As far as I am concerned, privacy does not stand in the way of good data exchange in health care. It can even lead to great innovations. "Privacy by design" is the starting point in the GDPR (Article 25). But how does this work in practice? "Privacy by design" does not mean making something and then justifying the choices you have made in a Privacy Impact Assessment (or PIA, another requirement of the GDPR). Rather, it works the other way around: by first making such a PIA and only then starting the development, you get the best solutions. This is the way we work when it comes to digital support in fighting the pandemic.
Sounds vague, doesn't it, "privacy by design"? It does, and thus requires a concrete example. At the end of last year, scientists and others proposed allowing more contacts in cases where the epidemiological situation does not actually allow it (e.g. at events). That could be done - they said - if you lowered the risks by having a negative test prior to such an event. This gave rise to the idea of entry tests. But how do you prove a negative test?
You can, of course, prove it with a test result with all your data on it. But this involves your own medical data and is therefore not the most desirable situation. When we were asked to think about this (and about the digital technology to make it possible), we put privacy first. For example, there would have to be a legal basis for processing the required data (the law was recently passed by the Senate), people should not be trackable across visits to different events, it should not be possible to see at the gate what the reason for the reduced risk is (such as a test or a vaccination), there should not be a central database of that data and it is not necessary to include all your data in a proof to make it likely enough that the proof indeed belongs to you.
That thinking about data protection led to CoronaCheck, an app in which you securely retrieve the data from your negative test (and soon your vaccination) from the test provider and store it on (only) your own phone, turning it into a QR code that can be scanned. For example, the QR code changes constantly (so there's no point in comparing QR codes if you visit multiple events), the QR code does not indicate whether it's a negative test or a vaccination and only your initials, day and month of birth are included. Because sometimes initials are also very rare, we have even ensured (based on data from the Meertens Institute) that even less information is shown for rare initials.
The QR code that you show at a door is therefore not traceable across locations, does not say whether you have had a test or vaccination and does not tell exactly who you are. The way it works is described in the law and in upcoming legal regulations. Soon, the DPIA that explains it all will also go to the House of Representatives. So that it is clear to everyone how it works, what data is processed and by whom. The source code of the app is on GitHub so that everyone can check that it really works that way.
The development of the law, devising the working method and designing and creating the technology went hand in hand in recent months. Policy and implementation as worlds that influence each other to achieve privacy by design. Is it only about privacy? No, it certainly is not. Privacy, security and accessibility are the starting point. Not only for the app, but also for the chain.
Design by privacy, security and accessibility: it seems complicated and limiting, but it is not. It leads to innovative solutions and is even extra fun. So much fun that the developers who have been doing this together for a while now are coming up with their own suggestions as to how privacy might be embedded just that little bit better.
Every patient deserves the healthcare best suited to his or her personal situation. A successful treatment should suit to the personal situation of a patient, which can differ from person to person. The most suitable care is the result of the most suitable treatment and requires patient and healthcare provider to have insight into the outcomes that are relevant for the patient. Patient and doctor should decide together what treatment is best for that particular patient and where the quality of that treatment is guaranteed most. Therefore the Dutch government collaborates with all parties in the healthcare sector in order to make outcome information available and invests €70 million in Outcome-based Healthcare for the years 2018 to 2022.
One of the goals is better access to relevant and up-to-date outcomes information for over 50% of disease burden. Information that is automatically derived from the data that is entered at the point of care in EMR’s. We don’t want doctors and nurses to spend valuable time entering data twice. Time that is better spend delivering care than on administrative tasks.
Automatic generation of outcome data is only possible if the outcome measures are interoperable with the data entered while delivering care throughout Healthcare and exchanged between care providers. Electronic exchange of healthcare information will usecase by usecase become mandatory in Dutch Healthcare. That exchange will be based upon work on semantic interoperability to have unity in language across Dutch healthcare. Standardizing clinical terms such as blood pressure and allergy in “Health and Care Information models (HCIM)”.
