Last month, Google-owned artificial intelligence company Deep Mind made headlines after New Scientist revealed that the contract between the company and the Royal Free NHS Trust grants them access to extensive healthcare data on 1.6 million patients from three London hospitals.
This is not the first headache that the NHS has had with privacy issues. In 2014, the announcement of the ‘care.data’ programme, by which information from medical consultations was to be centralised and combined with medical records, earned NHS England wide criticism, including a bleak editorial from Nature for downplaying the right of the patients to opt out. Concerns were raised not only about patients being opted in by default, but also about a lack of clarity in the aims of the project and the use of the data. Following the backlash, the programme suffered from successive postponements and was finally restructured into six clinical commissioning groups in four areas of England that are acting as pilot schemes.
Both cases illustrate the increasing concern that the public has over who has access to their medical records. But what can be done with this information and why is this important?
Medical records
Medical records contain all the relevant medical history of a patient. They allow GPs to see a wider picture of the patients’ health issues over time and make more informed decisions based on it.
But aside from being used to provide direct healthcare, medical records are also extremely valuable for what has been called “secondary uses”. These include medical research and management of health services, both of which greatly benefit from the information included in the records, which allows the establishment of correlations, insights on diseases and treatments and the optimisation of health services.
While using medical records for these purposes can have a positive impact on healthcare, it also poses risks for individuals, as the records contain sensitive information that can give away details on the patients’ lifestyle and health condition. Therefore, consent and anonymity are fundamental for these uses.
DNA
But medical records are just a part of a larger picture, a part that tells the story about past and present conditions. Genetic information, on the other hand, can help foresee, at least to some extent, potential health risks that individuals might face in the future. Not only that, but since DNA is shared with our close relatives, it can also give away information about a donor’s family.
In the 2000s, as geneticists raced to obtain the first sequenced human genome, the issue of genetic privacy gained momentum. It was already well established that small differences in the sequence of some genes underlies predisposition to certain diseases. The implications are many-fold: would individuals want to know that they might develop incurable diseases? What would happen if third parties, say employers or insurance companies, had access to genetic profiles that suggest that a patient has a high susceptibility to develop a chronic disease?
Since the turn of the millennium the problem has become more conspicuous, as the price of DNA sequencing has plunged. While in 2001 the cost of sequencing a whole human genome was near ₤70m, today it can be done for less than ₤700.
The story of Henrietta
Although the roots of doctor-patient confidentiality go deep into the origins of medicine and are explicitly stated in the Hippocratic Oath, it might not be far-fetched to say that the history of modern data privacy starts in Baltimore in 1951, when a cervical tumour biopsied to a woman named Henrietta Lacks gave rise to the HeLa cell line.
The HeLa cells were the first cells that could be grown indefinitely in the laboratory and soon became a fundamental tool in biomedical research. They rapidly spread to laboratories all over the world, first by informal sharing and later through mass production. The cells have been used in tens of thousands of scientific publications and thousands of patents, and their discovery is arguably the most important milestone in the history of cellular biology.
However, there are many ethical issues that were overlooked, probably, at least to some extent, because those involved were oblivious to the implications that were to come. First, according to the standard procedure at the time, the tumour was biopsied without knowledge or consent from the patient, who died a few months later. The family was never notified about the existence of the cells and they only learnt about them in 1973, more than twenty years later and by accident. Not only that, but Henrietta Lacks’ medical records were later released to the press without consent from the family.
The last blunder of this chain of mistakes was only three years ago, when the complete genome of the HeLa cells was published and subsequently withdrawn from public databases following complaints from the Lacks’ family, who again were not notified or asked for consent. The controversy sparked a debate about familial privacy rights and whether relatives should have a say in DNA sharing.
Finally, there is also the irony that while Henrietta Lacks was a poor Afro-American woman living in a racially discriminating country, the production, manipulation and distribution of HeLa cells is now a multi-million pound business, of which her descendants have seen none. HeLa cells have also been used to develop drugs which are protected by intellectual property laws and patents.
The story of Henrietta Lacks and the HeLa cells was investigated by journalist Rebecca Skloot, who later published her results in her 2010 non-fiction novel “The immortal Life of Henrietta Lacks”. The book became a bestseller and has been translated to more than 25 different languages.
Can we keep it private?
The case of the HeLa cells is unusual in that we know who the donor was. Today, tissue donors are asked for consent and their identities kept anonymous.
However, as more types of information can be publicly accessed, privacy has become increasingly difficult to maintain. A 2013 study published in Science showed that it was possible to identify people who had enrolled anonymously in the 1,000 Genomes Project simply by cross-referencing their DNA sequences with a genealogy database. And last year, another study opened the door to the possibility of identifying individuals by means of sequencing DNA from their gut microbes using faeces.
Experts agree that total privacy is unattainable and that it is crucial that donors are fully aware of this. In the meantime, geneticists are trying to find new ways to provide broad accessibility to researchers without jeopardising the donors’ privacy.
But there is also another side of the coin. While we know that we don’t want our data around without our consent, what happens when researchers use it with our consent and unveil findings that can have an impact on our health? This is what happened to a woman named Rita Woidislawsky. After finding out that she had abnormally high levels of HDL, the so-called “good” cholesterol, she joined a research project that was studying people like her. Five years later the results were published and showed that high levels of HDL could be deleterious rather than beneficial. Her case featured prominently in the paper, as the researchers linked the condition to a genetic mutation and she was the only patient with two copies of it. The consent form she signed didn’t mention anything about notifying her about the results and she learnt about them almost by chance. Some consent forms now include the option for donors of choosing whether to be notified of findings that may be of interest to them.
How do we do it?
While broad access is fundamental to scientific research, informing donors and patients thoroughly about the implications is as critical, including increasing the awareness that all information is vulnerable to some extent. A debate is needed to create laws that most effectively protect our privacy without compromising other potential beneficial uses of information. We are all stakeholders in this.
Image credit Flickr/Phalinn Ooi
