Moving people’s data to the healthcare system
As part of our investigation into the opportunities and hurdles in building digital health services, we spoke to Drew Schiller, co-founder and CTO of Validic.
Validic is a digital health platform that connects patient-generated data from apps, wearables, and medical devices to systems of healthcare providers. The company is 70 strong and its headquarters are located in Durham, North Carolina.
How and why did you start your company Validic?
About 5 years ago my co-founder and I started on a population health management platform, helping companies to engage their employees to be more active and become healthier. We did a lot of customer development and learnt that people were really interested in extracting data from emerging sources. So, we started to bring that data into our platform, bringing it all into one place.
In early 2013 we launched Validic, as a behind-the-scenes service to connect all the patient generated data from the apps and devices on the market. We are fortunate to be the industry leader in that.
How did you expand your business into new areas?
Initially we understood the use case for corporate wellness. But we’ve been able to expand into hospital systems too. For example, we work with Kaiser Permanente and Sutter Health in the US. We work with insurance companies, like AXA in Europe, and with a lot of pharmaceutical companies and contract research organisations, like Medidata. There’s lots of opportunity in the clinical trial space.
Did you start your business in the US and later expand into other markets?
Yes. We are still focused predominantly on the US. But we are doing about one-third of our business internationally right now, and we are looking to expand that in the next year.
Did you start with a limited number of apps and services and grew that selection with time?
Yes, we have over 210 connections right now. For the very first deal we signed, we had 18.
How do you prioritise the new connections you make?
The most important driver is our customer. We work very closely with our customers in over 47 countries to prioritise what they need to help transform healthcare and accelerate their digital health initiatives.
What distinctions do you make between fitness data and medical data?
There is certainly a difference. For example, in terms of the amount of data: there’s typically more data from fitness devices than readings from medical devices. This will shift as we start bringing in data from continuous medical devices, like ECGs (electrocardiogram). There’s also a difference in the attention that needs to be placed on the data. The veracity of the data from a medical device needs to be bullet proof.
But we treat all data as a first class citizen. We don’t differentiate between data from a fitness device or medical device. We want to make sure the same data comes into our system and gets through to the other side in the shortest amount of time possible with the highest degree of accuracy. Our customers have been able to find really interesting use cases to bring fitness data into the clinical realm.
For example, our client Sutter Health, a healthcare provider, also insures a part of the population mainly in California. As the payer-provider, they have an incentive to keep their patients healthy. So they take blood pressure data, activity data and weight data to monitor patients, who have hypertension or CHF (congestive heart failure). If there’s a fluctuation in blood pressure or an increase in weight, obviously that’s something to be concerned about. They can reach out and consider if there is a need for medication adjustment. But also they can take the activity tracker data and see, for example, that a patient was 30% less active this week than over the previous three or four weeks. Maybe that’s something they should check on to see if everything is okay.
What are the big opportunities that you see in the medical data sector?
First, in the wearables market, we have the world’s largest consumer electronics companies pumping tons of money and marketing effort to engage consumers . And because people are interested in having something fun and new on their wrist that happens to track their health, it could be a gateway to get patients to care about their health more. Healthcare has always been something that’s been performed to us. We need patients to be more pro-active and take responsibility for their health. I’m really hopeful that that’s going to happen.
And Moore’s law applies to these devices. The cost of the sensors comes down while their sensitivity increases. What is fascinating is that we are going to see things like glucose levels and blood pressure data passively tracked through non-invasive sensors. I think that’s a fascinating opportunity.
Finally, in the longer-term, I think we are going to see people using devices that are very specific to a disease state or a condition; devices that track medication adherence without social stigma. While today it can be still uncomfortable to get out a device like this, in a restaurant, for example, I think it will soon be okay for you to monitor your condition in public. Number one, because it’s done passively. Number two, because everyone has got something and everyone will be monitoring that condition.
What are the major obstacles or risks you see at the moment?
One major obstacle is giving providers, especially physicians, access to this data in a meaningful way. No physician has the time to spend all day every day looking at a stream of data. I don’t see physicians becoming data scientists, looking at graphs coming through from millions of patients. What we are going to need to build are smarter population health tools that can monitor signals coming in from all these different devices and alert the physician that there is something that they need to pay attention to.
Another hurdle is something that we are getting over pretty rapidly. It’s consumer education about not only what these devices are capable of, but also how their device data is being used, and what it means when they share the data. I’m on the Health and Fitness Technology Division board for the Consumer Electronics Association (CEA). As a board, we are working on how to help consumers understand that the data is really valuable, and to be comfortable with how the data is being stored and shared, as long as they know exactly where the data is going. There’s some education needed, but I wouldn’t say that we have a sharing problem in today’s world.
Who owns the data?
The patient always owns the data and always has the right to access the data, where he or she feels necessary. The data that flows through Validic is brought from over 210 apps and devices today, and every single data source that we bring data through is patient-permissioned. A patient explicitly states that he or she want their data from this device to go to this healthcare company. And that’s what we do, we move it from the source to the healthcare company. The healthcare company hopefully has told the patient what their data is being used for. I think that type of permissioning and data sharing is really important, because if we break that patient-provider trust or if we break the patient-consumer electronics trust, then I think we’d run into some challenges.
What was your reaction on the recent European court ruling on Safe Harbour?
(The European Court of Justice has ruled that the ‘safe harbour’ agreement that allowed the transfer of European citizens data to the US is no longer valid.)
We, and a lot of US companies, are watching to see what it really means. For us in particular, it’s actually not terribly concerning because we have the capabilities to spin up our infrastructure to different locations very rapidly. In fact, we already were planning to do that. We are more concerned to make sure that the data that is collected in Europe is segmented there.
The bigger problem is that only four or five of the data sources that we bring in actually store data in the EU, the rest of that data comes through the US. Under ‘safe harbour’ that was fine, but if that blows up there will have to be some leeway for those companies to spin up servers in Europe and make sure that data uploaded in the EU stays in the EU. But it has very wide-reaching implications potentially for a lot of consumer electronics companies.
There’s a lot of variation on data protection even within the EU. How do you handle this?
The challenge we have as a global digital healthcare ecosystem is going to be the country-by-country specific data custody laws. Given what this data is, it’s often a little bit too strict. I understand why EU companies are concerned about the data. But the data that flows through Validic’s systems is de-identified. So what’s the real value of the de-identified glucose reading of somebody, relative to the potential impact it can have on that patient?
How do you handle the different medical measurement standards?
Today we have the ability to deliver more data than what is in the standard model, so we can deliver that data in its original format underneath the standard data that is available. We are thinking about this for the next iterations of our products, so we can have much more clear units of measurement.
Do you structure your business in a specific way to deal with data sensitivity?
Yes, being US focused, we follow all of the Hipaa (Health Insurance Portability and Accountability) protocols for secure systems, we are PCI(Payment Card Industry) compliant. And we are also working towards an ISO27001 certification (information security management).
In addition, all data that flows through our systems is de-identified, with only rare exceptions. We use tokening, we have a token that represents the user to the device manufacturer and we have a token that represents the user to the healthcare organisation, and that what flows through Validic is just the actual health data.
Thank you very much!
We are looking to have more conversations on the opportunities and challenges around the flow of personal health and fitness data and would love to hear from people with relevant ideas and research.