perform key tasks, including those involving cybersecurity. Usability validation testing should simulate real-world conditions and evaluate interactions like entering credentials, responding to alerts or applying updates. If security features cause confusion or hesitation during testing, they’re unlikely to succeed in the field. 

6. Keep improving after launch. 

Security and usability aren’t static. Once a device is in the hands of users, postmarket monitoring becomes essential. Tracking use-related errors, security incidents and user feedback provides the insight needed to improve future updates, documentation and design, ultimately ensuring the device remains safe, trusted and effective throughout its lifecycle. 

Designing for Regulatory Compliance (and Real Life) 

As connected medical devices become more essential to home-based care, the ability to design for both cybersecurity and usability is both a competitive advantage and a necessity. Patients and caregivers need devices they can operate confidently. Regulators expect manufacturers to demonstrate safety and security across the product lifecycle. And the entire system depends on trust: in the device, in the data and in the design itself. 

At Battelle, we bring deep expertise in both human-centered design and medical device cybersecurity to help our clients meet these demands. Our multidisciplinary teams combine human factors engineers, cybersecurity specialists and regulatory experts to take an integrated approach from the earliest design phases through validation and beyond. We can conduct usability studies specifically focused on security features (such as authentication workflows, update processes and wireless connections) to evaluate how real users interact with protective controls in real-world settings. 

From there, we help manufacturers refine their device design and software to reduce risk, improve the user experience and ensure alignment with FDA cybersecurity guidance and NIST standards. Whether you’re developing a new product or adapting an existing one for the home health market, we’ll work with you to build protections that are robust, intuitive and ready for regulatory review. 

Connect with a Battelle medical device expert.