Will the rise of technology mean the fall of privacy–and what can be done? UK seeks a new National Data Guardian.

Can we have data sharing and interoperability while retaining control by individuals on what they want shared? This keeps surfacing as a concern in the US, UK, Europe, and Australia, especially with COVID testing.

In recent news, last week’s acquisition of Ancestry by Blackstone [TTA 13 August] raised questions in minds other than this Editor’s of how a business model based on the value of genomic data to others is going to serve two masters–investors and its customers who simply want to know their genetic profile and disease predispositions, and may not be clear about or confused about how to limit where their data is going, however de-identified. The consolidation of digital health companies, practices, and payers–Teladoc and Livongo, CVS Health and Aetna, and even Village MD and Walgreens–are also dependent on data. Terms you hear are ‘tracking the patient journey’, ‘improving population health’, and a Big ’80s term, ‘synergy’. This does not include all the platforms that are solely about the data and making it more available in the healthcare universe.

A recent HIMSS virtual session, reported in Healthcare Finance, addressed the issue in a soft and jargony way which is easy to dismiss. From one of the five panelists:  

Dr. Alex Cahana, chief medical officer at ConsenSys Health.”And so if we are in essence our data, then any third party that takes that data – with a partial or even complete agreement of consent from my end, and uses it, abuses it or loses it – takes actually a piece of me as a human.”

Dignity-Preserving Technology: Addressing Global Health Disparities in Vulnerable Populations

But then when you dig into it and the further comments, it’s absolutely true. Most data sharing, most of the time, is helpful. Not having to keep track of everything on paper, or being able to store your data digitally, or your primary care practice or radiologist having it and interpretation accessible, makes life easier. The average person tends to block the possibility of misuse, except if it turns around and bites us. So what is the solution? Quite a bit of this discussion was about improving “literacy” which is a Catch-22 of vulnerability– ‘lacking skill and ability’ to understand how their data is being used versus ‘the system’ actually creating these vulnerable populations. But when the priority, from the government on to private payers, is ‘value-based care’ and saving money, how does this prevent ‘nefarious use’ of sharing data and identifying de-identified data for which you, the vulnerable, have given consent, to that end? 

It’s exhausting. Why avoid the problem in the first place? Having observed the uses and misuses of genomics data, this Editor will harp on again that we should have a Genomic Data Bill of Rights [TTA 29 Aug 18] for consumers to be fully transparent on where their data is going, how it is being used, and to easily keep their data private without jumping through a ridiculous number of hoops. This could be expandable to all health data. While I’d prefer this to be enforced by private entities, I don’t see it having a chance. In the US, we have HIPAA which is enforced by HHS’ Office of Civil Rights (OCR), which also watchdogs and fines for internal data breaches. Data privacy is also a problem of international scope, what with data hacking coming from state-sponsored entities in China and North Korea, as well as Eastern European pirates.

Thus it is encouraging that the UK’s Department of Health and Social Care is seeking a new national data guardian (NDG) to figure out how to safeguard patient data, based on the December 2018 Act. This replaces Dame Fiona Caldicott who was the first NDG starting in 2014 well before the Act. The specs for the job in Public Appointments are here. You’ll be paid £45,000 per annum, for a 2-3 day per week, primarily working remote with some travel to Leeds and London. (But if you’d like it, apply quickly–it closes 3 Sept!). It’s not full time, which is slightly dismaying given the situation’s growing importance. The HealthcareITNews article has a HIMSS interview video with Dame Fiona discussing the role of trust in this process starting with the clinician, and why the Care.data program was scrapped. Of related interest is Public Health England’s inter-mortem of lessons learned in data management from COVID-19, while reportedly Secretary Matt Hancock is replacing it with a new agency with a sole focus on health protection from pandemics. Hmmmmm…..HealthcareITNews.

News roundup: Ancestry sells 75% to Blackstone, Cornwall NHS partners with Tunstall, most dangerous health IT trends, Slovenski departs from Walmart Health

Ancestry sells 75 percent of the genealogy/genetics company to Blackstone for $4.7 bn. The acquisition by the private equity company buys out other equity holders: Silver Lake, GIC, Spectrum Equity, Permira, and others. Ancestry’s business combines their genealogy database with consumer genomics for both heritage and health. The Blackstone release notes that their goals in the acquisition are to expand data, functionality, and product development across the Ancestry platform as part of their investment in growth businesses. If an acquisition cost of $4.7 bn seems high, Ancestry’s revenue is cited as $1 bn annually.

