Federated Personal Health Records – The Quest For Use Cases

Last week we wrote about India’s Health Leapfrog and the role of Health Stack in enabling that (you can read it here). Today, we talk about one component of the National Health Stack – Federated Personal Health Records: its design, the role of policy and potential use cases.

Overview

A federated personal health record refers to an individual’s ability to access and share her longitudinal health history without centralised storage of data. This means that if she has visited different healthcare providers in the past (which is often the case in a real life scenario), she should be able to fetch her records from all these sources, view them and present them when and where needed. Today, this objective is achieved by a paper-based ‘patient file’ which is used when seeking healthcare. However, with increasing adoption of digital infrastructure in the healthcare ecosystem, it should now be possible to do the same electronically. This has many benefits – patients need not remember to carry their files, hospitals can better manage patient data using IT systems, patients can seek remote consultations with complete information, insurance claims can be settled faster, and so on. This post is an attempt to look at the factors that would help make this a reality.

What does it take?

There are fundamentally three steps involved in making a PHR happen:

  1. Capture of information – Even though a large part of health data remains in paper format, records such as diagnostic reports are often generated digitally. Moreover, hospitals have started adopting EMR systems to generate and store clinical records such as discharge summaries electronically. These can act as starting points to build a PHR.
  2. Flow of information- In order to make information flow between different entities, it is important to have the right technical and regulatory framework. On the regulatory front, the Personal Data Protection Bill which was published by MeitY in August last year clearly classifies health records as sensitive personal data, allows individuals to have control over their data, and establishes the right to data portability. On the technical front, the Data Empowerment and Protection Architecture allows individuals to access and share their data using electronic consent and data access fiduciaries. (We are working closely with the National Cancer Grid to pilot this effort in the healthcare domain. A detailed approach along with the technical standards can be found here.)
  3. Use of information – With the technical and regulatory frameworks in place, we are now looking to understand use cases of a PHR. Indeed, a technology becomes meaningless without a true application of it! Especially in the case of PHR, the “build it and they will come” approach has not worked in the past. The world is replete with technology pilots that don’t translate into good health outcomes. We, in iSPIRT,  don’t want to go down this path. Our view is that only pilots that emerge from a clear focus on human-centred design thinking have a chance of success.

Use cases of Personal Health Records

Clinical Decision Making

Description: Patient health records are primarily used by doctors to improve quality of care. Information about past history, prior conditions, diagnoses and medications can significantly alter the treatment prescribed by a medical professional. Today, this information is captured from any paper records that a patient might carry (which are often not complete), with an over-reliance on oral histories – electronic health records can ensure decisions about a patient’s health are made based on complete information. This can prove to be especially beneficial in emergency cases and systemic illnesses.

Problem: The current fee-for-service model of healthcare delivery does not tie patient outcomes to care delivery. Therefore, in the absence of healthcare professionals being penalised for incorrect treatment, it is unclear who would pay for such a service; since patients often do not possess the know-how to realise the importance of health history.

Chronic Disease Management

Description: Chronic conditions such as diabetes, hypertension, cardiovascular diseases, etc. require regular monitoring, strict treatment adherence, lifestyle management and routine follow-ups. Some complex conditions even require second opinions and joint decision-making by a team of doctors. By having access to a patient’s entire health history, services that facilitate remote consultations, follow-ups and improve adherence can be enabled in a more precise manner.

Problem: Services such as treatment adherence or lifestyle management require self-input data by the patient, which might not work with the majority. Other services such as remote consultations can still be achieved through emails or scanned copies of reports. The true value of a PHR is in providing complete information (which might be missed in cases of manual emails/ uploads, especially in chronic cases where the volume and variety of reports are huge) – this too requires the patient to understand its importance.

Insurance

Description: One problem that can be resolved through patient records is incorrect declaration of pre-existing conditions, which causes post-purchase dissonance. Another area of benefit is claims settlement, where instant access to patient records can enable faster and seamless settlement of claims. Both of these can be use cases of a patient’s health records.

Problem: Claim settlement in most cases is based on pre-authorisation and does not depend solely on health records. Information about pre-existing conditions can be obtained from diagnostic tests conducted at the time of purchase. Since alternatives for both exist, it is unclear if these use cases are strong enough to push for a PHR.

