
With this research, the Rathenau Instituut has mapped the opportunities and challenges of aspiring to responsible digital health management, and in particular the implications for public values and control of one's own healthcare. Our research shows that current technical and organisational development focuses on privacy-aspects and the position of chronically ill patients. On the other hand, current development focuses less on necessary changes in healthcare, different types of patients, values such as autonomy, the role of the caretaker, and the use of data by third parties.
Authors
The ability to access our personal medical data and identify the healthcare providers with which we wish to share information during treatment should allow us to take charge of our own health. The Dutch Ministry of Health, Welfare and Sport and the healthcare sector are encouraging and facilitating such ‘digital health management’. They have made substantial progress in developing and implementing a new system that gives the public digital access to and supports the sharing of health data. In this study, the Rathenau Instituut has examined the opportunities and challenges of digital health management, in particular the implications for public values and individual management of health. Current technical and organisational trends tend to focus on privacy issues and the position of chronic patients, with less thought being given to the changes needed in healthcare practice, the different categories of patients, values such as individual autonomy, the role of the healthcare provider, and the use of data by third parties. The Rathenau Instituut would like to broaden the discussion and address these concerns so that the Netherlands can genuinely deliver on the promise of digital health management while also protecting the public and patients.
From electronic health record to digital health management
From 1 July 2020 onwards, individuals must be able to access their own medical data digitally (online) and to indicate what kind of data may be exchanged with which healthcare providers in the event of treatment (specified consent). The MedMij Programme, headed by the Dutch Patient Federation, Nictiz and the Dutch Ministry of Health, Welfare and Sport, is also working to develop a set of rules that will enable patients to view, manage and safely share their own health data (regardless of where these are stored) digitally with healthcare providers from a central point (a personal digital healthcare environment or, more simply, personal health environment, PHE), whenever and wherever they want. The PHEs offer patients the opportunity to combine and share data from their own personal health records (PHRs), the healthcare practitioners’ electronic medical records and self-collected data via wearables, sensors et cetera. These advances will help ensure the secure exchange of information between healthcare providers, and between healthcare providers and patients. Specified consent is a further interpretation of specific consent. Specific consent is laid down in the Dutch General Data Protection Regulation implementation act and entails that it must be clear for patients for which processing, of which data, for what purpose the healthcare provider requests permission. With specified consent, as laid down in the Processing of Personal Data in Healthcare (Additional Provisions) Act the patient must also be given the opportunity to specify or distinguish which data can be provided to which healthcare provider or categories of healthcare providers.
Such digital support will help individuals ‘manage’ their own health. It is expected to provide not only doctors but also patients with a better indication of their health status. A better understanding of their personal health data also means that people can in fact assume more responsibility for (and take charge of) their own health.
Aim and research questions
This study explores the opportunities and challenges of digital health management as pursued by government and other stakeholders. We examine the implications of the current structure of technical, organisational and legal agreements – the digital health management ‘system’ – for the public and for healthcare practice and how that system could influence the way in which individuals manage their health.
The three main questions addressed in the study are:
- How is the system designed to store, share and use health data so that people can take charge of their health (‘digital health management’)?
- What implications does the digital health management system have for broader public values (such as autonomy and equity and equality) within the context of preventing and treating diseases over a person’s lifetime?
- What policy options are available to take these implications into account?
In our study, we make use of various qualitative research methods: case studies regarding ‘Online Access to health records’, ‘Specified consent in data exchanges within the healthcare sector’ and the ‘MedMij Programme’; semi-structured interviews with twelve stakeholders and experts; previous research by the Rathenau Instituut; and desk research.
Practical aspects of designing digital health management
Building a digital health management system is turning out to be (technically) more complex than was expected by those involved. There is a need for building several types of healthcare infrastructures, both central and decentralised. Moreover, developing standards takes time and requires consultation with many different parties. Digital health management also necessitates new forms of cooperation, for example in order to integrate data from the PHEs into routine healthcare processes. It is by no means certain that all the necessary underlying arrangements can be recorded centrally.
Implications for public values
New discussions are emerging in the healthcare sector about control over the data in professional medical records (privacy), equal access to healthcare (equity and equality) and individual management of the healthcare process (autonomy). Giving people more control over their health data is no guarantee that they actually understand the information or will be able to manage their health more effectively. Digital health management gives people more responsibility, in times of sickness and health. It is unclear whether the public in all its variety – including chronic patients – is willing or able to shoulder this responsibility, and if so, how.
The responsibility borne by healthcare providers and their relationship with patients may also change. Because the objectives of various parties are intertwined in digital health management, however, we no longer know precisely who is earning money from our health data and from sharing it, who is benefiting from our data, and who is responsible for what. This uncertainty raises serious questions about the real degree of control that people exercise in digital health management. If our ability to act in response to feedback increasingly depends on analyses (big data, machine learning, predictive medicine) of linked data, it may be that our choices are being manipulated, whether or not deliberately. It is therefore debatable whether people in fact make ‘their own’ choices and thus take charge of their own health. To sum up, our study shows that the current structure of online access and PHEs may have implications for broader public values, and that it can therefore be difficult to assess the consequences for people’s ability to take charge of their health.
