Using Predictive Analytics for Population Health Management and Public Health Emergencies: Ethical, Legal, and Policy Considerations

July 19, 2018|12:43 p.m.| ASTHO Staff

Predicting the future with data analytics and technology is quickly becoming a reality for making better sense of public health data to inform interventions that will improve the population’s health. As the field of public health informatics continues to evolve its capacity for predictive analytics, ethical and legal challenges remain in terms of maintaining privacy and developing sound policies and infrastructure to support data usage, data sharing, and standardized practices.

Predictive analytics and other forms of computational modeling uses data to help state and local public health departments predict the probability or likelihood of a natural disaster, the potential onset and spread of a disease outbreak, the amount of vaccines required to meet future population demands, the amount of resources required to adequately respond to a crisis, and the likelihood of a biological or chemical attack. Clinical care provider communities also use predictive analytics and other forms of computational modeling to inform decisions on patient populations, health insurance risk profiling, staffing and resource estimates, disease screening protocols, medical errors management, and in scheduling appointments. One example is the use of predictive analytics tools to combine electronic health record (EHR) and prescription drug monitoring program (PDMP) data with a patient’s social determinants of health to develop a profile for patients at risk of substance abuse and help providers anticipate how their prescription decisions might affect those patients. When developing predictive models, it is important to ensure compliance with statutes and regulations on data access, usage, storage, and sharing.

Ethical Considerations

Organizations have outlined ethical guidelines for data and information exchange that are compliant with federal and state laws. The Annie E. Casey Foundation supported the MetroLab Network in the development of the First, Do No Harm: Ethical Guidelines for Applying Predictive Tools within Human Services report, which outlines four principles for ethically applying predictive technologies. The American Health Information Management Association established a Code of Ethics for health information management professionals. Additionally, the Office of the National Coordinator for Health Information Technology (ONC) published a report on the health information technology infrastructure needed to support accountable care arrangements. ONC suggests that privacy and security policies should protect patients, providers, and the organizations participating in the agreement and inform patients about how their data is being used.

Legal and Policy Implications

Public health informaticians are moving toward solutions that are adaptive and responsive to disease outbreaks and public health emergencies by leveraging advanced tools for data sharing and exchange across multiple organizations. Therefore, it is important to establish a governance infrastructure for data sharing to ensure that the public health response is informed by the most accurate and up-to-date evidence. The Organization for Economic Cooperation and Development Council recommends countries develop and implement health data governance frameworks using effective consent approaches that secure privacy while enabling analytics of interest to the population’s health. One example includes the international response to the Zika virus where more than 30 global health organizations issued a joint statement committing to data sharing to avoid untimely access to relevant data and highlight a path to implementation for data sharing during public health emergencies. Researchers from the University of Pittsburgh, the University of Toronto, and the Bill and Melinda Gates Foundation conducted a systematic review of the barriers to public health data sharing, including the lack of trust between data provider and user, restrictive policies that limit data sharing, and lack of official guidelines.

Many states are currently exploring their own statutes and regulations around data access and sharing. For example, New Hampshire has a provision in its statutes that allows for obtaining patients’ medical records if a medical director determines that this information is essential to the care or treatment of a person; however, the facility must first receive a person’s written consent. Nevada also permits disclosure of personal data to a qualified member of staff when the administrator believes it is necessary for the proper care of the patient. The American Public Human Services Association’s National Collaborative Analytics Committee has identified and developed tools, including the Guide to Data Management, Privacy and Confidentiality, and Predictive Analytics, for states to explore the legal aspects of data sharing and consent, along with an inventory of data sharing statutes.

Various federal agencies, such as the National Institutes of Health (NIH), have also started compiling samples of data sharing agreements and policies to advance precision medicine where data sharing is necessary to specify requirements and expectations for investigators working with individuals’ data, as well as outline guidance on data sharing internally and externally. The U.S. Department of Defense and NIH developed a Federal Interagency Traumatic Brain Injury Research Informatics System as a central repository and resource for data sharing to promote collaboration and advance knowledge on characteristics, prevention, diagnosis, and treatment of traumatic brain injury.

The most relevant federal law that addresses data sharing and use of health information is the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. HIPAA encompasses most clinical health data and EHR data and sets standards that certain entities meet to ensure privacy and security for patient data. A provision in the rule permits data sharing and access for public health agencies to carry out their duties in the event of an emergency or legitimate need. Public health agencies must clearly communicate goals, requests, and the steps they will take to ensure data confidentiality.

Predictive analytics is becoming a trusted tool for analyzing complex public health use cases and provides the basis for developing hypotheses to test state public health intervention strategies and technologies. The Data Analytics and Public Health Informatics team within ASTHO’s Center for Population Health Strategies is committed to examining the changing landscape of data sharing and exchange, how predictive analytics models will be validated and verified for population health management and public health emergencies, and how policies will be crafted with consideration to privacy.

Tell us what you think icon that links to an evaluation form for blog post