Health data

Health data is any data "related to health conditions, reproductive outcomes, causes of death, and quality of life" for an individual or population. Health data includes clinical metrics along with environmental, socioeconomic, and behavioral information pertinent to health and wellness. A plurality of health data are collected and used when individuals interact with health care systems. This data, collected by health care providers, typically includes a record of services received, conditions of those services, and clinical outcomes or information concerning those services. Historically, most health data has been sourced from this framework. The advent of eHealth and advances in health information technology, however, have expanded the collection and use of health data—but have also engendered new security, privacy, and ethical concerns. The increasing collection and use of health data by patients is a major component of digital health.

Types
Health data are classified as either structured or unstructured. Structured health data is standardized and easily transferable between health information systems. For example, a patient's name, date of birth, or a blood-test result can be recorded in a structured data format. Unstructured health data, unlike structured data, is not standardized. Emails, audio recordings, or physician notes about a patient are examples of unstructured health data. While advances in health information technology have expanded collection and use, the complexity of health data has hindered standardization in the health care industry. As of 2013, it was estimated that approximately 60% of health data in the United States were unstructured.

Collection
Health informatics, a field of health data management, superseded medical informatics in the 1970s. Health informatics, which is broadly defined as the collection, storage, distribution, and use of health data, differs from medical informatics in its use of information technology.

Individuals are the origin of all health data, yet the most direct if often overlooked is the informal personal collection of data. Examples include an individual checking off that they have taken their medication on a personal calendar, or an individual tallying the amount sleep they have gotten over the last week. Prior to recent technological advances, most health data were collected within health care systems. As individuals move through health care systems, they interact with health care providers and this interaction produces health information. These touch points include clinics/physician offices, pharmacies, payers/insurance companies, hospitals, laboratories, and senior homes. Information is also collected through participation in clinical trials, health agency surveys, medical devices, and genomic testing. This information, once recorded, becomes health data. This data typically includes a record of services received, conditions of those services, and clinical outcomes consequent of those services. For example, a blood draw may be a service received, a white blood cell count may be a condition of that service, and a reported measurement of white blood cells may be an outcome of that service. Information also frequently collected and found in medical records includes, administrative and billing data, patient demographic information, progress notes, vital signs, medications diagnoses, immunization dates, allergies, and lab results.

Recent advances in health information technology have expanded the scope of health data. Advances in health information technology have fostered the eHealth paradigm, which has expanded the collection, use, and philosophy of health data. EHealth, a term coined in the health information technology industry, has been described in academia as "an emerging field [at] the intersection of medical informatics, public health and business, referring to health services and information delivered or enhanced through the Internet and related technologies. In a broader sense, the term characterizes not only a technical development, but also a state-of-mind, a way of thinking, an attitude, and a commitment for networked, global thinking, to improve health care ... using information and communication technology."From the confluence of eHealth and mobile technology emerged mHealth, which is considered a subsector of eHealth. mHealth has been defined as"medical and public health practice supported by mobile devices ... . mHealth involves the use and capitalization on a mobile phone's core utility of voice and short messaging service (SMS) as well as more complex functionalities and applications including general packet radio service (GPRS), third and fourth generation mobile telecommunications (3G and 4G systems), global positioning system (GPS), and Bluetooth technology."The emergence of eHealth and mHealth have expanded the definition of health data by creating new opportunities for patient-generated health data (PGHD). PGHD has been defined as "health-related data—including health history, symptoms, biometric data, treatment history, lifestyle choices, and other information—created, recorded, gathered, or inferred by or from patients or their designees ... to help address a health concern." MHealth allows patients to monitor and report PGHD outside of a clinical setting. For example, a patient could use a blood monitor interfaced with their smartphone to track and distribute PGHD.

PGHD, mHealth, eHealth, and other technological development such as telemedicine, constitute a new digital health paradigm. Digital health describes a patient-centric health care system in which patients manage their own health and wellness with new technologies that will gather and assess their data.

Data has become increasingly valuable in the 21st century and new economies have been shaped by who controls it —health data and the health care industry are unlikely to be an exception. An increase in PGHD has led some experts to envision a future in which patients have greater influence over the health care system. Patients may use their leverage as data producers to demand more transparency, open science, clearer data use consent, more patient engagement in research, development, and delivery, and greater access to research outcomes. Put another way, it is foreseeable that "health care will be owned, operated, and driven by consumers." Moreover, some large technology companies have entered the PGHD space. One example is Apple's ResearchKit. These companies may use their newfound PGHD leverage to enter and disrupt the health care market.