Research

Description: Clinical trials often require identifying the right pool of participants for a study and tracking their progress over time. Today, this process is conducted in a closed-door setting, with select healthcare providers taking on the onus of identifying the right set of patients. With electronic health records, identification, as well as monitoring, become frictionless.

Problem: Participants in clinical trials represent a very niche segment of the population. It is unclear how this would expand into a mainstream use of PHR.

Next steps

We are looking for partners to brainstorm for more use cases, build prototypes, test and implement them. If you work or wish to volunteer in the Healthtech domain and are passionate about improving healthcare delivery in India, please reach out to me at [email protected].

Data Privacy and Empowerment in Healthcare

Technology has been a boon to healthcare. Minimally-invasive procedures have significantly increased safety and recovery time of surgeries. Global collaboration between doctors has improved diagnosis and treatment. Rise in awareness of patients has increased the demand for good quality healthcare services. These improvements, coupled with the growing penetration of IT infrastructure, are generating huge volumes of digital health data in the country.

However, healthcare in India is diverse and fragmented. During an entire life cycle, an individual is served by numerous healthcare providers, of different sizes, geographies, and constitutions. The IT systems of different providers are often developed independently of each other, without adherence to common standards. This fragmentation has the undesirable consequence of the systems communicating poorly, fostering redundant data collection across systems, inadequate patient identification, and, in many cases, privacy violations.

We believe that this can be addressed through two major steps. Firstly, open standards have to be established for health data collection, storage, sharing and aggregation in a safe and standardised manner to keep the privacy of patients intact. Secondly, patients should be given complete control over their data. This places them at the centre of their healthcare and empowers them to use their data for value-based services of their choice. As the next wave of services is built atop digital health data, data protection and empowerment will be key to transforming healthcare.

Numerous primary health care services are already shifting to smartphones and other electronic devices. There are apps and websites for diagnosing various common illnesses. This not only increases coverage but also takes the burden away from existing infrastructures which can then cater to secondary and tertiary services. Data shared from devices that track steps, measure heartbeats, count calories or analyse sleeping patterns can be used to monitor behavioural and lifestyle changes – a key enabler for digital therapeutic services. Moreover, this data can not only be used for monitoring but also for predicting the onset of diseases! For example, an irregular heartbeat pattern can be flagged by such a device, prompting immediate corrective measures. Thus, we see that as more and more people generate digital health data, control it and utilise it for their own care, we will gradually transition to a better, broader and preventive healthcare delivery system.

In this context, we welcome the proposed DISHA Act that seeks to Protect and Empower individuals in regards to their electronic health data. We have provided our feedback on the DISHA Act and have also proposed technological approaches in our response. This blog post lays out a broad overview of our response.

As our previous blog post articulates the principles underlying our Data Empowerment and Protection Architecture, we have framed our response keeping these core principles in mind. We believe that individuals should have complete control of their data and should be able to use it for their empowerment. This requires laying out clear definitions for use of data, strict laws to ensure accountability and agile regulators; thus, enabling a framework that addresses privacy, security and confidentiality while simultaneously improving transparency and interoperability.

While the proposed DISHA Act aligns broadly with our core principles, we have offered recommendations to expand certain aspects of the proposal. These include a comprehensive definition of consent (open standards, revocable, granular, auditable, notifiable, secure), distinction between different forms of health data (anonymization, deidentification, pseudonymous), commercial use of data (allowed for benefit but restricted for harm) and types and penalties in cases of breach (evaluation based on extent of compliance).

Additionally, we have outlined the technological aspects for implementation of the Act. We have used learnings from the Digital Locker Framework and Electronic Consent Framework (adopted by RBI’s Account Aggregator), previously published by MeitY. This involves the role of Data Fiduciaries – entities that not only manage consent but also ensure that it aligns with the interests of the user (and not with those of the data consumer or data provider). Data Fiduciaries only act as messengers of encrypted data without having access to the data – thus their prime task remains managing the Electronic Data Consent. Furthermore, we have highlighted the need to use open and set standards for accessing and maintaining health records (open APIs), consented sharing (consent framework) and maintaining accountability and traceability through digitally verified documents. We have also underscored the need for standardisation of data through health data dictionaries, which will open up the data for further use cases. Lastly, we have alluded to the need to create aggregated anonymised datasets to enable advanced analytics which would drive data-driven policy making.

