From The Editor | October 26, 2021

Data Liquidity: Privacy, Ethics, And Patient Benefit

Ed Miseta

By Ed Miseta, Chief Editor, Clinical Leader

Modern Technology In Hospital iStock-1065782564

There has been a push in recent years to increase the liquidity of patient data and make that data more accessible to the patients from whom it was gathered. But increasing the liquidity of data also increases concerns around privacy and ethics. This topic was discussed by a panel of experts at The Future of Health Data conference hosted by Datavant. 

The panel included Aneesh Chopra of CareJourney, Deven McGraw of Ciitizen, Sean Khozin of CancerLinQ, Sheenu Kachru of Optum Life Sciences, and consultant Kim Brandt.

When it comes to data liquidity and the attention being paid to privacy and ethics, the panel does not believe the balance is where it needs to be. With greater liquidity comes greater innovation. Greater liquidity would require a risk and benefit type of framework to define privacy requirements and standards.

While the panel is encouraged by what the FDA has done to date, they note the industry is waiting to see how we get to the next level, which will involve making real-world data a part of the drug approval process. Real-world data will drive innovation, but there are barriers that remain, and the innovation will take time. Still, this is an area where the regulator can wield a tremendous amount of influence.

Since the FDA does not have a mandate to address privacy or ethics, a good starting point would be patient benefit, especially when the patient is at risk of privacy concerns. There may be incentives the FDA could infuse into the market to drive innovators towards solutions that optimize patient privacy.

Competition Concerns Hinder Liquidity

One of the biggest challenges to data liquidity is anti-competitive concerns and the perception of data as a company asset. That makes a lot of companies reluctant to share that data and allow it to flow freely. Privacy is often the excuse for not sharing data. The HIPAA law has provided patients with the right to get their data, and when patients have access to their data and can make decisions on how to share it, they will most likely be acting in their best interest.

One question that remains is whether there is more liquidity of the data after the patient is in possession of it. McGraw cites an example around COVID-19. In a project she worked on with the Leukemia & Lymphoma Society, researchers hoped to learn how well vaccines worked in patients with blood cancer. Records were gathered within 30-days, and she believes with new federal initiatives around information blocking that data can be gathered even faster. “Patients are highly motivated to share that data, particularly when they're sick,” she says.

One concern has to do with the patients who are being reached. Are we getting to everyone and, if not, who are we not getting to? The panelists felt there are subsets of individuals that can feel empowered with their data but who are not being reached. All patients may not be reachable until inequalities that exist in this country are overcome.

Another issue is portability. Patients own their data and should be able to make the decisions about what should happen with it. But it should also be made easier for that data to follow them wherever they go. If a patient changes plans, the data should go from plan to plan. If a patient is hospitalized and then discharged to another institution, the data should follow them. All providers should have access to that data so there are no care coordination gaps.

Brandt notes this is especially important in mental health and substance abuse. Congress has passed a law to make it less likely to have gaps. But even though patients may understand that their data belongs to them, they oftentimes do not know what happens to it.

Patient Data Belongs To Patients

Another question that arises is whether we need a more holistic framework for the health data economy. If so, who should govern that framework? Should the industry wait on politicians to develop that framework or does the industry need to reach a multi-stakeholder consensus?

McGraw believes this is an area where congress needs to act. While there is a patchwork of protections on the HIPAA side, there is less certainty around the regulatory framework outside of HIPAA where consumer-facing commercial companies are handling data on behalf of consumers. Those companies are accountable to the FTC for commitments they make, but there is a lot of uncertainty around enforcement.

“The rules of the road are not quite as set as they are in the HIPAA world,” says McGraw. “There is definitely a need for more of a GDPR, CCPA-like environment so patients know that wherever their data goes, it has some protections they can count on. We will not get there anytime soon.”

McGraw states this is a lightning rod issue for Congress and one they cannot seem to move on. That puts the impetus on the private sector to come up with strong frameworks that address ethics, privacy, and the patient benefit not just at the individual level, but at the community level as well.

“We could get more consent rights for individuals in terms of their choices of data, but not address some uses of data in ways that have harmed certain communities,” she states. “There's a lot of lenses through which we need to look at this. There are a lot of ongoing efforts that are truly valuable. We will ultimately need congress, but we can't wait for them to step up to address this issue.”

Khozin agrees, noting the federal government is cautious and does not want to implement policies that may have unintended consequences. “The community has to articulate the need and define the contours of the framework,” he says. “That will provide the federal government with a path forward. Otherwise, all we will have is a patchwork of legislative solutions and champions in Congress. That won’t really move the needle.”

For congress to act it needs to hear why this is important to patients and what it will mean in terms of Medicare and Medicare’s beneficiaries.

“We are heading towards a place where it will be technologically easier for patients to get their entire records by connecting an app into their provider or payer portal,” adds McGraw. “We are making progress but are not quite there yet. A law is already in place to allow patients to have the right to get these records, but there are just a lot of obstacles to doing so. Apps can make this easier for patients by taking care of it for them. Once the information goes in their app account it will be completely under the patient’s control. Ultimately this information belongs to the patients.”