- 1. Estimated availability with multi-carrier redundancy; formal SLA in Enterprise plans.
Key features
Patient monitoring
Remote vital signs tracking and real-time alerts.
Medical wearables
Connectivity for watches, bands and continuous monitoring devices.
Smart dispensers
Medication control and treatment adherence alerts.
Medical equipment
Telematics for defibrillators, monitors and diagnostic equipment.
Telecare
Emergency buttons and location for elderly people.
Telemedicine
Reliable connectivity for remote consultations and diagnostics.
Use cases
Typical problems
- Loss of vital sign samples (ECG, SpO2, blood pressure) when the wearable hands over between cells and the modem is slow to reattach; in continuous monitoring a 30-second gap ruins the clinical trace.
- Health data flowing over the public Internet without segmentation: GDPR and Spain's RD 1090/2015 demand traceability and minimization, and a shared APN does not guarantee them on its own.
- Hospital devices (Philips IntelliVue, Mindray, Drager) that go offline during a clinical WiFi outage with no fallback path to the bedside server.
- Home wearables (Withings BPM Connect, iHealth, Masimo W1) shipped with the manufacturer's SIM that stop reporting when the patient moves or leaves the single operator's footprint.
- Telecare buttons (Tunstall, Doro, Vitalbase) that depend on 2G in regions where the network is being switched off: the device goes mute exactly when the elder needs it.
- EHR/HIS integration (HL7 FHIR, Mirth, OpenEHR) that fails when the endpoint does not receive device data within the expected window and the encounter ends incomplete.
Recommended architecture
- 1
Medical device with clinical-grade GSM module (Cinterion EHS6, Quectel BG95-M3, u-blox SARA-R5)
Ask the OEM for modules certified under MDR Class IIa or higher when the device is a regulated medical device. Home wearables can ship as Class I, but the modem must support LTE-M and NB-IoT to survive the 2G/3G sunset and to reach indoor patients (basements, care homes).
- 2
Multi-operator SIM with RSRP-based priority, not insertion order
The device probes Telefonica/Vodafone/Orange/Yoigo and stays on the strongest cell. This is critical in patient homes in poorly covered areas and in hospitals where clinical WiFi coexists with Faraday cages (MRI, surgery).
- 3
Private APN with IPsec/MPLS tunnel into the healthcare provider's VPC
Wearable traffic never touches the public Internet. The egress gateway sits inside the provider's GDPR/HIPAA perimeter, with centralized logging, encryption in transit (TLS 1.3) and at rest, and per-tenant logical separation.
- 4
Static IP for bedside gateways (Bluetooth/Zigbee concentrators)
The home concentrator that aggregates several BLE sensors needs to be reachable from the provider's NOC for diagnostics, OTA updates, and log pulls. Without a static IP you need a permanent reverse tunnel, which adds latency and another point of failure.
- 5
Management platform with per-tenant segmentation and usage alarms
Each hospital, care home, or insurer sees only its own SIMs. Alarms at 70/80/90% and a hard block at 100% prevent surprise bills when a device goes into a loop. Full audit trail of provisioning events for GDPR inspectors.
Indicative data plan
| Device | Typical monthly traffic | Recommended plan |
|---|---|---|
| Telecare button (alert + occasional voice) | 5-20 MB/month | Pay-as-you-go or 50 MB pack |
| Vital signs wearable (BP, glucose, SpO2) | 20-100 MB/month | 100-500 MB pack |
| Continuous Holter ECG (24-72 h) | 200 MB - 1 GB per study | 1 GB pack with long expiry |
| Multi-parameter hospital monitor (streaming) | 1-5 GB/month | Pooled data with private APN |
| Telemedicine cart (video consult + peripherals) | 5-20 GB/month | Pooled 4G/5G data |
Indicative figures. Telemedicine video and continuous ECG are the main consumers; everything else stays in the MB range. Request a sizing simulation with real pilot data.
When to use static IP
- Home concentrator (BLE/Zigbee gateway to 4G) that the healthcare provider's NOC must reach for support and OTA.
- Bedside medical equipment in a private clinic or care home that acts as a HIS gateway and is firmware-updated by the OEM.
- Clinical audit at the facility that requires per-IP traceability of every source writing to the EHR.
When to use private APN
- The service falls under GDPR + RD 1090/2015 and the security officer requires that health data never touch the public Internet.
- The end customer requires Spain's ENS, ISO 27799, or HIPAA certification to sell to hospitals or insurers.
- You need RFC1918 private addressing across thousands of wearables and a central platform, with IPsec or MPLS tunnel into the customer's data center.
- You will integrate with HIS/EHR over HL7 FHIR and the endpoint only accepts requests from the customer's VPC, not from public cloud.