Uses
Health data can be used to benefit individuals, public health, and medical research and development. The uses of health data are classified as either primary or secondary. Primary use is when health data is used to deliver health care to the individual from whom it was collected. Secondary use is when health data is used outside of health care delivery for that individual.

Digitization and health information technology have expanded the primary and secondary uses of health data. Over the last decade the U.S. health care system widely adopted electronic health records (EHRs)—an inevitable shift given EHR benefits over paper systems. EHRs have expanded the secondary uses of health data for quality assurance, clinical research, medical research and development, public health, and big data health analytics, among other fields. Personal health records (PHRs), while less popular than EHRs, have expanded the primary uses of health data. PHRs can incorporate both patient- and provider-reported health data, but are managed by patients. While a PHR system can be standalone, integrated EHR-PHR systems are considered the most beneficial. Integrated EHR-PHR systems expand the primary uses of health data by giving individuals greater access to their health data—which can help them monitor, evaluate, and improve their own health. This is an important aspect of the digital health paradigm.

Security and privacy
In the United States, prior to the Health Insurance Portability and Accountability Act (HIPAA) of 1996, there were no comprehensive federal policies that regulated the security or privacy of health data. HIPAA regulates the use and disclosure of protected health information (PHI) by specified entities, including health providers, health care clearinghouses, and health plans. HIPAA implementation, delayed by federal-level negotiations, became broadly effective in 2003.

While HIPAA established health data security and privacy in the U.S., gaps in protection persisted. The emergence of new health information technologies exacerbated these gaps. In 2009, the Health Information Technology for Economic and Clinical Health Act was passed. The legislation aimed to close the existing gaps in HIPAA by expanding HIPAA regulations to more entities, including business associates or subcontractors which store health data. In 2013, an Omnibus Rule implementing final provisions of HITECH was revealed by the U.S. Department of Health and Human Services.

Despite these legislative amends, security and privacy concerns continue to persist as healthcare technologies advance and grow in popularity. It is worth noticing that in 2018, Social Indicators Research published the scientific evidence of 173,398,820 (over 173 million) individuals affected in USA from October 2008 (when the data were collected) to September 2017 (when the statistical analysis took place).

Ethical considerations
There are important ethical considerations for the collection and secondary use of health data. While discussions on the ethical collection and use of health data typically focus on research, it is important not to overlook potential data misuse by non-research organizations. It has been argued that the collection and use of health data for any non-clinical purpose, "is ethically sound only if there is (or could reasonably arise) a question to be answered; the methodology (design, data collected, etc) will answer the question; and the costs, including both communal health care resources and any risks and burden imposed on the participants, justify the benefits to society."

Criticism
Many public health experts have been advocating that health data collection may be the best way to analyse information on a large-scale. However, the data-driven approach has also raised concerns on the side of privacy advocates, who worry about how the collected information is going to be used. Privacy advocates have long argued for increased protection of personal health information on fears that marketers, data bundlers or even hackers could sell or divulge the information, possibly affecting people's jobs and credit or leading to identity theft. In fact, there are so many different issues to consider, including questions about preemption, enforcement mechanisms, regulatory structure, civil rights implications, law enforcement access and algorithmic accountability.

Governance
There are important and growing opportunities to use health data for improving healthcare quality, surveillance, health system management and research. It is essential to leverage such potential while managing possible risks related to the misuse of personal data. In order to achieve that, appropriate governance frameworks are needed.

At the global level, a strategy on digital health was drafted at the 71st World Health Assembly, in May 2018, in close consultation with Member States and with inputs from stakeholders. The document identifies priority four strategic objectives, emphasising the importance of the transfer of knowledge amongst member states. The framework for action also proposes the creation of an international convening mechanism for validation of artificial intelligence and digital health solutions. This mechanism will enshrine the value of health data and associated digital health products as a global public health good and call for action to safeguard the anonymity of health data providers, mitigate challenges and ensure universal access to digital health products and technology.

In Europe, a multi-stakeholder collaboration has started, aiming to harmonise clinical data and develop a 21st-century ecosystem for real work on health research in the region. The European Health Data & Evidence Network (EHDEN) is building a data network to perform fast, scalable and highly reproducible research. According to their website, the goal is to standardise 100 million patient records across Europe from different geographic areas and data source types, such as hospital data, registries and population databases.