Think twice before sharing your data

Who needs hospitals? We have smartphones, sensors and data!

According to Eric Topol, who is one of the leading voices in Digital Health, the smartphone is going to be the healthcare delivery platform of the future. Awesome right? No need to go into a hospital in the future, the app on your phone can record your blood pressure and transmit it to your doctor via the internet etc. 

Is it just a few rich people in California who believe this? Not according to Intel's latest research (see infographic below on what health information people are willing to share). The survey collected responses from people in Brazil, China, France, India, Indonesia, Italy, Japan and the United States. 84% would share their vital stats like blood pressure and 75% would share information from a special monitor that's been swallowed to track internal organ health. In fact, India is the country most willing to share healthcare information to aid innovation. Super awesome news, right?

Eric Dishman, Intel fellow and general manager of the company's Health and Life Sciences Group, says "Most people appear to embrace a future of healthcare that allows them to get care outside hospital walls, lets them anonymously share their information for better outcomes, and personalizes care all the way down to an individual's specific genetic makeup." 

Also, this week was the mHealth Summit in Washington, DC. It's the largest event of it's kind, over 5,000 people from around the world gathered. I attended last year, but participated this year from London via Twitter. Amazing energy and bold visions of the future on mHealth. 

In fact, this week, I also participated in the world's first G8 Dementia Summit via Twitter. "Big Data" captured from patients around the globe was cited by many of the leaders as one of the ways in which we can work to beat Dementia by 2025. Yes, the G8 put a rather ambitious  goal of a cure (or disease modifying drug) by 2025. Again, we just need to collect all this data from individuals, remove personal information, make it anonymised, and Global Health in the future will be transformed, right?

Easier said than done

Unfortunately, many of the people at conferences who are envisioning a world where we happily share our personal health data altruistically for the benefit of medical research to improve Global Health are unaware of the realities on the ground. "Big Data" seems to be inserted by anyone and everyone into their speeches and tweets. Doctors, politicians, and corporate leaders frequently use the phrase, in the hope that more people will sit up and pay attention to what they are saying.

Let's take anonymisation. If someone tells you that your personal data will be anonymised and then aggregated and made available to 3rd parties, you believe them, when they tell you your data can't identify you. Let's see what the report from the Royal Society in June 2012 said; 

"the security of personal records in databases cannot be guaranteed through anonymisation procedures"

"Computer science has now demonstrated that the security of personal records in databases cannot be guaranteed through anonymisation procedures where identities are actively sought"

It's good to have people like Professor Ross Anderson who dare to question the viability of anonymisation

Now, there are tens of thousands of health apps, and generally how many of us take the time to read terms and conditions before downloading any app, let alone a health app? We trust the brand, don't we? How do we determine as consumers and patients, whether a health app is safe to use? 

A company in the US, Happtique is working on a program of certification for health apps. Definitely a worthwhile initiative. So whilst I was monitoring the Twitter stream during the mHealth Summit, I noticed a software developer, Harold Smith, at the event had shared his blog post with his findings that there were security issues with some apps that had passed the certification process at Happtique. Yes, shocking news, but even more shocking is how a lot of people in this industry don't seem to care. Kudos to Happtique, they did react swiftly to this news by suspending their certification program

Here in the UK, the NHS have set up a health apps library. Their review process is listed too. Their website says, "All apps submitted to the Health Apps Library are checked to make sure that they are relevant to people living in England; comply with data protection laws and comply with trusted sources of information, such as NHS Choices". I've got no reason to doubt the security of the apps on the NHS library, but I'm curious - what if someone independent like Harold Smith took a look at these apps? What would his findings be? 

2014 & beyond 

In an ideal world, none of us as end users would have to worry about the security & privacy of our personal health data. We all want improved health, and improved healthcare, and we are told that mobile technology, sensors & big data could make the world a much better place. As a Digital Health Futurist, I truly want to believe that. 

However, the road ahead is potentially very dangerous, largely because the froth and hype in Digital Health is overshadowing the need to have an open and candid discussion in society on the risks and benefits of going down this road. Companies such as GE, Intel, & Cisco are pumping billions into the Internet of Things. This week the Allseen Alliance was announced, standards to allow different devices to connect to each other. Again, exciting stuff, right? 

Imagine, your smart toilet connected to your smart fridge connected to your smartphone. Personalised meal suggestions on your phone based upon the combination of the clinical analysis of your urine and what food you have remaining in your fridge? More data about our health, more data about us being transmitted between devices and apps using wifi. Hmmm, how many of us have stopped to reflect upon what safeguards are needed to prevent our bodies from being the target of hackers

In principle, I'm not against any company or government collecting more data about us and our health. If collecting more data can help us develop a cure for diseases such as Cancer or Dementia, that would be an amazing achievement for science. 

However, I do want all of us, wherever we live on this planet, to be able to make INFORMED choices about how we share our health data, and who we share it with. Who will drive conversations that lead to a society where we can make informed choices about our health data? How do we get informed consent to participate in data sharing initiatives from those members of society who are vulnerable, such as children or older people with Dementia? Is that even ethical? 

One piece of good news that came out this week is that the Data & Society Research Institute is a new non-profit organisation launching in 2014. Based in New York City, it will be dedicated to addressing social, technical, ethical, legal, and policy issues that are emerging because of data-centric technological development. 


Data about us may be the key to improving the health of 7 billion people, but that can only happen if our rights are protected at all times. The issues are common to all personal data, not just health data. Perhaps the way forwards is the creation of an international bill of digital rights?


[Disclosure: I have no commercial ties with any of the companies mentioned above]

Enter your email address to get notified by email every time I publish a new post:

Delivered by FeedBurner