Once blazingly hot, both Ancestry and 23andMe saw their consumer businesses crater late last year, with layoffs in January and February. It’s an example of a quickly saturated market (one test and you’re done) flogged by annoying TV commercials over the holidays [TTA 13 Feb]. Where the profit is, of course, is not in consumer tests but in selling the genomic data to other companies, something which the market leader, 23andMe, realized early on with half-ownership by GSK ($300 million, a real bargain). 23andMe is also intensively marketing as a premium subscription service updates on health information derived from member testing. Ancestry has followed, but reportedly has not been as proactive in linking genetic information to health outcomes. STAT

 This Editor noted back in August 2018 that it was long past time for a Genomic Data Bill of Rights for consumers to be fully transparent on where their data is going, how it is being used, and to easily keep their data private without jumping through a ridiculous number of hoops. It’s a conclusion now being reached by various privacy groups according to MedCityNews. Also noted is that Ancestry, in its complex and long privacy policy, can use your “personal information to market new products from the company or its business partners, but says it will not share users’ genetic information with insurers, employers or third-party marketers without their express consent.” But when your 75 percent owner has real estate and other healthcare holdings, can you trust them?

Cornwall Partnership NHS Foundation Trust partnered with Tunstall Healthcare UK on a 26-week support program during the pandemic for young people 11+ with a range of eating disorders. The patient group used the myMobile app and the ICP triagemanager software to send in weekly reports on their vital signs and answer symptom-related questions, which are tracked over time via a secure portal to monitor progress. The myMobile app has parameters set for individual patients, where readings outside them generate a system alert that is sent to clinicians. The program was able to ascertain that 32 patients were at high risk and have been referred. Cornwall/Tunstall white paper, ATToday.co.uk

As if COVID Fear weren’t bad enough, now we have to be frightened of Dangerous IT Trends. Becker’s Health IT interviewed eight healthcare executives and came up with a list of what keeps them up at night:

  • The sluggish rate at which healthcare systems embrace new technology
  • We won’t be going back to the pre-pandemic normal and how healthcare deals with that
  • Overlooking data security and medical device vulnerabilities
  • Cutting IT staff and budgets without acknowledging the consequences
  • The consequences of hastily moving workers remote and securing their devices

All of the above are not new, and it’s rather shocking that they haven’t been addressed.

And in Comings and Goings, we have a Notable Going. Sean Slovenski, who for the past two years has been heading up Walmart US’ Health and Wellness initiatives, departed the company last week with a replacement to be named in the coming weeks. Mr. Slovenski had been heading up a variety of healthcare initiatives, including in-store primary and dental care clinics which have opened up in four Arkansas and Georgia locations with an additional eight planned plus Florida. Walmart also opened up 100 COVID testing locations in store parking lots. His efforts were acknowledged in Walmart’s departure statement to staff. Mr. Slovenski “and his team have successfully stood up the strategy we hired him to create,” Walmart’s CEO John Furner said in a memo to staff. Walmart has also laid off over 1,000 corporate employees in a recent restructuring. Mr. Slovenski is most noted in digital health circles as CEO of Care Innovations for 2 1/2 years during the Intel-GE ownership. He was also with Healthways-ShareCare and Humana. Walmart is up against a long list of heavyweight challengers in retail health, including Amazon, CVS Aetna, and Walgreens–and may be deciding that an independent run is not worth it.

Is the bloom off the consumer DNA business? It’s past time for a Genomic Bill of Rights. (updated)

Perhaps a bit of sanity enters. Ancestry, the largest vendor of home-based tests for genetic testing to trace ancestry and seek health information, announced layoffs of 6 percent, or about 100 people, from its Utah and California offices. This follows on post-New Year layoffs at chief rival 23andMe of 14 percent of its staff, also about 100 people.

The slowdown in the consumer appeal of genetic testing is apparently across the board. While one hears of genetic tests being given for holidays and birthdays, there is little repeat need. The market was easily saturated: the early adopters have done their testing; the second wave of consumers which normalize a technology now are increasingly aware of and have privacy concerns about their genetic information being misused. This Editor would add a lingering wave of silly TV and online commercials with wide-eyed folks imagining their connection to ancient royalty or swapping out lederhosen for kilts after their testing report comes back. 

The bright spot for both companies is where they were really heading–healthcare data. AncestryHealth is not being cut back. As previously noted, GSK owns half of 23andme.

This Editor in 2018 advocated a Genomic Bill of Rights where before testing, a genetics testing client would be told how their genomic data is being used and being protected, informed about de-identification, and easily able to opt-out of commercial use. And the revelations about matching to others in the database or health revelations should be done not only with circumspection and respect for the disruption which may happen in the client’s life, but also held to the highest standard of testing. Sometimes that discovery is the equivalent of tossing a hand grenade into a person’s life. There also hasn’t been a lot said about making de-identifiable data identifiable through the ‘nefarious use’ of genomic data sets available through research networks.

DNA is being used for so much advanced medicine and even home testing (example–Cologuard in the US for colon cancer). It’s regrettable that the most public face of genetic testing rests with two companies whose main sell on your past and health has had unintended consequences, and whose main chance lies in the sale of their consumer data. The Verge, CNBC