Public Trust and Public Health Data Governance

Consider two stories:

• Beginning in early February 2020, a philanthropically funded precision medicine institute conducting longitudinal influenza research unsuccessfully petitioned state and federal authorities for permission to retrospectively test banked samples for the novel coronavirus to track its emergence. The original study consent form obtained permission from participants to test nasal swab samples for “influenza and other respiratory pathogens”, to return results to participants, and to allow the secondary research use of participant data. The consent form did not specifically mention SARS-CoV2 – which did not exist when the consent was written – or request permission to use research materials for public health practice. In light of the emerging pandemic, however, the team proceeded to test banked research samples, identified a test-positive sample and alerted the health authorities, which subsequently confirmed the result in the state lab.^1,2
   
• In late March 2020 the federal government requested hospital administrators across the country send daily reports on COVID-19 directly to federal agencies, even if already otherwise reporting individually to the States. Additionally, a new COVID-19 data-reporting module was added to the National Healthcare Safety Network (NHSN), the Center for Disease Control and Prevention’s (CDC) tracking system.³ In July, the administration revised its request, effectively supplanting the CDC’s role. Hospitals were asked to instead submit data directly to the Department of Health and Human Services (HHS) via a new public health data aggregation platform, HHS Protect, to be run by two private companies, which received multi-million dollar non-competitive contracts at the outset of the pandemic.⁴ According to System of Records Notices published in July 2020, the new platform proposed to collect a broader range of personal data, require wider data sharing, allow for expanded data uses, and permanent data retention.⁵

These two stories, although very different, both highlight challenges in the governance of data for public health – where research, clinical care, and public health practice may appear nearly indistinguishable, evolve rapidly and without sufficient opportunity for deliberation, and where concerns about laws and ethics, privacy and equity threaten to undermine public trust.

As a result of longstanding public and private sector initiatives, tremendous amounts of health data exist today across multitudes of databases and in a multitude of forms. Individuals may be uncertain about where data about them live, who might have access, and for what purposes. Balancing benefits and risks, weighing competing claims, and delineating mandates and obligations present substantive challenges to ethical, regulatory, and governance paradigms – especially during a public health emergency.

Societal distrust about data aggregation and use by technology giants such as Facebook and Google, as well as innumerable smaller firms, has been growing and manifest by congressional hearings and increasing concerns over how companies might not only predict but also aim to directly shape our behaviors in ways from which they will profit. It is critical for public health agencies to avoid repeating this history by explicitly engaging with – rather than delegitimizing – issues of public trust and adopting trustworthy practices in data governance.

My research as a TAPP Fellow will be both interpretive – mapping the existing public health data governance landscape and the history of how we got here – as well as normative, building on the literature of public health ethics. What constitutes trustworthy practices in the use of health data? How can we ensure that the nascent information commons serves the common good of public health and will not be hijacked for private benefit? Who will define the “common good”, and how will they be held to account?

Sources

1. Doerr M, Wagner JK. Research ethics in a pandemic: considerations for the use of research infrastructure and resources for public health activities. J Law Biosci. 2020;7(1):lsaa028. doi:10.1093/jlb/lsaa028

2. Chu HY, Englund JA, Starita LM, et al. Early Detection of Covid-19 through a Citywide Pandemic Surveillance Platform. N Engl J Med. 2020;383(2):185-187.

3. Text of a Letter from the Vice President to Hospital Administrators. The White House. Accessed October 13, 2020. https://www.whitehouse.gov/briefings-statements/text-letter-vice-president-hospital-administrators/

4. covid-19-faqs-hospitals-hospital-laboratory-acute-care-facility-data-reporting.pdf. Accessed October 13, 2020. https://www.hhs.gov/sites/default/files/covid-19-faqs-hospitals-hospital-laboratory-acute-care-facility-data-reporting.pdf

5. Privacy Act of 1974; System of Records. Federal Register. Published July 20, 2020. Accessed October 13, 2020. https://www.federalregister.gov/documents/2020/07/20/2020-15564/privacy-act-of-1974-system-of-records