The need for increased protection and better management of personal health data has never been greater than in healthcare today and is without a doubt one of the most important issues of our time. With consumers are using a flurry of tools/applications – it is important that organizations are transparent about how they use consumer data, following ethical principles that everyone understands.
That’s why, Proteus worked closely with Michael Keller of the Stanford Libraries and more than 30 health leaders in July and November 2018 to come together to ignite the conversation around patient data privacy and developed a guiding set of 10 principles to navigate potential conflicts between individuals’ need for privacy and society’s need for protecting public health.
“This is only a first step at addressing the ethical questions looming in digital health. We must start somewhere, so let these principles serve as the conversation starter,” said Michael A. Keller, Stanford’s university librarian and vice provost for teaching and learning. “We want this first set of ten statements to spur conversations in board rooms, classrooms and community centers around the country and ultimately be refined and adopted widely.”
The resulting 10 Guiding Principles for Ethics in Digital Health represent the shared views of over 30 participants:
1. The products of digital health companies should always work in patients’ interests.
Digital health companies should work with care providers, insurance companies, regulators, and governments to ensure their products are:
– part of an eco-system that enables effective, affordable access to high-quality health services
– never used to discriminate, persecute or deny necessary care
2. Sharing digital health information should always be to improve a patient’s outcomes and those of others.
Digital health companies receive consent from patients for information to be shared. They recognize that consent represents only a broad statement of trust by the patient. They acknowledge their absolute duty of care with respect to the use of patient information.
3. “Do no harm” should apply to the use and sharing of all digital health information.
Digital health companies are alert to the risks of malicious use of health information and unintended consequences of well-intentioned uses. They adopt safeguards to anticipate and mitigate these risks.
4. Patients should never be forced to use digital health products against their wishes.
Patients’ use of digital health products should be voluntary and with a positive mindset.
5. Patients should be able to decide whether their information is shared and to know how a digital health company uses information to generate revenues.
Patients should be aware that their shared information will be used for many purposes. They should know who has the duty to care for their digital health information and how that organization gets paid when they use it.
6. Digital health information should be accurate.
Digital health products should maintain high standards of data quality, reproducibility, and integrity. Validation methods should be auditable and transparent to ensure that high standards are being reliably met.
7. Digital health information should be protected with strong security tools.
Digital health products should meet state-of-the-art security standards. Patients should be able to know how well companies are performing against those standards.
8. Security violations should be reported promptly along with what is being done to fix them.
Within ten (10) business days of detection (or sooner if required by law), digital health companies should inform affected patients of any breach, potential consequences, and steps taken to mitigate risk.
9. Digital health products should allow patients to be more connected to their caregivers.
The information created by digital health products should strengthen the voice of patients and their families in care decisions. That information should help educate and inform patients, improving communication and trust with health care professionals.
10. Patients should be actively engaged in the community that is shaping digital health products.
Digital health companies should provide patients with tools to easily express their opinions, provide their feedback, and communicate their needs in timely, professional ways.
“Libraries have long served as staunch advocates of protecting personal data,” said Keller. “An academic library’s online and offline environments are designed to pique conversation and debate and given the exponential rate of developments occurring in the digital health space, we offered to initiate the conversation and report out on results of the seminar.”
The set of 10 principles is available for download here.