Data sharing should not be an afterthought in digital health innovation

Researchers as major data consumers recognize the importance of sound management practices. Adobe Stock

We need to learn lessons from previous pandemics and to support an effective way of sharing data across Canada – while addressing privacy concerns. 

by Soyean Kim, William Hsiao, Nancy Olewiler. Originally published on Policy Options
September 16, 2022

Within Canada and abroad, many health-care organizations and health authorities struggle to share data effectively with biomedical researchers. The pandemic has accentuated and brought more attention to the need for a better data-sharing ecosystem in biomedical sciences to enable research and innovation.

The siloed and often entirely disconnected data systems suffer from a lack of an interoperable infrastructure and a common policy framework for big data-sharing. These are required not only for rapidly responding to emergency situations such as a global pandemic, but also for addressing inefficiencies in hospitals, clinics and public health organizations. Ultimately this may result in delays in providing critical care and formulating public health interventions. An integrated framework could improve collaboration among practitioners and researchers across disciplines and yield improvements and innovations.

Significant investments and efforts are currently underway in Canada by hospitals and health authorities to modernize health data management. This includes the adoption of electronic health record systems (EHRs) and cloud computing infrastructure. However, these large-scale investments do not consider data-sharing needs to maximize secondary use of health data by research communities.

What’s preventing Canada from creating a robust health data infrastructure?

Without good data we can’t improve mental health care

When will Canadian heath care fully ride the digital connectivity wave?

For example, the adoption of Cerner, a health information technology provider, as an EHR system in British Columbia represents the single largest investment in the history of B.C. health care. It promises improved data-sharing, and yet the framework for data-sharing is non-existent.

Operationalization of a data-sharing system is complex and costly, and runs the risk of being both too little and too much of a regulatory burden. Much can be learned from both the SARS and COVID-19 pandemics in formulating the next steps. For example, a national committee was formed after SARS to propose the creation of a centralized database to share public health data (the National Advisory Committee on SARS). A more recent example is the Pan-Canadian Health Data Strategy, which aims to support the effective creation, exchange and use of critical health data for the benefit of Canadians.

New possibilities to help heath care providers and users safely share information are providing innovative solutions that deal with a growing body of data while protecting privacy. The decrease in storage costs, an increase of inexpensive processing power and the advance of platforms as a service (PaaS) via cloud computing democratize and commoditize analytics in health care. Privacy-enhancing technologies (PETs), backed by national statistical organizations, signal new possibilities to help providers and users safely share information.

Researchers as major data consumers recognize the importance of sound management practices. While these practices focus on the responsibilities of research institutions, they also promote sharing of biomedical data. Two examples are the National Institutes of Health’s data-sharing policy and Canada’s tri-agency research data management policy. These policies are based on an understanding of what’s needed in infrastructure modernization, in tandem with what’s needed for robust data-sharing and good management policies.

What about hospitals and health authorities as data producers? Who is forging a new structure and policy to direct them across Canada to increase data-sharing capacity?

Public health organizations operate with a heavy burden to comply with a multitude of regulations that affect data-sharing and management. This challenge is compounded by uncertainty surrounding risk quantification for open data-sharing and community-based computing. This uncertainty often translates into the perception of high risk where risk tolerance is low by necessity. As a result, there is a barrier to investing in new infrastructure and, just as importantly, investing in cultural change in management during decision-making processes related to budgeting.

Better understanding of the system is needed before taking the next steps, particularly when looking at outdated infrastructure governed by policies that never anticipated innovation and weren’t designed to accommodate rapid software deployment. Examining and assessing the current state of the Canadian health-care IT infrastructure should include an evaluation of the benefits of broad data-sharing to help foster momentum for biomedical advances. By looking at the IT infrastructure as it stands now, we can see how inaction costs society time, money and patient health.

One approach is to create a federated system. What this means is a common system capable of federated data-sharing and query processing. Federated data-sharing is defined as a series of decentralized, interconnected systems that allow data to be queried or analyzed by trusted participants. These systems require compliance with regulations, including legal compliance; system security and data protection by design; records of processing activities; encryption; managing data subject consent; managing personal data deletion; managing personal data portability; and security of personal data.

Because much of Canada’s IT infrastructure for health data management is obsolete, there needs to be significant investment. As well, the underlying infrastructure needs to be rebuilt to communicate externally with digital applications through a security framework for continuous authentication and authorization.

Whatever system is used must be capable of ensuring patient privacy. For example, individuals might be identified by reverse engineering data sets that are cross-referenced. The goal is to significantly minimize ambiguity in assessing the associated risk to allow compliance with privacy protections in law and practice. Widely used frameworks exist that address these issues.

Subscribe to our newsletter.

The market is providing available technologies and cost-effective methods that can be used to enable large-scale data-sharing that meet privacy protection criteria. What is needed is the collective will to proceed, to upgrade obsolete data infrastructure and address policy barriers. Initiatives and applications in other jurisdictions or settings face similar challenges, but our research and development can be accelerated to help enhance data sharing and improve health outcomes.

The authors would like to thank professor Julian Somers and professor John Blatherwick for informing this perspective.

This article first appeared on Policy Options and is republished here under a Creative Commons license.

0 Shares