Why do we need data sovereignty in healthcare?
As part of our ongoing Healthy Ageing series on Clubhouse we recently hosted a fascinating discussion on ‘Data Sovereignty and Security’ with special guest speaker, Dr Alex Cahana. Alex is a medical doctor and technology advocate whose areas of passion and expertise are social determinants of health, decentralized economies, and phenomenology. He specializes in big-picture, cross-disciplinary advice and in strategically connecting early-stage ventures to national health systems. These solutions embrace a philosophy of transforming people from passive health service consumers into active, self-sovereign health and wealth producers. He has been an advisor to the EU, UN and other policy-making bodies.
Alex discussed with us the importance of data sovereignty in digital health and how it impacts platforms like PCL Health, which delivers remote patient monitoring, as well as its importance for us as consumers and patients as we move into a world where data is king. This blog post summarises the key questions, talking points and takeaways from Alex’s session.
What is data sovereignty and why is it important?
There are many technical implications behind owning your own data, as well as many financial and business implications. Alex began by explaining that as a pain physician himself, one of the challenges of working in the intersection of medicine and technology is that it is yet to be sufficiently proven to doctors themselves that digital technology helps the therapeutic dialogue and supports the physician-patient relationship, which doctors hold sacred.
As an early adopter of cryptocurrencies (including Bitcoin but not exclusively so), he believes that cryptocurrencies are one of the ways that we can create an inclusive economy for users, which ties in with the wider issue of data sovereignty and what it may mean for us all longer-term.
To define data sovereignty specifically, it relates to who actually owns your health data. Many people think that the obvious answer is that I own my own data. Unfortunately, that is not the case. In the United States, for example, only the state of New Hampshire says that data is actually owned by the patient. In the other 49 states, the data is owned by the entities that create the data. In many cases our data — be it health data or other data about us — is used by data platforms and third parties such as Clubhouse itself, or Amazon or Facebook, sometimes without our consent.
The reason why people who are interested in blockchain talk about self-sovereignty really relates to governance. We are asking the question of how do we create (or re-create) an equitable and fair social order that is based not only on the fundamentals of our humanity and dignity but also on behavioural economics — avoiding centralisation of power. Post-Covid we need to understand how we can give voice to the voiceless, bank the unbanked and not become a surveillance state.
How has the pandemic affected attitudes towards health data and health data management?
Firstly, the pandemic exposed the weakness of our systems, especially in the Western World. When Alex tells people that the African continent is dealing better with Covid than the US or many parts of Europe — and, of course, we are extremely chagrined to hear what is going on India right now — people are often incredulous. The reason they can cope better is partly because Africa has a lot of experience with previous outbreaks like Ebola and other viruses but they also understand the interdependence of our global behaviour (that what someone does in another country can have a major impact on us). And, of course, they have a relatively young population, mostly under the age of 35, which means they are less exposed to risk compared to the West, where Covid has predominantly affected older parts of the population.
The second effect is that the pandemic has accelerated the acceptance and adoption of blockchain technology. A year and a half ago, people would roll their eyes about the use of blockchain in the supply chain — but now we have seen the disaster we have had with PPE and vaccine supply chains (or even the global supply of toilet paper!), people’s perception of blockchain is really starting to change.
There will be no going back to normal because the old ways are what got us here in the first place but we will reminagine and rebuild a new society — that is more resilient to these types of public health threats — and that world will be built on a more digital infrastructure which form part of a wider digital economy.
Can we find simpler and more universal ways to manage the different data sets coming out as a result of Covid — whether it is diagnostics data from devices or vaccine-related data etc?
There are 2 parts to this question — one is the implicit idea that we need to centralise things with one data repository, one taxonomy etc. Our world has a fetish towards standardisation and centralisation. What may be much more important in the future is a focus on collaboration.
The other important part is crowd intelligence — we don’t currently have business models that incentivize collaboration. So we have to think about how we build a decentralized economy and find ways to reimburse, reward, compensate and capture the talents that contribute knowledge and value from the bottom up. This brings us back to the issue of data where we always tend to talk about security and privacy but we don’t talk about ownership. And because we don’t talk about it, we don’t pay attention to it. We need to identify and understand the different domains of identity, which are spoken about by Kaliya Young in her brilliant book — The Domains of Identity. That way we can create a model of co-creation or co-opetition on issues related to health data,
Data sovereignty and security are separate but inter-related — can we have true data security without data sovereignty?
Right now, we are talking about data security without talking about data sovereignty. Nearly all discussions, including those being had about data security, anti-bullying, anti-trolling measures and so on on Clubhouse, for example, are led from the perspective of the platform beneficiaries not the users. Even hardened cybersecurity professionals don’t understand the idea of owning our own identity. Our traditional perceptions of identity are relational — such as employer-employee relationships or citizen-government or consumer-merchant. But actually there are multiple domains that can and should be explored — how do I see my identity, how do you see me, and are you relating to me in your identity as a person or as a business or as a fellow user of a tech platform?
