The proliferation of chronic diseases and the limitations of conventional hospital-centric care have intensified global demand for accessible and secure remote health monitoring solutions. This paper presents the design, implementation, and evaluation of a low-cost, Internet of Things (IoT)-based health monitoring system capable of continuously measuring heart rate and peripheral oxygen saturation (SpO?) using the MAX30102 pulse oximeter sensor. The system is built around an ESP8266 NodeMCU microcontroller, which performs onboard data acquisition and applies Advanced Encryption Standard (AES-128) encryption to all sensor readings prior to transmission, thereby enforcing data security at the edge. The encrypted data is relayed over a Wi-Fi link to a Google Firebase Realtime Database via HTTPS, ensuring both transport-layer and application-layer protection. A Pythonbased interactive dashboard constructed with the Streamlit framework provides authorized users with real-time visualization of decrypted vital signs alongside historical trend analysis. An automated threshold-based alerting mechanism further enhances clinical utility by dispatching notifications when readings deviate from predefined normal ranges. Functional testing confirmed the successful end-to-end operation of every system component, while performance evaluation recorded an average data-to-display latency of 2–4 seconds over a standard home Wi-Fi network. Informal usability assessments conducted with non-technical participants validated the accessibility and clarity of the dashboard interface. The proposed system demonstrates that robust data security and real-time physiological monitoring can be achieved simultaneously within a highly affordable hardware framework, offering significant potential for home care, remote patient monitoring, and scalable telehealth deployments.
Introduction
This paper presents a secure and low-cost IoT-based Remote Patient Monitoring (RPM) system designed for continuous health tracking outside hospitals. Traditional healthcare models often fail to provide timely monitoring for chronic diseases and emergency conditions, creating a need for real-time, patient-centric healthcare solutions. The proposed system addresses this challenge by using affordable hardware components, including the ESP8266 NodeMCU, MAX30102 pulse oximeter, and DHT11 sensor, to continuously monitor vital signs such as heart rate, blood oxygen saturation (SpO?), temperature, and humidity.
A key contribution of the system is its focus on data security. Unlike many existing IoT health monitoring solutions that transmit data in plaintext, the proposed architecture implements AES-128 encryption directly on the microcontroller before wireless transmission. Encrypted data is sent through HTTPS to Google Firebase Realtime Database, ensuring both application-layer and transport-layer security. A Streamlit-based dashboard retrieves, decrypts, and visualizes the data in real time while generating alerts when abnormal health conditions are detected.
The architecture consists of four layers: sensing, edge processing, cloud storage, and application visualization. Sensor readings are collected every five seconds, encrypted, encoded, and uploaded to Firebase. The dashboard displays real-time metrics, historical trends, and automated notifications using services such as Twilio or SendGrid.
Experimental evaluation confirmed the successful operation of all system modules, including sensor data acquisition, AES encryption/decryption, cloud communication, real-time visualization, and alert generation. Results demonstrated reliable performance, secure data transmission, low implementation cost, and user-friendly accessibility. Overall, the proposed system provides an effective, scalable, and secure solution for remote healthcare monitoring, making continuous patient observation more accessible and affordable while protecting sensitive medical information.
Conclusion
This paper has presented the design, implementation, and evaluation of a low-cost, secure, and real-time IoT-based health monitoring system built around the MAX30102 pulse oximeter sensor, the ESP8266 NodeMCU microcontroller, Google Firebase Realtime Database, and the Streamlit visualization framework. The system\'s defining architectural contribution is the implementation of AES-128 encryption at the sensing edge, ensuring that sensitive physiological data—specifically heart rate and blood oxygen saturation—is protected from the moment of acquisition throughout its storage and transmission lifecycle. This application-layer encryption, combined with TLS-secured transport and Firebase access control, provides a multi-layered security posture that meaningfully exceeds the protections afforded by most comparable systems documented in the academic literature.
