Soapbox: Big Genomics and DNA testing–why we need a Genomic Data Bill of Rights

August 29, 2018 | by
[grow_thumb image=”https://telecareaware.com/wp-content/uploads/2015/03/DNA-do-not-access.jpg” thumb_width=”150″ /]This week, consumer genomics testing company 23andMe announced that outside app developers would no longer have access to raw genomic data, as they have had since 2012. They will continue to have access to data through reports generated by the company. 23andMe cited privacy concerns–wisely, in this Editor’s opinion, to safeguard this burgeoning area of digital health. Seeking Alpha

TimiHealth is an affected firm that seeks to move customer data, with consent, to an allegedly more secure blockchain platform, TimiDNA, citing 23andMe’s monetization of their data and CMS’ Blue Button initiative, a recent meeting in which 23andMe participated as a developer. Blasting away, TimiHealth stated that “It flies in the face of the mission of CMS, and the MyHealthEData initiative and the goal of putting patients first.” Release

However, the consumer marketing of DNA testers such as 23andMe, Ancestry.com, and smaller competitor Helix, has already led to multiple privacy questions on how the data of millions are being used and sold. 

This Editor would feel safe in assuming that most customers do not know nor particularly care that GlaxoSmithKline (GSK) as of July owns 50 percent of 23andMe via a $300 million investment. Both have announced a four-year partnership to use the 23andMe genetic database for drug research. For instance, the LRRK2 gene has been linked to some forms of Parkinson’s disease. GSK needs about 100 for a trial sample of one, but 23andMe has already provided 250 Parkinson’s patients who have agreed to be re-contacted for GlaxoSmithKline’s clinical trials. Scientific American

While most data is de-identified, you can agree to be contacted for further use in clinical trials, which is fine–but most users do not know how to opt out. It’s a surprisingly tricky process, as outlined in this useful Business Insider article, and you may not be able to withdraw all your data or have your saliva sample destroyed.

Data can be hacked and reprocessed. Three years ago, TTA explored reports on exactly how de-identified genomic data could be made identifiable through the ‘nefarious use’ of genomic data sets available through research networks [TTA 31 Oct 15].

Despite the trite, simplistic, and condescending commercials by Ancestry.com on how someone found they had ethnic or national roots they never dreamed of, or were related to royalty, both giving meaning to their presumably mundane life, genetic info has value beyond the feel-good. It’s long past time for a plain language Genomic Data Bill of Rights.

  • Individuals should know how their personal genomic data is being used and how it is being protected
  • They should be able to opt out of use, identified and de-identified, easily–and not have to jump through hoops
  • Reporting/interpretation should also have integrity, consideration, and respect that it may upset a person or that it may not be interpreted correctly, which is a fundamental problem 
  • A more radical view is that the same individuals should be compensated when their data is used

This Editor will settle for the first two bullets, for now. 

Systems sharing data, still behaving badly

August 7, 2013 | by

A straight-shooting article in Healthcare Technology Online provides a overview of the EHR and Health Information Exchange (HIE) mess in the US. Essentially our major EHR systems (Cerner, McKesson, athenahealth, Greenway, Epic) don’t interchange data well, if at all–and the 600-odd practice EHRs were built on siloed designs, existing software and used proprietary formats, often in a rush to take advantage of Federal subsidy programs in Stage 1 Meaningful Use–as HTO’s EIC Ken Congdon stated, “electronic filing cabinets”–and heavily outsourced. Well, it’s now ‘uh-oh’ time as a key part of Stage 2 MU is interoperability. Basically we now have a set of what this Editor would term ‘paste ons’ and ‘add-ins’ to facilitate data exchange between systems that speak different languages (Editor’s emphasis):

direct protocol (a standards-based method for allowing participants to send authenticated and secure messages via the National Health Information Network), as well as those developed by HL7 (Health Level Seven), a nonprofit global health IT standards organization, provide EHR users with the building blocks for exchanging data. Blue Button, an application developed by the VA that allows patients to download their own health records, is also being adopted and manipulated by EHR vendors and independent developers as a way for providers to exchange data between systems. Moreover, regional and state-run HIEs offer healthcare providers in several parts of the country a network they can join (and technology infrastructure they can leverage) to share health data with other HIE members.

Some systems work well–EHR and pharmacy systems seem to. However, EHR to EHR interfaces are up to the provider and are expensive. Sharing/translation does not mean that all information makes it over without getting ‘bruised’ or having to be reentered manually.  HIEs, acting as a focal point for data exchange, are also generally non-profit; the exchange platforms cost millions to develop and further millions to maintain–and buy-in is low, as the article states. Fixing The EHR Interoperability Mess (free registration may be required)

(Updated 8/7 pm for Editor Donna’s POV) This is what happens when you rush adoption and development processes that should take years in order to gain quick subsidy money, and non-healthcare entities (that is you, the US Government) encouraged this, distorting the process. The private and public waste of scarce healthcare funds is appalling, and the disruption to the healthcare system is unforgivable–especially in practices where doctors and managers in many cases have been sold a bill of goods, and they are revolting by changing EHRs, going back to paper or retiring. And the Government should look to itself first. Look no further than to the multiple failures of two branches of the US government, Veterans Affairs and Department of Defense, which have the responsibility for current and veteran members of our Armed Services. They have failed spectacularly in serving Those Who Have Served not only the integration of their two EHRs but also in updating their basic architecture [TTA 27 July ‘Pondering the Squandering’… and 3 Apr ‘Behind the Magic 8 Ball’ both review the sad details.] The belief that HIEs with limited funding will solve the interoperability problem is Magic Thinking. At least one move in this direction makes sense: the CommonWell Alliance of six EHR heavy hitters to work on ‘data liquidity’ [TTA 5 Mar announced at HIMSS], but this may be another ‘uh-oh’ and face saving.

With basic, necessary health and patient information stuck in systems and getting lost in translation, how can anyone rationally expect that personal data from telehealth devices will be integrated anytime soon, in any meaningful way? Does this mean that parallel, separate systems and platforms will continue to develop–and yet another wave of integration?