Archived website

This online community was active in conjunction with the Digital Agenda Assembly 2012 and is now archived and available for institutional memory. You can now join the discussion at

Excellent EC report on eHealth and Open Data

Oscar Wijsman's picture
Submitted by Oscar Wijsman on Wed, 2012-05-30 10:58

The eHealth Task Force issued an excellent report "Redesigning health in Europe for 2020". See

It clearly shows the importance (and need) of breaking the data silos, opening up the (big) data and get the value out of it. This is a subject that must be discussed at the Assembly and needs a very strong guidance from the EC.

One of the most important effects will be that the patient and his data ('my data') is put right in the center.

Note that recommendation IV: 'Use the power of data' is part of the Dutch Health Hub mission and creates a culture of transparency in health care. We also encourage the integration of data into large (European) data sets and
enhance access for researchers. This will lead to a closer integration between research and the clinical health practice.

Group audience: 
11 users have voted.


Thomas's picture
Submitted by Thomas on Wed, 2012-05-30 14:25

Interesting, working this way and having access to this big set of data could e.g. save pharma a lot of money in research. I can imagine that a kick-back fee is used for access to data that in turn can be used to pay for a (central?) platform that must support this. But how do we organise this on a European scale? A kind of data hub in every country that is connected or a central European hub that collects all the data?

0 users have voted.

Engberg's picture
Submitted by Engberg on Wed, 2012-05-30 14:40

Healthcare is by far the area with the biggest potential but also by far the most complex area.

This report represent one of the most crucial dividing points and choices of our day - and do it WRONG. It is an example of what I call "Potemkin Rethoric" about claiming one thing while oding another. The fine words of "My Data" is not supported by structured that can ensure this - on the contrary.

On surface, the intention is good
"Lever # 1 - My .data, .my .decisions:

Individuals are the owners and controllers of their own health Individuals are the owners and controllers of their own health"

but you soon realise that the report is about the exact opposite:

"There are different ways of dealing with these new scenarios of individuals owning their own data. One possibility is the shared ownership between the patient and the health system depending on the use; i.e. patients as owners of personal health information but allowing the health system to use deperson-alised or ‘pseudonymised’ data for epidemiological purpose with or without requiring additional consent. Existing models of positive and negative consent from the fields of bioethics and organ transplantation could be a template for consent for processing personal data."

So what are they saying:
1. "Shared ownership" means government control data
2. "pseuodnymised data mans that government pseudonymise data and can redo anothing
3. "with or without requiring additional consent" means that government can do whatever they want.

In other words - this is not the Citizens data - that is empty rethoric. This is about removing all barriers for the system use of sensitive data bout citizns AS GOVERMNENT SEE FIT WITHOUT ANY SECURITY.

From there it only gets worse, because the rest of the report is basically about what Government (bureaucrats) wild to citizens with access to all their data.

The report understand one thing - data is power - power to change and power to control.

The solutions is of course to isolate consent to the specific health professionals included in the specific patient treatment and design Health systems so theire is no need for "consent" to secondary use, BECAUSE IT SHOULD NOT BE POSSIBLE.

Patients come in all tupes, so patients must have the possibility of explicitly delegating manageement to another person acting on her behalf and the setup must take care of special cases - e.g. Emergency Healthcare which you historically have solved by eliminating data security and allowing override meaning that override can always occur.

The appraoch described here does exactly NOT establish empowerment, but combine all health data for secondary use OUTSIDe citizen control instead of solving the same problems WITH empowerment.

0 users have voted.

Oscar Wijsman's picture
Submitted by Oscar Wijsman on Wed, 2012-05-30 17:40

Your assumptions seem to be based on the fact that you mistrust government officials ("bureaucrats") and have no confidence in the European and National laws and legislation. Note that the report was written by a mixed team of professionals, not by bureaucrats. One of the biggest problems in healthcare - and one of the reasons that it has the lowest ICT maturity level of all sectors - is the constant FUD that is spread concerning privacy and security. This keeps all the data in the silos, costing billions and blocking innovation. Ironically, on the other hand more and more medical data resides in commercial systems and platforms with very weak protection and is 'for sale'.

The report has a the paragraph "Important issues to consider" and it also describes the legal basis that is needed. It deals with the concerns that you have. If we do not set the rules now, exactly what you fear will happen: due to the explosion of data and use of e.g. social networks we are no longer in control but commercial parties like Google, Facebook and commercial DNA sequencers in China will be. Furthermore, as patients we will not get access to our data and many doctors will keep working like they did 50 years ago.

