Patient Data: Solving Ownership Question

In the 1800s, people flocked to the mountains of the Pacific Coast to seek their fortune during the Gold Rush. A few decades later, the hot commodity was oil. Today, the landscape is digital, and, in the biopharmaceutical industry and healthcare settings, patient data is the new gold. The pick, shovel, and pan have been replaced with new tools and technologies like the internet of things (IoT), sensors, devices, and blockchain, all of which enable a new gold rush. These new tools and technologies can address ownership, trust, and privacy; manage the velocity of patient data growth; and create a path forward for new treatments and improved health outcomes.

Data generated by companies versus patients

Patient data comprises two broad categories. First is the patient data generated by healthcare institutions in a clinical trial or disease treatment setting, such as electronic medical records (EMRs), labs, and pharmacies. Second is the data generated by patients, whose use of genetic tools, smartphones, IoT ecosystems, websites, sensors, and surveys that monitor their lifestyles creates a new digital and non-digital environment. The resulting data are available for patients to download, but without medical training, some patients may not comprehend it.

Additionally, patients do not have total ownership of their data. After gaining customer consent, companies can sell patient data to third parties. While consent is great, the forms signed by patients are so long and complex that they may not fully understand what they’ve agreed to. These forms primarily free companies from liability when privacy breaches occur. True ownership of data means a patient should be technologically literate and understand how, when, and where their health data is used when it is sold to a third party. Privacy is important, but control of the data is equally important as, without proper controls, even the strongest patient data vaults can be breached.

Today, there is a trust deficit between patients and companies, as the latter continue to be lax on ethical standards in favor of monetizing data. Governance of patient data is also an issue. Who ensures that patient data is stored and leveraged according to current laws and the consent given? As more patient data is generated and used, the need for appropriate governance and stewardship of patient data will increase. Privacy laws are in their infancy and will continue to evolve. New roles in patient data governance will require familiarity with the sensitivity of patient data, rapid technology advancements, and awareness around emerging ethical and legal compliance issues. Policymakers must stay up-to-date with the technological advancements and loopholes of digital ecosystems. Currently, legal and ethical frameworks are too slow to keep pace with the rate this data is being generated. In addition, some estimate that, in the US, up to $30 billion per year is spent on unnecessary expenses. And based on "Big Data Healthcare Global Market Report 2022," released by The Business Research Company, the global big data healthcare market is expected to grow to $20.27 billion in 2022 at a compound annual growth rate (CAGR) of 11.02%, and reach $44.53 billion in 2026 at a CAGR of 21.75%.

But suppose medical devices were better integrated with IT systems and made to follow standards for interoperability, so that stakeholders could quickly and seamlessly access a patient’s medical information across various touchpoints and sources during a patient’s journey. This dream system would also be HIPAA compliant and able to reduce healthcare spending significantly.

Vishal Singal

The IoT, sensors, and healthcare devices are some of the main generators of patient data. These technologies are driven by increased demand, the broader use of cloud platforms, and a rise in the number of mobile apps. Therefore, we cannot escape the hyper-digitization in our lives. Aggregating, storing, and analyzing different patient data types is changing how we approach patient care. For instance, we are now able to detect diseases early and provide better health outcomes for patients because of the precision medicine and hyper-personalized care made possible by the massive amounts of patient data generated from fitness trackers, implantable devices, and such.

We already realize benefits from this increase in available data, but systems, policies, and ethical standards are not keeping pace with the incredible speed at which digital ecosystems are growing. These changes have created instability in the value chain, as stakeholders find themselves at varying places in their digital ecosystem learning journey and cannot adequately adapt to the velocity of data growth. Therefore, all stakeholders must collaborate to unlock the potential of patient data across the value chain.

The tremendous growth of patient data presents both opportunities and challenges. We now have access to the data necessary to develop new treatments, enhance patient outcomes, and predict personalized interventions more precisely than in the past. But the generalized mistrust between patients and healthcare stakeholders, as well as varying data standards, prevents us from unlocking the benefits of digital transformation. To be truly successful, patients must take center stage. They must have an equitable relationship in the use of their data. Only then can we define ownership so patients have control over their data and are involved in decisions about how their data is used to benefit the entire patient community.

Moving forward, we must use a combination of new technologies, policies, and trust to shape the future. Policies must use common language devoid of hidden agendas, so everyone understands. In today’s world, patients are open to giving up their data if they have explicit knowledge of its use and benefits. A cross-functional approach to forming governing bodies, where government, domain experts, patients, and technologists are at the core of policymaking, will allow patients to be involved early in the process. This kind of collaboration will develop the trust necessary to unlock the value of digital ecosystems.

The biggest problem is consent management. Today, companies can shrug off responsibility for data breaches and inappropriate personal data use by getting patients to sign consent forms without giving them options to negotiate the agreement. Moreover, the complexity of most consent policies reminds many of their high school reading of Shakespeare’s Hamlet: To consent, or not to consent? That is the question. Consent and privacy documents must be simple and easy to read if they are to enable an equitable partnership among stakeholders.

