Who owns your personal health and medical data?

Presenting my talk at the Mayo Clinic Social Media and Healthcare Summit (Photo by Jason Pratt / Mayo Clinic)

Tomorrow I am speaking on a panel at the Mayo Clinic Healthcare and Social Media Summit on the topic of ‘Who owns your big data?’. I am the only academic among the panel members, who comprise of a former president of the Australian Medical Association, the CEO of the Consumers Health Forum, the Executive Director of a private hospital organisation and the Chief Executive of the Medical Technology Association of Australia. The Summit itself is directed at healthcare providers, seeking to demonstrate how they may use social media to publicise their organisations and promote health among their clients.

As a sociologist, my perspective on the use of social media in healthcare is inevitably directed at troubling the taken-for-granted assumptions that underpin the jargon of ‘disruption’, ‘catalysing’, ‘leveraging’ and ‘acceleration’ that tend to recur in digital health discourses and practices. When I discuss the big data phenomenon, I evoke the ‘13 Ps of big data‘ which recognise their social and cultural assumptions and uses.

When I speak at the Summit, I will note that the first issue to consider is for whom and by whom personal health and medical data are collected. Who decides whether personal digital data should be generated and collected? Who has control over these decisions? What are the power relations and differentials that are involved? This often very intimate information is generated in many different ways – via routine online transactions (e.g. Googling medical symptoms, purchasing products on websites) or more deliberately as part of people’s contributions to social media platforms (such as PatientsLikeMe or Facebook patient support pages) or as part of self-tracking or patient self-care endeavours or workplace wellness programs. The extent to which the generation of such information is voluntary, pushed, coerced or exploited, or indeed, even covert, conducted without the individual’s knowledge or consent, varies in each case. Many self-trackers collect biometric data on themselves for their private purposes. In contrast, patients who are sent home with self-care regimes may do so reluctantly. In some situations, very little choice is offered people: such as school students who are told to wearing self-tracking devices during physical education lessons or employees who work in a culture in which monitoring their health and fitness is expected of them or who may be confronted with financial penalties if they refuse.

Then we need to think about what happens to personal digital data once they are generated. Jotting down details of one’s health in a paper journal or sharing information with a doctor that is maintained in a folder in a filing cabinet in the doctor’s surgery can be kept private and secure. In this era of using digital tools to generate and archive such information, this privacy and security can no longer be guaranteed. Once any kind of personal data are collected and transmitted to the computing cloud, the person who generated the data loses control of it. These details become big data, part of the digital data economy and available to any number of second or third parties for repurposing: data mining companies, marketers, health insurance, healthcare and medical device companies, hackers, researchers, the internet empires themselves and even national security agencies, as Edward Snowden’s revelations demonstrated.

Even the large institutions that are trusted by patients for offering reliable and credible health and medical information online (such as the Mayo Clinic itself, which ranks among the top most popular health websites with 30 million unique estimated monthly visitors) may inadvertently supply personal details of those who use their websites to third parties. One recent study found that nine out of ten visits to health or medical websites result in data being leaked to third parties, including companies such as Google and Facebook, online advertisers and data brokers because the websites use third party analytic tools that automatically send information to the developers about what pages people are visiting. This information can then be used to construct risk profiles on users that may shut them out of insurance, credit or job opportunities. Data security breaches are common in healthcare organisations, and cyber criminals are very interested in stealing personal medical details from such organisations’ archives. This information is valuable as it can be sold for profit or used to create fake IDs to purchase medical equipment or drugs or fraudulent health insurance claims.

In short, the answer to the question ‘Who owns your personal health and medical data?’ is generally no longer individuals themselves.

My research and that of others who are investigating people’s responses to big data and the scandals that have erupted around data security and privacy are finding that concepts of privacy and notions of data ownership are beginning to change in response. People are becoming aware of how their personal data may be accessed, legally or illegally, by a plethora of actors and agencies and exploited for commercial profit. Major digital entrepreneurs, such as Apple CEO Tim Cook, are in turn responding to the public’s concern about the privacy and security of their personal information. Healthcare organisations and medical providers need to recognise these concerns and manage their data collection initiatives ethically, openly and responsibly.

A cultural analysis of the ‘3D selfie’

Image credit: 3D Printed Heroes – photograph by Maurizio Pesce. Available under a CC BY 2.0 license. Image available at: https://www.flickr.com/photos/pestoverde/16863356645

I recently completed a book chapter on what has been termed ‘3D selfies’: replicas of people that have been fabricated using computer assisted design files and 3D printing machines. Here is the abstract (the full chapter can be accessed as a preprint here):

A new form of representing selfhood and embodiment has emerged in the wake of the development of 3D printing technologies. This is the 3D printed self replica, a fabrication using digital 3D body scans of people that produces a material artefact of a person’s entire body or parts thereof. The technologies to generate these artefacts are rapidly moving into a range of leisure domains, including sporting events, shopping centres, airports, concerts and amusement parks as well as fan cultures and marketing programs. 3D printed self replicas can even be fabricated at home using a software package developed for the Xbox Kinect game box and a home 3D printer. As I argue in this chapter, there are deeper implications of these artefacts for the ways in which we understand not only the body, selfhood and social relations and the engagement of people in leisure cultures but also people’s entanglements with personal digital data. The 3D self replica as a case study offers an opportunity to think through some of these intersections. As personal digital data ‘made solid’, these artefacts offer new ways of thinking about the ways in which digital data can be employed to represent bodies/selves and become biographical objects, mementos and signifiers of important or intimate events in people’s lives. Their use provides insights into data practices, or how people interact with and make sense of digital data in an era in which such ‘lively’ data are ceaselessly collected about them.

