Healthcare is not only tied to the most basic human needs, it also is a lucrative industry. Its estimated worth is $3 trillion, and it produces and manages about 30 percent of all data.
But there is an array of issues with managing healthcare data. It's not so much about technology, but more about business models and regulation. Even in the most basic of healthcare data, Electronic Health Records (EHR), patients are mostly out of the loop, and data exchange across healthcare actors is problematic. Standards, regulations, and bodies, such as HIPAA and the 21st Century Cures Act, FHIR, and HRBA, do exist, but it seems they are not sufficient.
The consequences are unknown and potentially grim, especially considering events such as mergers and acquisitions, which means data may end up in odd places with zero user control. Does the promise of anonymization really hold, especially for something like Genomes?
Chereshnev believes the criticism is warranted:
"Reselling users' data is insanely wrong for many reasons. First, anonymization is a myth. There are technical tools that can help you to deanonymize practically any data feed with random ID's. All you need is several datasets from different sources.
Second, it's potentially deadly to some people. If a cyber-terrorist gets to know that President of country X has a deadly allergy to Y, or has a cybernetic insulin pump, he could kill with nothing but hacking tools. Right now, all the services selling private data of users are potentially compromising their cyber-identities and, in some cases, their lives."
Sharma also thinks that criticism of companies like 23andMe, which intend to leverage user data collected via Genome sequencing for undisclosed commercial purposes, is fully justified. He says their business model is no different than any of the other companies monetizing our data.
"The excuse is that they anonymize the data generated by us or our bodies so it's not Personally Identifiable Information (PII) that they are monetizing. This is a very weak argument given that, with today's technology, it does not take a lot of effort to make anonymous data identifiable. And even if it is PII, it's our body, it's our data.
What companies like 23andMe are doing is the modern-day version of what happened to Henrietta Lacks in 1951. Tissues taken from cancer victim Henrietta Lacks have made big profits for the drug companies, but today her surviving children can't afford health insurance.
There is a viable alternative that exists today, if we start by treating healthcare data as a digital asset. Whether it is tissue cells or genome or lab test results, it is information that can be encoded digitally and made into a digital asset.
The Blockchain provides a very good infrastructure for trading digital assets in a secure way, and tokenization of these digital assets in smart contracts can ensure that the owner of the digital asset is duly compensated for it. We don't believe a market for health records operating on the Blockchain should be regulated at all.
We as consumers should never consent to our data benefiting someone other than our own self; we should take control of our health records including our genetic code and let the market forces of supply and demand determine what they are worth."
Healthcare data management going forward: Is Blockchain the answer?
While it's clear there are many things wrong in healthcare data management, the way forward may not be as clear. What could be some core principles for managing healthcare data? The following seemed like a good starting point for discussion:
Encoding in a standardized format.
Encrypting in a zero-knowledge compliant way, regardless of where they are stored.
Managing with full user knowledge and consent for all intents and purposes.
Utilizing with a business model that gives patients a part of the value data unlocks back in some way.
We asked Chereshnev and Sharma to comment on those, to assess how much of this their solutions implement today, and to share their roadmap to address any gaps. We also asked them to describe a typical workflow for user who wants to get their data in and out of their platforms, and to be informed of how that data is used.
Chereshnev thinks data should not only be encrypted, but access should also be segmented and tailored:
"Data should have mandatory ID-tracks of entities that have access -- when, where and to what exactly. Blockchain actually could be very handy here.
I'd propose we work on a biz model where doctors, patients and insurance companies have totally new roles, based on mutual respect. This would create amazing opportunities.
Data is never in or out the Biolink.Tech wearable -- it's always in. The wearable gathers all the data on the user and stores it on the device and in a Blockchain storage. When a third party wants to see it, it sends a request to the user and gets to work on the device but then the third party leaves the device, and the data stays there.
The user can revoke the rights to access the data at all times. We use space-industry grade engineering to make sure that nobody has a copy of users' data. We'll be able to share more on this after April 20."
Sharma says that the Health Wizz mobile application provides all the necessary tools and technologies required to discover, download, and aggregate medical records from different sources such as hospitals, doctors' offices, medical, and genetic labs:
"Instead of storing data in centralized/shared databases on the user's behalf, Health Wizz lets people aggregate their health records on a data storage of their choice. We let individuals be the custodians of their own health records and enable the use of storage capabilities of today's smartphones as the data store of choice for personal health records.
