Prevention is better than cure: Why we should be proactive in Digital Health regulation and standardisation enforcement

What are the potential pitfalls to watch out for when it comes to the innovations leading digital health forward?

Words by Dr. Ryan Grech and Dr. Dylan Attard, Clinical & Health Tech Advisors for MedTech World and two of the co-founders of Digital Health Malta.
The digitisation of healthcare is incredible. The opportunities for better healthcare delivery, improved staffing and patient satisfaction are endless. Despite all this, we must always keep in mind that nothing in the world is perfect and whilst we should always be open to innovations we must never be blindsided by potential problems or hazards that digital brings along with it. After all, nothing is perfect.
We have thus decided to write a bit more about the threats that digital health brings with it and why we should be proactive in digital health regulation and standardisation enforcement. Our aim is not to stifle innovation or breed doubts in people’s minds but rather to make sure that everyone is aware of potential pitfalls. By generating discussions around these we hope that they will be firmly embellished into the relevant stakeholders’ brains to make provisions and ensure appropriate design as well as plan for any contingency. The below list is certainly not exhaustive but we identify three areas where we are already seeing the reality behind the promise.

Interoperability and standardised data

Health and by association digital health depend a huge deal on interoperability and data forms that are standardised across the country and ideally, across the world. Interoperability encompasses a broad range of definitions but they all relate to each other in their simplest form, the ability of two or more systems to communicate with each other and exchange data/information. A simple example is the USB stick (technical interoperability). You can transfer data from any personal computer irrespective of the operating system be it macOS or Windows or Linux.

Med-Tech Dylan Ryan AI digital health regulation — *Dr. Ryan Grech, and Dr. Ryan Attard, Clinical & Health Tech Advisors for MedTech World and co-founders of Digital Health Malta.*

In the world of health data, there are already a number of international set exchange standards such as Health Level Seven International (HL7) or the newer HL7’s Fast Healthcare Interoperability Resources (FHIR) which lends itself to the development of health apps that run on different systems. And obviously, this is a good thing but the more countries and health systems, private enterprises and even individual hospitals invest in technology the more they might want to keep their tech locked away from the rest of the world. There are several reasons why they might want to do this, for example, by making it harder to access and exchange data they will make it tougher for patients to leave their practice or even almost inaccessible for new start-ups to gain entry into the market. It is, therefore, our responsibility to ensure that this does not happen.
The price is too high to let this happen like in other industries. The payout of a globally interoperable and interconnected health care system will ensure faster and better quality research, cross-border care and enable all data to be meaningfully utilised. Ultimately, it will improve the health and well-being of patients worldwide.

AI Bias

Machine learning a term that is thrown around often. Looking at it simplistically, machine learning is a way for computer algorithms that learn from their mistakes and improve automatically through an iterative process. For example, sticking to a clinical scenario, from data that is fed to it, it learns that a certain subgroup of people with certain features are more prone to develop diabetes therefore it recommends a particular management plan for individuals who are at high risk. You might have already guessed that the algorithm will only learn based on its experience (data provided).
Therefore, if for whatever reason mostly Caucasian profiles are fed through this algorithm, it will think that only this subset of individuals is at an inherent risk. So what happens if for example an Asian individual who may still be at high risk for diabetes is put through the algorithm? Well, you guessed it. Probably the algorithm will not suggest the same management plan as it has been biased from the previous experience.
And this has already been happening. A study, published in Science on 24 October, demonstrated that a particular algorithm used by hospitals and insurers was less likely to refer black people than white people who were equally sick to programmes that aim to improve care for patients with complex medical needs.
The more we leave these algorithms without a real-world experience the more they will reinforce their bias which will result in discriminatory medicine. Again, this doesn’t mean we do not use AI because the wealth of support that AI systems can offer healthcare systems is immeasurable. But we need developers to be aware of this problem and more importantly, address it, whilst regulators need to enforce it.

Hacking medical devices remotely

Newer implants, remote monitoring devices and even medical tools are increasingly becoming wirelessly connected via the internet to hospital systems or health portals. The internet of things in medicine has opened a new world. Whilst remotely we can see the blood pressure of John Doe we can also know where our X-Ray machines are within the hospital in real-time or how many beds are available. Incorporate that with predictive analysis and you can also have an accurate idea of how many beds you’ll have available by 6 pm based on the current hospital admissions and reason for admission. But just like any other industry, the more wireless connections you have which sometimes extend beyond the local network the weaker the system is and thus the more prone healthcare systems and patients are prone to hacks which could prove fatal.
For example, in 2011, a researcher pointed that it was possible to hack a Medtronic insulin pump and make it administer a fatal dose of insulin. Pacemakers can be hijacked and data leaked and similar to the above drug infusion pumps remotely controlled and much more. Whilst we expect that new technologies which improve morbidity and mortality are adopted at our local hospitals, it is of utmost importance that we demand healthcare institutions to have top-notch security and regulators to breathe down their neck and those of any private institution involved in connected healthcare systems.
Whilst we do not want to alarm anyone, the message we want to pass is for healthcare boards who have never thought about this to make sure they tighten their security. What 10 years ago was only thought of as part of a James Bond movie, today it is an ever-present danger with governments and healthcare institutions needing to invest in adequate security to prevent external unwarranted access to personal data which in itself can be harmful to the hacking of equipment which can result in harm and even have fatal consequences.
We want to reiterate our message here. Health tech is extremely beneficial. But with everything in the world with the upsides, there is always going to be some downsides. The important thing is that we constantly identify these and not stick our head in the sand but rather incessantly be vigilant and proactive whilst at the same time ensure appropriate contingencies, such as proper digital health regulation are in place if something goes south.