While health care is amid broad digital transformation and an explosion of consumer apps and devices, building the next generation of IT will require strong governance to manage privacy, security, interoperability and ethical considerations.
“In a world of digital apps there will be many more entities that have access to the data and could conceivably communicate with you,” said Aneesh Chopra, President, CareJourney. “We need to self-organize in advance of more blunt instruments in the form of formal regulation.”
Relative to facilitating a new level of IT deployment, CEOs can lead their organization in driving impactful change in two critical areas:
-
- Digital health and app experience
- Governance and use of patient data in health IT products
This second article in the two-part series will examine the governance aspects, while part 1 focused on digital health and the app experience.
Governance and use of patient data in health IT products
As patient data becomes more frequently shareable under the CMS Interoperability and Patient Access Rule that enables patients to grant third-parties access to their health data, CEOs, innovators and other executives will need to consider ways to protect that information.
“The rules put a digital front door on the right of access to give patients access via apps they trust,” Chopra said.
But CEOs participating in the Health Evolution Forum indicated in preliminary survey data that the biggest barriers to protecting data and partnering with technology companies to develop products that use patient data to drive better outcomes include:
-
- Risk to data privacy – 41%
- Ethical concerns with biased exacerbating disparities – 6%
- Unclear on how to partner with technology companies – 6%
- Lack of sufficient funding — 6%
- Insufficient internal technical expertise – 0%
- Other* – 41%
*Other includes: lack of business case or model, lack of commonalities on data structure and fields, complex internal IT system, competing priorities, lacking appropriate access to data.
Protecting data, leveraging assets
Longstanding regulations, notably HIPAA, exist to govern the privacy, security and portability of patient data and many providers, technology vendors and third-party covered entities are in compliance. That said, HIPAA is also widely viewed as needing a 21st Century upgrade to support digital health care.
“We have to find safe ways to leverage the data asset and work with technology partners to move things forward much more quickly,” said Michael Blum, MD, Chief Digital Transformation Officer, UCSF.
Indeed, privacy is a concern beyond HIPAA as any organizations sharing information need to be recognized as good stewards of patient data. Part of that challenge is creating enough value for people to recognize the benefit of consenting to sharing their data with organizations.
Data sharing issue is not just on the provider side, added Ryan Fukishima, COO, Tempus. Rather, it is a problem for payers and life sciences companies as well.
“We need to align those as much as possible,” Fukishima said. “If you can start to bring clinical trials to patients and really personalize that, and it actually is the best option for the patient given their treatment journey, then everyone wins in that situation, the patient, the provider, the pharma, and also the payer, because you can take cost out of the system.”
Transparency to end users is paramount and, among non-health care enterprises, a common practice is to over-index on being transparent about how the organization will use an individual’s information, according to Azam Khan, Chief Data Insights Officer at Eli Lilly. It’s important to communicate that information in human readable form, not bury it somewhere in a privacy policy that people will not read.
Among the ethical considerations that strong governance requires is understanding the implications of not enabling critical information to be interoperable as well as what is needed to protect it.
“It’s actually not ethical not to share data because it means we’re causing more harm to people that need information,” said Tom Stanis, an engineer who was formerly Head of Software at Verily Life Sciences. “We can do so much better and ethics teams really need to make that argument more often.”
What comes next?
To identify best practices that are already working in some sectors of the industry and then disseminate those broadly, the Health Evolution Forum, consisting of nearly 200 provider, payer and life sciences CEOs, ratified Work Groups to address: Digital Health and App Experience and Governance and Use of Patient Data in Health IT Products
Progress for both Work Groups will be measured against the number of payer, provider and life sciences organizations adopting the voluntary guidelines. The Work Group on Digital Health and App Experience will also measure the adoption of apps by patients within health systems following those guidelines, while the Work Group on Governance and Use of Patient Data in Health IT Products will collect data from payer, provider and life sciences companies concerning how those organizations and AI companies measure ethical impact, including health inequity, medical error attribution and clinical balancing measures.
“Health care and life sciences are still sitting in first gear. In terms of how data can play a role, there are so many missed opportunities of being able to drive value to the patient in ways that they couldn’t even imagine if we allowed ourselves to start utilizing their data,” Eli Lilly’s Khan said. “But we have to do it in a way that’s very transparent to them and with the right types of consent, every step of the way. Just be crystal clear and not ever abuse that privilege.”
Homepage image credit: Christina@wocintechchat.com via Unsplash.