Health data is inherently private to an individual and requires very strong security and privacy guarantees, so much so that an entire slew of regulations must be followed under the HIPAA in the USA, and the upcoming GDPR in the EU.
But health data also needs to be accessible at a moment's notice, such as during medical emergencies or for unexpected care needs. These requirements are best served with the user having control of her health data and storing her medical records in her private storage. Health records on smartphones or private storage are encrypted for security.
Once the individual aggregates her data from different sources, the mobile application needs to normalize and harmonize this data so that it can be accessed using standard APIs such as FHIR. This is work in progress as Health Wizz keeps pace with the evolving standard.
Our mobile application gives users the ability to organize and bundle health records so that they can be shared with the granularity users desire. The application enables users to share access to their bundles of medical records using smart contracts on the blockchain that have the following characteristics:
Health records are never placed on the blockchain. Only access keys to user's data store with granular permissions are exchanged as part of the smart contract.
Access keys embody permissions that specify which blocks of health data are to be traded, for what duration and at what price.
As soon as the contract requirements are fulfilled, the buyer of medical records gets access to the user's data and the user gets rewarded with Tokens. Once the contract expires, so does the access to the part of data that was previously granted.
User's identity is not disclosed on the blockchain nor are their medical records. Users don't have to trust a third party to settle the smart contract. It is a peer to peer transaction between the user and the party that the user wants to share her data with.
The seller of the data (the end user or clinical trial participant) is assured that they will be rewarded for sharing their health records and the buyer of the data (e.g. pharmaceutical company) can rest assured that they will get the data that they want for their research."
Will GDPR give individuals control of their healthcare data?
Last, but not least, with GDPR bound to kick in shortly, how does that affect entities that store healthcare data? GDPR mentions the notion of "explicit consent" for individuals, but how will that be interpreted? GDPR also grants the right to erasure and to restriction of processing, but how will they work in practice?
If someone asked for their data on May 26, would they be able to get them, and, if yes, in what medium/format?
Chereshnev thinks most service providers are probably not big fans of GDPR:
"Their business models are dependent on constant around the clock data gathering and total tracking. So, when asked to provide an ability to delete data -- first, they would make sure they keep a copy for scientific reasons even when a user asks to explicitly delete X, Y, and Z.
GDPR provides certain liberties to companies who prove they are using anonymized data purely for science. The trick is -- it's very easy to fake it. You can anonymize data, describe a scientific purpose and then make sure you have a way to deanonymize it when needed. I'm not saying companies will do this on a massive scale; I'm just saying it's possible.
But what is most important is that they would do it in a way that is absolutely hard for people to use. You can ask for all your data from Facebook today. They will send you millions of paper-sheets in return. They comply with the law, but they do everything so very few people actually use it.
Same goes for Google. You can download all your data, but this ability is incomplete (Google still has a copy of everything), and it cannot be automated. There are no APIs for developers to use to build services for data download. That's why Biolink.Tech has to find a workaround to provide people with this capability."
Sharma says Health Wizz does not store healthcare data:
"We expect users would prefer to store their health data on their personal store. Since all health data is under the direct control of the user on their phones, they have the ability to specify the granularity of the data they want to share and it would be included in the smart contract on the Blockchain.
The user can decide whether she wants to be anonymous when sharing her health information or not as part of the smart contract. The only information we have on the user is their general account information and none of their health data.
While we do not expect a lot of requests to leverage the right to erasure and to restriction of processing for general account information, if asked, we are prepared to respond. We would verify the identity of the person and make their general account information available to them electronically. We would also permanently delete their general account information if requested."
So, what to make of all this? Does the way forward really hang on the blockchain? To a great extent, the maladies plaguing healthcare data management reflect the asymmetry and centralization in business models.
As Melvin Conway famously noted back in the 60s, any organization that designs a system will inevitably produce a design whose structure is a copy of the organization's structure. Even though the Blockchain has certain properties that facilitate decentralization, working on decentralizing organizational structures may be just as effective.
This the approach the Midata Coop is taking, for example. Founded in Switzerland by medical domain experts, the Coop wants to give patients control over what happens with their data and expand in other countries, too. There's no Blockchain involved here, but security and control do not necessarily entail Blockchain.
Of course, Midata, just like Health Wizz and Biolink.Tech, don't have much of a track record to show for. These are not household names and familiar faces, and their technology may not be battle tested. So, the $3 trillion question may be reformulated like this: Would we rather stick to the devil we know, or give other options a chance?