What if we individuals had a platform where we could access and control of all our health data; from medical investigations to the data collected by our wearables and health apps. A Dutch lawyer is proposing such a platform, but Piek Visser-Knijff has serious doubts about the health data that is being used. Because what exactly is health data, when everything we do tells something about our health?
I have a sports watch. My husband gave it to me after I exchanged my smartphone for a ‘dumb’ phone, which no longer allowed me to monitor my runs in an app. This sports watch, however, combines everything. It has a heart rate monitor and a performance monitor. Even when I’m doing nothing, it offers me an account of my daily activities, besides displaying the accurate time. My new sports watch made me wonder about all the possibilities that arise from the health data collected by wearable devices.
Wouldn’t it be great if I could access all my health data in one central location? To be able to see everything, from the results of medical investigations to the data collected by my wearable device and the health apps I use.
Hooghiemstra, a Dutch lawyer, is currently investigating this issue and proposes a digital health data platform (in Dutch: Gezondheidsomgeving). This platform is set up for me as an individual instead of being built primarily for health professionals. As an individual, I gain insight into all healthcare data assembled during medical investigations. Only with my consent will a doctor be able to see this platform’s content.
An important criterion for such a healthcare platform is the so-called patient confidentiality, Hooghiemstra states: ‘I encourage an additional obligation of secrecy for personal health platform controllers who do not take part in a professional doctor-patient relationship …. Also, patient confidentiality should protect individuals against third parties, who might pressure individuals into using their right to obtain a copy ….’
In other words: the owner of the health data should not be asked to share his or her data. With good reason, Hooghiemstra emphasizes the importance of how consent is being granted or requested.
Imagine receiving a letter from an insurance company seeking access. To the client, it may seem as something the insurance company is entitled to ask. The client may be susceptible to a request made by a presumed authority.
Although I find the idea for a health platform interesting, I have serious doubts about the health data that is being used.
A crucial question is: what exactly is health data? Does it comprise the data from medical treatment and investigation, or is it more than that? In his research, Hooghiemstra refers to medical investigations, also mentioning wearables and apps. But where, precisely, is the line between what is and what is not health data?
The Scope of Health Data
In my search for the definition of health data, I came across the concept of Digital Phenotyping, coined by J.P. Onnela in 2015. In an overview, Venkatesan discusses Onnela’s viewpoint. Onnela believes that, today, we can very easily be identified (phenotyping) and analysed through our digital behaviour. This is not only due to the fact that we use wearables and health apps, but also, for instance, our search behaviour on the Internet. In this context, metadata is also relevant: When and how frequently we use a specific app, contact X or visit a website. Everything we do online defines our digital behaviour. Everything we do, digitally or otherwise, tells something about our health.
In the United States, Sobhani questions the definition of Personal Health Information that is currently adopted in the HIPAA (Health Insurance Portability and Accountability Act). Part of the HIPAA legislation concerns medical information and the prevention of improper use of medical data. Sobhani advocates an adjustment of the term Personal Health Information, because our well being is affected for 60 to 80 per cent by social factors. Data about our financial position, education, gender, ethnicity and about our working life is reflected in our personal health information. All this, together with other health indicators, can be derived from personal and behavioural data that is already being collected online.
Sobhani asks herself if these indicators should form part of the legislation, although she can’t yet see how this should be put into practice.
So far, I conclude that the term health information can’t easily be defined, and is even subject to change. In my search for a definition of the term, I found out that a lot of information about my behaviour, and consequently about my health, is known to third parties without my awareness.
When I still used my smartphone to monitor my runs, I used to listen to a Spotify playlist while running. I would listen to an up-tempo running playlist tailored to my activities and exercise. This way, Spotify not only monitored what I was doing, but also how long I was running. All this is telling a lot about my health.
Pelly describes how, since 2015, Spotify has transformed from an online music library into a mood monitoring system. Before, you could browse music styles. From 2015, Spotify has offered a primary feature to search by way of moods and activities. Even though Spotify allows you to listen in ‘private’ mode, the mere fact that your friends can’t see what music you are listening to, does not prevent Spotify from knowing and monitoring this. Pelly argues that of all the things that can be monitored online, your choice of music particularly is emotional, private and personal. Spotify, knowing this full well, exploits this information for the benefit of third parties, i.e. advertisers. They use this information to send targeted ads to users. That means that my Spotify-listening-behaviour tells something about my health. And it’s not just about the specific data I’m sharing. Metadata plays a role here as well: when I am listening to music and where, probably based on my IP address or GPS.
My inquiry into the significance and scope of health data dazzles me. Obviously, the conscious and unconscious data sharing we generate through our digital behaviour tells a lot, and also about our health.
Onnela (Venkatesan, 2019) thinks that monitoring digital resources produces more and also more reliable information than surveys. Whereas surveys show the subjective perception of the interviewee, behavioural data offers an objective reflection (Venkatesan, 2019). A medical specialist might argue that access to this ‘objective’ data might allow a quicker and possibly better diagnosis.
Setting Limits on Data Sharing
Hooghiemstra justly advocates safeguarding health data within his health platform. He also believes that individuals should be protected against themselves. This would involve a modification of the current GDPR, adding a provision requiring that individuals are capable of making an informed choice.
According to Hooghiemstra, a ban on the commercial exploitation of health data would be one way of protecting individuals against themselves. He refers to the Dutch philosopher Jacobs, who makes a comparison with the embargo on the sale of organs. Jacobs states that ‘In the non-digital world, we are not afraid to prohibit certain things …. Why shouldn’t you be allowed to sell your organs, whereas you are perfectly free to trade your personal health data?’ I find this an interesting point.
As it is, data is already being sold without us noticing. This trade bears no resemblance to the traditional market. Sellers of digital data often adhere to the credo: If you’re not paying for it, then you are the product. So, when I use Spotify Free, I ‘pay’ for it with my data. As a paying customer, I suspect that my data is being used all the same, but at least I’m spared the tailored ads that respond to my mood. Still, I’m helping Spotify – and even paying them! – to send people like me targeted ads.
All Our Data Is Health Data
Current technological developments make it complicated to define health data. The concept is dynamic, as Onnela and Sobhani point out. I believe we should take a broad view of this term. Everything we do online provides information about our health, whether resulting from our self-monitoring via a wearable or app, our internet behaviour or from metadata. It makes me wonder what problem Hooghiemstra exactly had in mind when he created his health platform. Indeed, our health data should be protected, but this platform is not going to offer a satisfactory solution.
Now, back to my sports watch: I believed that using a wearable and taking charge of my own health would keep me independent. Now I have discovered that using the wearable is what causes me to reveal so much about myself, and that is precisely what is making me vulnerable to manipulation.
An extended version of this article was first published in the Dutch Philosophical Journal Podium voor Bio-ethiek, year 26, nr. 4, December 2019.