Digital health data management of the future: (re-)claiming agency over our digital health data?
Lawrence Van den Bogaert, Anouk Verhellen, Audrey Van Scharen, An Jacobs
The use of digital health products and services is becoming increasingly prevalent, resulting in a significant amount of digital health data being generated, stored, and exchanged. This presents new opportunities for improved diagnosis and treatment (primary use). It also creates a valuable source for health research and public health policy making (secondary use). Although the EU General Data Protection Regulation (GDPR) does not mandate patients’ consent for the use of their data in research, enabling individuals to voice their preferences on how, by whom, and for what purposes their health data is used, will help to create trust in the outcome of data driven systems. In Belgium, the Flemish government just launched Athumi: a Data Utility Company that will work on the development of a data vault in which (access to) health data (among other types of data) might be managed by the Flemish citizen.
1. Digital health data
Digital health data refers to all types of digital data that are related to a person’s physical and mental health in the broadest possible way. Digital health data includes medical data (e.g. laboratory results, medical imaging, reports of consultations with physicians, etc.) as well as non-medical data (e.g. a person’s age, weight, activity levels, nutritional intake, smoking and drinking habits, etc). Both types of data can be collected actively (e.g., by measuring health parameters such as blood pressure or blood sugar levels) or passively (e.g., a smartwatch to detect steps and movement pattern or heart rate). Some digital health data can even be generated without a person knowing. Search engine entries, for example, can provide valuable information on a person’s health and wellbeing.
Digital health data is not only increasingly generated, but also stored and exchanged online between a wide array of actors. In Belgium, this happens in the so called ‘Digital Health Vaults‘ (storage) and ‘HUBs’ (exchange) like Mijngezondheid, CoZo, VZNKUL and Nexuzhealth, Vitalink, Brussels Health Network, Réseau Santé Wallon. Currently, the purpose of this online exchange of digital health data is limited to primary use (i.e. diagnosis and treatment). The data exchanged via Digital Health Vaults and HUBS could, however, be a valuable source for future secondary use (e.g. research into new treatments, safety and quality of care improvement, or to inform health care policies). But what do Belgian citizens think about their data being shared and used for different purposes?
A recent survey revealed that Belgians’ willingness to share their digital health data online varies depending on which actors receive access and for what purposes. Most respondents indicated a willingness to share their digital health data with healthcare workers to improve their own health (89%) and with a research institute or hospital for the purpose of scientific research (76%). Respondents also mostly agreed to share their data with one of the national insurance companies for the purpose of reimbursement of medical costs or to improve the insurers’ services (74%). Conversely, respondents were less willing to share their data with pharmaceutical companies that are looking for new treatments (52%); with the government to deploy their health policy (47%); and with private insurance companies to adjust their insurance fee (39%).
These numbers show that people have nuanced preferences regarding whom can administer their digital health data and for what reasons. However, little possibilities currently exist for people to express these preferences.
2. Dynamic consent
One possibility Belgian citizens have today, is to omit access to their digital health data from individual healthcare professionals. They can do so by excluding these professionals, by name or RIZIV number, from access to their data. When it comes to their digital health data being used for secondary (e.g. research) purposes, however, people have no way of granularly denying access, neither to individuals nor to organizations. The only current option for Belgian citizens who do not wish their health record to be shared for secondary purposes, is to actively withdraw their entire consent for the online exchange of their digital health data via the HUBs and Digital Health Vaults. This comes down to a drastic ‘all-or-nothing’ decision, as it makes the health record no longer accessible to anyone: not to research institutions, not to healthcare professionals, not – even – to the person him/herself. Moreover, there are questions to be asked on the legality of this feature (cfr. infra; Legal background).
A more elegant solution that allows individuals to express their preferences regarding how, by whom and what for their digital health data is used might be found in the realm of biobanks, where people donate biological samples and related information to be collected, processed, stored and distributed for research purposes. As an alternative to traditional static, paper-based informed consent forms that allow the donors’ data to be used, some biobanks (e.g. Cooperative Health Research in South Tyrol) offer what was coined ‘dynamic consent’ (DC). Through a digital interface, DC allows biobank donors to make ‘layered’ (‘granular’) consent decisions regarding their samples and data. They can meticulously indicate which of their samples/data may be used for which purposes and, importantly, revisit these consent preferences at any point to adjust them in real-time.
Might a similar tool be provided to citizens to express for which secondary purposes their digital health data can be used? The Flemish government just announced ‘Athumi’ as the Data Utility Company that will allow for more data agency through the use of personal ‘data vaults’. It was reported that in the context of digital health, data from wearables and sports apps will be accommodated. Citizens’ actual electronic health record – currently stored on the Digital Health Vaults (not to be mistaken with the data vault offered by Athumi) and the HUBS – was not mentioned. Another project that does look to encompass this in Belgium, is We Are. The goal of this collaboration between Vlaams Patiëntenplatform, Domus Medica, Zorgnet Icuro and VITO is to “give citizens control over their data”. Actual control over this data, as we will see in the next section, is however not evident, as we discuss in the section below.