The reason why all of this matters is that I am my actions, my actions are captured by data, and so if a third party takes that data, and then uses, loses and abuses it, they’re taking a piece of me. So the idea of self-sovereign identity is not some abstract concept that sounds nice — it is actually embedded in dignity. If you take it away, you are treating me as less than human. It’s a form of technological colonialism.
What are the barriers we need to overcome to make self-sovereign identity (SSI) real?
The most important thing is education. Most people still have no idea what SSI is and it is not on their minds. The first obstacle is that we need to explain what self-sovereignty means as a digital movement — owning and controlling our identity without third parties intervening — and not just from a technological perspective. SSI will allow us the freedom to navigate the digital world with a level of trust. Blockchain brings in a level of trust that was never embedded in the http protocol. Beyond that, we really need to persuade those active stakeholders who still believe in the status quo and don’t see that this is actually a problem at all — they are the hardest to convince.
Who should pioneer this change? Start ups, established companies. Policymakers?
There is a need for biodiversity. People like to do what they like to do and they don’t like to do what they don’t like to do! There are a few organizations that currently understand this issue and will get on and try to make it happen. But we really do need the people who are in charge of change to get on board. And they are often the ones who are most resistant to change. Often it is just easier to be paternalistic. If we look at the history of technology, however, it shows that decentralization and consensus usually win out. Self-sovereignty allows nation states to come closer to the idea that we will all survive better together.
What would you recommend to digital healthcare startups like PCL Health to keep in mind while deciding on their data sovereignty and security for their platform and apps?
If you have an opportunity to design a sustainable ecosystem, you should try to liberate yourselves from a commodity world mentality. Everything is not a zero sum game. That mentality impacts on our whole vision towards intellectual property, ownership and so on. So we need to focus less on selling stuff and rather focus on creating a data economy and transition from a mentality of scarcity to a mentality of abundance. It is more ethical, it is more tolerant — and, ultimately, it represents a better business model. When our users benefit and grow from the ecosystems we build, we also grow. So start ups should embrace self-sovereign identity because it makes the business more resilient, more secure and more censorship-resistant.
Concluding Thoughts — The need for greater patient rights and interoperability
Two major themes came across from the discussion — one was the moral and ethical imperative for us as patients and individuals to have access to our own data so we can be empowered to live better, healthier lives.
The second part is user involvement so we can move to a situation where healthcare is less fragmented and we all have a stake in these networks. As part of this re-evaluation, we may need to think about the laws surrounding ownership of data.
These ideas are explored in depth in the book Radical Markets by Eric Posner and Glen Weyl (and their website Radical Change) which look at ways to reform capital markets. We need to think about ways to enshrine data ownership in property laws not just in the SDGs or in human rights declarations. We need to go right back to the ideas of the Magna Carta really and think that “if your home is your castle, then your data is also your castle”.
Blockchain is one way to create networks built on incentives around a common goal. Once we have ownership of our data we can then choose how we want to use it, for example, we may want to use it to contribute to medical research. For that to happen we need to have the ability to extract value from our own health information so we can use it to benefit the rest of society.
Interoperability will also be key to this process — people use this as a trump card to say that data sovereignty is too difficult. But Alex and the groups he works with did manage to solve this in Africa partly because there is no data infrastructure and less regulation. In the US and Europe, data tends to reside in the institutions, in Electronic Health Records, data registries and so on. One hospital uses one system which doesn’t talk to the system in another hospital. As CEO of PCL Health, Deepti Atrish pointed out that she agrees greatly with Alex and that is why she has built a patient-centric system precisely to address this problem of data silos and fragmentation that occurs inside every health system.
Alex explained that, together with his partners at AfyaRekod and AI Center of Excellence, what he did in Africa was to build data that belongs and fits in the patient’s hand, because it is the patient that moves around the system so they need to have an independent existence. They need to have control of their multiple identities, they need to have access to those identities and the data that’s behind them. Health records need to be transparent and persistent, and portable. And that really solves the problem of interoperability.
The discussion covered a wide-ranging set of ideas and concluded by reiterating that we are standing at the door of the greatest changes in medicine and technology in human history. Data sovereignty will lay the foundation for the future of healthcare and bring healthcare to people in real-time, wherever they are.
Join us for our next event on Clubhouse on Thursday 20 May with noted speaker, podcaster and founder of The Future of Health, Andy Wilkins, on The Future for Healthy Ageing: https://www.joinclubhouse.com/event/M8obYp1x.