Judy Faulkner, founder of Epic, one of the largest providers of electronic medical health records, warned that a proposed rule on information sharing could create a Cambridge Analytica-type situation, where the data of a patients’ friends and family is shared without their consent.
A federal rule on digital health-sharing now under review “has good things to it but there are some bad things that have to be fixed, in my opinion,” Faulkner, 76, told NYU Langone Health CEO Robert Grossman at the Forbes Healthcare Summit in New York City on December 5.
“It’s a bit like Facebook in that—the friends of the users who gave permission to Cambridge Analytica to use the system—the friends’ data got pulled out with the users who had authorized Cambridge Analytica,” she said.
Last year Facebook admitted political consulting firm Cambridge Analytica, which worked on Donald Trump’s 2016 presidential election campaign, may have improperly accessed and harvested data of 87 million users without their permission after it obtained the personal preferences of Facebook account holders who had downloaded a personality profile app, as well as data on their Facebook friends. The Federal Trade Commission penalized the social media platform with a $ 5 billion fine.
“The same thing is going to happen with patient data when patient data goes to an app from the health system,” Faulkner said. “There’s also going to be family member data that will go over too.”
The Office of the National Coordinator for Health IT (ONC), the federal agency charged with overseeing the electronic exchange of health information, put forward a rule earlier this year that could affect Faulkner’s line of work. Called the 21st Century Cures Act, it would task the healthcare industry with adopting standardized application programming interfaces (APIs), helping individuals securely and easily access their personal health information using third-party smartphone apps.
Faulkner has previously commented that legislators may need to flesh out the rule further before it could be enacted. A vendor, for example, can believe it has taken sufficient measures toward due diligence yet needs guidance on its responsibilities and protections from bad actors if a problem does arise.
Her suggestion: delay putting the new ONC rule into effect “until Congress passes rules that whatever apps the data goes to have to treat it with HIPPA-type regulation,” she said, referring to the Health Insurance Portability and Accountability Act, which prevents disclosing sensitive health information without a patient’s consent or knowledge. “Right now studies have shown that most of the mobile health apps resell or share the data with others, and that’s dangerous.”
One study, released by the British peer-reviewed journal The BMJ in March, found “sharing of user data is routine, yet far from transparent” in 79% of top-rated medicines-related mobile apps. Sharing data with third parties, such as insurance providers and pharmaceutical makers, it noted, could impact healthcare premiums, employability, financial services or suitability for housing.
Faulkner founded Epic, based in Verona, Wisconsin, 40 years ago in the basement of an apartment building using $ 70,000—even mortgaging her house at one point—on a mission to create a database management system where a user could design the elements and screens. The computer scientist built a customizable health record database, later pioneering the industry push to “interoperability,” or standardizing electronic health records (EHRs) so that a patient’s history of surgeries and scans, for example, would be readily accessible by any healthcare provider attending to the individual.
It now employs about 10,000, handles at least half of Americans’ health records and last year generated about $ 3 billion in revenue. Smaller than Kansas City-based rival Cerner, which booked 2018 revenue of $ 5.4 billion and employs 29,000, Epic now also faces increasing competition from tech giants such as Google, which is bringing its cloud-based search tools into patient record keeping.
Faulkner has said she doesn’t plan to retire—or sell to another tech company making headway in healthcare, Apple. Her ownership of the company propelled Faulkner’s personal wealth into the billions in 2011, Forbes calculated, etching her among America’s Richest Self-Made Women. Today her net worth stands at $ 3.8 billion. The mother of three joined the Giving Pledge in 2015, vowing to commit 99% of her riches toward helping others find their “roots and wings” and achieve their own version of self-made success.
At the Summit, Faulkner described the traits that have helped her reach this point.
“Perseverance, speaking out and speaking your mind,” she said. “What you put up with is what you stand for.”