When it comes to data management, the healthcare Industry is about 5 – 10 years behind other industries. Unlike the banking and e-commerce industries, healthcare involves people’s lives. Innovation and adoption is a slower process.
Failing, making a mistake and learning from your mistakes in Silicon Valley is often referred to as ‘innovation’. The same thing in healthcare is often called ‘malpractice’.
You’ve probably heard of the term “Big Data” by now. Let me try to simplify as it relates to the Healthcare Industry. 15-20 years ago we had devices built to control one thing. E.g. Thermostats controlled the environment. Later, these devices were modified to become more intelligent. Now the thermostat can control the environment AND transmit the data (i.e. temperature data to BMS panel). As these devices have become more intelligent, they have started transmitting more data regarding their environment. And now, we are collecting various data points within a building and conducting energy efficiency analyses on a local and enterprise level. Why would we need the data if we did not analyze it to improve the performance of the building?!
The same concept applies to medical equipment. 15 to 20 years ago medical equipment devices were stand-alone, serving one purpose. And, now, these devices—MRI, radiology, x-ray, CT scan, defibrillator–are all connected to a network, transmitting patient information into a single repository. Of course, the data collected in a healthcare facility is a thousand times larger than that of the Building Management System (BMS). So, what do we do with all that data? How is it used and by whom?
Currently there is no single application, platform or standard governing data collection or data analytics in healthcare. However “experts” consistently agree we should collect as much information as possible from medical devices and clinical systems, in order to facilitate more data analytics. So as these systems and standards governing them become more mature, we will be able to analyze the data more efficiently–to identify drug interactions prevention, misdiagnosis, missed routine exams, healthy lifestyle recommendations, disease prevention, etc. And the scope of analysis can range from the individual patient level to the entire healthcare system to several healthcare systems connected via a single insurer. Great possibilities.
Well, quite honestly, there is no such a thing as ‘data security’. Let me clarify. When you install a car alarm system, it is not to prevent theft. Even the most sophisticated car alarm system is penetrable by a determined, skilled thief, in a matter of minutes or fraction of that. So, you don’t install an alarm system to prevent theft. Rather, you install it to reduce the pool of potential intruders. (If you’re interested to discover more about how relatively easy it is to hack digital systems, networks, etc., I recommend the book, Countdown to Zero Day. Of course I don’t condone the hacking. This is merely intended to help inform re the reality that we must address, in any industry.)
Did you know that some 80 percent of usernames and passwords set by the manufacturers, which are readily available online, never change? A BYAA cyber security firm managed to find some 80,000 medical devices online. These devices were directly connected online, visible and accessible by ordinary people, not just hackers.
Of course, healthcare facilities can do a better job (and in most cases are) protecting patient information. Maintaining separate locations for patient information–social security and credit card numbers separate from patient contact info–will help reduce the likelihood of easy accessibility of information into the wrong hands. Encrypting sensitive information should be (and often is) a common practice as well.
Moral of the story: Innovation of “Big Data” in healthcare is slow to adopt, compared to most industries, primarily due to the higher stakes of human life. However, the collective WE–patients, doctors, IT managers, hospitals administrators, providers, insurers, the government–all have responsibilities to continue demanding, guiding, and shaping healthcare date usage and security. Our future depends on it.
I welcome your thoughts on this topic to enrich the conversation. Feel free to comment below.
Massoud Safaee, Senior Associate | Technology