While technology has caused some of these problems, it can also help resolve them by providing efficiencies across the value chain. Rapid strides in data science make it possible to store data in the cloud, lowering costs and increasing ease of access. Artificial intelligence and machine learning provide increased sophistication and access to processing and computation, making it easier to leverage patient data.

Effectively managing that data

Technologically, there are two broad approaches to managing patient data safely and securely. The first approach relies on centralized patient data lakes that move patient data into highly secure but completely centralized repositories where a centralized authority controls all safeguards and governance policies. This traditional approach is easier for companies and researchers because it enables tighter control and rapid analytics. However, in this approach, patients lose control over the ownership and usage of their data. Once consent is provided, the line between patient and patient data is lost forever, and patients must rely on others to ensure privacy and appropriate usage. Additionally, this approach is time-consuming and expensive. It cannot keep pace with the rate of growth patient data is experiencing.

A blockchain-based approach is more patient-centric and allows patients to own their personal data forever. It gives them a clear line of sight on data usage, purpose, and monetization. Currently, companies monetize data with no patient involvement other than their consent. Patients must have a more significant say in the monetization of their data. Pricing should be dynamic, based on use cases, and patients must be able to control privileges and set pricing. This method could create a marketplace for companies and researchers that results in pricing dictated by supply and demand. The resulting, encrypted health information can create a more comprehensive database, giving scientists access to valuable data faster than ever before. Blockchain smart contracts can automate processes, including payment and actions conditional on payment.

Siddhartha Tomar

Blockchain can increase interoperability, protecting patients’ data confidentiality without compromising security or needing any central authority. The three pillars of blockchain, namely decentralization, transparency, and immutability, make it the perfect backbone for building patient data applications that incorporate appropriate safeguards and controls. In a decentralized system like a blockchain, information is stored in chunks and copied to the blockchain, spreading it across a network of computers. With blockchain smart contracts, patients own and control their digital, identity-containing data, reputation, and digital assets. Any counterparty using the data can only access data that the patient explicitly permits. Patients who want to send their health information to their new provider can do so directly without going through a third party. If a researcher or company wants patient data for their clinical trials, they can access data that the patient approves for use.

By allowing digital information to be distributed but not copied, blockchain is creating the foundation of a new type of internet. Moreover, in blockchain networks, counterparties will not need to hold sensitive data to verify transactions, thus reducing liability and increasing compliance and interoperability.

Blockchain is also one of the most secure ways to store patient data because a person’s identity is hidden with complex cryptography that helps maintain an incorruptible, decentralized, and transparent log of all patient data applications. Until now, this level of security has never existed within a healthcare system. Blockchain is also immutable, meaning it is nearly impossible to tamper with once something has been entered into the blockchain. The fact that no one can tamper with their health record can inspire patients’ trust. Lastly, a blockchain carries minimal transaction costs, but an infrastructure must be set up to achieve maximum benefits. It is extremely patient-friendly, a significant consideration as patient data applications become mainstream. The blockchain is a simple yet ingenious way of passing patient data in a fully-automated, safe, and cost-effective way from the patient to anyone needing it.

There are several different applications for blockchain-based patient data. Currently, longitudinal patient data often contains gaps in the patient journey. Blockchain will make this a thing of the past. Providers and researchers will receive 100% of a patient’s longitudinal data in near real time, resulting in precise diagnoses and targeted prescriptions. A 2019 Johns Hopkins University School of Medicine study concluded that between 40,000 and 80,000 US hospital deaths might be related to misdiagnosis. Another estimated that each year, 12 million Americans suffer a diagnostic error in a primary care setting—33% of which result in serious or permanent damage or death. These severe cases cost the healthcare system $1.8 billion in malpractice payouts over 10 years. Deaths like these, and the resulting malpractice suits, can be prevented by having a full view of all the touchpoints in a patient journey.

The decentralized nature of blockchain technology creates an ecosystem that allows the providers, corporations, and researchers involved in a patient’s treatment pathway to quickly and efficiently reference their data, enabling faster diagnoses and personalized care plans. Blockchain-based patient data applications can democratize the highly effective but very limited number of personalized treatments possible today, resulting in better patient outcomes. Blockchain can accelerate clinical trials and medical research by providing access to vast amounts of patient data to produce better candidate selection, more accurate clinical trial outcomes analysis, and accelerated targeted drug development. Patient data applications based on blockchain can also include genomics data, which are essential in many disease areas. Blockchain is a perfect fit for these uses, and can safely house billions of genetic data points.

Blockchain-based patient data applications, and the necessary processes and infrastructure to support patient data, will produce a paradigm shift by providing not only security and privacy but also patients’ complete ownership of their individual data. This will far surpass current regulations requiring a centralized authority to govern and implement privacy measures.

Will blockchain-based patient data applications prove to be the holy grail of data privacy, protection, and ownership that leads to the widespread adoption of patient data analytics and better health outcomes? Only time will tell, but the outlook is encouraging.

About the Authors

Vishal Singal is Patient Engagement & Digital Health Lead; Siddhartha Tomar is Principal, Data & Analytics, both at Axtria.