Policy options that take the implications into account
According to our analysis, the digital health management system faces three main challenges, giving rise to various policy options:
- The challenge of broadening the focus on privacy and security to include other public values. In addition to privacy and security, other public and ethical values may be compromised by digital health management. These values must be safeguarded at the earliest possible stage of design.
- The challenge of ensuring that the system works for different categories of patients and other groups of people. The digital health management system is geared primarily towards meeting the wishes of chronic patients who are capable of self-management; it gives little consideration to the wide variety of other patients and (vulnerable) individuals. Digital health management will also change existing healthcare processes, although we do not yet know how.
- The challenge of pointing out and regulating the expanding options that data exchange within and without healthcare provides for data analysis and data profiling. More data sharing within and outside the healthcare sector also makes data analysis and data profiling possible. Due consideration must be given to the risks and consequences of increased data sharing and of applying (self-learning) algorithms to large amounts of health data.
Our main conclusion and recommendations
To deliver on the promise of health data management in everyday practice and to protect the public and patients, the Rathenau Instituut proposes to broaden the discussion and address these concerns. To this end, we make three recommendations for how policymakers, patient representatives, healthcare providers, IT suppliers and individuals can continue working together towards socially responsible digital health management:
- In addition to ‘privacy by design’ and ‘data protection by design’, focus on including broader public values (such as autonomy) in the design of digital health data management systems (‘ethics by design’).
- Ensure that the MedMij Programme and PHEs are responsive to the needs of different categories of patients and other groups of people.
- Set additional requirements for all government and commercial parties that use data from the PHE, even if patients or other individuals have given their consent. Secure the role of the healthcare professional in interpreting data. Ensure that people are capable of making deliberate, informed choices.
Preferred citation:
Responsible digital health management – More data, more control? The Hague: Rathenau Instituut.
Three recommendations for responsible digital health management
It is important to reflect on the vulnerable position of patients and less resilient members of the public, and on the way that digital health management is changing the responsibilities of physicians and patients and the relationship between them. We make three recommendations for how policymakers, patient representatives, healthcare providers, IT suppliers and individuals can continue working together towards socially responsible digital health management:
- In addition to ‘privacy by design’ and ‘data protection by design’, focus on including broader public values (such as autonomy) in the design of digital health data management systems (‘ethics by design’); this would be a task for the National Health Information Council (Informatieberaad Zorg).
- Ensure that the MedMij Programme and PHEs are responsive to the needs of different categories of patients and other groups of people. Learn from the pilot projects that are currently under way and examine how digital health data management can be organised in the best possible way for everyone.
- Set additional requirements for all government and commercial parties that use data from the PHE, even if patients or other individuals have given their consent. Secure the role of the healthcare practitioners in interpreting data. Ensure that people are capable of making deliberate, informed choices.
Frequently asked questions
No, but it is related. For many years now, the Dutch government and healthcare sector have been looking for a good way to store all the health data that is accumulated about individuals – preferably in a single, person-specific digital environment – in a way that facilitates digital data sharing. In 2011, the Dutch Senate rejected the Electronic Patient Record Act because it did not sufficiently guarantee patient privacy and data security. Since then, many different information systems have emerged.
The assumption is that collecting, sharing and linking health data will benefit the health of both individuals and society. It will allow people to participate in their own care process and work on becoming or remaining healthy, and it will support personalised care and sickness prevention. The government and politicians have therefore persisted in their desire to make health data available digitally, and not just to care providers but to patients as well.
In the Act Supplementary Provisions for the Processing of Personal Data in Healthcare , adopted by the Senate in July 2017, the government established the conditions under which data may be exchanged between the various information systems in the healthcare sector. These conditions are meant to lay the groundwork for a system that provides better privacy and security safeguards. As from 1 July 2020, every person in the Netherlands must be able to access his or her own health data online and to indicate which care providers may access which data (if and when necessary); the latter is referred to as ‘specified consent’.
Specified consent is a further interpretation of specific consent. Specific consent is laid down in the Dutch General Data Protection Regulation implementation act and entails that it must be clear for patients for which processing, of which data, for what purpose the healthcare provider requests permission. With specified consent, as laid down in the Act Supplementary Provisions for the Processing of Personal Data in Healthcare the patient must also be given the opportunity to specify or distinguish which data can be provided to which healthcare provider or categories of healthcare providers.
