Building large and accurate data sets is at the core of the digital health industry, but identifying suitable cohorts and gaining legal and ethical consent to use patient data is still a huge challenge. As a result, competition for using rather than holding health data is growing exponentially and we are seeing further innovation in how digital health providers identify and incentivise individuals to grant access to their data.
Why are data sets so important to digital health providers?
Data is the lifeblood of the digital health industry, providing the basis for identifying trends and research and development (R&D). AI-based digital health solutions in particular are entirely dependent upon the data set that is available. From preventing disease and monitoring chronic conditions to reducing the cost of healthcare through more tailored medication, a larger data set will benefit both the provider and the patient.
Recent examples of big commercial deals between digital health providers and third parties are raising awareness of the value of data amongst patients and the general public. However, this has been accompanied by increased attention on concerns around how this data is used. In November 2019, for example, reports of a deal between Google and Ascension, which runs 2,600 hospitals in the US, hit the headlines. Whilst the collaboration will enable Ascension to develop AI tools to support doctors, it also – unbeknownst to patients or doctors – enables Google to access patient data including test results, diagnoses and dates of birth.
Similarly, in July 2017, a partnership between London’s Royal Free NHS Foundation Trust and Google’s DeepMind division fell foul of the Information Commissioner’s Office for failing to inform patients and to protect their privacy when 1.6 million patients’ data was used to help develop a system to assist diagnosis of acute kidney injury.
These stories have served as a warning to patients and digital health companies alike that greater attention needs to be paid to the legal and ethical bases for collecting health data. Key to this are the consents requested at the point of collection and how data controllers and processors explain and control the onward uses of that data.
How are companies incentivising patients to hand over their data?
In 2020 and beyond, we expect to see digital health companies increase efforts to build direct relationships with health trusts and patient cohorts and introduce innovative ways to incentivise individuals to share their health data. One system already being used by a small number of providers rewards patients with cryptocurrency in exchange for their data, with seemingly positive results for both parties.
For example, UK-based Pharmeum has put in place a permissioned blockchain system to allow data to be shared more easily between patients, doctors and pharmacies. The data is then used to help inform medical AI networks and smart health applications, with the patient receiving PHRM coins, a cryptocurrency, each time an application uses their data. These PHRM Coins can be spent on services available through the Pharmeum domain, such as telemedicine, making participation mutually beneficial.
Embleema and Health Wizz allow patients to develop their own data record and sell it to stakeholders or other third parties in exchange for personal rewards and the promise that, in giving up their data, they are contributing to speeding up clinical research, regulatory consents and the delivery of new treatments. In a similar vein, the start-up Nebula Genomics operates a blockchain-based genetic marketplace, allowing users to earn retail rewards for answering surveys and assisting research.
So far we have seen great success from initiatives such as these, but it is expected that with data becoming increasingly sought after, competition will grow fierce and the methods used by providers to incentive individuals will reach new heights.
An opportunity for the NHS to reap the rewards?
The NHS holds the medical records of 65 million people, making its data one of the most valuable assets it possesses. It could therefore seek to address some of its own needs by swapping data for services or, indeed, payment. Whilst the data held by the NHS could be invaluable to digital health providers, one of the greatest barriers to its use for the benefit of patients is ensuring that the necessary consent to share this data has been secured from patients.
If it is to benefit, the NHS must begin to prospectively seek consent from patients to use their data for specified purposes with third parties when performing any services for patients that involve obtaining data. One way to ensure that patients’ preferences are systematically requested and logged would be to include this in patient registration procedures at GP surgeries.
As well as the issue of consent, another barrier faced by the NHS is the lack of technological capability to track patient consent, then manage and collate the data in a format in which it could be shared. Having said that, measures to do so are already underway: the NHS is introducing a national data opt out policy, with which all health organisations must comply by March 2020. This policy gives patients the opportunity to opt out of their information being shared for any purpose outside of their treatment, with the opt out being recorded against their NHS number on the NHS Spine, a digital system which allows local and national NHS systems to share information.
For many digital health providers, access to an NHS database could transform their businesses, but more importantly, revolutionise the cures developed for medical conditions. Subject to the relevant consents being obtained, this leverage could be used to benefit patients and generate value for the NHS in the intellectual property rights in software or products created through collaborations. This would prevent the NHS getting a ‘bad deal’ and ensure that data commercialisation benefits society more widely. An example of such a collaboration is that between the NHS and Sensyne Health, which is being used to develop smartphone apps to monitor certain health conditions in pregnant women. The arrangement will see the participating NHS trusts receive shares in Sensyne Health and 4% of royalties from products that result from the partnership.
This debate taps into a wider scrutiny surrounding the ownership and benefit of public-private collaborations. Unfortunately, given that the agreements governing such relationships are usually confidential for commercial reasons, it is not always possible to know with certainty the terms that have been agreed between the NHS and Digital Health providers.
And what can be said for the rumoured US trade deal?
This is a known unknown. The Times recently reported that official government files containing private discussions between the US and UK state that ‘the free flow of data is a top priority’ for the US in any trade talks. Many, often politically motivated, commentators have concluded that a trade agreement could be drafted so as to allow US technology companies to exploit NHS patient data, with US negotiators reportedly interested in including clauses on data sharing and algorithms. It has also been suggested that the US is applying pressure on the UK to relax data privacy rules after Brexit.
The status of US/UK trade negotiations, as well as the veracity of any claims that access to NHS patient data is to be included in the trade agreement, are uncertain. But Prime Minister Boris Johnson has continually rejected all assertions that any feature of the NHS (including patient data) will be included in a US/UK trade deal.
Marcus Vass is a partner at international law firm Osborne Clarke
