Here is some thinking we (MoH people) are doing about the broader Data Guardianship model. At this point we have more questions than answers - please feel free to add your questions to the conversation.Data Strategy_v0_2_20190320.pptx (5.98 MB)
Timely, I just got send this today
opengraphobject:[351561256132474 : https://data.govt.nz/about/data-strategy-and-roadmap-setting-the-direction-for-new-zealands-data/ : title=“” : description=“”]
Excellent, now we just need to work on coming up with the answers… 
I’ve been reading through the latest Jon. I think we have answers to some questions - it’s just whether the answers are sufficient for future we are moving into. I would suggest they are generally not and more/new thinking is required. Perhaps in response to the questions we will need to split the content into “what we know now / how we operate now” and "where we need new thinking / activities / prccesses / guidance’.
Have made some updates from Darren’s conversation.
This may be of interest. Currently considering Maori Data Sovereignty implications in implementing a multi-agency family violence safety planning and service provision ecosystem…
https://www.sftichallenge.govt.nz/sites/default/files/2018-09/Māori_Data_Futures_Report.pdf
opengraphobject:[351561256314892 : https://www.sftichallenge.govt.nz/sites/default/files/2018-09/Māori_Data_Futures_Report.pdf : title=“” : description=“”]
That is handy - @simon.ross is working on this for us.
opengraphobject:[351561256314892 : https://www.sftichallenge.govt.nz/sites/default/files/2018-09/Māori_Data_Futures_Report.pdf : title=“” : description=“”]
I really liked the idea of “Delegate decision making to domain experts where possible to reduce delay in decision making”.
There is a wealth of expertise in New Zealand already, regarding ‘big data’ security and privacy. I believe domain experts are well positioned to take on some of this responsibility
How do you identify and triage for gaps in the datasets that it might be desirable to begin collecting within the ecosystem? There’s a risk potentially that we concentrate on digitising and curating datasets we already have and overlook the complementary data and/or process analysis that could provide insight into (dare I suggest) value, that would then lend itself to system level design.
That is a very good point Elliott. Fore example, there are several studies have shown that the combination of imaging data and clinical notes leads to much better prognostic models.
Yes, I accept that we currently capture data from which there is significantly more insight to extract. This is necessary work and the processes around guardianship and access etc are a pre-requisite. But if we focus for too long only on today’s data we may miss the wood for all the trees in the way and delay reaching the future system (which I would argue must be significantly value-based).
I totally agree. The guardianship and ethics of (clinical) big data is a must. But I believe we should consider a more holistic approach. As you said, otherwise we might miss the wood for all the trees.
Just found time to look at the Data Strategy and Ecosystem slide deck. Great work!
I have a few things to add into the mix:
-
Interesting discussion from Tisne who believes data ownership is a flawed concept and that Property frameworks are vulnerable to the illusion of “consent.” – it’s time for a data bills of rights : https://www.technologyreview.com/s/612588/its-time-for-a-bill-of-data-rights/
-
Note the recommendations made by the NCVHS (National Committee on Vital and Health Statistics) regarding the deidentification standard under HIPPA (safe harbour 18 identifiers and expert method determination) and concerns about re-identification risk including inference risks. https://www.ncvhs.hhs.gov/wp-content/uploads/2013/12/2017-Ltr-Privacy-DeIdentification-Feb-23-Final-w-sig.pdf
-
I am interested in people’s thoughts about privacy and ethical risks associated with using de-identified data sets – the New Zealand HIPC only covers information about an identifiable individual. Nowhere in the Code is the word ‘re-identification’ mentioned (hardly surprising - the code was drafted in 1994). Section 22H of the Health Act 1956 allows the sharing of health information that does not enable the identification of the individual to whom the information relates. Similarly, the Health (Retention of Health Information) Regulations 1996. These statutory frameworks are considerably out of date given the advances in re-identification techniques. Amongst other things, do we have a list of identifiers to be removed for de-identification like HIPPA? Should we have such a list?
-
Should we manage down-stream use of de-identified data sets which may result in re-identification ? How do we assess re-identification risks?
-
The draft NEAC standards refer to re-identification and non-identifiable data but do not address many of the issues raised by the expert evidence given to the NCVHS and its recommendations. Are we behind the 8 ball?
-
For an interesting discussion on Data and human rights – refer to the Berkman Klein Center for Internet & Society Research Publication Series: https://cyber.harvard.edu/publication/2018/artificial-intelligence-human-rights
-
I don’t think we need to get consent in some circumstances if we have done a good job of being transparent and I would tend to avoid complex models of dynamic consent etc with individual data vaults –consent may be illusory
-
I think we need to look seriously at risks around The Internet of Things : https://www.telegraph.co.uk/technology/2019/02/22/medical-app-told-facebook-users-periods-investigation-finds/
-
We need to think about using Citizens Juries, People’s assemblies …. The NHS appears to have established a system for including deliberative democracy through its Patient and Public Voice (PPV) programme, apparently mandated by legislation. The following link explains the recruitment process for PPVs in the digital health prgrammes https://www.england.nhs.uk/publication/recruitment-of-patient-and-public-voice-ppv-partners-for-digital-health-programmes/
-
Check out the NHS - Code of conduct for data-driven health and care technology Updated 19 February 2019 https://www.gov.uk/government/publications/code-of-conduct-for-data-driven-health-and-care-technology/initial-code-of-conduct-for-data-driven-health-and-care-technology
-
A plea for data governing bodies to have multi-disciplinary membership !
opengraphobject:[351561256594409 : https://www.technologyreview.com/s/612588/its-time-for-a-bill-of-data-rights/ : title=“It’s time for a Bill of Data Rights - MIT Technology Review” : description=“As the US Senate debates a new bill, a data-governance expert presents a plan to protect liberty and freedom in the digital age.”], opengraphobject:[351561256594410 : https://www.ncvhs.hhs.gov/wp-content/uploads/2013/12/2017-Ltr-Privacy-DeIdentification-Feb-23-Final-w-sig.pdf : title=“” : description=“”], opengraphobject:[351561256594411 : https://www.gov.uk/government/publications/code-of-conduct-for-data-driven-health-and-care-technology/initial-code-of-conduct-for-data-driven-health-and-care-technology : title=“Code of conduct for data-driven health and care technology - GOV.UK” : description=“”], opengraphobject:[351561256594412 : https://cyber.harvard.edu/publication/2018/artificial-intelligence-human-rights : title=“Artificial Intelligence & Human Rights | Berkman Klein Center” : description=“A legal analysis of some of AI’s promises and challenges to conceptions of human rights.”], opengraphobject:[351561256594413 : https://www.telegraph.co.uk/technology/2019/02/22/medical-app-told-facebook-users-periods-investigation-finds/ : title=“Medical app told Facebook when users were on their periods, investigation finds” : description=“Health and fitness apps are sending Facebook sensitive information about their users’ body weight, menstrual cycles and pregnancies in ways which would allow it to be used for targeted advertising, according to reports.”], opengraphobject:[351561256594414 : https://www.england.nhs.uk/publication/recruitment-of-patient-and-public-voice-ppv-partners-for-digital-health-programmes/ : title=“NHS England » Recruitment of Patient and Public Voice (PPV) partners for digital health programmes” : description=“Health and high quality care for all, now and for future generations”]
That is awesome Rochelle - there is lots to think about here…