- Any data can be collected and translated into healthcare data.
- Healthcare data collection and its monetisation create new revenue streams.
- Privacy and regulatory concerns accompany healthcare user data collection.
- Healthcare dispersion is shifting user roles to benefit interlinked services that require fewer intermediaries.
Data is the New Commodity
We are all aware of the growing spree of ‘big’ data and how healthcare data has exploded in the last years. With automatisation and rapid healthcare data collection and access, we have also witnessed the entry of major disruptors like Amazon, Google, Apple, and Walmart within the realm of healthcare (Smith 2020). As a corollary, the COVID-19 pandemic has operated as a sheer accelerator of these trends. Innovations that were supposed to exist in three to five years are now current.
Data units have shifted from paper to Electronic Medical Records. Data has grown exponentially at a rate of 1400% between 2013 and 2020 (153 exabytes in 2013 to 2314 exabytes in 2020 growth of healthcare data) (Stewart 2020). ‘Big’ data has a unique healthcare twist: data not explicitly linked to health can be easily attributed as health markers algorithmically. This implies that we can collect almost any data, which can be translated into healthcare data, injecting an enormous amount of value.
In the last ten years, patients have accepted smartphone use as a continuation of their bodies. They trust phone applications that gather user-submitted personal and sensitive data and benefit from all the surrounding data that smartphone interaction constantly produces.
Digital adoption has been a game-changer for the industry, exploding the amount of data involved and the trust users have in their devices (RBC Capital Markets 2020).
Pure Healthcare Data
Clinical data is critical for patient diagnosis, treatment, information, and prevention. More importantly, it also contributes to allocating and distributing healthcare resources (decision making) at a larger scale.
Patient data originate from self-reporting in surveys and forms, information collected at hospitals, pharmacies, health centres, and wearable tracking and connected devices like pacemakers and insulin pumps.
Healthcare Data Can Come With a Price Tag
Understanding the importance of their secondary purpose in the market is a key part of monetising healthcare data. Patient data can be used for research.
An interesting discussion has developed around the idea of patient co-ownership of clinical data. It has been argued that patients benefit from the past use of other peoples’ data in their treatment. In other words, the collection of patient treatment data can help develop, improve, and grow the healthcare data landscape (Ballantyne 2020).
This discussion is linked to the term social license: a proposal for extracting data from primary care medical records for commissioning and other purposes, including research (Carter et al. 2015). These are proposals that tend to make the handling and processing of this data more transparent.
Digital transformation of business models implies acceleration, simplification of processes, making them more efficient and - most of all - cheaper. At the same time, these processes create new sources of revenue streams.
Monetisation can happen in two ways, with clearly different consequences. A business can monetise its own data by opening these to third parties (direct monetisation) or can enhance its proprietary data (or public access data) to improve its services (indirect monetisation).
• Direct monetisation: Companies can, through partnerships, exchange various information elements between partners without an expressed financial transaction. Start-ups may use this information to enhance their product application data with tailored, personalised recommendations. Very common in the U.S. landscape, direct monetisation can also imply selling raw data straight through data brokers. Indeed, some companies are devoted to collect aggregating, enriching, and monetising public data. These can be used for market forecasting, report subscriptions, and creating analytic data services.
• Indirect Monetisation: In this case, companies use insights to improve internal efficiencies (services and outcomes). Businesses can develop products and markets through the use of predictive algorithms, build and solidify customer and partner relationships.
Two classic examples illustrate this principle but also highlight privacy concerns. In 2018, GlaxoSmithKline obtained exclusive access to process genomics company 23andMe’s user data for drug targets (in exchange for $300M USD), which rattled privacy concerns. In November 2019, Ascension, a private healthcare system in the US, partnered with Google, giving access to its patient health records. This move allowed the tech giant to apply Google’s data infrastructure, Google Cloud and G Suite (Schneble et al. 2020). The deal also included enhanced search engine technology on the system’s EMRs, improving patient data search ability from the company clinics. Meanwhile, Google had access to over 50 million health records of patients from different providers without a proper consensual warning from Ascension. This triggered action from several U.S. Senators demanding the respect of patients’ privacy (Landi 2020).
Companies that wish to proceed in the data healthcare monetisation arena should be prepared for complications, depending on where (what countries) they operate.
Growing concerns around General Data Protection Regulation (GDPR), together with potential future developments in European Health Data Space, imply that companies must comply with an extensive list of requirements for collecting and treating personal (and sensitive) data.
The notion of accountability, responsibility, data identification, processing, ethics, staff training, and cybersecurity and hacking risks are traditional obligations associated with the European Union’s regulation.
Companies that collect and treat data require an extensive framework on data protection, data management, data flow, and data asset mapping. This forces entities to track early on how they are collecting data. They also need to justify why they need a user’s consent for providing data, why the data is being collected, data collection limits, and the rejection of irregular data.
Collecting data also entails being accountable and prepared to give explanations to local regulators. Controllers and processors must keep a well-documented track of what is performed in terms of data protection compliance (Westphal and Seitz 2021). Documenting the processes confers a better understanding of the reasons behind these decisions and probably a better position in the case of a regulator’s audit proceeding.
Finally, but not last: ethics. A strong presence of ethics throughout the company’s culture is an essential step in this process. An understanding of ethical data collection in the business context must be complemented with properly documented training sessions for a broad array of employees within the organisation. This guarantees compliant and efficient operation and reduces the likelihood of future violations of user privacy.
The Door is Open
Healthcare is experiencing important changes that have accelerated in the last decade. The shifting role of traditional businesses in the sector and the looming shadow of tech giants constantly create a new landscape almost every six months. At the same time, the phenomenon of healthcare dispersion is shifting user roles to benefit more closely interlinked services that require fewer intermediaries. This gives users more power in protecting their data, together with a growing legal framework that is converging in making the user, in a way, the king. Meanwhile, the discussion on data dignity and data dividend is slowly but surely growing in volume.
Healthcare data monetisation opportunities are available, and the options are laid out. What the market (and we) decide to do with them is still unknown.
Conflict of Interest