We look forward to the announcement and implementation of the DISHA Act. As we move towards a future with an exponential rise in digital health data, it is critical that we build the right set of protections and empowerments for users, thus enabling them to become engaged participants and better managers of their health care.

We have submitted our response. You can find the detailed document of our response to DISHA Act below

From manifesto to budget to delivery

The 2014 election manifesto of the Bharatiya Janata Party (BJP) outlined how innovation, research and technology can transform India into a superpower by empowering, connecting and binding all stakeholders.

The decisive mandate given to the BJP-led National Democratic Alliance, under the leadership of Narendra Modi, in the general election marked a paradigm shift in the Indian political landscape; the people of India reposed their complete faith in Prime Minister Modi and his team.

Finance minister Arun Jaitley and his team must be complimented for taking forward the visionary BJP manifesto and turning it into actionable budget proposals, and also for setting the direction towards building a “Digital India” where innovation, research and technology will play a major role.

Rural broadband and e-highways

A pan-India programme called “Digital India” has been proposed in the 2014 budget to bridge the divide between digital “haves” and “have-nots”. This would ensure broadband connectivity at the village level, improved access to services through information technology (IT)-enabled platforms, greater transparency in government processes, consumption of local content and a host of other services. The railway budget proposed providing Wi-Fi connectivity at train stations, on premium trains and “Office on Wheels”.

An ambitious plan to integrate all government departments through an e-platform will create a business- and investor-friendly ecosystem in India, by making all business- and investment-related clearances and compliances available on a single 24×7 portal, with an integrated payment gateway.

An ecosystem for innovation: from ‘Sell in India’ to ‘Made in India’

India, since the beginning of civilization, has been a leader in science and technology. Lack of a favourable ecosystem for spurring innovation, however, has dented its position post-independence.

Today, India produces only around 2% of IT products that it consumes. This is having an adverse impact on its economy. The need of the hour is to make India an innovation-driven manufacturing hub from a consumption market, by creating an enabling ecosystem for nurturing product start-ups. Entrepreneurship needs to become part of the national culture instead of being the success story of a few.

The new government has recognized the need to create an ecosystem for fundamental research and innovation for India to become a global manufacturing giant with specific programmes for small entrepreneurs, start-up villages and incubation centres. The nationwide district-level incubation and accelerator programme can promote frugal innovation ground-up.

Special focus on software product industry

IT services will remain important for economic growth, but India needs new growth drivers as well. Global Indians educated in Indian universities, in Indian Institutes of Technology and Indian Institutes of Management have used foreign soil to make inventions and innovations that have benefited the world.

With the right impetus, it is quite possible to create the next Google, Facebook, WhatsApp out of India. The budget makes a big start by launching a fund for promoting product-led start-ups, a much desired innovation in the thinking of the government.

E-Healthcare and e-Education

Much of real India, Bharat, still lives in villages. Unfortunately, the past government’s average spending on healthcare and education was just 1% and 3%, respectively, of gross domestic product. As a result, basic health and education infrastructure is in bad shape.

The budget does a great job in recognizing the enormous opportunity that lies in improving healthcare and basic education access by using IT. Use of telemedicine, virtual classrooms, open online courses and e-education can be the kick-starter to achieve size and scale to improve the primary healthcare network and basic education standards.

Content localization and digitization

India has more Internet users than English language speakers; as a result, regional language keyboards are vital for deeper Internet penetration. Local language content needs to get digitized. China has already successfully developed and standardized local language keyboards.

Government can help by providing the standard templates for every language that can then be commercialized by using the public-private partnership model.

Now it’s time to deliver.

Technology, needless to say, will play an important role in effective delivery of services, monitoring performance, managing projects and improving governance.

An Integrated Office of Innovation and Technology to achieve the same, and for problem solving, sharing applications and knowledge management will be the key to rapid results, given that most departments work in their own silos. Tracking and managing the projects assume significance because India has been busy spending money in buying technology that it has not used effectively or in some cases not even reached implementation stage. Sharing knowledge and best practices across departments need to be driven by this Office of Technology.

India needs interventions across sectors to become a global knowledge hub by 2022. The Prime Minister is a very technology-savvy leader and the country looks forward to his leadership to drive this next phase of revolution in innovation and technology with a renewed vision and vigour.

This article first appeared in LiveMint