Sharing & Discussions / Partage et discussions
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply

    Sharing CBC Health Article on AI, Health Data, and Privacy
    3
    4
    5

    This topic has been deleted. Only users with topic management privileges can see it.
    • Cristyana Aloysious
      Cristyana Aloysious last edited by

      Hi everyone,
      I wanted to share a CBC Health article I was recently quoted in regarding Canada’s national AI strategy, health data access, privacy, and public trust.
      Given the focus of our PAN Digital Health group, I thought this would be especially relevant to our ongoing conversations about responsible innovation, patient partnership, transparency, accountability, and the need for meaningful public engagement in digital health and AI.
      My key message was that Canadians should not have to choose between innovation and privacy. Health data and AI have significant potential to improve care, research, access, and system planning, but people need to have confidence in how their data is protected, shared, and used.
      Sharing here in case it is of interest to the group.
      https://www.cbc.ca/news/health/vital-health-data-privacy-9.7245577
      Warmly,
      Cristyana

      1 Reply Last reply Reply Quote Edit 0
      • Debra Turnbull
        Debra Turnbull @Cristyana Aloysious last edited by

        @Cristyana-Aloysious

        Thank you so much for sharing Cristyana.

        The researcher access to data is how the Canadian healthcare system is built. Researchers making discoveries - gives us patients hope. Better therapies come from good discoveries - that comes from good data... that comes from us.

        Privacy by design is something worth advocating for. The current data collection systems - EMRs (electronic medical records systems) - are over 40 years old. They were built pre-cloud and pre-internet. The cyber security threats that we face today, could never have been conceived back then. Forget about sharing data.

        A pan-Canadian Consent Module is what we need. I see this as the starting point of "privacy by design". This is how to build patient confidence. This is how to build trust. I have never had this happen in a doctor's appointment before - had a conversation about accountability and who was responsible for what... Have you?

        The privacy risks of the initiative are small, El Emam said.
        "It's a process that has been applied for a long time," he said. "It's worked very well in practice."

        This really made me cringe. I have been following this professor for a few years now. I respect the work that he does and attend as many of his presentations as I can. Unfortunately, this is a researcher. His statements are researcher-speak. Hiding in academia does not allow someone to experience real-world anxiety from patients whose data has been compromised. They do not work with patients; they work with data.

        Speaking of data: I checked the article again, and sure enough it was about hospital data... not primary care data. The number of family doctor offices, walk-in clinics, Family Health Teams, Family Health organizations, Specialist clinics, etc... that each have an EMR collecting data - is where data value resides. There are many more of these healthcare service organizations than acute care (hospitals). That's the data I want to see.

        Unfortunately, primary care data is messy. Your record is an electronic binder of notes about your visits. Trying finding a single detail - like the date of your last tetanus shot - in that electronic pile of paper. I have observed my doctor scrolling through her pile of notes trying to find an answer to one of my questions. It took a while. (Not sure if we ever found the answer.)

        And then there are many EMR's out there. They each store data following their own rules. There is no unified standard for health data. This is why the systems don't talk to each other - they can't. They don't speak the same "language".

        The article did point out the problem with where the EMR is physically located in the cloud. Is the EMR (and your data) located in Canada or the other side of the border - U.S.A. When was the last time that you asked your doctor that question?

        I'm not against this undertaking. It's just that there is so much work to be done... and it is up to us to start asking the uncomfortable questions. We need to be at the discussion table.

        1 Reply Last reply Reply Quote Edit 0
        • Chris Johnston
          Chris Johnston @Debra Turnbull last edited by

          @Debra-Turnbull @Cristyana-Aloysious

          Well done Cristyana - and many thanks for sharing the article!

          It's a shame that the others they spoke to weren't so well-informed.

          Like Deb, I found Khaled's minimization of the privacy risks cringe-worthy.

          Spithoff's comment that "there's always a risk of "re-identification," especially if computers become powerful enough" is irresponsible, considering de-identification has been possible since the 90s and doesn't require more power.

          Verma's comment, "Key identifiers — like names, birth dates and health insurance numbers — won't be included" strikes me as dubious. I've spent 5 weeks in intense Canadian research data management courses between May and June - with significant chunks of learning about standards for de-identification in research. And one of the things that really surprised me is that their standards don't consider date of birth to be an identifier, and they don't remove it because of the value it represents in segregating data by age. Often they keep city and postcode as well, for similar reasons. But if you connect a birth date, postcode, and a profession or condition, it makes it far easier to identify the individual without much effort.

          1 Reply Last reply Reply Quote Edit 0
          • Debra Turnbull
            Debra Turnbull @Chris Johnston last edited by

            @Chris-Johnston

            You're right Chris. DoB (date of birth) is a personal identifier (PI) (I missed that!). That is irresponsible to include in any standard. That's why they will usually replace it with:

            • born in 1990-1999
            • born in 2000-2009
            • born in 2010-2020

            or

            • 20 - 30 year of age
            • 31 -40 years of age
            • 41-50 years of age

            It's a way of by-passing the PI issue. Perhaps it's time to review that Standard.

            1 Reply Last reply Reply Quote Edit 0
            • 1 / 1
            • First post
              Last post