Last but not least, note that the vast majority of people that are treated in a hospital give consent to use their data (pseudonymised or anonymised) for research to help others or themselves to get better. The younger generation does not even have a problem at all with sharing their data. So it is not really an issue, as long as we know exactly what we are doing and work this out in a combined effort of all stakeholders but primarily the patient organisations and governments.

2 users have voted.

Engberg's picture
Submitted by Engberg on Wed, 2012-05-30 20:24

I mistrust unnecesary risk of any kind (public or private sector) knowing very well that servers will never be secure and security is eroding rapidly while the interest in secondary (ab)use of data is exploding.

Leaving control of data serverside is inviting for abuse with no means whatsoever to prevent it.

These riks are NOT NECESARY and NOT VALUE CREATING in the form described (even though the report assume so) because we got a lot BETTER ALTERNATIVES than stripping citizen control over their data (as this report assume and aim for).

I will not even begin to consider showing alternatives here just as the report is not even begining to touch upon the technicalities.

I do not consider legal aspects a suitable replacement of security. Laws can be interpreted and easily changed - technology design enforce the principles in the design

I separate between "Civil Servant" that know and respect that his job is to server and support society and "Bureaucrat" that deliberate or not see it as his interest or job to "Manage citizens" on behalf of the "State". The "evil" state is bureaucratic behaviour much more than some totalitarian regime.

One of the characteristics of our time especially in the public sector where citizens rarely have choice or any saying, is that we are rapildy slipping back into Command & Control Economic thinking which is making INEFFECTIVE eGovernment (just as this report will lead to because they assume central control equals effective government).

And yes - I see this report as "Bureaucrats" using nice words to cover the fact that they are implementing Command & Control thinking .

The dividing point is precisely who is in control of data to steer innovation processes and integration in the public sector - citizens or some other interest.

So to recapitulate, I say that this approach aim to strip citizens rights for some bureaucratic agenda that make us LESS EFFFECTIVE and LESS SECURE.

We need to do a lot better.

0 users have voted.

Oscar Wijsman's picture
Submitted by Oscar Wijsman on Wed, 2012-05-30 21:22

No need to write in CAPITALS.... to make your point. The world is not such a bad place as you look at it. The report is not meant to abuse any rights, it aims at a better, much more effective healthcare system of which eHealth is only a part of. It is about our future and affordable healthcare for our children. It's findings also align with a lot a recent international studies by renown scientists, entrepreneurs and researchers. European, Asian as well as American.

Open health data is not a technical issue, technology is already there for a long time and used in many other sectors. Open data in this case means open to the ones that are authorised to use it. It is not about government control, it is patient controlled but the rules must be set together with the government. If we don't do it, the private sector will and we are out.

As an EDP Auditor I am aware that every (ICT) system can be breached in the long term but it is far more difficult to get into a well secured and professionally managed centralised system with save compartments than all the current interconnected local systems that usually have pretty lousy security because lack of knowledge of the system administrators and users. Besides that, if you want to collect medical data just walk around in a large hospital, act like you belong there and you will be surprised how easy it is to get to a lot of data. Security breaches are in 99% of all cases human errors and sloppy users.

This report is not about central control or an Orwellian society that wants to control its citizens, this is what you make of it. Do not mix up primary medical use of data with secondary use like data being (re)used for research or patient access. One example: Because of all the security and privacy FUD that goes around we are now years behind in our cancer research simply because the data is there in the silos but we cannot access it. We could have saved many lives if we just stop with discussions that won't get us anywhere.

1 user has voted.

Engberg's picture
Submitted by Engberg on Fri, 2012-06-01 09:54

I politely beg to differ. We need to do a lot better than this.

First, I appreciate you recognize that the suggestion is about making a centrally managed system and NOT about "Citizen in control". Lets not confuse terms here.

I am well aware of these rather standard argument; but they are wrong - it is based on false dichotomies to favor the centralized bureaucratic & commercial interest over the patient and society need.

I put forward the notation that we need to change this perspective for all the reasons, you claim (and more worrisome assume) central control will bring; citizen-control is to get better security, more value creation/real growth and restoration of fundamental rights and principles.

We need central coordination - e.g. of standards, interfaces, resolution mechanisms, approvals etc. - but most certainly not central control of patient data.

a) Your attempt to make it an Orwellian discussion is out of date. I am not implying anything in that direction.

In my view, our main problem with the democratic system is not that it is totalitarian, but that the structure have problems handling complexity ending up in counter-productive initiatives. Especially in health-care which is our by far most complex and important systems. But e.g. the government created financial crisis getting worse because of symptom management instead of problem solving is another example.

