This week Apple officially released the latest version of iOS, complete with their solution for management of a user's health and fitness data, HealthKit. They also announced the Watch, which includes several health and fitness features. I've shared some preliminary thoughts on HealthKit already, but now that I've actually had a chance to use it and integrate it into our EHR via the Epic MyChart app, I have a few more thoughts.
Our patients already have a couple ways to securely share data with us. First, they can write the information on a piece of paper with their option of a pen or a pencil (we're that flexible) and bring it in to their provider. Second, they can manually enter the information into our online patient portal, Duke MyChart (when enabled by their provider).
HealthKit will eventually provide a third option, but rather than having to remember to write the values down and bring in the piece of paper, or having to remember to manually enter data in to a website, HealthKit will automate this process.
For example, if patients choose to share their blood pressure with their provider using HealthKit, and this feature is enabled by their provider, they need only give permission to the appropriate app, after which their data is securely saved to their electronic medical record. Any subsequent blood pressure measurements can be saved directly to the medical record in the same way without any intervention by the patient.
Unlike personal health records that have come before, Apple has approached this problem differently, and has decided to be a data broker rather than a consumer of the health data. This is a big deal. At every step along the way, users are informed that they have control of this data. No data is shared without their express permission, and at any point in the future the user can easily revoke any app's access to the data. The data itself is only stored locally in the device's secure HealthKit data store.
While cloud services and Big Data promise to revolutionize data sharing, HealthKit will have none of it. In fact, Apple recently updated their App Review Guidelines to expressly forbid that any data obtained from HealthKit be stored in iCloud:
It's really easy to use.
Our patients already have a couple ways to securely share data with us. First, they can write the information on a piece of paper with their option of a pen or a pencil (we're that flexible) and bring it in to their provider. Second, they can manually enter the information into our online patient portal, Duke MyChart (when enabled by their provider).
HealthKit will eventually provide a third option, but rather than having to remember to write the values down and bring in the piece of paper, or having to remember to manually enter data in to a website, HealthKit will automate this process.
For example, if patients choose to share their blood pressure with their provider using HealthKit, and this feature is enabled by their provider, they need only give permission to the appropriate app, after which their data is securely saved to their electronic medical record. Any subsequent blood pressure measurements can be saved directly to the medical record in the same way without any intervention by the patient.
It sets a clear expectation that users are in control of their data.
Unlike personal health records that have come before, Apple has approached this problem differently, and has decided to be a data broker rather than a consumer of the health data. This is a big deal. At every step along the way, users are informed that they have control of this data. No data is shared without their express permission, and at any point in the future the user can easily revoke any app's access to the data. The data itself is only stored locally in the device's secure HealthKit data store.
It's secure
While cloud services and Big Data promise to revolutionize data sharing, HealthKit will have none of it. In fact, Apple recently updated their App Review Guidelines to expressly forbid that any data obtained from HealthKit be stored in iCloud:
"27.3 Apps using the HealthKit framework that store users’ health information in iCloud will be rejected"
The only exception to this of which I'm aware is that the user's encrypted iCloud backup could still contain this data. Personally, as a consumer of these products, I agree with having the option to back-up this data to iCloud. While it may be considered sensitive, the risk of losing the data without a convient backup would be more detrimental, at least to me as a consumer. When I put on my physician and privacy hat, I'd recommend that Apple consider giving users the option to exclude this data from iCloud backups, just as the TouchID fingerprint information is always kept in the device's Secure Enclave, and never leaves the device (which will presumably be the same case with credit card information as part of the new Pay initiative - healthcare and financial data are usually afforded similar levels of security).
As I've mentioned previously, probably the most exciting aspect of a platform such as HealthKit is that it opens up a new avenue for healthcare innovation. There will be many new ideas that take root and grow owing to the ease-of-use and scale HealthKit provides. There will also be many failed experiments. Ultimately, users will be able to decide which new ideas are relevant to them, and which are worthwhile enough to be entrusted with their healthcare data.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.