Monday, December 5, 2016

No Forms For You!

What do you hate worst about health care?  It could be the uncertainty about diagnoses, or the impreciseness of treatments.  Or there is the opaqueness about the actual performance of our providers.  Maybe it is the drabness and/or confusing layout of many health care settings, or the interminable waiting we do in them.  But somewhere on the list has to be having to fill out all those forms, over and over, at practically every stop along the way.

If only someone would do for health care what Amazon is trying to do with grocery stores with Amazon Go.

If you've missed the many stories about Amazon Go, or don't want to bother with the above video, it goes something like this:

  • You scan an app on your mobile phone when you enter the grocery store.
  • Each time you pick up an item from the shelf, it registers in your "virtual cart" (don't worry, if you decide to put it back, it gets deducted).
  • When you are done shopping, you simply walk out with your items, and the total is charged to your account (presumably using one of your Amazon payment options).
No waiting in lines, no putting items on the conveyor belt, no cashiers -- not even a self-serve checkout.  As Amazon says, "grab and go."

At this point, Amazon is just testing the concept with a prototype convenience store, but The Wall Street Journal reports that the pilot could lead Amazon to open up as many as 1,000 locations by the end of 2017.  It is one of at least three grocery store concepts Amazon is testing.

Take that, Walmart.

Grocery stores have jumped on board with self-service checkouts, with that option having been widely available for several years.  They do help cut labor costs, but also are believed to double the losses from shoplifting, which arguably wipe out any financial advantage the self-service offers.  

With Amazon Go, though, the store "knows" what you take from the shelves and charges you for every item, so shoplifting would become much harder (of course, installing the technology to track what you take would not be inexpensive).  No missed items hiding in your cart (or pocket), no items that did not scan in the checkout.  Checkout is finished as soon as you are done shopping.

Contrast this to most health care visits:
  • The front desk insists on verifying your current coverage, even if you were there the day before.  They may take a photocopy of your insurance card (s).
  • If you are a first time patient, or haven't been in for a few months, you have to fill out various forms: health history (including family histories), prescription list, contact details, notice of privacy policies, source of problem (e.g., work related or auto accident), and current complaint/symptoms/reason for visit.  It doesn't seem to much matter if the information is already in an EHR, even theirs.
  • If you are lucky, the office may have let you fill out some of these forms online, or at least print out the forms so you can fill them out in advance, but odds are you are not seeing the provider until you have completed some piece(s) of paper.  
  • When you leave, of course, they're likely to ask you for some payment, to the extent they know it at the time.  In any event, at some future point they'll likely submit a claim to your health insurer, which will eventually lead to you being billed whatever it ends up that you owe them (assuming that neither they nor the insurer made any mistakes, in which case you start over).
It all makes a trip to the grocery store look pretty pleasant.  And you don't even end up with any cookies.

Let's imagine what the process might look like it someone like Amazon re-imagined it:
  • Your phone (or other device) has access to all the pertinent information: insurance, health records, and any information you want the providers to know about the need for the current visit.  For example, this could be stored in the patient-facing EHR app.
  • Upon entering the office, you could either scan the app through a reader or have it communicate via Bluetooth through a secure connection.  That automatically updates the provider's records.  
  • As services are provided to you, they get uploaded to your care summary -- ideally, using consumer-friendly terminology and actual prices.  You can see it at any point.
  • Any prescriptions that result from the visit (e.g., drugs, PT, imaging) get added to your app, which you can then share with the applicable provider(s)..  
  • When you are all done, you pass the front desk entirely, and the care summary (or a version of it) gets sent to your insurer as the claim.
I know, it sounds too easy, and it probably is too simplistic.  The hard part, though, isn't the part about the forms.  That all seems entirely feasible, if EHR and billing vendors offered a modest of cooperation (all right, that's not a given).  

Even itemizing services shouldn't be terribly difficult, since health care is full of standardized lists of services and procedures.  Admittedly, it's not like picking out a UPC code from a can of soup, but it's not impossible to imagine doing in real-time or near real-time.

Getting the prices right, especially with the right negotiated/allowable rates is probably the hardest part, which speaks to why health care needs to get away from its absurd list charges and to more retail-oriented price lists.   And, even in the short term, there are plenty of vendors (e,g,,  Castlight HealthHealthcare Bluebook, or HealthSparq) who would probably say they could assist.  

Over its history, Amazon has done a great job of reinventing our retail experience.  Many probably didn't expect that the grocery experience would be one of those, but not many thought buying books online would work 20 years ago, or that moving beyond books would also succeed.  You have to give Amazon credit for pushing the envelope about how to make the purchasing process easier.  

Unfortunately, health care isn't quite as good about reinventing its experience.  

It's not that we want people to buy more health care services (although help in getting us to buy health services more prudently would be greatly appreciated).  But we could certainly make the process of dealing with all those forms easier.  

Maybe Amazon should go into the retail clinic business.  