We get increasingly more of what created the problems - pretty much like former Eastern European economics where all problems lead to more damaging and stifling central control - now just with a facade of democratic legitimacy but even worse systems.

b) The main problem is economics - in the public sector the bureaucrat assumption that they know better, in the private sector the focus on marketing targeting. Both forces focus on their centralized control of processes and data instead of real value creation through free choices and needs-driven innovation.

The consequence is adapting citizens to interests instead of process to individual needs ensuring continuous improvements. There are NO real effectivity drivers in the present public sector that is the main source of most of our problems.

Moving REAL control to the end of the value chain is about forcing the systems to become needs-centric instead of control-centric.

c) It is not a question of HIDING information, but in separating information to ensure it is only made available in a form that ensure citizens and the economy are not harmed by Command & Control economics claiming good intentions to justify bad choices.

We want support for secondary requirements e.g. emergency healthcare, closed-loop telemedicine, organ transplants, crime-scene forensics and epidemiological to name five with very different characteristics but badly addressed today. All these are complex but have solutions.

None of these secondary requirements depend on eliminating security and centralizing control - they require coordination, new customized security structures and semantic support.

E.g. if we want to use cloud to analyze blood samples with modern chemometrics - we need to take into account that there is no security in cloud or ambient. Instead we need to shift to a principle of anonymous biological samples as the amount of sensitive information in just one drop of blood is exploding.

If we want the benefits, we must change security perspective. But bureaucrats are not even beginning to ask the questions as they merely assume central control is best, necessary, secure or even beneficial as this report very well documents - there are NO considerations of alternatives or consequences.

d) Digital Security better than physical security

Not this old notion again. It takes a lot of resources to abuse paper based data - it is cheap and easy to scale, target, filter, trigger etc. digital data.

Fact is - you have NO WAY to protect perimeter controlled systems - especially not from the bureaucrats with internal access and "claimed" need.

As an EDP Auditor, you should know this. Otherwise what are you auditing? Some assumed non-optional "consent" ?

We need to target solutions that does NOT depend on "authorizing" access to unsecure patient data to others than those directly involved in the specific treatment.

To do this we need to look into the REAL secondary needs and ensure they are handled upfront - whereas very special secondary need e.g. advanced research move beyond "authorization" and involve the treatment system, e.g closed-loop medication.

e) Intra-hospital security is really hard and both virtually non-existing and rapidly getting worse with new badly designed technology flowing into the hospitals.

We need to look at hospitalization as a temporary situation and not allowing the complexity of securing the hospitalized to eliminate security of all healthcare.

E.g. with real citizen control, control can as part of the start of hospitalization be temporarily delegated to a digital patient Agent which act rules-based with delegated human override on behalf of the patient instead of on behalf of the bureaucrats.

Solving problems starts by recognizing the problems instead of merely addressing symptoms.

1 user has voted.

Engberg's picture
Submitted by Engberg on Fri, 2012-06-01 10:13

The world is not a "bad place" because of intentional evil but because of systems that claiming good intentions promote other interests that citizens. I am more concerned of lack of competences than evil intentions.

Discussions are overloaded with jumping to worsening conclusions based on claimed implicit assumptions with seriously flawed understanding of causalities, challenges and alternatives.

We need another renaisance addressing the world as it is and will be rather than how we like to perceive it.

Change is not just something we observe, it is something we make happen.

0 users have voted.

alorza's picture
Submitted by alorza on Wed, 2012-05-30 19:21

Yes, Health is the big thing about data... and about everything. Public Health Systems are empowering people to manage their own health, so we are reaching a state in which people will contribute their own data.
People are becoming a source of data. At the other hand, now everyone can be a data analyst.

0 users have voted.

Engberg's picture
Submitted by Engberg on Wed, 2012-05-30 20:29

Sure, but there is NO REASON whatsoever that any system or anybody but the citizens herself and those healthcare professionals actively involved in the specific treatment CAN associate the data with a particular person.

"Open Data" is not when Government "pseudonymise" data, but when data need no further pseudonymisation. If someone need more knowledge - ask the citizen or doctor for it and build the ICT to support Empowerment.

We need automated push stuctures - e.g. every time a diagnose is added, my medication is changed or my allergies etc. change, we need to push this to an Emergency Healthcare profile that can only be accessed in case of Emergency overridde.

0 users have voted.

People's picture
fhardes's picture
fredriklinden's picture
keneastwood's picture
Nicholas Bentley's picture
JacintaArcadia's picture
Loankanassy's picture
Kasper Peters's picture
Kristijan Jakic's picture
lpujol's picture
Digital Agenda Assembly engagement
glqxz9283 sfy39587stf02 mnesdcuix8
glqxz9283 sfy39587stf03 mnesdcuix8
glqxz9283 sfy39587stf04 mnesdcuix8