Comprehensive functional evaluation confirmed that all specified system behaviors operate correctly from end to end. Performance testing demonstrated that the system achieves an average data-to-dashboard latency of 2–4 seconds, which is well within clinically acceptable bounds for non-acute remote monitoring applications. Informal usability assessment with non-technical participants validated the accessibility and clarity of the dashboard interface. The prototype demonstrates convincingly that robust security and real-time health monitoring can be achieved simultaneously within an economically accessible hardware framework. The authors assert that the proposed system represents a meaningful contribution toward making trustworthy, continuous health monitoring accessible to a broader global population, and that the documented architecture provides a sound foundation for further development toward clinical-grade remote patient monitoring solutions.
References
[1] A. Sajadieh, O. W. Nielsen, V. Rasmussen, H. O. Hein, S. Abedini, and J. F. Hansen, \"Increased heart rate and reduced heart-rate variability are associated with subclinical inflammation in middle-aged and elderly subjects with no apparent heart disease,\" European Heart Journal, vol. 25, no. 5, pp. 363–370, 2004.
[2] M. M. Islam, A. Rahaman, and M. R. Islam, \"Development of smart healthcare monitoring system in IoT environment,\" SN Computer Science, vol. 1, no. 3, p. 185, 2020.
[3] S. B. Baker, W. Xiang, and I. Atkinson, \"Internet of Things for smart healthcare: technologies, challenges, and opportunities,\" IEEE Access, vol. 5, pp. 26521–26544, 2017.
[4] A. I. Siam, M. A. Almaiah, A. Al-Zahrani, A. Abou Elazm, G. M. El Banby, W. El-Shafai, F. E. Abd El-Samie, and N. A. El-Bahnasawy, \"Secure health monitoring communication systems based on IoT and cloud computing for medical emergency applications,\" Computational Intelligence and Neuroscience, vol. 2021, Article ID 8016525, 2021.
[5] M. M. Ali, S. Haxha, M. M. Alam, C. Nwibor, and M. Sakel, \"Design of internet of things (IoT) and androidbased low cost health monitoring embedded system wearable sensor for measuring SpO2, heart rate and body temperature simultaneously,\" Wireless Personal Communications, vol. 111, no. 4, pp. 2449–2463, 2020.
[6] Maxim Integrated, \"MAX30102 High-Sensitivity Pulse Oximeter and Heart-Rate Sensor for Wearable Health,\" Datasheet, 2018. [Online]. Available: https://datasheets.maximintegrated.com/en/ds/MAX30102.pdf
[7] J. Daemen and V. Rijmen, The Design of Rijndael: AES — The Advanced Encryption Standard. Berlin, Germany: Springer-Verlag, 2002.
[8] NodeMCU Development Team, \"NodeMCU Documentation,\" 2021. [Online]. Available: https://nodemcu.readthedocs.io/
[9] Google, \"Firebase Realtime Database Documentation,\" 2024. [Online]. Available: https://firebase.google.com/docs/database
[10] Streamlit Inc., \"Streamlit Documentation,\" 2024. [Online]. Available: https://docs.streamlit.io/
[11] M. A. Almaiah, A. Al-Zahrani, O. Almomani, and A. K. Alhwaitat, \"Classification of cyber security threats on mobile devices and applications,\" Studies in Big Data, pp. 107–123, 2021.
[12] Y. A. Qadri, A. Nauman, Y. B. Zikria, A. V. Vasilakos, and S. W. Kim, \"The future of healthcare internet of things: a survey of emerging technologies,\" IEEE Communications Surveys & Tutorials, vol. 22, no. 2, pp. 1121– 1167, 2020.
[13] S. Tuli, N. Basumatary, S. S. Gill et al., \"HealthFog: an ensemble deep learning-based smart healthcare system for automatic diagnosis of heart diseases in integrated IoT and fog computing environments,\" Future Generation Computer Systems, vol. 104, pp. 187–200, 2020.
[14] C. Esposito, A. De Santis, G. Tortora, H. Chang, and K.-K. R. Choo, \"Blockchain: a panacea for healthcare cloud-based data security and privacy?\" IEEE Cloud Computing, vol. 5, no. 1, pp. 31–37, 2018.
[15] National Institute of Standards and Technology, \"Announcing the Advanced Encryption Standard (AES),\" FIPS Publication 197, Nov. 2001.