Monday, November 28, 2016

I'm OK -- You, Maybe Not So Much

It is widely agreed that competition, or lack thereof, in health care is a problem.  The Wall Street Journal recently showed how Viagra and Cialis prices seem to move -- up, of course -- in lockstep.   USA Today found Walgreens charging 1237% more than Costco, for the same drug.  Economists like Martin Gaynor have been discussing problems with competition in health care for years.  The Harvard Business Review just published a lengthy article on the problem.

But, it turns out, we may be ignoring an important competition that has real impacts on our health: with each other.

We've been becoming increasingly aware that there are numerous social determinants that have dramatic impacts on health (e.g., Healthy People 2020 and the RWJF).  Where you live, how much you make, how much education you have, what your family situation is -- all are closely correlated with your health.  But so is where you stand in the social pecking order.

It isn't the kind of thing that can be easily tested in a blind clinical trial, so researchers did the next best thing: they studied its impact in monkeys.  Macaques, to be more exact.  In a paper published in Science, researchers from Duke, Emory, and the University of Montreal found that social status alters the immune function.

The researchers studied 45 female macaques, all with the same access to resources (and care).  They broke the group into 9 subgroups, allowing for different dominance patterns, and measured the resulting immune responses in each macaque.  Lower status individuals showed a higher ongoing inflammatory response, indicating higher levels of stress.

An inflammatory response is, of course, how the body deals with infections, but when the immune system works too hard for too long, it can attack the body's own cells, leaving it at higher risk for a variety of illnesses, such as heart disease.  And the increased inflammatory response in the lower status individuals didn't even serve its intended purpose; the higher status macaques still had a stronger anti-viral immune response.

What made the study especially powerful was that the researchers didn't just have to observe the response among a fixed set of status levels, as they might with human subjects.  They mixed and matched the sub-groups, creating new status levels.  Once previously low status macaques achieved high social status, their immune response changed accordingly.

As one of the lead researchers said: "There was nothing intrinsic about these females that made them low status versus high status. But how we manipulated their status had pervasive effects on their immune system.”

In a press release, another of the researchers summed up:
In short, two individuals with access to the same dietary resources and the same health care and exhibiting the same behaviours have different immune responses to infection depending on whether they have a high or low social status
This isn't about macaques, or monkeys, of course.  The chair of clinical microbiology at the University College London (who was not involved in the research) told BBC News: "All the evidence is showing the findings are terrifically applicable to humans."

One of the researchers further noted: "Some of the diseases that we know about that show the strongest social gradients in health in humans are in fact diseases that are closely associated with inflammation."  We're already seeing the health impacts of our social status; we're just not doing much about them, at least not intentionally.

There's a lot of "blame-the-victim" that is sometimes done to explain away poor health, The researchers beg to differ.  As one told BBC:
It suggests there's something else, not just the behaviours of these individuals, that's leading to poor health.  We know smoking, eating unhealthily and not exercising are bad for you - that puts the onus on the individual that it's their fault.  Our message brings a positive counter to that - there are these other aspects of low status that are outside of the control of individuals that have negative effects on health."
It's not always our fault.

The researchers made a point of stressing the plasticity of the immune response.  One told The New York Times: "I think there’s a really positive social message.  If we’re able to improve an individual’s environment and social standing, that should be rapidly reflected in their physiology and immune cell function."  Status is not necessarily fixed, either in time or place.  As an accompanying editorial suggested: "Think of a mailroom clerk acquiring prestige as the captain of the company softball team."

We've known for some time that income and other kinds of social inequality has measurable impacts on health.  Many have probably suspected that social status inequality might have the same kind of impact.  This research helps solidify those suspicions.

Of course, there is a lot we don't know from the new findings.  The researchers haven't yet confirmed that similar impacts happen with male macaques (although one might hypothesize that the effect is even greater).  We don't know how having varying levels of social status in different parts of our lives might mitigate how having low social status in only some of them.  We don't know if there is a pharmacological solution that might mimic the effect of higher social status, or if there might be behavioral training that could do so.

In short, it is like a lot of health care.  Much of the medical care we give to people may not be necessary, and can be even harmful.  We focus too much on medical treatment, not enough on behavioral change, even less on underlying social conditions, and virtually none on social status.  

The big takeaway is that we're not doomed to health based on the social status to which we were born, or have achieved.  In the words of one of the researchers, "But the hopeful message is how responsive [immune] systems are to changes in the social environment. That's really different than the  possibility that your social history stays with you your entire life."

There will probably always be at least some social inequality.  Even if we magically took away all income inequality, there would most like still be some social inequality.  We are, after all, primates, and primates tend to form hierarchies.  But, as one of the researcher hoped, "It's a hard problem that might never be fixed, but it might be possible to make it less worse."

Sometimes "less worse" is all we can hope for.

Monday, November 21, 2016

Make No Little Plans

Ever seen the new TV show 'Pure Genius'?  Probably not; its ratings are dismal.  I've seen it, and, well, it isn't very good.  But what I like is the premise: a young tech billionaire builds a hospital using only the latest technology, and treats patients regardless of cost.

Gotta give the creators props for trying to re-imagine hospitals.  The health care industry could do with some serious attempts at re-imaging, and not just for hospitals.

