One of the first recorded medical devices was the stethoscope in 1816. Fast forward more than a century to 2019, where the world witnessed the creation of an award-winning multi-sensor, implantable cardiac device able to predict potential heart failure weeks in advance.
The data and analytics streamed and analyzed from new connected devices are transforming healthcare as we know it. However, a real challenge in this environment is the sheer volume and scope of data that must be managed and protected. The past three years alone have seen an almost 900% increase in the data healthcare companies manage at their disposal for profit, or peril.
From patient healthcare management to product innovation, Big Data equals big opportunities. And big opportunities equal even bigger challenges.
Chief amongst them are staying on top of the regulatory pressures and compliance frameworks constantly evolving from healthcare’s domestic, global and cross-industry alphabet soup: HIPAA, HITECH, GINA, GDPR, CCPA.
New Industry Imperative: Data Chain of Custody
Of course, these regulations exist for the most important reason of all: protecting consumers who, unlike in other industries, are first and foremost patients seeking quality care they can trust.
In this unique environment, proper data management is critical to 1) protecting patient privacy and 2) and providing product data traceability to reduce product liability risks.
All the more so since data’s not the only thing skyrocketing these past few years. Thanks to the FDA-approved acceleration of data-connected devices courtesy of 2016’s 21st Century Cures Act, so has the competition. The mistakes of mismanaged data are also on the rise: Embarrassing data breaches cost healthcare a staggering $4B in 2019. Medical device recalls reached historic levels in 2018, and over 60 medical devices have been recalled in 2019 alone.
Protecting Patient’s Privacy
At a time when over 150 people have access to a patient’s medical records during the average hospitalization, robust Data Security and Governance is crucial to protecting patient privacy, especially when it pertains to medical devices sharing data across multiple interconnected software and sensors. Securing such data particularly challenging because of the potential vulnerability of high-volume connected endpoints. Not surprisingly, Deloitte expressed concerns in a recent analysis stating, “networked medical devices and other mobile health (mHealth) technologies are a double-edged sword” because they “expose patients and health care providers to safety and cybersecurity risks” which makes them “vulnerable to unauthorized access.”
To address patient data privacy concerns, companies must implement a platform capable of classifying and tagging data based on privacy and security requirements. These classifications can then be leveraged to drive data masking policies, ensuring that only specific parties have access to private data. Furthermore, full visibility to data lineage (describing where data came from and where or who data was made available to) must be provided. Only through implementation of such capabilities can a patient privacy data chain of custody be established and validated on an ongoing basis.
Reducing Product Liability and Risk
Few industries face product liability risks as intensely as the medical device industry. These risks are comprised of two primary components, patient risk and product recall risk. For device manufacturers, the “nightmare scenario” involves a large-scale recall of implanted devices given the negative impact on patients and the high costs associated with resulting surgical removal and replacement. Not surprisingly, for manufacturers in this industry, an ongoing operational imperative remains steadfastly reducing the scope of product recalls.
Doing so requires two critical capabilities. First, corrective actions must be taken as quickly as possible, limiting the proliferation of additional defective products into the field. Second, and equally importantly, is the need to contain the scope of impact by limiting recalls to only those devices with defective designs or manufactured using non-conforming production processes. Achieving this, however, requires the ability to accurately “track and trace” the lineage of each individual device in the field.
Understanding the lineage of individual devices requires maintaining a strict device data chain of custody, providing data traceability across a device’s product lifecycle – from exactly how that device was manufactured to how it is performing in the field. Manufacturers mastering device chain of custody can quickly analyze the root cause of defective products in the field and take corrective actions on only those products designed, manufactured or operated under specific conditions, greatly limiting the scope of devices recalled and reducing potentially catastrophic recall-related costs.
Heal, Not Harm
In harnessing their data to heal, not harm, manufacturers and distributors of life-saving devices become the kind of data custodians doctors and patients can trust.
With the right agnostic cloud partner, like Cloudera, companies can successfully manage data and mitigate risk; make the next award-winning, impossible device possible; and become the trusted data custodians of tomorrow, today.
Click here to learn more about Cloudera’s Enterprise Data Cloud and how it can help you achieve Data Chain of Custody.