3. Legal background
In traditional research, obtaining a person’s informed consent is a requirement for using their health information, but in the context of secondary use of health data in Europe (and therefore also Belgium), consent may not be necessary or preferable according to the GDPR, which provides other legal bases for data processing too. Article 6 of the GDPR states that personal data can be processed not only with consent as a legal basis but also if there is a legitimate interest (Art. 6(f)) or if it serves a public interest task (Art. 6(e)). With regard to digital health data (considered a “special category of data”) in particular, Article 9(2)(j) states that their processing is deemed lawful if it is necessary for public interest archiving, scientific or historical research, or statistical purposes. Exit: individual’s agency over their data in the same way DC allows for it in a biobanking context?
Not entirely. While obtaining consent is not necessary in the situations described above, people do have the right to object to the processing of their data. Article 21 of the GDPR states that “the data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her”. It is important to add here that exercising this right may be limited depending on the legal basis for processing the data and the national legislation governing the data subject (i.e. the person whose data is used).
Today, this “right to object” is not easily exercised either way. In the spirit of a more reciprocal and transparent social contract between researchers and society , it might be worthwhile to consider how citizens can be facilitated in expressing their digital health data sharing preferences or object to (parts of) it being used. We argue that this need might be fulfilled by a socio-technical tool based on the concept of Dynamic Consent. If such a tool were to be rolled out, it would however be misleading for it to contain the term ‘consent’. As stated above, people would be able to object to their data being used – not give or withdraw consent in the legal sense it is described in the GDPR. We therefore suggest using the term Health Data Engagement (HDE) instead of “dynamic consent” to refer to (part of the) the IT interfaces that might enable individuals to manage the sharing preferences of their digital health data.
4. Vulnerable users
If a socio-technical tool like HDE is to be rolled out on a large scale, it is important to consider its accessibility and useability also for those to whom this is not evident. Depending on their digital literacy level, people might be at risk of being digitally excluded from the possibilities offered by e.g. Athumi.
One subset of people at the risk of digital exclusion are, for example, people with dementia. With the rising prevalence of Alzheimer’s and other cognitive impairing conditions, there is a growing focus on health data governance and consent for individuals with dementia in the context of reusing (big) health data for secondary purposes. Today, tools like ‘advanced research directives’ (derived from advance healthcare directives, or living wills) already enable individuals to express their preferences and instructions regarding the use of their clinical data for research purposes – even in the event of loss of capacity. Relatedly, “data trusts” offer a legal mechanism for informal carers to manage the data of the person with dementia they care for.
Although these approaches may be useful and serve an important legal function, they do not provide the same level of interactivity, granularity, flexibility and ongoing engagement as HDE interfaces might. Unpublished research (currently under review) with dementia experts and informal carers of people with dementia suggests that a HDE tool to manage one’s data sharing preferences would be valued, both for individual reasons (e.g. security and privacy issues) as well as more general reasons (e.g. digital health data being used for ‘just’ purposes and not commercial profit). Some HDE features and user requirements that were elicited were: (a) transparency on the purposes the health data is used for; (b) a return of study results; (c) elucidation on the anonymization processes; and (d) the possibility to decide which data should be considered ‘sensitive’. In the context of dementia specifically, people stressed the importance of being able to ‘co-manage’ the data of the vulnerable user, as well as the possibility to indicate when the ‘power of attorney’ should kick in (i.e. when the informal carer gains surrogate decision making power), which now needs to be registered in an ‘advance directive’. A thoughtfully designed HDE interface might serve this purpose through (design) features such as big fonts, comprehensive sentences and visual aids for involving the person with dementia in the process. Nonetheless, the same research suggests that many people would feel most comfortable filling out their preferences together with a professional, e.g. their general practitioner.
5. Final thoughts and recommendations
Based on our findings, we developed the following conclusions and recommendations:
|Belgian citizens today have little agency over their health data when it comes to its use for secondary purposes. Even though people are generally willing to share their data for e.g. scientific purposes, research shows that they would appreciate the possibility to manage their health data sharing preferences.|
|In the realm of biobanking, one way of allowing people to more granularly and ongoingly manage their data sharing preferences, was introduced in the form of ‘dynamic consent’. Although we would propose an alternative name (i.e. ‘health data engagement’) because of the legal implications of the term ‘consent’, the principle of dynamic consent might prove useful also in the context of large-scale electronic health record (EHR) sharing.|
|Vulnerable users (e.g. with low digital literacy or cognitive impairments) should be explicitly considered when designing a HDE tool. For such a tool to be inclusive to everyone, it is important to consider and involve these users early on in the design process.|
 Telephone survey amongst 2002 Belgian citizen, conducted by Incidence at the request of the King Baudouin Foundation between June 15 and August 13, 2021.