While perhaps overshadowed by an exponentially larger data breach, the healthcare sector had to deal with its own data attack this week. Quest Diagnostics—a pharma service provider and owner of the MyQuest™ by Care360 personal health app—announced Monday that a third party had accessed user data of 34,000 patients using their app. The intrusion left users’ names, dates of birth, lab results and phone numbers exposed. You may have recently noticed Quest Diagnostics in the news for their IBM partnership using Watson to advance precision medicine in cancer treatment. We’re not saying that has anything to do with the breach, but that’s exactly the kind of info an amoral robot with a singular mission would need for its cause. Just sayin’.
In a move lauded by clinical trial transparency activists, the EMA has begun to release the full clinical study reports (CSRs) submitted for drug approval on their website. These aren’t the paired-down, not-quite-as-public-relations-focused-as-a-press-release-but-still-not-the-whole-picture versions submitted in scientific journals, and they include all the info a sponsor might not want to publish themselves—like the details of a drug’s adverse effects. The reports will be redacted for patient data and commercially confidential information, and the EMA will be retroactively posting CSRs for products (approved, or otherwise) submitted to the agency for review since Jan. 1, 2015. In the meantime, maybe try some light reading with the 260,000 pages released so far.
Leaving an unencrypted laptop containing more than 2,230 patient records in an unlocked vehicle overnight might be a bad idea. Even more so when it turns up stolen and your company is facing its third major security breach in a single year. According to the U.S. Department of Health and Human Services (HHS), “Demographic information, clinical information, health insurance information, patient names, addresses, credit card numbers and their expiration dates, and dates of birth” are some of the data stolen during three incidents for Advocate Health Care Network in 2013. Those mishaps have resulted in a $5.5 million settlement with the HHS, the largest data breach settlement ever. Advocate, however, reports that there have been no indications that the information has been misused… Yet. Yay?
Dirty data is the worst. Protocol manipulation and selectively published outcomes pose a real threat to clinical trial validity and patient safety. But imagine a world where this is entirely preventable. With Bitcoin, the premise could become a reality. Bitcoin- an open-source, digital currency- can now be used in the clinical trial space to prevent questionable alterations to original trial protocol and pre-specified trial measures. Using an inexpensive publically distributed, time-stamped Bitcoin technology known as a “Blockchain”, alterations to study endpoints and data can verified by any interested third party. Furthermore, changing the original source is extremely difficult. So any individual thinking about adding their own creative spin on trial outcome is looking at an almost impossible uphill battle.