The Ministry of Health, Welfare and Sport and the Dutch Patient Federation are working with the healthcare sector and IT suppliers to set up a safe, properly functioning system that will allow people’s digital health data to be accessed, shared and linked online. These efforts include amending legislation, concluding agreements with the care sector, and the MedMij Programme. National agreements have been made to standardise the information; it would otherwise be impossible to link data.
Identification and authentication must be technically sound, for reasons of privacy and security. The MedMij Programme is laying down rules that will give patients a complete overview – a personal health environment or PHE – where they can access, manage and share personal health information, regardless of where it is stored, digitally and securely with a healthcare provider whenever and wherever they like. Financial incentives encourage parties to invest in the success of the system. Health data must be accessible online from 1 July 2020; as of that date, it must also be possible for people to indicate which healthcare providers may view which data.
The basic principle is that giving people control over their health data will allow them to manage their own health.
Everyone in the Netherlands already has the right to access data about their own health and medicinal drug use. From 1 July 2020, they must also be able to do so online. They should also be able to decide for themselves which data they wish to share with which healthcare provider (‘specified consent’). They can also decide against sharing their data.
Linking and sharing data have advantages for healthcare institutions; once the relevant patient has issued his or her consent, institutions have quick and easy access to the necessary data. This means, for example, that no more unnecessary duplicate laboratory tests will be carried out for diagnostic purposes, and that patients will no longer need to repeat their medical history or medicinal drug use every time they see a new healthcare provider. Unnecessary visits to doctors and other healthcare professionals can be avoided.
This approach also reflects the nature of life today, with almost all information being provided or requested digitally, and with apps and wearables tracking more and more of our individual health data. It seems convenient for people to have all their health data stored in a single place and organised to suit their needs. Eventually, this information could then be used for other purposes, for example in digital coaching offered by the healthcare sector and private parties to the chronically ill or to those keen to alter their dietary habits and lifestyle.
Data privacy and data security are extremely important and vigorous efforts are being made to guarantee them within the context of digital health data management in the healthcare sector. It is unclear whether enforcement will be possible, however. And there are other factors to be considered. Physicians themselves have indicated that the digital interface could well change their relationship with patients. The expectation that a physician will somehow be available 24/7 is unrealistic. How are they to deal with data, for example from apps or wearables, that patients provide themselves? Which data should be included in their health records? And who is supposed to coach patients when they come across alarming digital information about their illness without having spoken to their doctor? It is clear that these changes are imminent, but we do not yet know how they should be incorporated into the care process.
The digital health management system is geared primarily towards meeting the wishes of chronic patients who are capable of self-management; it gives little consideration to the wide variety of other (chronic) patients and (vulnerable) individuals whom lack for example required skills or do not have the desire to self-manage.
With data sharing in the healthcare sector being standardised and with some people being keen to track and monitor their health themselves, it has become possible to combine and analyse more and more accumulated data. Healthcare institutions or private parties have apps that provide coaching, and algorithms are increasingly being used to intervene in our lives. It is therefore crucial that people become aware of the implications of data sharing, that they cultivate the right decision-making skills, and that they understand how to protect themselves against profiling and manipulation.
Say that we succeed, both technically and in organisational terms, in setting up a system that links and shares data for health management purposes. Will making people responsible for their own data actually allow them to take charge of their health? Will people – including a wide range of different patients – be willing and able to shoulder the responsibility that they are given?
The question is to what extent those who so wish will be capable of acting on the information provided by health data or on the feedback delivered by health apps. We may be overestimating their abilities. In addition to having the necessary digital skills, they must be able to interpret the digital health data correctly and have the will to change unhealthy habits, for example. It is precisely those groups most likely to call on the healthcare system – the elderly, people with a low socio-economic status, the intellectually impaired, the illiterate, people with serious mental or complex disorders, migrants – that often lack the above skills.
This may well lead to a digital health divide in society. It is also possible that society will come to feel less solidarity with those who are unwilling or unable to manage their health based on their digital health data.
First of all, the Rathenau Instituut recommends that the parties involved in setting up the system for digital access to and sharing of health data should think carefully about what it will mean for our public values. So far public values have not been adequately factored into the design process, but it must be possible to implement them properly. The values include autonomy (can people in fact make choices and understand the implications?), equity and equality (is everyone capable of managing their health digitally or will a division arise between those who can and those who cannot?) and solidarity (will everyone be expected to take action based on the data?).
In the interests of data privacy and data security, we recommend abandoning the idea of integrating health and healthcare data infrastructures centrally. An integrated, centralised infrastructure would be highly vulnerable to cyberattacks.
Second, ensure that the digital health management system meets the needs not only of chronic patients, but also of other types of patients and the public in general, and especially of vulnerable, less assertive individuals.
We further recommend setting additional requirements for all government and commercial parties that use data from the personal health environment, even if people have given their consent. A healthcare professional must always be involved in interpreting health data. Finally, people must be ‘digitally literate’ and understand the consequences of sharing data.