Curious about the landscape of privacy in healthcare, now and in the future? Following the 2022 HIMSS Global Health Conference and Exhibition, TripleBlind’s SVP of Healthcare Dr. Suraj Kapa (M.D.) discussed how to collaborate with sensitive healthcare data, without compromising privacy, speed, or fidelity.
Dr. Suraj Kapa, M.D., is a board-certified cardiologist with subspecialty certification in cardiac electrophysiology at Mayo Clinic. Dr. Kapa has published over 200 peer-reviewed articles and book chapters, given hundreds of guest lectures, and filed over 30 patents that serve as the foundation for healthcare startups. During this webinar, he shared his highly-sought after views on the future of digital health and healthcare delivery. Here’s our recap:
Key Discussion Questions:
- Privacy-enhancing computation facilitates rapid innovation in healthcare. By enabling AI development using high-quality global data, how can new and effective products and services can hit the healthcare market?
- Specific challenges for the use of healthcare data include HIPAA regulations, third-party contracts and audits, de-identification tasks, and residency rules. How might we address these challenges in the future of healthcare?
- Technical and legal barriers prevent healthcare institutions from unlocking data in safe and compliant ways. How can innovations in privacy-enhancing technologies satisfy compliance requirements and drive future developments with data.
What is data in medicine or healthcare?
“As a medical student, a resident, a fellow, and as a practicing cardiac electrophysiologist, the things we always think about when we think about learning in medicine is the traditional large textbooks that each weigh about 30 pounds…But that’s not where medicine limits itself. It’s not just reading a Wikipedia page. It’s not just reading a textbook, because really where the context of medicine comes into play is at the forefront of when you’re interacting with the patients.” – Dr. Suraj Kapa
Data in medicine or healthcare is any and all information derived from interactions with patients. From a patient’s current symptoms to their entire family’s medical history, diagnostic information contributes to large swaths of healthcare data that medical professionals use to provide high-quality care.
What are the benefits of data scalability?
Data scalability can be thought of as the opportunity to operationalize patient data at the individual, organizational, and collective levels. According to Dr. Kapa,
“Ideally, you would want to take these insights and these understandings and deploy them globally –– so that a clinician who is only one year out of practice can get the same value from a patient’s interaction history as somebody who’s been in the practice for over 30, 35 years. That’s a large part of what we talk about when we talk about digital insight development and digital platform development. Part of it is leveraging this extraordinary cohort of data as we take care of patients.”
What are the challenges healthcare faces for data scalability?
- Increasing provider level costs – Human touch-points are still required to engage patients, even as technologies and diagnostic modalities improve. Investments into human-centered logistics and improved technologies are bound to increase costs for hospitals and patients –– especially if data actualization requires providers to jump through hoops to be able to use valuable information.
- Data discovery and pre-processing are often resource intensive – Efficiency in digital healthcare relies on an understanding of what data sets are available, as well as interoperability between data users and providers. Data prep must account for legal compliance, be transmitted with appropriate encryption/decryption standards, and prevent unintended uses of the original data. These processes are also time and resource intensive, adding further complexity to scalable digital healthcare.
- Varying global standards for data collaboration can hinder progress – Data sharing across borders requires adherence to many different requirements for collaboration. If a US-based healthcare provider wanted to work with a satellite clinic in Dubai, strict yet mismatched laws can prevent valuable information from being shared between parties. Regulations limit the flow of data between regions, increase fines in the event of violations, and increase the cost of collaboration between healthcare institutions.
What are current solutions and their drawbacks?
A variety of privacy-enhancing technologies (also known as privacy-preserving technologies) have been developed to enable data interactions while abiding by data regulations, such as HIPAA and others. Dr. Kapa lists and analyzes the following solutions in the context of healthcare:
- Tokenization – This approach masks sensitive data, but also takes it out of use. Masking eliminates the ability or possibility of data operationalization. If you tokenize half of a genomic data set, that half of a genome is no longer usable –– preventing whole genomic evaluations.
- Synthetic data – By using quantitative statistical approaches on real data, synthetic data can be generated to solve critical data issues. However, since synthetic data is representative of how an individual’s health should look according to statistics, results will only be as accurate as initial approximations. This can create errors within algorithms or limit the accuracy of what would occur if one had access to true, raw data.
- Differential privacy – This approach applies noise to a data set with the intention of limiting individual identification within the set. Differential privacy can limit accuracy and does not meet standards for regulatory compliance.
- Homomorphic encryption – This method allows for operations on encrypted data, but it is often computationally inefficient at scale. Homomorphic encryption works well for small data sets or genomes, but falls apart operationally when faced with hundreds, thousands, or millions of data points.
- Secure enclaves and confidential computing – These mechanisms enable interaction with data, but are inherently hardware-dependent –– increasing costs. Secure enclaves require both the data and the algorithm to be stored in one place, which silos data behind data residency and regulatory fences.
- Federated learning – This approach distributes the process of training a machine learning model across different data providers, but keeps data in place. However, federated learning isn’t always accurate –– and often increases computational speed for individual data owners. It’s also possible to reconstruct portions of training data when building a neural or federated network, leaving holes in terms of privacy and security.
What are six key considerations to improve privacy technology in healthcare?
Solutions that can address the drawbacks of previously-listed privacy enhancing technologies are bound to drive innovation in healthcare. These are considerations that Dr. Kapa recommends PET-centered organizations focus on:
- Ensuring speed and accuracy to encourage interoperability in healthcare
- Real-time, de-identified computation
- One-way encryption
- Hardware agnosticism
- Cloud-based compatibility and API-driven exchanges
- Compliance with existing and overlapping data regulations
How does the TripleBlind Solution meet these considerations?
The TripleBlind Solution is an API-driven virtual exchange that reduces risk, effort, and cost without restricting data’s utility or value. TripleBlind applies one-way encryption to data and algorithms so that they can be used for authorized purposes only. Data stays resident, yet is also operationalizable. TripleBlind meets standards for the future of digital healthcare by being non-hardware dependent, facilitating secure and trustworthy multi-party interactions, and ensuring compliance with HIPAA, HITECH, and other data regulations. What benefits does this afford? In the words of Dr. Kapa,
“Imagine if our ability to rapidly understand health information in real-time was more efficient. We wouldn’t be reactive. We can be proactive. In the midst of all this, we need to be able to deliver effectively and scalably.”
Healthcare organizations could use insights from data to increase our age by 20 years from where we are now, or promote optimal human health at age 90. Solutions and treatments could be devised for once-terminal illnesses, and costs for developing such treatments could drop from billions to millions of dollars. The opportunities for digital healthcare is endless –– so long as the right solutions are used in the context of healthcare data.
We’re thankful for Dr. Kapa’s thoughts and perspectives on The Present and Future of Privacy in Healthcare. To watch the full webinar, click on this link. For additional information on how TripleBlind is catalyzing innovation in the context of healthcare, read more about our use cases or download a complimentary copy of our whitepaper!