Healthcare research hindered by data privacy laws
Patient trust in hospitals and other healthcare providers is critical and that extends to the use of personal data. Secondary use of that information for purposes other than to support patient care is often not covered by existing consent agreements.
In the US alone, thousands of hospitals and research organisations, along with the different medical registries hold vast amounts of patient data. These include genomic data, clinical data, patient disease registries and electronic heath registries, amongst others. The idea that our health records are sensitive and should be protected is shared by governments across the world, which impose restrictions on its use through various regulations.
While compliance is critical, the reality is that regulatory barriers – intended to protect patients – could be preventing vital work to improve the public’s health.
The challenge is that healthcare research depends on the sharing of health-related data to advance understanding of illnesses and treatments. Without the means to collaborate, it becomes difficult and often impossible for researchers to identify effective treatments for conditions like people with a genetic predisposition as well as determine the effectiveness of treatment measurements across hospital systems.
Michael Hughes, Chief Business Officer at Duality Technologies
Data protection laws across healthcare
The Health Insurance Portability and Accountability Act prevents firms in the US from disclosing patient details without consent, while in Europe, the EU’s General Data Protection Regulation requires data to stay within certain regional and other boundaries.
This regulatory landscape is becoming increasingly complex. Research and consultancy firm Gartner projects that by 2024, 75% of the world’s population’s personal data will be protected by privacy regulations.
While legislation protects our data, it makes it more difficult for data collaboration between hospitals, pharmaceutical companies, and research firms to take place. That’s because firms don’t have the privacy and security guarantees to share health data within the current regulatory environment.
What can be achieved through health data collaboration?
If hospitals, pharmaceutical companies, and research firms could share and collaborate on data– there are endless possibilities to what can be achieved. Combining different health data sets together could lead to major breakthroughs in healthcare and medicine.
One area which would benefit would be clinical trials. Medical researchers would be able to access data to help them identify the right participants to fill their studies much more quickly. This would reduce costs significantly and help researchers make faster breakthroughs in interventions and treatments.
Pharmaceutical companies would also be a major beneficiary. If these firms could get access to data, they would be able to improve their pharmacologic recipes, dramatically improving treatments for people with illnesses.
Pharmaceutical companies often neglect ‘rare diseases’ due to funding constraints. A ‘rare disease’ is defined as affecting up to 10% of the population, which could be 36m people in the US or 6m in the UK – and that is a significant number of people, whose illnesses don’t get the required focus and research. Through combining data, pharmaceutical companies may be able to research these ‘rare diseases’ more cost-effectively and in a way that wouldn’t otherwise be possible.
Through analysis of a wider pool of data, researchers could solve health problems for an individual before they are known. They could discover certain predispositions to a form of cancer that the individual has yet to be diagnosed with. As such, healthcare providers can create an individualised life treatment plan, which could mean the person never actually encounters the disease.
These examples highlight the massive benefit that data collaboration could bring to health research and care. The necessity for data collaboration to take place while adhering to regulatory compliance has led to new strategies and the increased adoption of innovative technology.
Collaboration through innovative technology in healthcare
Data collaboration in healthcare is becoming a reality through the adoption of advanced and emerging technologies. Privacy enhancing technologies (PETs) is a term that covers an array of such tools that allow firms to perform computations on encrypted data without ever decrypting it and, therefore, without revealing anything sensitive. This means they can share and analyse sensitive data without exposing the underlying information. Crucially, this means that healthcare firms can stay within regulatory requirements while protecting confidentiality and intellectual property.
Awareness of these technologies and how to combine them within a privacy-first strategy is on the increase – both within the healthcare sector itself as well as among regulatory bodies. As privacy laws evolve, it will be important to consider the role of PETs and how firms can leverage them on the road to compliance.
Equipped with regulatory guidance and the power of PETs, the healthcare sector is poised to garner entirely new insights from its abundance of previously locked data. In doing so, it can protect the patient and deliver major advancements in treatments, prevention and the future health of the population.