openimis data privacy consultation with DayOne

Data privacy choices – a greenfield opportunity with

Agenda
2
Timing Workshop Section
12:00 Optional lunch
13:00 Welcome
13:10 Introductions
13:25 Malini and her context
13:45 openIMIS an introduction
13:55 Data Privacy Concerns in LMIC setting
14:05 Persona Group work
15:10 Discussion
15:50 Wrap up and reflections

Please let us know if you don’t want your picture
and name used
@openIMIS
@SwissTPH
#dayonebasel
@baselarea.swiss
Social media and reporting on the day

Industry transformation
How will the data game be played?
- market
- low regulation
- data is an asset
- citizen
- high regulation
- data is private
- government
- total control
- data is state owned

Industry transformation
How will the data game be played?
data is a (public)
resource
versus
privacy is a
human right
creating an ecosystem which
allows the data to flow
enabling and accelerating
healthcare innovation
serving the citizen’s/patient’s
needs
1
2
3

Source: http://www.icosystem.com/simplifying-the-complexity-of-healthcare/
Greenfield Opportunity
What opportunities exist when we don‘t have legacy systems?

Agenda
8
13:00 Welcome
13:10 Introductions
15:10 Discussion

Participants and introductions
9
Name Affiliation
Andrew Bushell Oonida
Carsten Danzer Roche
Covino Giancarlo Helsana
Daniel Burgwinkel Information Governance
Dirk Ziegler, Michael Rebhan, Peter Speyer, Abhi Vermu Novartis
Isabel Knodel Gentinetta Scholten
Leila Alexander SPHN
Luis Magalhaes Clinerion
Matthias Cullmann Baloise
Stefan Germann Fondation Botnar
Effy Vayena ETH
Siddharth, Martin Raab, Alex, Goncalo, Torsten Schmitz, Nicole Swiss TPH
Alexandre Schulz SDC
Uwe Wahse, Viktoria Rabovskaja GIZ
Thomas Brenzikofer, Rahel Schneider, Doug Haggstrom DayOne (BaselArea)

Agenda
1 0
13:00 Welcome
13:10 Introductions
15:10 Discussion

Malini lives in the
village of Milimani
Nearest health service
- Dispensary in
Dumila. 20kms away
Nearest Hospital in
Dar es Salaam.
300kms away

Malini lives in the
village of Milimani
Nearest health service
- Dispensary in
Dumila. 20kms away
Nearest Hospital in
Dar es Salaam.
300kms away
OpenIMIS –
Insurance scheme
Agent

What is Malini’s health system context?
14
Source: http://apps.who.int/iris/bitstream/10665/254757/1/9789241512107-eng.pdf?ua=1
Community
Health Funds
(CHF)
National Health
Insurance Fund
NGO based,
savings groups,
etc.
Multiple:
companies –
local/regional
Church
based,
Charitable
health
facilities,
etc.
Single National Health
Insurer

What is the context of Malini’s experience in CHF?
https://www.youtube.com/watch?v=nSB3UCHXnd4

Agenda
1 6
13:00 Welcome
13:10 Introductions
15:10 Discussion

The issue at hand
17
Agenda
2030!
Individual
poverty and
societal welfare
losses
100 million people
pushed into extreme
poverty due to out-of-
pocket payments
400 million people
without access to
complete set of
essential health
services
Ill-health
SDG3,
target
3.8
SDG1,
target 1.3

Universal Health Coverage – a SDG 3 target and systemic
approach to health
UHC
Quality
of health
services
Social
protection
against
health
risks
Range of
health
services
Access to
health
services
18
Equity!
Systems
thinking!

