Privacy-First: What Lies Ahead for Healthcare Digitisation?

Privacy First - What lies ahead for healthcare digitisationImage | Pixabay.com

As plans to develop vaccine passports for travel, leisure or work purposes gain pace, there is still far too much confusion and resistance to the concept amongst a large swathe of the British population.

Young people are highly suspicious of the idea of sharing their personal medical data with nightclub bouncers, for example, to enter a club. Yet the UK government is pressing ahead with the strategy, recently announcing that, from September onwards, COVID-19 vaccine passports will be necessary to enter events or public places with large crowds.

Too many people continue to view the requirement to show a digital health certificate to gain entry to an event, workplace, or an international departure lounge as an attack on personal freedom. The Big Brother Watch “Stop Covid Passes” campaign, signed by numerous cross-party MPs, is a clear indicator of the strength of this movement, which claims that Covid passes are an infringement of our individual civil liberties.

It might seem like a compelling argument to many, although the fact is that the BBW campaign is based on false assumptions. What will happen if we don’t give individuals a safe, confidential, and simple way of proving their vaccination or test status to travel abroad or to enter public workplaces or events? Are we not at risk of denying them the very freedoms that civil liberties campaigners are so vocal about?

Give individuals complete control over their personal data

The only viable answer to the problem is to give individuals complete control over their own health and personal data. Then provide people with the option and ability to confirm their vaccination or test status, confidentially and securely, with employers, event organisers, border control officers or anyone else in authority as and when necessary.

Privacy-first medical wallets such as Tento Wallet give individuals the ability to securely store medical documents, work credentials and other types of documentation. And as the user can anonymise their data should they need to share it – such as confirmation of a negative Covid test or a vaccination cert – they can feel safe knowing that they are not sharing any personal information, only the fact that they have received said test or cert.

Plus, because the technology behind Tento Wallet is decentralised, it allows both individual employees and their employers (or event organisers, airlines, or other necessary authorities) to work together to implement a trusted and controlled process with confidence.  And one that ensures the safety of all staff, visitors, travellers, and others, both during the current pandemic and those that may arise in the future.

Allowing individuals to control how (and with whom) they choose to share their medical data and records is crucial to preserve their trust and ensure their ongoing safety. Using a protected, confidential platform such as Tento Link, any business can now seamlessly manage the exchange of verified digital health documents between employers, staff, and contractors.

Tento Authenticator, part of the Tento Link platform, enables any organisation to determine entry conditions and validate health credentials presented by the user from their Wallet. The privacy-first Wallet generates a secure unique roaming QR code that Authenticator can scan from over two metres away to verify that the test certificate belongs to the user presenting it. All without accessing any of the user’s personal information.

We have a responsibility to protect the health and safety of the majority

Any responsible employer must make the right choices about the health and safety policies that (1) work best for their staff, (2) minimises risk to their business, and (3) guarantees a safe working environment for all. Instead of introducing potentially unpopular mandates or directives, it is far easier to deploy the latest cost-effective technologies that put the users first. And these technologies can additionally provide businesses with simple access control through contactless scanning and verification of identity.

Individuals should not be required to share any personal information with unknown third parties or with anyone in authority who demands it. That is the frightening “police or surveillance state” spectre that concerns many of the civil liberties advocates mentioned above. But the fact is that post-pandemic, employers, event organisers, airline companies and many other businesses and organisations have a clear obligation to properly manage workplace or venue safety.

This is fundamentally about protecting the health and safety of the majority and not about curtailing individual freedoms or civil liberties. The most important developments in healthcare digitisation and, specifically, the latest innovations in the use of privacy-first digital wallets that ensure self-sovereign identity (which means that an individual should own and control their digital identity) are driven by one simple objective: the desire to give individuals a greater degree of custodianship, responsibility and understanding of their personal data and how it is used.

Privacy-first: Who has access to your health and medical data?

It comes down to one fundamental question: who controls your data? For example, the recent debates surrounding the UK Government’s contentious General Practice Data for Planning and Research (GPDPR) scheme, set to be rolled out in September, will allow NHS Digital to extract sensitive patient data from GP surgeries for research purposes. Again, this raises vitally important questions about who can access and control our medical records and personal information.

There is still not enough clarity around how the NHS will safeguard patient data and exactly which third parties will be able to access it.  A fundamental flaw with the NHS Digital plan is that it will use ‘pseudonymised’ patient data, not fully anonymised data. The key difference being that pseudonymised data can be reversed and linked back to the individual, while anonymised data can never be identifiable.

Yet again, this is why privacy-first digitisation must be prioritised. By which, we mean giving individuals complete self-sovereignty over their medical data and all other important certifications that they need to live and exist in our increasingly digitised world.

It’s important that personal data is squarely in the owner’s hands and that health technology providers build solutions that allow for self-sovereign identity. This is where the privacy-first approach that we advocate at Tento Applied Sciences plays a vital role in the secure and controlled transfer of personal health information between multiple parties. It ensures that we provide the technology that is enabling us to move forward with one common goal of putting everyone in charge of their data.

Mark Shaw, CEO, Tento Applied Sciences – www.tentoas.com