Higi and Interpreta’s data mix partnership–questions on consent, data security

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2017/08/Interpreta-Higi.jpg” thumb_width=”150″ /]Higi (also higi), which has placed health monitoring kiosks in over 11,000 US retail locations and a 5.5 million signup base, and data cruncher Interpreta announced that they are partnering to blend Higi’s vital signs data with Interpreta’s claims, clinical and genomics data analytics. Based on Mobihealthnews’ article and the joint release, an individual’s health information taken at higi retail stations will be “prioritized within Interpreta in real time”. They also claim that for the first time, insurance payers and providers will be able to leverage biometrics data, clinical, claims and additional genomic information a person may obtain from genetic testing services into a ‘personalized care roadmap’ that closes gaps in care. This is positioned as a big advance in population health and it all sounds great.

Perhaps not so great are the details. What about consent and data security? Aside from absolutely no mention of patient consent and HIPAA compliance in the above news, this Editor suspects that past, current and future Higi users may not be made aware that their vital signs data recorded with Higi will be 1) sent into a non-Higi database and 2) integrated with other information that appears in Interpreta’s database. How is this being done? Is consent obtained? What then happens? Is it used on an identified or de-identified basis? Where is it going? Who is doing what with it? Can it be sold, as 23andme’s genomic information is (with consent, but still…)? “Interpreta works in the realm of precision medicine, continuously interpreting and synchronizing clinical and genomics data in real time to create a personalized roadmap to enable the orchestration of timely care.” but they do this for providers and health plans who are then responsible for privacy and data integrity. Consent for Higi to keep a record of your blood pressure when you drop into your local RiteAid or ShopRite is not consent for Interpreta to use or manipulate it. These questions should have been addressed in the release or an accompanying fact sheet. We welcome a response from either Higi or Interpreta.

And one last and exceedingly ‘gimlety’ observation by this Editor: kiosks get hacked, and here we have not a price to a McDonald’s meal but a portal to deep PHI. Here’s a two-part article in an industry publication, Kiosk Marketplace, if you are skeptical. Part 1, Part 2 

More tattletale data gathering: EEGs and sub-cutaneous RFID chips

There’s a new biometric marker in town being used for authentication: the EEG (electroencephalograph). Brain waves have a cacaphony of information about emotional state, learning ability and personality traits, now being collected in relaxation or gaming apps through inexpensive headsets as simple as earbuds. So instead of iris scans and fingerprints, now it’s EEGs. However, it’s yet another privacy invading and eminently hackable source of data. Privacy: the collectors of information off that app may be matching your brain wave pattern to those on a data base–say, alcoholics. “In a blind trial, a machine learning classifier, trained to recognize brain patterns associated with alcoholism, used the brain wave data from the authentication systems to accurately identify 25 percent of the alcoholics in the sample.” You may not be a drinker, and the reading may be utterly ‘off’, but now it’s in the open, you have no idea of how it will be used. Similar patterns can be used to match from databases to identify learning disabilities, mental illnesses and more, which could make you tough to insure, for instance. IEEE Spectrum  Hat tip to former editor Toni Bunting.

The next generation of peripherals may not be external at all. Already around 50,000 early adopters or bodyhackers are implanting glass RFID chips in their hands or other parts of their bodies to let themselves into their homes and offices or to store emergency information. The head of a digital unit of Capgemini stored his Scandinavian Airlines boarding pass and travel information in a December test. This type of chip, about the size of a rice grain, uses no electricity but will activate when scanned by a reader. It’s easy to forecast medical uses such as records before surgery (operate on the right foot, not the left), an ID and information for someone post-stroke or with dementia, or as smart card loaded with funds. But this Editor can see it coupled with a nanosized battery as being tested now in external sensor patches or biostickers as John Rogers at University of Illinois, MC10 and others have been designing for several years–and the potential geometrically increases to send out other data such as vital signs. Perhaps EEGs one day? Wall Street Journal — plus a collection of our coverage of sensor patches

All that Quantified Self data? Drowning doctors don’t want to see it.

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2014/08/reduce-documentation1.jpg” thumb_width=”150″ /]Our long-time readers will remember Questions # 3, 4 and 5 of The Five Big Questions (FBQ*). They have not lost their salience as doctors are rejecting the not-terribly-accurate ‘telehealth’ data [TTA 10 May] generated by popular fitness trackers such as Fitbit, Misfit Shine and Jawbone. We do note that Apple’s Health/HealthKit has trotted out alliances with Mayo Clinic and Epic Systems (EHR) on apps and integrating data into an PHR [TTA 3 June], as well as Samsung’s SAMI [2 June] funding a University of California (UCSF) research center and (of course) Google. But this article confirms (more…)