The small news is that I formally joined Patient Privacy Rights as chief technology officer. I have been an extreme advocate for open data for years. For example, I’m a card-carrying member of the Personal Genome Project where I volunteer to post both my genome and most of my medical record. PPR, on the other hand, is well known for publicizing the harms of personal data releases. These two seemingly contradictory perspectives represent the matter-antimatter pair that can power the long march to health reform.
The value of personal medical data is what drives the world of healthcare and the key to health reform. The World Economic Forum says: “Personal data is becoming a new economic “asset class”, a valuable resource for the 21st century that will touch all aspects of society.” This “asset” is sought and cherished by institutions of all sorts. Massive health care organizations, research universities, pharmaceutical companies, and both state and federal regulators are eager to accumulate as much personal medical data as they can get and to invest their asset for maximum financial return. Are patient privacy rights just sand in the gears of progress?
Personal health data is information and information is an unusual asset class because its value grows the more you use it. Hoarding information impoverishes us all. The soldier who foregoes counseling because it would damage his career and the pharmaceutical company that hides a negative result in a clinical trial are each hiding personal data. The result is clearly harmful to both the individual and to society.
As with money, the value of personal data depends on trust. Money at rest is just an asset. Money in motion (invested) can make you rich. The vision of personal data in motion made possible by trust is what brings me to Patient Privacy Rights.
The challenge of getting our data to work for us is immense. Physicians and patients both depend on our institutions for essential services. Over decades of managed care and political manipulation, our institutions, for their part, have grown increasingly sophisticated in their ability to extract added value from the data they accumulate as part of the essential physician-patient interaction. Large healthcare organizations, especially the large not-for-profit ones, have become particularly adept at hoarding and monetizing personal medical data. Their information asset is used strategically to negotiate higher prices and tactically to lock-in both physicians and patients. The result costs each of us at least $3,000 per year and frustrates many physicians.
PPR is leading the efforts to put personal data to work for all of us by advocating a series of measures that increase both trust and data liquidity. Founder and director Deborah Peel, MD continues to focus on trust with projects to map how personal medical data flows across the healthcare industry and an auditable framework for evaluating institutional privacy practices. My focus remains on getting data out of our institutions for maximum benefit from information technology. These perspectives and a wide range of others come together at the annual Health Privacy Summit June 5 and 6 in Washington DC with keynotes from the European Data Protection Supervisor and the US Chief Technology Officer and many more. Admission is free and we hope you will come to both learn and participate.
The front lines in the struggle for personal information liquidity are Blue Button Plus and patient ID. Patient ID is the essential link that enables aggregation of personal health data across the many institutions that serve us. Patient ID is the key to locating our information as well as authorizing its sharing in a convenient and non-coercive way. Without a clear and voluntary patient ID, the consents and associated accounting for disclosures are unmanageable. Today, patients must navigate the byzantine privacy practices of each of our service institutions while also risking the harms of inappropriate disclosure and health records corruption. PPR is advocating for the uniform use of a patient’s secure Direct email address as a voluntary and globally unique patient ID. Direct technology is already mandated by Meaningful Use Stage 2 and, if deployed with support for self-signed certificates as well as trust bundles, it can simultaneously increase both privacy and liquidity.
Blue Button Plus is the essential enabler for widespread health information exchange. It combines scalability and security while increasing patient trust through transparency. Unlike its Blue Button predecessor, Blue Button Plus can move both structured and human readable information and it does not require the patient to be actively involved or even aware of each transfer. Blue Button Plus enhances liquidity by providing the patient with a simple and consistent authorization interface and, through its dynamic discovery mechanism, it opens up the world of mobile apps, web services and highly personalized open source patient and physician-led innovation.
Personal information liquidity or, as Todd Park calls it, Data Liberation, will not come without some struggle. Medical professional societies and patient advocacy organizations are going to have to organize and collaborate in support of technologies that put control of personal data and health information technology back into the hands of the physician and the patient where it will do the most good.
Adrian Gropper, MD is the first Chief Technoiogy Officer of Patient Privacy Rights, participates in Blue Button+, direct secure messaging governance efforts, and the evolution of patient-directed health information exchange.