Blog

  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012
  • 2006
  • 2005
  • 2004

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

I've personally struggled with this concept for a long time. When i thought about it, the options i would come up seemed to be only 3:

  1. Vendors: those who develop the systems that providers use to collect and store clinical data retrieved from patients.
  2. Providers: the doctors who provide medical care also by collecting and storing patient's data in systems developed by the vendors.
  3. Patients.

At the end, i came to the realization that, even though each one of these parties can have influence on the data itself, none of them are the actual owners of the data: clinical data is a human heritage and should be accessible to everyone.

And here's why none of the above options really convinced me.

Vendors

I have heard some stories where a product vendor holds the doctor hostage of clinical data: the doctor might not pay for the vendor's services any longer and the vendor, instead of simply interrupting its actual services, it also decides not to allow access to the clinical data to the doctor any more. My initial reaction to that has always been "hey, that's not ethical: the vendor's don't own that data, it's the practice's (or doctor's) data!". Yes, i feel strongly against this behavior.

Providers

Maybe doctors own the data they collect. After all, they have put in the investment of purchasing the hardware and finding the patients and actually collecting the data. But even this never felt quite complete, because what happens when the provider retires and doesn't really do anything with the data they collected? Should all that data get lost with him or her? Decades of hard work gone to waste? That doesn't seem quite right either.

Patients

So if the patient owns the data, then they would have to be the ones ultimately responsible for it's integrity and safety. Certainly they could allow others to take care of it for them, however it could be hard to make sure that the entire medical record remains "in one piece". What if the patient accidentally or purposely deletes parts of the medical record?

So after a lot of struggle with this, i decided to tackle the problem starting from first principles. And i came up with this list:

  • Everyone wants to suffer less.
  • Illness, pain and death are most commonly associated with suffering.
  • Humanity is striving to reduce its diseases, physical pains and to elongate its lifetime.
  • Medicine has provided ways to fight diseases, reduce pains and increase life expectancy.
  • Improvements in the medical field require lots of scientific research.
  • Scientific research requires lots of clinical data.

If the above points hold true, then it follows that there is a direct correlation between human suffering and clinical data.  Which means that

Which means that .
Info
iconfalse
title
Lots of Clinical Data Help Humanity Suffer Less

aasdf

So at this point it became pretty apparent to me that clinical data is a human's heritage and should be therefore available to anyone for research or patient's care purposes, provided the datum consumer is not ill-intended. 

Certainly patient and provider should have a say as to who should have access to which part's of the data, and if the data should be able to identify the patient or not. In some cases, it is best if the patient is not aware of some opinions, thoughts or discoveries of the medical provider yet. Similarly, a patient might not want to fully trust a specific medical provider or for some other reason want to just give access to a partial subset of his or her clinical data to a provider. However these configurable permissions should not stop the data from being anonymously, globally and forever available. Besides, isn't this what humanity has always wanted? The ability to just walk into any medical provider's office without anything more than an ID, and allow them to access our medical records in order to provide medical care for us? 

What remains now is figuring out a technology that can allow for all this to work. Up until 2008, the software we at our disposal was not able to provide a functional, reliable, secure, scalable solution to the problem. However, the invention of the Bitcoin has introduced the new concept of the blockchain, a technology which theoretically has all the physical capabilities to make the above concept become real. 

How it would look like

  1. The

S

When thinking about what we should be doing now, the mind goes in the future and asks itself: How will the future look like? We like to imagine a future where the problems and errors involved with creating, moving and copying clinical data will be gone. Where medical providers will not have to waste hours re-creating charts which were already created by a different provider, or by re-taking exams just because they don't have access to previously taken exams. Where as a patient walks into the ER, the provider will have instantly access to the patient's entire medical history (unless the patient decides not to allow this). But today, most providers are holding on to the clinical data they collect. So how on earth could another institution instantly have access to it? There would have to be agreements, and networks would form, dividing some institutions from others, kind of like the way it is now: if you are part of network A, you can get access to data from that network only.

No, this can't work. Ethically speaking, the clinical data needs to be globally available, s.t. any provider can help any patient anywhere in the world. And such that any research project can have easy access to all of the clinical data of the entire planet.

Holding Data Hostage

 

So who owns this data, ethically speaking? That's a good question, which i'm certainly not the first one to address. For example George Washington University Hirsh Health Law and Policy Program has published a study called "Who Owns Medical Records: 50 State Comparison." considers the law and finds only New Hampshire to have a law assigning ownership medical records to the patient, while the rest of the USA either has no law or the law assigns ownership to the medical provider. In fact, the most obvious candidates would be:

  • patient? Well, the ethically it might seem sound, however most patients do a terrible job at managing their clinical data, and end up loosing or misplacing most of it. So it doesn't sound like a good idea to leave the master copy of such valuable data into the patient's hands. 
  • medical provider (doctor)? This is what i thought: the providers usually use software which could manage clinical data. But many software companies don't interoperate with each other, and have no interest in doing so. So again data would not be 100% available
  • how about vendor? (the company that developed the tecnology that physically manages and stores the data)? No, obviously not. We have just seen why not.

Once patient's clinical data has been sufficiently de-identified to protect the individual's privacy, data should be publicly and easily available to the entire human race. This will allow it to be maximally useful for research and patient care. Therefore I believe that patient's clinical data is a human heritage, not be owned by any individual. As soon as some clinical data has been collected, the patient should have the option of allowing it to be stored on some kind of network that will make a de-identified version of it available to qualified researchers and a full version available to any medical provider with an appropriate key.

How it would look like

  1. So the patient arrives, to see a doctor for the first time (ER, dentist, whatever, ...). 
  2. The medical provider (i.e. doctor)'s front desk would ask for their digital ID ID.
  3. Kind of like a credit card today, or Apple Pay or other such mechanism, the patient interacts with the card reader, and enters his/her credentials (with OTP, fingerprint, or whatever).
  4. The system is now able to retrieve the patient's ID and digital key by combining their card with their authentication.
  5. With the digital key of the patient and the provider's own digital key, the system can:
    1. have access to the lookup table of "the network" with the provider's key. this gives access to de-identified records.
    2. search for and download the correct record using the patient's digital ID.
    3. decrypt identity information, using the patient's digital ID, and by so doing, obtaining the full record of the patient.