Why openIMIS?
Social (health) protection and financing
schemes
Focus on operational core of
scheme management
Complex business processes linking beneficiary,
provider and payer data (e.g. beneficiary
enrolment, claims processing and provider
reimbursement)
Expanding schemes to
hitherto excluded populations
19

openIMIS – a global good advancing the Agenda 2030 and SDGs
Open source solution
Free download, changes to the code,
feed new developments back to the
Community
Sustainable approach
Continuously improved solution driven
by Open source Software Community
Capacity development and technical
assistance
Interoperable system
Compatible formats and interfaces for
data exchange (international standard
protocols and codes)
Adaptable and modular design
Customizable to different scheme
types, organizational and country
needs
Management
Information System
for social (health)
protection schemes
20

openIMIS Community Resources
5 countries currently implementing the system
• Dedicated development teams
• Implementation support teams
across Asia, Africa and Europe!
www.openimis.org - Home of the openIMIS Initiative
Strategic direction given by a Steering Group
Technical directions guided by a Technical Advisory Group
openIMIS wiki - Read more about openIMIS
www.github.com/openimis - Download software and source code
openIMIS Demo: demo.openimis.org - use the demo now !
openIMIS Service Desk- report issues, bugs, or feature requests !
21

Agenda
2 2
13:00 Welcome
13:10 Introductions
15:10 Discussion

Data Confidentiality
@ re:publica Accra, 2018
Uwe Wahser - DayOneLab, 18.01.2019

22.01.19
Uwe Wahser: Data Confidentiality @ re:publica
Accra 2019 // DayOneLab, Basel
24

re:publica Accra 2019
• December 14-15th, 2018 in Accra, Ghana
• spin-off from re:publica Berlin "Europe’s largest internet
and digital society conference"
• Co-operation of re:publica Gmbh, Berlin and ImpactHub,
Accra
• Support from German Federal Ministry for Economic
Cooperation and Development (BMZ)
• ca. 2000 participants
• 274 speakers from 30 countries
• 110 hours of content
22.01.19
25

Motivation for Participation
Where is the red line?
• benefits of disruptive technologies
vs.
• disadvantages because of weak systems
Example: mPESA Kenya
22.01.19
26

Panel on Data Confidentiality
"Data Confidentiality vs. Shared Data: Enabler or Show
Stopper for Development?"
• Edmund Benjamin-Addy, Cooperative Susu Collectors
Association, Ghana
• Faith Tonkei, National Hospital Insurance Fund, Kenya
• Peter Ngallya, President’s Office Regional Administration
and Local Government (PO-RALG), Tanzania
• Moderator: Elizabeth Mwashuma, Good Partners, Kenya
22.01.19
27

22.01.19
28

Discussion Points
Interview Format
• Definition of Confidential Data
• Benefits of Data Confidentiality
• Data Sharing: Benefits & Challenges
• Protection mechanisms
• Data Confidentiality as showstopper
Q & A with audience
22.01.19
29

Highlights
• Awareness of importance amongst audience & panellists -
"Don't worry - we care"
• "Data confidentiality results in client confidentiality"
• All countries have legal frameworks in place and
organisations act according to it
• Donor support is needed to strengthen systems
• Donors requesting data to plan support
Ø Footage will be available on YouTube
22.01.19
30

Impression
• Unique Session: one of two sessions on Data
Confidentiality
• Involvement of stakeholders from classic organisations rare
• Discussion between society and actors important
22.01.19
31

Further Thoughts
• Cultural parameters for the red line are defined locally
• Also consider Data Validity & Data Ownership
Ø GIZ Guidelines on Responsible Data Use
Looking at openIMIS:
• A robust openIMS can improve Data Protection
• System must be ready for maximum standards
• Support needed for hardening of systems
22.01.19
32