Compatible devices
Withings BPM Connect / Body Pro
Clinical-grade blood pressure monitor and scale with optional cellular connectivity. Measures BP, weight, and impedance; uploads to the OEM cloud or a custom endpoint.
iHealth Track / Align
Connected BP monitor and glucometer widely used in remote patient monitoring (RPM) programs in the US and Europe. LTE-M support on newer SKUs.
Masimo W1 / Rad-G
Hospital-grade pulse oximeter with continuous SpO2, heart, and respiratory rate monitoring. Bluetooth to a 4G/LTE-M gateway.
Philips IntelliVue MX/X-series
Hospital multi-parameter monitor with ECG, invasive pressure, and anesthetic gas modules. Connectivity over Ethernet or clinical WiFi, cellular fallback via gateway.
Mindray BeneVision N-series
ICU/OR monitor with telemetry to the central nursing station. New deployments connect via 4G gateway to avoid sole dependence on clinical WiFi.
Tunstall Lifeline / Doro Secure
Telecare button and watch for the elderly. 2G to LTE-M / NB-IoT migration ongoing due to the 2G sunset; verify the modem before deployment.
Frequently asked questions
- Is it legal to store and transmit health data over an IoT SIM in Spain?
- Yes, as long as you comply with GDPR (legal basis, minimization, processor agreement) and Law 41/2002 on patient autonomy. Medical devices are also subject to RD 1090/2015 and Regulation (EU) 2017/745 (MDR). Selling to public hospitals usually requires ENS medium or high level. The SIM itself is not PHI, but the data path is — that is why most operators run on a private APN.
- Does HIPAA apply if I run telemedicine from Spain?
- Only if you process data of US residents or work with a US covered entity. For the European market the main framework is GDPR + MDR. If you sell on both sides of the Atlantic, a private APN with end-to-end encryption covers both jurisdictions, but the processes (BAA under HIPAA, processor agreement under GDPR) are different and must be documented separately.
- What latency can I expect for vital sign streaming?
- Over 4G in good conditions, 50-150 ms RTT from device to platform. Over LTE-M, 200-500 ms. Over NB-IoT, 1-10 seconds. For real-time ECG pick LTE Cat-1 or Cat-4. NB-IoT is fine for low-frequency telemetry (BP every 15 min, glucose, weight) but not for continuous streaming.
- What do I do with my 2G telecare devices when Spain shuts down the network?
- Telefonica targets 2G shutdown around 2030, with Vodafone and Orange on the same calendar. If your fleet is 2G, plan migration to LTE-M (which covers indoors better than classic 4G and uses less battery) over a 3-5 year window. Some OEMs offer modem retrofits; others require device swap-out.
- How do I guarantee continuity if the patient moves or travels abroad?
- A multi-operator SIM with automatic switching across Telefonica/Vodafone/Orange handles moves within Spain. For traveling patients, a SIM with EU roaming and a multi-IMSI international plan keeps reporting without surcharges. Log the change in the platform so you preserve clinical traceability.
- What happens if a wearable runs out of battery or coverage for several hours?
- The device must buffer samples locally (most medical wearables hold 24-48 h of data) and replay them in bulk on reconnection. Your backend must accept retroactive samples with the original timestamp. If your protocol (FHIR, HL7) does not handle retroactivity, fix the ingestor before deployment.
- Static IP per wearable or only for gateways?
- Gateways only. Static IPs per wearable are expensive and operationally pointless: wearables push data outbound to your platform. Static IPs add value on home concentrators or bedside equipment where the NOC needs to connect inbound.
Pre-deployment checklist
- 1Device inventory by model, GSM module, CE/MDR certification, SIM format, and supported bands (especially B20 for indoor).
- 2Data Protection Impact Assessment (DPIA) signed before the pilot, covering the wearable -> APN -> platform -> HIS data flow.
- 3Processor agreement with the operator (GDPR art. 28), including sub-processors (cloud, support) and international transfer regime.
- 4Private vs public APN decision documented with the customer's data protection officer.
- 5Static IP only for gateways/concentrators; individual wearables without static IP.
- 6Indoor coverage plan verified in real homes and care facilities (B20 700 MHz for basement penetration).
- 7Device-side data retention and erasure policy aligned with GDPR; OTA audit trail and signed firmware.
- 8Incident playbook: coverage loss > 5 min, low battery, stolen device, transmission error to HIS.
- 92G/3G fleet migration plan to LTE-M/NB-IoT with end-of-life dates per country.
- 104-8 week pilot with 10-20 devices in real conditions before full rollout.
Need a printable version? See the pre-deployment guide.
Have a project in mind?
Tell us your use case and we'll help you find the best connectivity solution.