Edited book ‘Beyond Techno-Utopia: Critical Approaches to Digital Health Technologies’ now out

Last year I guest-edited a special issue of the open-access sociology journal Societies that focused on critical perspectives on digital health technologies. The collection includes my editorial and another article I contributed (on the topic of apps as sociocultural artefacts), as well as eight other articles from scholars based in the UK, Australia, Finland, the USA and Sweden. Individual contributions may be accessed on the journal’s website here, and now the whole collection is available as an open access book PDF (or can be purchased as a hard copy), both available here.

The following outline of the special issue/book’s contents, an edited excerpt taken from my editorial, provides an overview of its contents.

The articles in this special issue build on a well-established literature in sociology, science and technology studies and media and cultural studies that has addressed the use of digital technologies in health and medicine… Several of these topics are taken up in the articles published in this special issue. All the authors use social and cultural theory to provide insights into the tacit assumptions, cultural meanings and experiences of digital health technologies. The articles cover a range of digital health technologies: devices used for the self-tracking of body metrics (Ruckenstein; Till; Rich and Miah; Lupton); social media platforms for discussing patients’ experiences of chronic disease (Sosnowy) and experiences of pregnancy and early motherhood (Johnson); health and medical apps (Till; Johnson; Christie and Verran; Lupton); telehealthcare systems (Hendy, Chrysanthaki and Barlow); and a digital public health surveillance system (Cakici and Sanches). While some articles focus on globalised digital media (Cakici and Sanches; Rich and Miah; Till; Lupton), others engage more specifically with a range of sociocultural groups, contexts and locations. These include Aboriginal people living in a remote region of Australia (Christie and Verran) and Australian mothers in urban Sydney (Johnson) as well as research participants in Helsinki, Finland (Ruckenstein), the United States (Sosnowy) and England (Hendy, Chrysanthaki and Barlow).

Understandings and experiences of selfhood and embodiment as they are generated and experienced via digital health devices are central preoccupations in the articles by Ruckenstein, Rich and Miah, Till, Lupton, Sosnowy and Johnson. Ruckenstein’s study of self-trackers found that they often conceptualised their bodies and their physical activities in different ways when these were being monitored and rendered into digital data. The data that were generated by these devices proved to be motivational and to give value to some activities (like housework) that otherwise lacked value or new meaning to functions such as sleep (which when digitised and quantified became viewed as a competence). Ruckenstein found that the digital data tended to be invested with greater validity than were other indicators of bodily wellbeing or activity, such as the individual’s physical sensations.

All of the above authors comment on the ways in which digital health devices such as wearable self-tracking devices, social media platforms, apps and patient support websites work as disciplinary tools. They invite users to conform to the ideals of healthism (privileging good health above other priorities) and the responsible self-management and self-monitoring of one’s health and body, including avoiding exposure to risk. Rich and Miah use the concept of “public pedagogy” to describe the socio-political dimensions of digital health technologies as they are employed to educate people about their bodies and promote self-management. As Johnson notes, for women who are pregnant or have the care of young children, this sphere of responsibility is extended to the bodies of others: the foetus or child. And as Till’s article emphasises, when employees are “encouraged” to engage in self-tracking, the ethos of responsibility extends from personal objectives to those of employers.

Ruckenstein, Till and Sosnowy also highlight the digital labour involved for people who engage with social media or self-tracking apps as part of their personal health or fitness practices. Sosnowy’s interviews with women with multiple sclerosis who blog about their condition emphasise the work involved in such engagement as an “active patient”. Till’s analysis of digital exercise self-tracking points to the appropriations of people’s labour by other actors for commercial reasons.

The article by Hendy, Chrysanthaki and Barlow moves in a somewhat different direction. Using ethnographic cases studies, they look at the managerial issues involved with implementing telehealthcare in English social and health care organisations. Their focus, therefore, is not on the recipients or targets of digital health technologies but rather those who are attempting to institute programs as part of their work as managers. These authors’ contribution highlights the messiness of introducing new systems and practices into large organisations, and the resistances that may emerge on the part of both workers and the targets of telehealthcare programs. Cakici and Sanches’ article also takes an organisational perspective in addressing a European Commission co-funded project directed at syndromic surveillance, or the use of secondary sources to detect outbreaks and patterns in diseases and medical conditions. Digital data are increasingly being use as part of syndromic surveillance: Google Flu Trends is one such example. Cakici and Sanches’ analysis highlights the role played by human decision-making and the affordances of digital technologies in structuring what kinds of data are retrieved for syndromic surveillance and how they are interpreted.

While there are as yet few detailed ethnographic accounts of how people are implementing, adopting or resisting contemporary digital health technologies, there are even fewer that investigate the use of these technologies by members of cultural groups outside the global North. The article by Christie and Verran takes a much-needed diversion from perspectives on white, privileged groups to Aboriginal people living in a remote part of Australia. As they argue, the concepts on health, illness and the body that are held by this cultural group differ radically from the tacit assumptions that are invested in mainstream health and medical apps. Any app that is developed to assist in health literacy that is targeted at this group must incorporate culturally-appropriate modes of communication: positioning people within their cultural and kinship networks of sociality, for example, rather than representing them as atomised actors.

The articles collected here in this special issue have gone some way in offering a critical response to digital health technologies, but they represent only a beginning. Many more compelling topics remain to be investigated. These include research into the ways in which lay people and healthcare professionals are using (or resisting the use) of social media, apps and self-monitoring devices for medicine and health-related purposes; the implications for medical power and the doctor-patient relationship; how citizen science and citizen sensing are operating in the public health domain; the development of new digital health technologies; the implications of big data and data harvesting in medicine and healthcare; the spreading out of health-related self-tracking practices into many social domains; the unintended consequences and ethical aspects of digital technology use and their implications for social justice; and data security and privacy issues.