5 min read December 18, 2017 at 12:20pm
Note: This is an update to a draft blog post I've had sitting, unpublished for quite a while, which I began writing after the Digital Health Strategy was published back in August. New stuff is at the bottom.
It's been a busy couple of weeks in the digital health space. The Australian Digital Health Strategy was released on Friday, and verily, it is full of cybers. Much of what I said about Big Data in my presentation on behalf of Future Wise applies to digital health more generally. It goes for about half an hour, and I'd encourage you to watch it.
At 18:40 in the talk, I gave a quote from Fiona Stanley talking about the risk/benefits of data linkage vs patient privacy, which I took from a letter that she wrote to Crikey around the time of Census 2016.
For those of you not as up on the personalities of Australian population health as I am, Fiona Stanley is a paediatrician and public health physician, the founding director and patron of the Telethon Kids Institute and truly a titan of public health. Her work was critical in describing the link between dietary folic acid and spina bifida.
As the universe seems to love synchronicity, this week, during the talk about the digital health strategy, Rosie Williams from The Little Bird Network posted a link to this article by Fiona Stanley from 2010.
Here, Trent Yarwood, who has yet to complete his post-fellowship training in public health medicine argues that Professor Stanley's opinions on this topic are evil, bad and wrong.
I've often maintained (in the video, in my previous blog posts for Future Wise) that part of the problem inherent in digital health issues is that geeks don't really understand the needs of healthcare workers and that healthcare workers are terrible at teh cybers. This awareness of (and frustration with) professional siloing also applies in my clinical practice, where I see that the clinicians under-appreciate the benefits of population health thinking and research, while the public health physicians lose sight of the fact that the health of the population is actually the sum of the health of all the individuals within it. I think this article is a pretty good example of both these errors.
Over-egging the benefits
Let's be clear that overall, I'm an advocate for big data. I have done some contract work for a national antibiotic use and resistance surveillance program, which aggregates and analyses (non-patient identifying) disparate datasets to try and provide a comprehensive picture of where we are. Overall, I’m positive that data linkage will - eventually - bring some of the benefits that public health researchers like Stanley hope it will. It’s certainly worth considering just how many other public health authorities are looking into the issue of linkage.
However, the pitch for data linkage is essentially "if we link All Of The Data, we might find new cool stuff, just like the previous cool stuff we found". Quite likely, they’re right. But this line of justification is unlikely to do much to convince those people who object on the basis that they are unable to see concrete benefits that justify the risks. You’d think that people who work in public health would be used to trying to pitch interventions with abstract, long-game benefits, and would have better strategies than to loudly and repeatedly state their position.
Lack of appreciation of the risk
Between the Red Cross data breach and the Medicare reidentification, it's pretty clear - to me at least, that the collection of healthcare data is a privacy risk, and the linkage of data is even moreso. We know that the advertising megacorps (Google and Facebook, Woolies, Coles, all Insurance companies) see the benefits in linking as much data about you as possible together. Fundamentally, the goal of public health data linkage and commercial data linkage is pretty much the same - to develop a comprehensive picture of an individual. Only the goal differs (sell ads that you are more likely to click on to people, or hopefully improve your health).
I've said before many times that sweeping statements about absence of risk are most likely to represent lack of understanding of what the risk actually is. As Justin Warren is fond of saying on twitter, "Humans suck at risk assessment".
New thoughts as of December 2017
As sure as night follows day, today, the team behind the Medicare re-ID story last year have published their findings (primary article) that individuals can be potentially reidentified by piecing together breadcrumbs from the dataset, along with other publicly available data and information from social media.
Data on the health services you access are unequivocally highly privacy intrusive (the example I gave this morning on twitter was that I have a specific provider number for my work at the sexual health clinic. If you've been billed to that provider number and received a PBS-subsidised prescription for valaciclovir, then I could confidently diagnose that you've got genital herpes).
I'm pretty bent out of shape about this; partly because it's an entirely predictable intersection of the fact that doctors are terrible at computers, the government has proved itself incapable of successfully managing IT projects and open data evangelism that moves too fast and with too little understanding of the consequences.
Breaches like this have a major effect on public confidence in digital health. Despite all my complaining about it (and I think, in contrast to lots of privacy advocates), I think there are enormous potential benefits to digital health and data linkage. But if people don't trust the system (as I don't), then uptake will be poor, the data will be of less value, and evangelists like Fiona Stanley will push even harder to make it mandatory.
The Government has badly misstepped here in so many ways - off the top of my head:
- opt-out myHR
- clear plans for commercial secondary use
- poor data security practices
- denial of the problem
- moves to outlaw the research which has revealed these problems
that I really see no other alternative than a major rethink of data management practice.
But I'm not holding my breath.