As a physician and a Navy officer, I've spent a professional lifetime protecting data. I've held very high security clearances in war zones and managed Intensive Care Units with AIDS patients who had nationally recognizable names. I've delivered care in Angolan refugee camps, in Haitian trauma centers, and in the slums of Bangladesh. My reflexes for data protection are carefully honed.
That said, the world has changed, and my reflexes need to give way to rational thought. We need to open both health data and health resource data. I think there are some safe, sensible, and effective ways to do it with benefits that far outweigh the risks.
As a society, we're collecting staggering amounts of data, much of it personal in some form. In 2012, humanity created 2.5 exabytes (2.5 x 10^18) of digital data every single day. Facebook generates 680,000 pieces of content every minute. In that same minute, Google gets 2 million search requests across 50 billion indexed web pages, Tumblr publishes 28,000 posts, and YouTube users upload more than 60 hours of video. By 2015, we'll have stored eight zettabytes of data (8 x 10^21) in everything from floating global datacenters to USB thumb drives. That's many, many times more data than all the words ever spoken by all the humans who have ever lived.
A small portion of that stored data is related to medical care, and a much smaller portion is related to personal care of a given patient in a specific facility. We're careful to protect that data because we perceive both personal risk and a sense of violation if that information is disclosed without an ethical reason. Though understandable and admirable, it's a perspective that might benefit from some nuance.
Data worth collecting needs to be useful, usable, and used. To collect data and not allow it to become useful perhaps defeats the effort's value and probably wastes much of the time and treasure used in the collection process. If we're collecting but not releasing because of a potential privacy violation, we're taking a somewhat luxurious view of the value of personal privacy, especially in an emergency. Such a constraining view may not always be shared in the cultures where we work, and it may not fit circumstances in which we find ourselves working. Aggregated personal data can be of great utility in the preparation for a response, in the real-time allocation of resources, and in the recognition of a change in event conditions.
In the surgical tents after the Haiti earthquake, I took photographs of dressed amputations awaiting revisions because, for a while, the entire known medical record was written in Sharpie on that bandage. My photo was the only record not leaving with the patient.
A year ago, I led a team working response on Staten Island in the aftermath of Hurricane Sandy. The specific task for our team was the care of "invisibles" -- those ill, injured, or at risk of exposure who might be illegal immigrants, trafficked sex workers, domestic slaves, the homeless, and sometimes the mentally ill seeking a life of refuge in the woods and fields of that borough of New York. We were obligated to provide care for them without compromising their freedom to remain outside the system if they chose, and without inducing retribution from those who controlled them if we had no other options. That sometimes required a form of medical record that did not touch conventional systems and that incorporated a uniquely identifiable anonymity.
Over the year since Sandy, I've spoken with a range of professionals in medicine, computer science, bioethics, disaster management, and journalism, looking for the best thinking on how to approach keeping track of patients, their data, and the implications of that data when aggregated. My focus has not been the developed North, but the struggling South, and I've heard some very good thoughts.
An important new effort in Latin America and Southeast Asia, for example, is data preparedness. One part of that is a Human Security Taxonomy, an open-standards system used for understanding communities and their demographics, the risks they face, and the resources they can drawn on in an emergency. Medical resources with unique identifiers are an integral part of that. There are also global initiatives that collect critical disease outbreak details from community health workers in the villages of Cambodia, Thailand, Laos, and Vietnam and then funnel that semi-anonymized data to experts able to respond.
These are a good start, and they demonstrate some of the value of an open data ecosystem -- one that allows useful information to flow where it needs to go, using open standards in a common framework, often with biometric encryption specific to the patient. In my opinion, we need to be better able to identify each patient on the globe in a unique manner that allows evacuated victims from a pipeline fire in Tanzania to have their medical records available to their Singaporean surgeon, with rock-solid encryption based on a multi-modal biometric ID keeping their data safe in between.
Though it's not widely recognized, it is now possible to be both open and secure. Privacy regulations that, by law, thoughtlessly transcend situational boundaries without modification do a disservice to those on the forward edge trying to maximize the efficiency of urgent patient care.
From my perspective, we need to be able to collect new data, collate old data, and fuse the two. We need a unique ID for each patient, and we need a unique ID for each medical facility and provider. We need geolocation for every data element, sensible security protocols that keep ethical and legal obligations intact, and flexible international agreements that let improving technology be incorporated into subsequent iterations as we learn.
Some of that is under way, but it's not yet widely accepted, and it's not yet aligned. Encouraging examples, useful and safe, include the Open Humanitarian Initiative at NetHope, InSTEDD's work in Cambodia and Argentina, Open Data for Resilience at GFDRR within the World Bank, the Human Security Taxonomy at WWHGD.org, the Humanitarian Exchange Language (HXL), iRespond biometrics, and the OpenMRS medical record.
Some of the most vulnerable patients on the planet are losing continuity of care in transit. Outbreak epidemiology can be hamstrung by record isolation. Disaster preparedness has sometimes been compromised by our inability to locate and track critical human resources.
We can already do better, reliably and affordably, using the cleverness inherent in the technical community coupled to good bioethicists, opening patient, provider, and facility data safely and usefully. With a small relaxation in mindset and very little effort, the return on such a social investment could be substantial.
Remote Patient Monitoring: Don't let all those Fitbits fool you. Though remote monitoring technology is sound, it's still far from widespread clinical adoption. Read the new InformationWeek Healthcare Digital Issue.