The importance of data privacy in healthcare [Q&A]
Data is one of the biggest drivers of innovation in healthcare today. Almost everything in healthcare relies on having access to the right data from developing new drugs and medical equipment to allocating resources.
Making use of this data often requires sharing with other organizations and that presents challenges when it comes to keeping it secure. We spoke to Riddhiman Das, co-founder and CEO at TripleBlind, to learn how healthcare organizations are securing their data while still making it accessible.
BN: Data is arguably the most critical driver of innovation in healthcare today. What trends is this driving and what are some key 'amount of data' stats in healthcare?
RD: Everything in healthcare hinges on having access to the right data: From developing new drugs and medical devices to allocating scarce resources amidst supply chain issues, the quality of an organization's data directly impacts the quality of their solutions.
However, given the sensitive nature of healthcare data, getting your hands on the high-quality information necessary to make breakthrough innovation is a painstaking challenge. What if there was a way we could have our cake (access raw health data to drive life-saving advances in medical care) and eat it too (maintain said data's privacy)?
Historically, organizations have tried to circumvent data privacy challenges by using synthetic, abstracted, or pre-anonymized datasets -- but that strategy doesn't cut it anymore. In the best case scenario, the use of these solutions can result in higher costs to healthcare systems without driving evidence-based results or innovation.
In the worst case scenario, healthcare systems still risk exposing private or sensitive information. Ideally, synthetic, abstracted, or pre-anonymized data maintain privacy while being completely indistinguishable from the dataset on which it is based. However, it's still possible to pass private information from the original dataset into a synthetic dataset. If the original data set contains outliers that are passed into a synthetic data set, these unusual data points can easily be identified as original data -- compromising patient privacy.
It's no surprise that privacy and compliance concerns have trapped two zettabytes of data in silos and removed $500B in value creation for healthcare organizations.
Thankfully, new solutions have emerged that let organizations safely collaborate with sensitive data and algorithms using federated analytics. Keeping health data secure yet accessible offers the best of both worlds: Total privacy without any barriers to innovation.
BN: So we know healthcare has a data problem, how has this traditionally been tackled? And have data privacy initiatives such as HIPAA helped, or hindered health data management?
RD: Historically, organizations have tried to get around limited access to data by using synthetic, abstracted, or pre-anonymized datasets, but that strategy just doesn't cut it. The method tends to be expensive, risky, and can result in flawed insights if the data contains errors or is missing key elements -- that doesn't really benefit anyone.
We need access to data to drive the next wave of innovation -- people's health and well-being depend on it. We can only achieve this if the data is kept private to maintain patient privacy and protect the intellectual property rights of healthcare companies and their industry partners.
Over the years, initiatives have emerged to address this. Everyone has heard of HIPAA, which was enacted to protect patients' health information from disclosure without their consent or knowledge. It also features standards designed to improve efficiency in the healthcare industry. The less-talked-about Sentinel Initiative was created to monitor the safety of medical products via direct access to patients’ electronic health records. Despite legislation and initiatives to help with this problem, the challenge remains and will only become more amplified as health data grows in volume and complexity.
Organizations have been shooting themselves in the foot by relying on manually de-identifying, abstracting, or normalizing data to get the insights they need. It's nearly impossible to obtain meaningful, accurate, real-time insights from health data in this manner. This outdated method is hardware dependent, poses potential risks for re-identification, offers only partial security, and generally only works on structured or specific types of data.
BN: What are some of the fresh new solutions to handling data and data privacy in healthcare?
RD: We've seen quite a few technology solutions developed in recent years that tackle this issue in a way that allows healthcare organizations the ability to gain insights from data and maintain privacy beyond what regulations require.
Privacy-enhancing technologies (PETs) were specifically designed to make gleaning insights from health data scalable, accurate, and secure: a true win-win. One PET we're truly excited about is federated analytics.
Federated analytics improves upon prior PETs and keeps health data safe in three ways. First, the data is secured at its point of residence so that external parties cannot access it in any meaningful way. Second, the data is kept secure as parties collaborate to decrease the risk of interception. Finally, the data is secured during computation, reducing the risk of sensitive information extraction. Organizations can also track how the data is used to ensure it is only leveraged for its intended purpose.
Federated analytics software lowers the risks associated with sharing health data by eliminating decryption and movement of raw data, while allowing privacy-intact computations to occur. Additionally, technology improvements driven by federated analytics minimize the computational load necessary to analyze data, which reduces hardware dependency and increases scalability.
Other benefits include access to raw data beyond just structured data, including video, images, and voice data; more secure internal (across regulatory boundaries) collaboration and external (between organizations) collaboration; and a lower chance of non-compliance due to simplified, more cohesive contracting processes.
Federated analytics is driving healthcare towards the future. By safely scaling access to raw health data, organizations can optimize processes for clinical trials, develop and deploy groundbreaking AI algorithms, and bolster pharmacovigilance (monitoring the effects of drugs). Thanks to the development of federated analytics solutions, there is no longer a need to choose between gaining powerful insights that will shape the future of healthcare and keeping patient data private.
BN: We're hearing a lot about AI tech in healthcare, what are some potential challenges to consider when applying this technology?
RD: Artificial intelligence (AI) has the potential to transform healthcare as we know it. From accelerating the development of lifesaving medications, to helping doctors make more accurate diagnoses, the possibilities are endless.
However, like every technology, AI has limitations -- perhaps the most critical of which is its potential to perpetuate biases. AI is dependent on training data to create algorithms, and if biases exist within that data, they can potentially be amplified.
One of the best ways to reduce AI biases is to make more data available -- from a wider range of sources -- to train AI algorithms. It's easier said than done. Health data is highly sensitive and data privacy is of the utmost importance. Thankfully, health tech is providing solutions that democratize access to health data, and everyone will benefit.
Tech that automatically de-identifies data provides the best of both worlds by keeping patient data private while also making more of it available to train algorithms. This ensures that algorithms are built properly, on diverse enough datasets to operate on the populations they are intended for.
Image Credit: everything possible / Shutterstock