22.01.19
33

Agenda
3 4
13:00 Welcome
13:10 Introductions
15:10 Discussion

Persona Group Work – input into what data should flow and how to get the
balance between openness and privacy
Malini’s story
What data
should flow
today? How?
What data
could flow?
Why?
What can go
wrong?
Discussion
Plenum
5-10 minutes
Introduction of
the story
Group work
~10-15 minutes
What data is missing
to provide care?
What data should be
kept Private (kept
within the
organization that
collects it)?
Group work
~20-25 minutes
What extra data
could flow? To
whom?
What value could be
created? For whom?
Group work
~20-25 minutes
What could go
wrong?
What principles and
guidelines are
needed to prevent
this doomsday
scenario?
Plenum
~40 minutes
Sharing of
experiences and
discussion

Round 1 - Malini – An openIMIS story

Milimani
Dispensary
Hospital
OpenIMIS –Agent
Visit 1
Paracetam
ol
Visit 2
Malaria?
Claims
Registration
data
Visit 1
Diagnosis
HIV
Repeat
visits
Claims
Registration
and payment
data

Milimani
Dispensary
Hospital
OpenIMIS –
Agent
Other
?
Data To Private? Value
Health worker visit data Private?
Insurance ID
Insurance status
Name
Age
Gender
Picture
Immediate Medical History
Diagnosis
Treatment
Prescribed drugs
Health worker claims Private?
Insurance ID
Insurance status
Name
Age
Gender
Picture
Diagnosis
Treatment
Prescribed drugs
Hospital claims data Private?
Insurance ID
Insurance status
Name
Age
Gender
Picture and other identifiers
Patient ID.
Diagnosis (physical check up,
treatment adherence)
Tests, imaging results
Treatment – drugs
Costs
Facility payment details
Hospital visit data Private?
Insurance ID
Insurance status
Name
Age
Gender
Immediate and past medical history
Family medical history
Patient ID.
Diagnosis (physical check up,
treatment adherence)
Tests, imaging results
Treatment – drugs,
Costs
Registration data Private?
Insurance ID
Name
Age
Gender
Picture
Family details
Other identifiers (govt. ID no., phone
number)
Registration data Private?
Insurance ID
Name
Age
Gender
Picture
Family details
Other identifiers (govt. ID no., phone
number)
openIMIS feedback back to health
worker
Private?
Insurance ID
Insurance status
Name
Age
Gender
Picture
Benefit remaining
Claims status (approved or rejected
or partly rejected)
Reason for rejection
Approved payment
openIMIS feedback to insurance
agent
Private?
Insurance ID
Insurance status
Name
Age
Gender
Picture
Family details
Other identifiers (govt. ID no.,
phone number)
openIMIS feedback to hospital Private?
Insurance ID
Insurance status
Name
Age
Gender
Benefit remaining
Claims status (approved or rejected
or partly rejected)
Reason for rejection
Approved payment
Data To From Private? Value

Persona Group Work – input into what data should flow and how to get the
balance between openness and privacy
Malini’s story
What data
should flow
today? How?
Plenum
5-10 minutes
Introduction of
the story
Group work
~10-15 minutes
What data is missing
to provide care?
What data should be
kept Private (kept
within the
organization that
collects it)?

Groups
Group 1 Group 2 Group 3
Andrew Bushell Isabel Knodel Covino Giancarlo
Daniel Burgwinkel Carsten Danzer Peter Speyer
Dirk Siegler Abhi Vermu Luis Magalhaes
Stefan Germann Leila Alexander Matthias Cullmann
Michael Rebhan Effy Vayena
Plus TPH/SDC Plus TPH/SDC Plus TPH/SDC
Room Main room Main room Main room
Doug Siddharth Thomas

Group 1 Round 1
• Missing data/actions –
• Family data
• Village data
• Data consent
• Metaquestions/overarching principles
• Minimum data for any action
• What is the data used for?
• Is the data correct? Is it validated? Can it be deleted when wrong?
• Private – see chart
Round 2
• Should IMIS be used for hospital billing?
• Outcomes data - help to improve process with health dept.
• Specialty care teams to share data
• Health information exchange (HIE)
• IMIS + EMR + HIE – selected use case
Round 3A
• What can go wrong if IMIS + EMR?
• Wrong data to wrong person
• Syncronisation
• More data --> more attractive target
• Identity fraud
• Ownership of data/data access à trust?
• What if the data is misused by the data owner? – selected problem
• Country sells data, changes model, runs out of money?
Round 3B – How to prevent it happening?
• Delete your data – is this even possible – probably not in most systems
• Meaningful individual control – how to achieve this?
• Role of inter country entities? UN – someone else? Who has the right to be police?
• How to certify hosting authorities?
• Global certificate?
• UN rules?

