Wearable technology has begun to see an explosion in adaptability over the last decade, both in public and in …
This article is the third article in our article series titled “Wearable Devices for Lifestyle and Medical Monitoring”. Readers can access the other articles here:
Section 1: “General Problems in Existing Health-Care System and How Personicle Addresses These Gaps”
Section 2: “Details of Device Ecosystem, Type of Data Being Generated and Why These Architectural Decisions”
Section 3: “How Personicle Addresses Technical Challenges in Leveraging Data from Wearable Devices”
There are various technical challenges that need to be resolved for wider adoption of the data, devices, and algorithms in clinical settings. These include user privacy, data security, system interoperability, extensibility, and cybersecurity.
According to a study by Deloitte, 40% of consumers in the U.S. who use smartwatches and fitness trackers are concerned about data privacy. This percentage jumps to 60% of smartwatch or fitness tracker users who subscribe to services that provide personalized health reports from their data.1 It is very clear that users are concerned about wearable data privacy, and that trust between users and data collection agencies must be established by ensuring both data privacy and security as it pertains to health data. The main challenge is that the users do not own their own data; rather, the manufacturers are the sole proprietor of the data. Users are concerned that this lack of ownership over their own data will result in manufacturers sharing patient information, whether deliberately or inadvertently. Email addresses, patient age, social media accounts, location, sex, GPS-tracked activities, and health information are all examples of data that users do not want to be leaked or publicized. Furthermore, the algorithms being used are highly sophisticated and have the capacity to cross-reference biometric data from wearable devices to other digital traces of users’ behavior, leaving them highly vulnerable and unprotected.2 These snapshots into the lives of patients make them easy targets for hackers, undesired 3rd parties, and those looking to commit identity fraud. Hackers can access wearable devices when they are left unattended, and this is exacerbated by the fact that they are connected to the company server 24/7 to enable data exchange. The lack of a bio-security system results in unwanted information exposure to others both inside and outside the organization, the consequences being users rejecting wearable health technology until these data security issues are resolved. User privacy is a major concern for Personicle. It is the collective responsibility of data collection agencies and those using the data to secure data on devices, data transferred over networks, and data hosted on a service’s infrastructure. The Health Insurance Portability and Accountability Act (HIPAA), a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge, must be involved to set the standard for patient data protection. There are many ways of providing privacy and data security to the end-user and HIPAA and laws that ensure user privacy will have to comply with those on an individual basis. HIPAA only defines the guiding principles and how much control the user will have over the data. It does not define how exactly the user privacy and data security protocols will be set up. The research is ongoing and Personicle will incorporate the latest stable research ensuring data privacy while allowing interoperability of data and maximum value to the user. Using a firewall and VPN, creating an elaborate password policy, backing up data regularly to avoid ransomware attacks, building a cybersecurity culture, using relevant development practices, performing third-party security audits, and limiting the impact of unauthorized data access (including not storing plain text passwords, managing employees’ permissions, monitoring network, and actions, and using at-rest encryption) can result in Personicle being among the best in data security and privacy.3 Users must also have complete control over their data and who has access to the data (3rd party applications), and non-disclosure agreements set in place for those who leave Personicle having had access to privileged information.
Doctors have been expressing skepticism with respect to the utility and accuracy of the data as well as the errors that can be present upon collection, and analysis of the data itself. Doctors want and need to be able to trust in the veracity of the data they are working with. It is known that the companies responsible for producing consumer wearables are not held to the same standards of safety and liability as medical professionals, and so it is natural for a medical professional to express skepticism when being presented with the opportunity to use this data in their field. Inaccurate data can create more problems instead of solving them and can have a negative impact on patient care and quality of life. The data must meet requirements for clinical use otherwise doctors can dismiss the data. Comparative studies looking at the differences between various wearable devices show notable differences in accuracy, with error margins up to 25%.4 The reliability of wearable devices released to the market should be carefully addressed, as this can cause severe skews in the accuracy of the data. This is especially important when these devices are used for the detection of chronic and fatal diseases in patients, such as melanoma. Another issue that needs to be addressed and that may have significant repercussions for data accuracy is the inconvenience of patients being expected to manually input data to health care providers. According to a survey performed by Healthcare Information and Management Systems Society (HIMSS), 70% of physicians cited wanting to automatically receive the data without patient input.5 Patients may log inaccurate data, have technical issues with their wearable devices (including errors due to improper usage), and raise false health scares because of improper input or usage.6 The utility of data, data accuracy, and data error are three attributes of the data that can be significantly improved by collecting data from multiple sources. By querying different sources for the most accurate data, Personicle can effectively reduce the inherent error in the data and improve accuracy, assuaging concerns and addressing skepticism from medical professionals. It is unlikely that all devices used will malfunction at the same time or encounter the same data collection errors. Knowledge-driven and data-driven quality filters must also be utilized to establish the veracity of the data. For example, a person’s heart rate should not go below their resting heart rate or above 220 minus your age (in years), which is the expected maximum age-related heart rate threshold from the biomedical literature.7 Factors that keep the device or data from compliance can be mitigated by fostering partnerships between consumer wearable companies and health care professionals.8 This will result in a symbiotic relationship combining data and health care in a way that benefits all involved and produces valuable clinical outcomes. Health care providers can assist consumer wearable companies by actively leveraging the data. Working together will also help create a standard for the accuracy of data, narrowing the gap between clinical practitioners desiring regulated medical outcomes and consumer wearables giving directional advice. This will effectively reduce the risk of consumer wearables for health becoming an alternative system of companies that do not have standards for transparency, accuracy, or protection in place - which is easily avoidable if wearable health technology is integrated into a holistic, data-driven health ecosystem that embraces early detection and disease prevention.9 The strength of partnerships between wearable companies and health care professionals will result in stronger and unbiased algorithms that provide more value and insights for helping patients and wearable device users with supporting their overall health, deepening trust. Further trust can be established by setting non-negotiable, transparent requirements for security, privacy, sensors, how data is captured, and data validation.
