At UK Health Camp 2015 #UKHC15, I joked that a session about digital in healthcare will always end up as a discussion about the sharing of personal data. Many a true word…
This happens a lot; three of the sessions I joined at #UKHC15 at least featured a discussion about the sharing of patient data – about how important it is to share it and also about how to make sure it is shared in the right way (ownership, governance, protection etc). It clearly (and appropriately) matters to us.
@thatdavidmiller made this point after an enjoyable (and lively) session towards the end of the day:
I don’t agree that “debating ownership rarely helps” as we mustn’t devalue that particular conversation, however I agree with the sentiment – it is true that at the moment it rarely gets us any further forward; it feels like the ownership conversation has been going in circles for years now.
Some projects across the country are starting to make progress in breaking down the data-sharing barriers but the reality is that piles of Information Sharing Agreements still exist just to support sharing within a single locality – that model of applying governance is absolutely not scalable.
I think the reason we’re stuck in this conversation is because we actually can’t answer the ownership question with what we know at the moment. The (read wider NHS systems, not just IT systems) we have in place today. We know that people should have control of their data and access to their data, but this doesn’t automatically equate to ownership and the risk is that ‘ownership’ becomes a catch-all term for ‘the intricate aspects of personal data, ownership, control, permission, etc.’
So maybe we need to put our current conversations about securing our data on the back-burner for a while, and have some conversations about what ‘comfortable’ might look like for users.“Revokable, Open & Transparent consumption of data,” are the sorts of things we should be talking about.
As @thatdavidmiller said, “Revokable, Open & Transparent consumption of data,” are the sorts of things we should be talking about. I’ve often imagined some kind of intuitive ‘data dashboard’ that people could use to manage their personal health data, however the complexity of the NHS structure and of people’s personal health data is such that I can’t see a straightforward route to it.
During the UKHealthCamp2015 session ‘Hard problems like care records, identity, consent’, @sheldonline briefly showed some prototype data sharing permissions screens from the GDS Government-as-a-Platform (GaaP) work and someone (I can’t remember who in order to give appropriate credit) highlighted that Facebook, Twitter, and many other online services that hold personal data already give users the ability to view who has used our data, and revoke permissions in a single click of a button.
People do broadly understand how to use these systems now – although it’s been a challenge for organisations like Facebook to make it simple for users (Google “Facebook privacy fears”) hence the fourth Government Digital Service design principle “Do the hard work to make it simple”. So maybe in health we should be looking to social networks for inspiration for how to make this work for users of the NHS? If it’s an ongoing struggle for Facebook it isn’t surprising that it’s hard for us in the NHS – can we avoid duplicating effort solving this problem where other organisations have already spent millions of pounds?
I’m not ignoring the differences between the NHS and a social network (not least the fact that social networks have all the data in one place) but when the conversation we’re having is about sharing information, social networks are up there in terms of experts.
I am certain that some of the ideas coming from the Government Digital Service and the rest of government around sharing personal data between different agencies are way beyond this in terms of thinking. I’d be really interested to see some more research in / with the NHS about what it might look like for people to manage their own health data – to see how much influence other digital services such as social networks have had on their thinking. If we can move the discussion on to: “What might the control and visibility of our personal health data look like?” some of our repeated conversations about data ownership and protection would also move forward.