Group 2
Round 1 – What data is private?
• question is rather generic
• data transfer depends always on safeguards available
• privacy is about risk management, not about locking data away
• as seen from Malini eg., privacy does matter a lot - what can save your life can also threaten it
• who owns the data – patient should define own data
• data transfer, important to define: to whom, for what purpose, under which condition
• a significant risk is that you do not know who will manage the data in the future (even NHS tried
to sell patient data), in a LMIC setting that is a question of even higher relevance
• education of patients is important - digital health literacy - so that they can take informed
decisions (e.g. opt-in/opt-out), do they know what data is captured about them?
• Identifiers (like unique ID no.) are important to avoid using private data while referring to a
person across systems.
Round 2 – What additional data could be captured?
• opt-in/opt-out - capture consent for every data element captured
Round 3A – What could go wrong
• what can go wrong - depends on behavioural economics
• risk that too many opt-outs will threaten provision of services/insurance provision
• it has to be clear what happens when you opt-in/opt-out otherwise data captured is inconsistent
• is individual or house-hold consent more appropriate? Based on context this could vary
• opting-out from sharing data should not hinder getting access to services
• important to empower/educate data owners - Carefully design communication and ensure no
negative consequence for not giving consent (treatment should not be affected – no punishment)
• develop a good system to capture consent
• cultural sensitivity in data privacy management
• Perhaps have a minimum set of mandatory consent (essential data to run operations) and ask for
consent to additional data elements
• Have an independent agency monitor whether this consent system is functioning properly
• regulatory frame is crucial - will define which policy can be enforced – define smart protocols
that adjust as per regulation changes

Group 3
Round 1
• Generally persons related data is private.
• Health data is mostly private
This means for the system:
• Transmission of data has to be secure – encryption
• Broader Use of health data is only possible through anonymization
• Specific Use of health data needs consent of patient
What is missing:
- Symptoms
- Access to health history record of health worker (consent patient)
- Transmission of case record/ history to hospital (consent patient)
Additional Story – Use Case
1) Open IMIS offers personal Identification
2) Open IMIS also collects healt data, integrate health record and claoms systems.
Group chose to follow 2) à Data could be provided to third parties (Pharmaceutical
industry)
Round 3A – What could go wrong
• Discrimination of patients: if some one is cronically ill it is better for health
insurer to not cure him than to pay for long term consequences
• Data colonialism: how to fairly distribute the value created by the Data provided
to Industry – will it be used for developing therapeutics that improve healthcare
in LMCs? – do patients/community get their share? (- example coffee: farmer
get’s 2 percent of value of the espresso sold in CH – most likely this scenario will
repeat itself)
• Top Down: Need for a global agreement on governance of health data – will take
more than a decade.
• Audit by ethic commitees
• Bring the decision of data usage back to community/village level – empower
Open IMIS agent to engage this process

Agenda
4 5
13:00 Welcome
13:10 Introductions
15:10 Discussion

Parking lot and final discussion
Key themes
• Data Privacy needs are contextual
including security options
• Option to enable Consent is likely to
be needed

Agenda
4 7
13:00 Welcome
13:10 Introductions
15:10 Discussion

openimis data privacy consultation with DayOne

More Related Content

What's hot (20)

Similar to openimis data privacy consultation with DayOne (20)

More from DayOne (20)

Recently uploaded (20)

openimis data privacy consultation with DayOne