We strive to be able to derived outcome measures from that standardized data. Last week we discussed with ICHOM the possibility to harmonize the different outcome sets. And we decided to do a three month long “deep dive” into the current sets and the differences in descriptions of (almost) the same concepts. Not to harmonize per se (but quick wins may be found), but to at least identify harmonization issues to be debated.
I see two obvious goals:
Model (and make available) all current ICHOM-measures so to be able to identify different definitions of roughly the same concepts and to identify building blocks used in multiple measures
Propose a FHIR-based model for exchanging outcome measures
This will be a joint effort of a number of people. Are you interested to cooperate or review? Please let me know!
Dutch Digital Health Night, 9 April 2019, Dutch Embassy, Berlin
Thank you chair for your introduction and for the opportunity to address this immensely creative and innovative public in digital health. Also, thank you deputy head of mission for hosting this event and bringing together all these creative minds here.
Dear ladies and gentlemen,
Let me start with something funny yet quite striking, in November last year a Dutch emergency doctor tweeted that he had discovered the digital highway in healthcare! In fact he was referring to the A1 highway, on which a taxi, carrying a DVD with medical images, was travelling to another hospital twenty miles away.
Today, under the shadow of the DMEA event, we are addressing the many common challenges under the denominator of digital health. Here, together, we are laying the foundation for a sustainable, modern and future proof healthcare system.
For us in The Netherlands, this is an ongoing journey of experimenting, learning and adapting. I want to share with you our approach.
As a government, we have the responsibility to serve our citizen’s interests, and we do this by celebrating the many heroes in Digital Health. The passionate professionals who work tirelessly every single day. The relentless patient advocates who share their compelling stories to keep us all on the right track. The rebel entrepreneurs who defy the system and disrupt the status quo. The change-makers who see possibilities and have the courage to act on them. Change-makers that are in this room today. We should celebrate them, learn from them, question them and most of all embrace them.
The one thing we cannot do is ignore them. Because they are the change. They invent. They imagine. They explore. They create. They move.
This evening I want to celebrate one of my heroes: the late Niels Schuddeboom.
For over a year, Niels was a valuable member of the Ministry’s Board of Directors, our first Chief Experience Officer. As such, he got access to all board meetings, often with a virtual presence.
When dealing with the complex changes required for digital health, Niels chose empathy over distance, humour over judgement and dialogue over opinions.
He learned to dance with the system, and be the change he wanted to see. Sadly, he lost the fight from cancer. In his last year, he mobilized like-minded people, heroes in their own right. They are the ones who will continue the great work Niels had started. They too are the change. We now have over 50 Chief Experience Officers for which Niels paved the way.
Ladies and gentlemen, innovation in healthcare is what I call a wicked problem. It is complex, as it involves many different stakeholders with diverging interests. The conservative powers are often very strong, working to keep the status quo.
Governments have a responsibility towards people like Niels to accelerate health innovation, so the benefits are available to them at the right conditions. We need to ensure
that digital health adds value to patients and keeps citizens healthy
that it enables healthcare professionals to spend their valuable time and knowledge on meaningful results, providing the best possible care at the right place, instead of on useless red tape and procedures and
that all digital communication is trustworthy and safe.
Government alone can never bring the change we need. For this we need the whole ecosystem. And our role is to bring everyone together. To show leadership and go from making legislation to kick-starting the broad social movement to empower citizens to become the master of their own health. To bring cold technology to enable warm care. To take healthcare from the waiting room to the living room. With a strong focus on high impact, using proven technology and getting measurable and meaningful results.
Data is the blood and oxygen of modern healthcare. We need to be able to trust that the right information, in the right form, is in the right place at the right moment. But as obvious as this sounds, it doesn’t come naturally.
In 2014, after travelling through space for over 10 years, the European Rosetta Philae space probe successfully landed on the surface of comet 67P, about 490 million kilometers from Earth, travelling with a speed of 135 thousand kilometers per hour. This extraordinary feat required an international collaboration spearheaded by the European Space Agency, groundbreaking communication with the Rosetta spacecraft and extreme precision calculations. It is truly a tribute to what humankind is capable of achieving with technology.
And yet, 5 years later, with technology at least 15 years more advanced, we are not able to guarantee that digital medical image data is available in a hospital 20 miles away.
