Written by Vincent Keunen, founder of Andaman7. @vincentkeunen 
Andaman7 technology series #3 - Peer-to-peer health data exchanges
This is the third article of our series dedicated to the technology of Andaman7. Our goal with this initiative is to contribute to the field of “health IT” by discussing challenges and possible solutions (more details on these challenges in our article #1). To read the previous articles, start with the first one: Andaman7 technology series #1 - Introduction.
The opinions in these series are our own. They are based on our 25 years of experience in the field building large scale EHRs (Electric Health Record) and medical information exchange systems (1). We share them in good faith to help move the needle forward and inspire others. And of course, we also want to promote our own Andaman7 initiative, a project by patients for patients (2). Terms and acronyms are explained in our lexicon (3). We are open to and welcome discussion on these topics. You can find us on LinkedIn, Twitter and Facebook and we can also discuss on other media you would like to invite us to.
Today, let’s talk about peer-to-peer health data exchanges.
First a short definition. In our context, by peer-to-peer, we mean that actors exchange data directly between them, as opposed to all parties accessing a central server storing data. Of course, peers exchanging data use the internet and intermediary servers, but no data is stored in a central place, on a central server. All peers have the same importance. They are all parts of a network of collaborating peers. See this wikipedia article for more details.
Why would this kind of architecture be important, even critical?
Well, you constantly hear about privacy issues. For example, companies offering you useful services, storing your data, then using it for financial benefits. Sometimes without even telling you, or hiding the fact in small characters in their usage policy. We believe this is wrong. Data about a citizen belongs to that citizen. The GDPR makes this very clear for European users. The European laws on patients rights (dating back to 2002!) say the same thing. And it seems that several American states and other countries are also moving in that direction.
Besides privacy issues, you also hear a lot about security issues.Security is always hard. And it’s a never ending story. Crackers (computer pirates) keep finding new ways to break illegally into computer systems, forcing companies storing your data to always invest more in new ways to try to protect your data. But no system will ever be 100% secure. See Bruce Schneier “Security is a process, not a product.” for example.
So, how can we improve these two classes of issues? We believe an important contribution is the way the system is architected. If you don’t store medical data in a central place, but keep it stored on patients smartphones (also known as “at the edge”), you significantly reduce the risk: a cracker can not attack a central location where all data resides. At best, he can crack an individual person’s smartphone and get access to a single EHR - a lot less dramatic than thousands or millions of medical records.
WIth such an architecture, it obviously becomes important to have backup copies of data, since no central server plays that role. This can be achieved by patients sharing their data with close ones (family, doctors,...) so that the data is stored redundantly in several, distributed, locations. If you lose your smartphone and get a new one, Andaman7 has a sophisticated mechanism to reconstruct your data set from your peers (you can also backup your smartphone to your computer).
GDPR has a nice way to describe what we should all aim for: “Privacy by default, security by design.”
- Privacy by default: the user should be protected by default. In Andaman7, no data is ever shared unless a user takes some clear and explicit action to share their data.
- Security by design: the initial design of a computer system should take security constraints into account right from the start. In Andaman7, we deliberately chose NOT to store data on a central server and only keep it on users smartphones.
So we have developed a unique peer-to-peer system allowing all actors to exchange data securely without storing any medical data in the cloud: all data is stored at the “edges” of the system, ie in hospital systems (HIS, EHR, LIMS, PACS...), doctors-nurses-physio... computer systems, mobile devices of patients,...
We call this our “HIP - Health Intermediation Platform”. Actors are in strict control of their data. Andaman7 is “only” a way to easily exchange data by selectively choosing what they share and who they share it with. Andaman7 is the postman distributed sealed envelopes. So, with patient consent, data can be collected in specific points of the “network” - specific collecting points of the HIP. Anonymity and pseudonymity algorithms can also be run at these collecting points to further process de-identified data. Of course, for settings or projects that don’t have a problem in using the cloud, data can also be collected in a central place, but then, these actors are responsible for the security of their systems.
Another important element to mention is our choice, as a company, to never ever access any patient’s data. Andaman7 (the company) does not have access to your health data and does not want to. As a “project by patients for patients”, it is against our ethics (see our privacy policy in very clear and simple terms). It is also not necessary because our business model does not require us to have access to patient data. What we are paid for, is the possibility for health parties to contact patients to enter into a relationship to improve care and research. So patients always have the choice to contribute or not. An explicit consent from patients is always needed. It has been demonstrated, by the way, that many patients agree to share their data for care or research (free or for a financial reward) as long as they are informed and their data is not abused.
What patients and citizens really want, is to be in control of their own data and decide what they do with it.
Isn’t that a refreshing approach to both the interests of patients and of research - which will also ultimately benefit patients by providing new cures?
In my personal story, I mention how important it is to find new, efficient, cures. I benefited from such an advanced treatment for my cancer (called Gleevec) while my son went through 2 years of tough treatments (chemotherapy, radiotherapy, bone marrow transplant) and finally was amputated from his right leg.
That’s it for today. Our next article will be on the benefits of a “Liquid data model”.
Stay tuned.
To read the summary of these articles, combined into our white papers, go to:
- Andaman7 Technical Innovations: http://bit.ly/a7TechInno
- Andaman7 advanced health data management: http://bit.ly/a7DataMan
(1) In a previous company, we built a prevention-focused EHR that is today used for some 1 million people (most are in good health, some are patients). We also built the technology for the two largest “medical messaging systems” of Belgium, still being used today by 90% of all hospitals and doctors.
(2) Read our story.
(3) Consult the lexicon. It's a work in progress. Don’t hesitate to make suggestions and remarks to support@andaman7.com.