The healthcare industry lacks the platforms required to accommodate a continuous influx of data streams from individual patient devices into the EHR. There are a variety of methods available for data ingestion including proprietary, distinct, and closed communication, but this is in fact a detriment. The variability in data from different sources causes issues for EHR systems to communicate and transfer data streams, leading to a lack of system interoperability.10 The subsets of data that are created become challenging to integrate with the historical data and thus become secondary in value. To add to this, data overload results in large amounts of data that must be interpreted, extracted, compressed, and processed into simpler and more usable forms before being useful. Large volumes of data and notifications can also result in alert fatigue for clinicians in their clinical support systems. Health systems are not well-equipped to store ever-growing databases containing patient data. A challenge for data scientists and data analysts is to not only clean and reorganize data for analysis, but also how to deal with the life cycle of such data and inject it into provider workflows.
Plug-and-play interoperability is a good solution which helps accommodate the continuous influx of data streams continuously from individual patient devices into the EHR. It is defined as “software or devices that are intended to work perfectly when first used or connected, without reconfiguration or adjustment by the user.” It helps standardize platforms and integrate these information islands, a standard that already exists in the world of consumer electronics as consumers demand simple and seamless functionality. Plug-and-play standards require ease of use, device compatibility, and streamlined scalability and reconfigurability between different vendors; systems must be able to detect new devices, negotiate communication, and allow devices to synchronize and work with each other. 11 The requirement for interoperability between systems is growing, and third-party applications have become a viable and workable solution. Partnerships between third-party application developers and the health-care sector are imperative to achieve system interoperability between wearable health devices, providers, and EHR platforms. Due to the large volumes of data causing alert fatigue in hospital clinical settings, data must be extracted and presented using machine learning and artificial intelligence (AI) algorithms. However, the issue with these algorithms is not holding up in live clinical settings. Successful solutions to patient data integration should be able to sift through the immense amount of data and automatically deliver meaningful and actionable items to providers.12 Finally, a strong user interface (UI) is necessary and as a result, a drive to include UI designers in a cross-functional informational technology (IT) team. This offers provider engagement and buy-in during the implementation process. The multidisciplinary skills of such teams can offer improved UIs combined with IT expertise and enhance the ability to comprehend wearable patient data.13
The sensor ecosystem is changing rapidly. Researchers are continuously coming up with new sensors that identify different digital biomarkers for individuals. These sensors and sensors at a very high level have three main components: (1) Modality – the ability to collect a measurement, (2) Data communication mechanisms to communicate with other devices or Personicle, and (3) Data Structure. The issue that will be encountered when implementing such a system revolves around Points 2 and 3, connecting sensors to different types of devices as well as the problem of data structure which is addressed by extensibility. Personicle addresses how we can incorporate data with a different structure into our database schema. Personicle requires a data model that can easily ingest new and undiscovered data streams, effectively making the model future-proof. An example of a real sensor that is under development and has not been previously implemented is the IoT medical tooth mounted sensor; it is embedded in teeth and is used to monitor food consumption level using both bacterial optimization and an adaptive deep learning neural network.14 Extensibility is defined as “a measure of the ability to extend a system and the level of effort required to implement the extension. Extensions can be through the addition of new functionality or through modification of existing functionality”.15 Personicle is interested in the expanding space of sensor technology and open to incorporating them into our system. The goal is to build a system that can leverage large amounts of data from varied sources, and this requires a few fundamental steps such as those used in other extensible data models, effectively creating a model that is data-centric. Personicle wants to be able to add these sensors without having to fundamentally alter the system. These new sensors will give new parameters and metrics about the human body, providing more comprehensive insights and a holistic overview of a patient’s overall health.
The problem of designing a data model that can be easily extended to accommodate new data streams has been addressed in different contexts such as the Observational Medical Outcomes Partnership (OMOP) Common Data Model (CDM). We need to take lessons from models like the OMOP CDM while designing a comprehensive data model for Personicle. The OMOP CDM allows developers to extend the data model and incorporate new sources of data without affecting existing data storage. It is an open community data standard, designed to standardize the structure and content of observational data and to enable efficient analyses that can produce reliable evidence, complete with OHDSI standardized vocabularies. The OHDSI vocabularies allow the standardization of medical terms to be used across the various clinical domains of the CDM.
Like any data-driven organization, cybersecurity practices are essential to the success of Personicle. Personicle will be adhering to industry standards to ensure and protect against cybersecurity threats. Cybersecurity must be integrated into the heart of product development cloud computing, software, and supply chains. The best practices include: Raising cybersecurity awareness: employing a people-centric security approach, reducing the level of employee negligence, and informing employees about common phishing techniques. Limiting access to critical assets: securing access from remote devices, handling passwords securely, and applying the principle of least privilege. Protecting sensitive data: keeping an eye on users with enhanced privileges and knowledge of company secrets, monitoring third-party access to Personicle data, and backing up sensitive data in a place that is not readily accessible to others outside the organization. Building a robust cybersecurity policy: forming a policy that is hierarchical in nature, ensuring IoT security to and protecting your corporate network, conducting regular cybersecurity audits, and simplifying your technology infrastructure. Protecting access with efficient identity management: employing biometric security protocols and using multi-factor authentication. 16