Longitudinal data, i.e. data collected from an individual at multiple points in time, can be very useful to medical researchers and provide valuable insights into health and illness. A famous example is the Framingham Heart Study, which was initiated in 1948 and continues on today. Researchers have followed three generations of participants, collecting and analyzing data to successfully identify the common characteristics and risk factors associated with cardiovascular disease. This type of health data use is common in clinical research and epidemiology, where aggregated data can reveal important information that leads to improved patient care and public health practices. However, health researchers motivated by advancing medical science are not the only ones interested in longitudinal data collection. Commercial companies motivated by profit are interested too.

There is a multi-billion dollar industry that exists around the buying and selling of medical data. Despite the fact that this is a common practice, many people are unaware of it. Data brokers pool data from hundreds of millions of pharmacy prescriptions, medical records, insurance claims, etc., and then slice and dice the information to sell to interested parties. This is technically allowed under the Health Insurance Portability and Accountability Act (HIPAA) because the data is intended to be anonymous. The medical information is not tied directly to a name, social security number, or detailed address. However, data brokers still add unique numbers to the data they collect, which allows them to build detailed patient dossiers by linking different pieces of information to the same individual. And with today’s advances in data mining technology and the vast amount of data available, the re-identification of anonymized data has only gotten easier.

Overall consumers have a troubling lack of control when it comes to their own medical data. We’d like to think the information we share with our healthcare providers remains private but this is not the case. In fact, the legal right of commercial companies to collect and sell health information without the explicit permission of the patient has been upheld by the Supreme Court. In the 1990s, the dominant player in the medical data trading industry began selling data to pharmaceutical companies on what individual physicians were prescribing to patients. These drug companies would then use the information to better tailor and target marketing and sales efforts. Once people caught on and started to complain about the invasion of privacy for profit, a few states passed legislation to limit the trade of prescriber-identifiable information. The major data broker then took them to court and won on corporate “free speech” grounds.

So why are the rights of data brokers to sell data privileged over the rights of patients to manage their own health information? Patientory does not have an answer to this question but we do believe in the power of blockchain to shift this paradigm. Distributed ledger technology has the ability to democratize data access by securing and validating data through a network rather than a single database. In addition to addressing cybersecurity and interoperability issues, blockchain technology can place the control of medical data sharing into the hands of individual patients through an app like Patientory’s. We believe consumers have a right to access their own health information and limit or permit the use of it as they see fit.