A successful digital health revolution must not put profit ahead of people, argues Simon Bain, chief executive of OmniIndex
The healthcare digital revolution will be underpinned by leveraging personal data
The ‘digital health revolution’ is the catch-all term for technological advances in healthcare.
It includes, but is not limited to, developments in wearables, health apps, electronic health records, and AI.
And it is built on leveraging personal data to improve patient engagement and data management and facilitate the curation of personalised medicines, treatments, and health plans.
But, while there are a number of reasons why this revolution is happening, and is needed, it exists alongside a key concern around data management and security.
As it stands, we have ultimately all been failed as patients and individuals for far too long when it comes to the security of our data
In many cases, making the revolution possible requires access to private health data, which is needed to create these personalised services. But, simultaneously, this data must be kept secure and safe from those looking to profit from it, whether through advertising or criminality.
This latter point has become increasingly important over the last 12 months or so because of the constant rise in ransomware attacks, with many criminal groups targeting the healthcare industry for the very reason that it handles so much of our sensitive data.
As it stands, we have ultimately all been failed as patients and individuals for far too long when it comes to the security of our data. And what’s the point in a revolution if we simply bring our old failings along with us?
This is exactly what we are in danger of today if we keep building these new products and platforms on legacy cloud infrastructure focused on monetising your sensitive data.
Legacy systems are simply failing to keep our private and confidential data safe.
As of late June 2023, more than 220 cyber attacks have targeted hospitals and health systems, and more than 36 million people have been affected, according to a report in Chief Healthcare Executive.
This is supported by other experts who have also noted an increase in attacks over recent years.
The biggest issue is that healthcare’s data infrastructure and data management has stagnated while criminal attackers have continually adopted new and emerging technologies
The annual number of ransomware attacks more than doubled between 2016-2021, with almost half of those affected facing disruption in the delivery of healthcare, and just one in five organisations being able to restore the data from backups, according to a report from the Journal of the American Medical Association.
There are a number of potential causes for the rise in attacks, but the biggest issue is that healthcare’s data infrastructure and data management has stagnated while criminal attackers have continually adopted new and emerging technologies.
This is not in any way a problem unique to healthcare, however. Financial services, education, and even emerging AI companies are all succumbing to these attacks.
But the state of play within the healthcare industry is particularly concerning because of just how sensitive and important this data and these services are.
For example, a 2022 industry report examining the impacts of cyber attacks in healthcare states that 45% of those asked believed the attacks resulted in adverse patient care, while 54% believed it caused patients to face risks including high rates of impact service, and 26% believed the attacks resulted in inappropriate therapy or treatment deliveries.
The data vulnerabilities that criminals are exploiting predominantly come from the legacy cloud infrastructure. As such, organisations need to ensure that when they produce new products and platforms, they move away from these now outdated technologies and upgrade to today’s Web3 solutions.
If they don’t, then regardless of how good the product or service is in terms of meeting a patient’s or health professional’s needs, the data involved will remain vulnerable.
And this is especially important when it comes to the advancements in personalised care as this is fully focused on health data.
Health and wellbeing startup, Health Innovation Hub, is developing a new app to offer individual advice and support to users thanks to information added to the user’s secure diary.
Inputs include data synced from wearables, test results, and the user’s diary entries focused on areas including gut health.
In other words, they’re producing an app that is powered by deeply-sensitive and regulated data.
In order for the digital health revolution to truly succeed, it must deliver improved outcomes to patients without coming at the expense of privacy and security
To ensure this data is accessible and analysable while still protected, they are using a combination of Web3 and fully-homomorphic encryption (FHE).
The Web3 storage (via a sandboxed and immutable blockchain) enables this data to be stored and accessed at all times securely by those authenticated to view it, while the FHE enables the data to remain encrypted at all stages, including while being searched and analysed.
In comparison, if they were using legacy cloud technology and the traditional versions of encryption, the data would need to be decrypted to analysed, and the cloud storage providers would technically have third-party access to that data which can be used for targeted advertising and other direct and indirect monetisation.
Accessing the potential of Web3 means businesses can securely and privately add highly-confidential and sensitive health data to analytics, making it possible to provide personalised health insights to customers without any of their private data being exposed to cloud providers or cyber criminals.
In order for the digital health revolution to truly succeed, it must deliver improved outcomes to patients without coming at the expense of privacy and security.
There is no excuse for a continued reliance on legacy systems that put patients at risk, let alone new systems that fail to make use of the available technology that secures and protects private data.