Open Data Advocate Joins Patient Privacy Rights Group as Chief Technology Officer

The small news is that I formally joined Patient Privacy Rights as chief technology officer. I have been an extreme advocate for open data for years. For example, I’m  a card-carrying member of the Personal Genome Project where I volunteer to post both my genome and most of my medical record. PPR, on the other hand, is well known for publicizing the harms of personal data releases. These two seemingly contradictory perspectives represent the matter-antimatter pair that can power the long march to health reform.

The value of personal medical data is what drives the world of healthcare and the key to health reform. The World Economic Forum says: “Personal data is becoming a new economic “asset class”, a valuable resource for the 21st century that will touch all aspects of society.” This “asset” is sought and cherished by institutions of all sorts. Massive health care organizations, research universities, pharmaceutical companies, and both state and federal regulators are eager to accumulate as much personal medical data as they can get and to invest their asset for maximum financial return. Are patient privacy rights just sand in the gears of progress?

Personal health data is information and information is an unusual asset class because its value grows the more you use it. Hoarding information impoverishes us all. The soldier who foregoes counseling because it would damage his career and the pharmaceutical company that hides a negative result in a clinical trial are each hiding personal data. The result is clearly harmful to both the individual and to society.

As with money, the value of personal data depends on trust. Money at rest is just an asset. Money in motion (invested) can make you rich. The vision of personal data in motion made possible by trust is what brings me to Patient Privacy Rights.

The challenge of getting our data to work for us is immense. Physicians and patients both depend on our institutions for essential services. Over decades of managed care and political manipulation, our institutions, for their part, have grown increasingly sophisticated in their ability to extract added value from the data they accumulate as part of the essential physician-patient interaction. Large healthcare organizations, especially the large not-for-profit ones, have become particularly adept at hoarding and monetizing personal medical data. Their information asset is used strategically to negotiate higher prices and tactically to lock-in both physicians and patients. The result costs each of us at least $3,000 per year and frustrates many physicians.

PPR is leading the efforts to put personal data to work for all of us by advocating a series of measures that increase both trust and data liquidity. Founder and director Deborah Peel, MD continues to focus on trust with projects to map how personal medical data flows across the healthcare industry and an auditable framework for evaluating institutional privacy practices. My focus remains on getting data out of our institutions for maximum benefit from information technology. These perspectives and a wide range of others come together at the annual Health Privacy Summit June 5 and 6 in Washington DC with keynotes from the European Data Protection Supervisor and the US Chief Technology Officer and many more. Admission is free and we hope you will come to both learn and participate.

The front lines in the struggle for personal information liquidity are Blue Button Plus and patient ID. Patient ID is the essential link that enables aggregation of personal health data across the many institutions that serve us. Patient ID is the key to locating our information as well as authorizing its sharing in a convenient and non-coercive way. Without a clear and voluntary patient ID, the consents and associated accounting for disclosures are unmanageable. Today, patients must navigate the byzantine  privacy practices of each of our service institutions while also risking the harms of inappropriate disclosure and health records corruption. PPR is advocating for the uniform use of a patient’s secure Direct email address as a voluntary and globally unique patient ID. Direct technology is already mandated by Meaningful Use Stage 2 and, if deployed with support for self-signed certificates as well as trust bundles, it can simultaneously increase both privacy and liquidity.

Blue Button Plus is the essential enabler for widespread health information exchange. It combines scalability and security while increasing patient trust through transparency. Unlike its Blue Button predecessor, Blue Button Plus can move both structured and human readable information and it does not require the patient to be actively involved or even aware of each transfer. Blue Button Plus enhances liquidity by providing the patient with a simple and consistent authorization interface and, through its dynamic discovery mechanism, it opens up the world of mobile apps, web services and highly personalized open source patient and physician-led innovation.

Personal information liquidity or, as Todd Park calls it, Data Liberationwill not come without some struggle. Medical professional societies and patient advocacy organizations are going to have to organize and collaborate in support of technologies that put control of personal data and health information technology back into the hands of the physician and the patient where it will do the most good.

Adrian Gropper, MD is the first Chief Technoiogy Officer of Patient Privacy Rights,  participates in Blue Button+, direct secure messaging governance efforts, and the evolution of patient-directed health information exchange.