Ladies and gentlemen, modern healthcare is a flourishing ecosystem of interconnected people. An ecosystem needs a good climate that enables the stakeholders to do what they do best. It is the responsibility of government to ensure that the incentives are aligned and that there is an open and level playing-field for everyone -from the current players to the disruptors. There isn’t a tried and tested model for what this will look like, it is a learning process for everyone.
Our approach focusses on unleashing the positive energy that is already there in the field, removing obstacles and creating the conditions for mutual learning and cooperation. This approach is proven to be successful in creating breakthroughs.
We stimulate this learning by accelerating breakthroughs with so-called Health Deals. We bring people together and will not let them go home until they have committed themselves to creating a breakthrough. So far, 5 Health Deals have been signed, ranging from personal prevention with eHealth and gaming, to dealing with chronic pain and using e-health for vulnerable youths.
We reduce the risk for digital health investors by creating a seed capital fund, so they accept the possibility of failures more easily. As you all know, failure is the best way to learn.
With the Health Innovation School, we invest in the innovation skills of the healthcare leaders of tomorrow. Here they learn how to become Change-Makers. The first two rounds of 50 future leaders have been trained, now the Health Innovation School is growing regionally, spreading the knowledge and network deeper into the healthcare organizations.
The second thing any ecosystem needs is fertile ground. That is the foundation on which modern healthcare is built. It is the standards and requirements and legal frameworks that ensure that all communication is safe, secure and trustworthy.
That we know who we are communicating with.
That our communication has not been altered along the way.
That the data is not misinterpreted.
And that we can use the data in our own systems.
Therefore, we created a National Health Information Council. A public-private partnership, including patients, doctors, nurses, other health professionals, insurers, hospitals, care institutions, general practitioners and governments. Or as I'd like to call it: we got the whole system in a room. With the Ministry in the role of a system therapist. And also as law maker providing both carrots and sticks to speed up and force electronic exchange of data in health care.
Together, we have set ambitious but achievable outcome goals: improving medication safety, promoting patients access to their medical data, enabling safe data exchange and improving the quality of data. One time registration at the source and multiple re-use. To reach these goals we need mutual agreed upon standards for information exchange.
In my experience, a lack of vision on the future of healthcare is not the problem. The technology is not the problem either. It is the implementation.
The main challenge in digital health we face today is how do we scale up working and proven solutions to benefit all our citizens and professionals?
I believe the killer breakthrough to scale up innovation is to free personal health data from the silos and give people the tools to leverage that data to improve their health. In The Netherlands we have MedicalMe, or MedMij as we call it.
MedMij is a patient-led coalition of insurers, healthcare providers, health IT industry and government, creating the national trust framework for an ecosystem of personal health systems. They develop and test a set of standards to exchange personal health data with citizens: structuring clinical data based on SNOMED, exchanging data using IHE-profiles and communicating with citizens using FHIR.
MedMij is privacy-by-design, as it puts you in charge of your own data.
It is longitudinal, as it is the national standard for exchanging personal health data with patients. Standards that will be enforced by law as the same standards must be used in exchange of data between health care providers.
MedMij is no longer just an idea. The Trust Framework has been published, the first use-case based FHIR-profiles are ready, over 50 personal health data service providers are in the certification process to be part of the trust framework and over 80 healthcare organizations are working on implementing MedMij for their patients.
This is just the start. It is real, and it is scalable, as it allows for different solutions for different people, all on a common foundation of trusted communication. It is growing fast. From October on every Dutch citizen can use a MedMij-certified personal health environment for free. Suplliers will be reimbursed by the government.
Ladies and gentlemen,
My message to you today is to continue the great work that you are doing. And to work and learn together, like we do tonight, also across borders. National borders are man-made barriers. This city has a rich history unleashing energy through breaking down barriers and tearing down walls. There is a parallel with freeing personal health data from silos, as you understand. To us governments the task to take down implementation barriers that prevent scaling up the innovative solutions you will be presenting this evening. I also call upon my colleagues to come together and agree on common standards to be used in our healthcare system to allow the effortless flow of data within and across our national borders.
