May 7, 2018 in Healthcare Analytics
Data privacy and health information
Can blockchain solve concerns over the exchange of sensitive information?
SHARE: PRINT ARTICLE:
https://doi.org/10.1287/LYTX.2018.03.09
April saw a major development in the data privacy world. Social media giant Facebook admitted that a rogue analytics company named Cambridge Analytica got a hold of detailed data on up to 87 million Americans, which was allegedly used to deliver custom messaging to groups of voters in the country to sway their opinions toward voting for a certain candidate. Multiple U.S. intelligence agencies maintain that a foreign nation deliberately weaponized Facebook by accessing targeted psychological profiles of millions of Facebook users. This has allegedly happened in the United Kingdom as well.
Some pundits argue that Facebook has become a platform for spreading fake news to targeted populations, which can create political unrest or even threaten democracy. Data and analytics suddenly found themselves on the wrong side of this debate. Like any technology, there is a darker side of accumulating vast amount of data about people in one platform, and the Facebook fiasco is a testament to that. The key questions now are revolving around how the data are stored, shared, sold, accessed by whom and for what purpose. In the Internet 2.0 era we were told for a long time that “privacy is dead.” Suddenly we woke up saying “long live privacy.”
Technology Outpacing Regulations and Ethical Debates
Technology is progressing at an exponential pace, and laws, regulations and ethical debates are not able to keep up. Take, for example, data-driven artificial intelligence (AI). While we have begun to see some limited ethical debates among the technology elites in the country such as Elon Musk and Mark Zuckerberg regarding whether AI is a boon or bane to the modern society, AI technology is progressing by leaps and bounds every day. Industries including healthcare are adopting AI in various areas, albeit the technology is still not mature enough to produce human-like behavior. Autonomous vehicle (AV) research and development is moving forward with lightning speed, while AV-related laws and regulations are still emerging. Data and algorithms pervade the imaging discipline within healthcare such as radiology. Deep neural networks and the Convolutional Neural Network can now detect abnormality in radiology images with human-like precision. Radiology powered by AI will soon become the new normal. This will increase the speed of image analysis and accuracy of disease diagnosis.
But Facebook’s public relations fiasco has brought the issue of data privacy front and center. The healthcare industry has always been vocal about patient data privacy. Many organizations took that to the extreme, hurting team-based care and pushing data interoperability to extinction. Physicians longed for a longitudinal view of patients’ health but couldn’t see any data beyond their organizational silos.
Privacy and interoperability have been at odds with each other since the very beginning of healthcare data digitization. Only after the Office of the National Coordinator of Health IT (ONC) made meaningful use of electronic health records (EHR) mandatory, which with a carrot and a stick included support for interoperability, did we see healthcare data liquidity happening between organizations. Still, it is nowhere near where it needs to be. Data privacy concerns are still a cog in the wheel.
Patient consent to share their data electronically is required today to ensure healthcare data flows between organizations for care delivery or healthcare operations. The burden of consent management is higher when sensitive information such as HIV status or narcotic substance use disorder (SUD) information are involved. Like Facebook, many health systems are now moving toward explicit “opt-out” models where patient data will be shared between care providers for care delivery by default unless patients explicitly choose to opt out of that arrangement. After the Facebook fiasco I am wondering if some data privacy advocates will call that into question.

The healthcare industry has always been vocal about patient data privacy. Photo Courtesy of ThinkStock.com
Data Privacy and Healthcare
Like the Facebook and Cambridge Analytica situation, patient advocates are worried about what seamless data sharing between different stakeholders, payers and providers would mean for patients. What would an insurance company do if it knows everything about a patient during an upcoming insurance plan renewal? If the data are not so favorable for them, will they increase patient’s insurance costs high enough so that it becomes unaffordable for the patient? Will they deny insurance to the patient? The Affordable Care Act, or Obamacare, tried to find a legislative answer to protect patients’ rights to have insurance, but the current Congress and White House fought against that and weakened the legal structure somewhat. What happens now? Should patients have control over what healthcare data they share and with whom?
These and many similar questions were raised before. But with data becoming more pervasive, algorithms becoming easily available, and billions of dollars on the table, the question of patient privacy is on high alert. How can data be easily shared for care delivery without the breach of patients’ trust?
Blockchain for Healthcare Data Interoperability
Blockchain has arrived to address the question on trust and security. After the cryptocurrency world introduced blockchain for middleman-free transactions, the traditional finance industry has begun to embrace the “distributed ledger” technology. Bank of America recently touted that it is the leader in blockchain patents, leaving IBM in second place. Blockchain is just now edging into the healthcare industry, which traditionally remained a slow adopter of technology. However, many use cases are emerging for health insurance companies, as well as pharmaceutical giants, to consider blockchain.
Interestingly, outside of the United States, blockchain has made progress in healthcare, although the details are unclear. Fifteen life insurance companies in India recently started building a private blockchain using IBM as their technology partner.
We are embarking on an era where care for one’s health will not be managed with the medical data alone. With the rise in health inequities, the mismatch in demand and supply of behavioral healthcare, the emergence of low-cost genome sequencing and an increase of the chronic disease burden globally, a coordinated effort of various medical, behavioral and social care entities will become a necessity. Freely sharing data among all those care team members in different organizations will not be easy as different regulations control sharing of different data sets.
Blockchain, albeit immature, is emerging as a technology platform to aggregate such data. In 2016, MIT Media Lab and Beth Israel Deaconess Medical Center implemented an early version of a private healthcare blockchain as a proof of a concept called MedRec 1.0. The lessons learned from that exercise have been applied to develop MedRec 2.0, which the developer group is planning to open source soon. In my next column I will elaborate more on this topic.
Plenty of hype surrounds blockchain in the marketplace at the moment. As happens with any technology in the marketplace, we are possibly overestimating its potential in the beginning and underestimating its impact in the long run. Many use cases are floating around, but I am convinced one of the biggest opportunities in front of us is to use this technology to overcome the barriers of healthcare data exchange while avoiding the breakdown of trust between organizations and consumers such as what happened in the Facebook case. Facebook may ultimately be able to recover from this, but we surely can’t afford a fiasco like that in the U.S. healthcare industry. We have too much at stake.
Rajib Ghosh is the founder and CEO of Health Roads, LLC, a consulting company for enabling digital transformation in healthcare organizations. He has 25 years of technology experience in various industry verticals where he had management roles in software engineering, data analytics, program management, product management, business operations and strategy development. Ghosh spent a decade and half in the U.S. healthcare industry as part of a global ecosystem of medical device manufacturers, medical software vendors, telemedicine and telehealth solution providers. He’s held senior positions at Hill-Rom, Solta Medical and Bosch Healthcare. His recent work includes leading data-driven digital transformation in the public health space, including county-level healthcare agencies and organizations focused on underserved populations.
([email protected])