8 replies »

  1. I’ve known about this for several months and I’m still in shock about this odd marriage. (longtime THCB readers know that I have been err, a tad impolite about Deb Peel in the past). But this gives me lots of hope.

  2. Bravo Andrian-!

    Data Liberation is a remarkable and necessary construct and a very worthy endeavor

    My Very Best Wishes.

    Dr. Rick Lippin

  3. Thanks, Rob for highlighting the obvious. EMRs are not a sustainable architecture for health records in the 21st century. As ACOs and other value-based payment programs show, measuring cost and managing outcome requires a patient-centered perspective. Today’s EHRs are descended from billing systems (and they are very good at that !) with clinical features added on to meet the “incentives” du jour.

    The draft Stage 3 “incentives” http://www.healthit.gov/sites/default/files/draft_stage3_rfc_07_nov_12.pdf make my point. Here we have the federal bureaucracy desperately trying to micromanage technology features and interfaces around the institutional EHR architecture.

    Once the data is liberated, EHRs will risk real, market based competition from best-of-breed web services and patient-centered clinical apps chosen by the physicians as they see fit. Institutional systems will be left handling the billing and scheduling and the thermostats in every room.

  4. I guess I’ve always thought the decentralized approach to patient data was the only hope. The regulations I faced in the system (before I was sprung from it) stood directly in the way of this, though. For example, I felt it was duplicate effort for us to enter data in both our EMR and the state vaccine formulary, so instructed my nurses to just put it into the formulary (which all docs have access to, and my nurses have access to at all times). Yet the quality measures by which we were “incentivized” (a word I hate) forced us to go back to duplicate entry. This is one example of many in how we were forced to silo our data rather than share it.

    I think, though, the motivation needs to turn away from the movement of the data to a large bank or even between EMR systems; it should instead center on the person who should always be present when the data is needed: the patient. I know I am preaching to the choir here (and am grateful for that fact), but we’ve got to move away from “interfaces” and “portals” and toward, as you put it, data “liberation” (much better word than “incentivize”) which will put patient information at the point of care.

    I too am a pessimist that we’ll be able to really solve this until the payment system is reformed and the motivation to hoard data is eliminated. I am, however, encouraged that someone with a broader perspective is in a place to do some good. Good luck!

  5. I didn’t understand most of what you said but what I did understand I love. I’ve never heard the EMR discussion laid out in this way. I’m glad there are some great thinkers working on this. Would love to go to the conference!

  6. Data liberation will only come about with public pressure on politicians and regulators. The focus has to be on access to EHRs in ways that would intentionally open the EHR and the institution to meaningful competition. Keep in mind that phone number portability did not come about as a vendor or telco initiative. Meaningful competition requires free, patient-directed access to all of a patient’s information without any delay – period.

    Physicians and patients need to work together for data liberation. With the current HITECH incentives and Stark exceptions in place, neither physicians or patients have any meaningful market clout over the institutions. In the post, I listed Direct address with allowance for self-signed certificates and Blue Button Plus with dynamic discovery as the preferred solution based on MU Stage 2 and current federal standards work. For now, I’ll call this combo Data Liberation Blue Button Plus.

    PPR is asking professional societies and patient advocacy groups to join us in calling for Data Liberation Blue Button Plus. This call can have an immediate effect on VA and DoD procurement, on the many Medicaid-funded state health information exchanges, and in all other arenas where public institutions are medical data holders such as All Payer Claims Databases. If we join together, we can do this.

  7. Congrats on this news, Adrian. We’ll be watching your progress with great interest. People who follow this area know that the idea that a privacy group would appoint a chief technology officer, is a pretty radical one.

    That says a lot about the adversarial relationship between privacy advocates and the technology industry. You’ve made a number of public statements in the past that suggest you’re pretty cynical about the odds that the industry will cooperate meaningfully with efforts to change the way it does business. As an entrepreneur, you’ve had an up close view Do you think it’s possible to turn this relationship around? If it is, what concrete steps do you think can be taken to improve relations? Is there anything constructive the community can do to help move this process forward?

  8. I can’t think of any recent news in this arena that gives me as much hope for the liberation of data in healthcare than this does. With your expertise and understanding of the complexity of the issue, and the simplicity of some of the ’til-now discounted or ignored pathways to data liberation, I’m flooded with optimism. Go, Adrian!