The future is now and you are part of it. A special good luck to all the pitchers. Regardless of who will take home the prize, I consider all of you winners.
Last week I was in India for a few days. It may sound strange: working to improve information systems in health care in the Netherlands and then travelling so far. Yet it is not that crazy. We were there because we became a member of the "Global Digital Health Partnership". A group of governments from all over the world, started by Australia, who together take actions to improve health care. We were mainly focused on two topics: information security and standards for (interoperability of) data exchange in healthcare.
Both topics have one thing in common: they do not stop at national borders and cooperating does help. Information security is a good example of this. Cyberattacks at ICT systems in health care institutions are everywhere. Think of the computer virus that hit the NHS in England last year. Because England wakes up earlier than the United States, the British were able to find out in time what was happening and warn the Americans. Sharing this kind of information really makes sense. That is what we are going to do with a number of countries. Countries in all kinds of time zones, so that we can really help each other.
When it comes to standards for exchange of information, the same is actually the case. Many vendors in healthcare sell their systems worldwide. The data in these systems is often not easily available to exchange. This must change, because information exchange is needed for good quality healthcare. It helps if a group of countries together demands the same set of standards from industry. This accelerates these standards being built in to their systems. So demanding interoperability is what we're going to do. By doing so, Dutch healthcare also benefits.
That is why international collaboration is not that stupid. It has clear benefits for healthcare in the Netherlands and each of the countries of the GDHP. Because that's what it’s in the end all about: improving health IT to enable the right care in the right place at the right moment.
Thank you for the opportunity to be present today at the Global Digital Health Partnership meeting.
Health care delivery in the Netherlands mainly is private, so decision making demands all parties to support the direction taken. For that we in 2014 started a Health Care Council that decides on standards and goals, with the whole system in the room including patients, doctors, nurses, payers and patients and bringing the consensus needed.
We have set a number of steps and like to share those with you and hopefully come to international harmonization of our efforts:
Patients in the Netherlands are entitled by law to get their own data digitally, as much as possible in a structured way, in a Personal Health Environment from all health care providers by July next year. Governed by a patient led coalition we therefore are building a trust framework called MedMij (see this animation or read about the Information Standards underlying it).
MedMij is mostly based on FHIR profiles enforcing also semantic interoperability by specifying the elements to be exchanged. For semantic interoperability we defined clinical building blocks (see this page for more information) consisting of relevant mostly international terms (from languages such as Snomed or Loinc) describing clinically relevant concepts (such as blood pressure).
Over 400 million euros go to health care sectors to be able to do this.
There is a new law in the making to step by step force electronic exchange of data between health care providers with enforced standards both leading to technical and semantical interoperability. We will force the use of certified systems adhering to the standards. We will do so step by step, usecase by usecase. With the content of the exchange defined by doctors, nurses and other care providers themselves
As the Netherlands shifts to value based healthcare with outcome measures for more than 50% of disease burden, data needed for outcomes will be part of the standards.
Read the letter to Parliament on electronic data exchange.
Industry is accepting being obliged to share data and not monopolize patients data. Read this letter to Parliament for more information on our data strategy.
Thank you for the invitation and the opportunity to share with you our approach to respecting privacy in the age of Digital health.
I would like to start with a short introduction from the late Niels Schuddeboom, an inspirational patient advocate whose drive to ‘dance with the system’ as he called it, helped us keep our focus on those who need our help.
Question: Who of the attendants here have their own full genome data, using a genome sequencing service like 23andme or Illumina?
With services like this, for about 150 euro you get full access to your own genetic source code. You can use that data to analyze your ancestry, to get insights into your genetic traits, to the genetic markers that define how you respond to certain medical treatments, and to see if you have a higher genetic risk for serious illnesses like Alzheimer’s and Parkinson’s disease.
And this is just the beginning. The Leiden University Hospital sends the genetic data of their patients to their pharmacies, ensuring that they get the medicine that is tailored to their specific genetic design. Precision medicine is an emerging field that has tremendous potential: both in targeted and tailored treatments, as in early warning and even prevention.
Last week, the governments of Cyprus, Luxembourg, Sweden, Finland and Bulgaria created a coalition that aims to bring together the genomes of one million European citizens. With this pool of genetic data, they aim to create the world’s leading hub for research into new cures and treatments. That way being able to bring them to the European market first, and attracting talent and business along the way. With this data, we might be able to find a cure for cancer, Alzheimer’s or ALS.
But I ask you to consider this: genomes are our own biological source code. The data itself is as personal as it gets. It describes exactly what is unique about you. But not only you: your parents, siblings and children share large amounts of that source code. That makes it very hard to anonymize. Only a few family members need to be identified, and you are as well. There is nowhere to hide, to keep this data private.
Ladies and gentlemen, this example is a good way to explain the dilemma we face with privacy in digital health. Health data is highly sensitive and personal and the potential impact of misuse is huge.
At the same time, health data needs to be able to flow freely if the situation calls for it. This has to be done in a safe and secure manner, between people, organizations and networks you trust.
Health data becomes more and more consumerized, with personal data generated by sensor-rich wearables and low cost processing and analytics. Traditional healthcare systems are no longer in control of all the data, data is being democratized.
This brings a fundamental shift in power. It moves away from the traditional healthcare professionals and the systems they work for and towards the patients, the consumers and the service providers that they choose to use.
The current public discussion about Facebook shows that we have been naïve in thinking that these data Tech service providers will not take advantage of the data we generate. Or that all health data is safely stored in secure locations.
Health data is targeted specifically by hackers, because a single patient’s health record will get 350 to 500 dollars on the black market - more than any other type of data. Passwords and e-mail addresses one can change. Your health data, you often cannot.
This brings me to the central element of this talk: trust.
In this hyper-connected world of digital networks, governments need to enable citizens to build and maintain trusted relationships.
In healthcare, networks of relationships are vast and complex. Patients, citizens, doctors, nurses, hospital management, payers, researchers, government, service providers… And there are different local, regional, national and international relationships. To make it even more complex, it is also very dependent on the situation and context. Needing acute care in an emergency, you need trusted relationships instantly, while with big data analytics for research purposes, the trust relationship is less visible, but equally important.
Ladies and gentlemen, this is why I feel the GDPR is so important. It provides the legal framework that gives everyone the right to decide what third parties can do with their personal data. It’s a very necessary instrument to build trust.
Trust is essential. I need to be able to trust that everyone shares the same goal: improving my health. And that decisions about my health are made based on the right information that is available at the right time and only at the right place. Preferably together with me as an equal partner.
I also need to trust that the data used to improve my health is actually about me, comes from my doctors and is not altered during transport.
And I need to trust that the people and organizations that use my health data, treat that data as sensitive and personal data and actively protect my privacy.
Privacy is not about keeping personal data hidden from everyone and anyone. Privacy is about who controls access to personal data. Privacy is about building trusted relationships. Respecting privacy therefore, is about giving you and me the power and tools to control who can access my personal information. This starts with informed consent.
There is no trade-off between privacy and quality of healthcare. If there is no trust, there is no consent, you will have no data.
We feel that the best way to do this, is to make everyone the CEO of their own health data.
Ladies and gentlemen, in The Netherlands, a patient-led coalition of healthcare stakeholders from primary care, hospitals, long term care, healthcare insurers and government is building the legal, technical and practical framework for a comprehensive set of digital and lifelong tools that enables our citizens to access, download, store, enrich and share their own personal and professional health data. We call this MedMij, or MedicalMe.
I would like to show you a short animation that gives you a clear understanding of what MedMij is.
MedMij essentially creates a trust-framework. It is a set of rules that all personal health data solution providers have to play by. It governs how we build trusted relationships based on our personal health data. MedMij doesn’t stop at patient access to professional data, that’s where it starts. What if you have all your health data with you, imagine the possibilities. What if you could add your smart-device data? What if you could interact with your doctors on a more equal basis? What if you could share parts of your data with family? You decide what happens.
With MedMij we take a big step towards a healthcare system that has privacy built in by design, but it is not the answer to everything.
Ladies and gentlemen, in my example about genetic data, the potential for research is evident. This is the case with lots of other health data, personal and professional. The discussions about use of health data for research often focus on data-ownership. This is the wrong approach. When building trusted relationships, we should be talking about data stewardship.
The trusted relationship between citizens and researchers is built upon transparency: do we share the same goal, is it interpreted correctly, is it safely stored and handled only by trusted people and networks, is all relevant and necessary data available.
For this transparency, working with international standards and open API’s is essential. Blockchain can be used to create an audit trail. And initiatives like the Personal Health Train enable researchers to get results without having to access the data itself: it brings the algorithm to the data, instead of the data to the algorithm.
Ladies and gentlemen, in conclusion, I say that the GDPR is a blessing in disguise. It is an essential tool to build trusted relationships for health data. It accelerates the democratization of health data and the shift in power from the traditional healthcare systems to our citizens. As such, it is a huge driver for innovation. These are exciting times to be in healthcare!
Last week three countries debated on their healthcare strategies at HIMSS Europe in Sitges. This was my speech at the stage:
The Dutch approach
We all are patients, as are our friends, parents or kids. We are all doctors as we share decision making with our caregivers. Sharing decision making demands shared information. Therefore we gave every Dutch citizen the legal right to download and use their own medical data. The Dutch approach focuses on giving everyone the tools to become CEO of their own health and masters of their own health data.
To better prepare for a doctor’s consult. To share data with doctors. Or even to share data with researchers to improve treatments. But a law is not enough. And even technology is not. It is trust in Information exchange that is crucial.
That is where our Dutch national program called “MedicalMe”, or in Dutch “MedMij” comes in. MedicalMe is a patient-led coalition of insurers, healthcare providers, Health-IT- industry and the government and it is governed by our health information council. Together we develop and test a trust framework consisting of a set of standards to enable exchange personal health data with patients. It is of course based on international standards and best practices. Providing industry with a fertile ground to design innovative personal health environments that really help us all to be ceo of our own health.
Using MedMij everyone can safely download their own medical data into their own personal digital vault. Adding their device-generated and other health data, securely sharing their data with healthcare providers. It is not a fantasy, it will go live this summer.
MedMij creates an amazing opportunity for innovation, as the number of Dutch innovators present today shows. It creates a whole new ecosystem of empowered patients requiring innovative services.
In the next three years, every hospital in The Netherlands will have implemented these standards. General practitioners and pharmacies are already adopting these standards too. Many others are joining the movement. I invite you all to do so too. Think big, act small and start today. By visiting the Dutch house at this conference for example. We welcome you to our movement.
Proud
I’m proud that we are working together with all the major stakeholders, as an ecosystem. We don’t have a top-down Big Bang strategy to roll out solutions, but we co-create with patients, doctors, nurses and all others involved. Working agile, thinking big, acting small and doing it everyday. Thus creating a movement that can not be stopped. Such a movement requires leadership, lone nuts and early followers. But it can accelerate fast, as “hello my name is” or the pink socks movement shows.
Who has pink socks in this auditorium. Raise your hands please! This movement was started by nick Adkins at HIMSS in 2015. Just three years ago.
This conference hundreds of members of the Dutch ecosystem are present. Patients like Annemiek, CMIO’s like Felix, doctors like Gabrielle, Insurers like Han, and many many others. We meet and inspire each other to strive for next steps. With one thing in mind: to make all of us masters of our own health.
Lessons learned
In 2011, we were building a national system to exchange patient records. Parliament forced government to step back. Luckily enough, maybe. Because now we are working bottom up, involving doctors and patients. More innovative and not only focusing on periods of illness, but also on staying healthy and being the ceo of your own health and your own health data. Data that is not only medical records but also data that we generate ourselves and enable us to make informed choices. We also learned that this requires a movement and not a top down approach. One needs everyone on board to move forward collectively.
Closing statement
Think big, act small and start today. Be the change to make yourself and all the people around you CEO of their own health. The lone nuts are already followed and the technology is there. Let’s make it happen.