What made me think about this were two stories about the auto industry, which is desperately trying to remain relevant in a world of Uber, self-driving cars, and our love affair with our various digital devices.

The Wall Street Journal reported how car manufacturers are hiring design and special effects firms who have helped create versions of the future in science fiction movies.  They've doubled their spending on display systems -- to $22b -- and are using some of the science fiction concepts to "create a more compelling user experience."

Meanwhile, The New York Times reported on the Los Angeles Auto Show.  Trying to avoid the fate of buggy manufacturers, auto manufacturers are trying to re-position themselves as being in the "global transportation industry," in the words of Ford's CEO.  More than that; they want to be in the digital device business, "because much of the innovation seems to involve making the car ever more like a giant smartphone on wheels."

At least they are thinking big.  When the health care industry thinks about the future, though, that future tends to look like just more of the same, except bigger, higher tech, and, of course, much more expensive.

Let's change that.  Picture, if you will, a health system -- not health care system -- that looks more like this:

  1. Most health problems are averted instead of treated:  Annual exams and periodic screenings now medicalize prevention, sometimes excessively, but we'll think broader and accomplish more.  We'll head off many health problems through better health behaviors (e.g., exercise), and even be able to "fix" broken genes that can/do cause health issues.  
  2. We actually know our health status: We may think we monitor our health pretty well, yet two-thirds of us are overweight and over half of us have a chronic condition, so we're not doing such a great job.  That will change.  We're going to have wearables, implantable monitors, and/or other means to give us real-time information about our health (and the health of our microbiome).  We'll even know what to do with it.
  3. We bear more responsibility for our health: Not all that happens to our health is under our control, but we will be expected to act responsibly for the parts that are.  If we don't, there will be consequences, such as increased financial obligations for, or even reduced access to, care.   
  4. We own our health information: Our health information will be based around us, with inputs from all applicable sources -- our tracking mechanisms, our physicians, etc.  It can be accessed as needed by various parties, but the information belongs to us.  And it will be in consumer-friendly language and visuals, not medical jargon.
  5. Your doctor won't be the first person you'll call: Our bodies will have some self-correcting mechanisms to address many situations, but we'll be alerted when we need to seek help.  The first line of help will be AI, which will be able to assess the situation, and either recommend specific actions or triage us to another expert, such as a physician.  And that initial human interaction is likely to be virtual, not in-person, reserving the latter to as-needed.
  6. When we do see physicians, we pick on quality/value:  Gone will be the days of choosing physicians, or other providers, based on proximity or even provider network.  We'll know the quality/value of each provider, and we want people to use the best provider for their need.  Moreover, providers who deliver demonstrably better outcomes will get corresponding higher payments. 
  7. Financing doesn't drive (necessary) care:  For services that are indisputably proven to be effective, people won't have to worry about payment.  The financing of such services will be a combination of personal financing, peer-to-peer financing, government subsidies, even health insurance, but they get paid.  Determination of which pays how much for what happens on the back end, based on an individual's circumstances.  If individuals seek to get care that has not proven its value, though, they will be expected to pay most or all of it themselves. 
  8. Home is where (most of) the care is: Through better ways of monitoring, more supportive services and devices (think robots...), and on-demand providers, most situations that would now call for a stay in a hospital, nursing home, or rehab center will be taken care of at home.  Those institutions will be much smaller, much more specialized, and used only for extraordinary situations and limited durations.  
  9. Surgeries and even drugs are exceptions: Our bodies will be helped to do as much of the work as possible -- e.g., stimulating our immune system, adjusting our chemical levels, regrowing broken bones or damaged nerves.  Plus, we'll be using nanobots to fix defects and 3D printing body parts.  When we need surgery, it will be truly minimally invasive, and when we use drugs they will be extremely targeted and for short term use. 
  10. Administrative costs are minimal: Much of our current system has administrative costs that are built around payment: armies of medical coders facing off against armies of claims processors, all operating under an ever-more-complicated set of rules.  ICD-10 coding, application of insurance provisions (which become much simpler with clearer definitions of necessary care) -- AI will take over most of these tasks.  We should be thinking of overhead costs more analogous to those for credit card transitions (1-3%), not our current 15-20%.

None of this will be easy.  None of it is impossible either.  If we can't, or simply don't, imagine it, though, none of it will happen; we'll continue to muddle along as we have been.  Daniel Burnham's famous quote, referenced in the title, is: "Make no little plans; they have no power to stir men's blood and probably themselves will not be realized."

I've had enough of little plans for the future of the health care system.  Let's go big.

Tuesday, November 15, 2016

No Thanks, I Already Have a Number

Health care has a problem.  Well, of course, it has many problems, but one of them is that the various parties involved in the health care system can't agree on who we are.   Twenty years ago HIPAA called for creation of unique patient identifiers to accomplish this task, but within two years Congress put this on hold until further notice, and we're still waiting.

Everyone used to use social security numbers for this purpose, until we finally figured out the folly of that (especially since that number was never intended to be used as a national identification number).  The private sector continues to clamor for federal action, while CHIME launched a National Patient ID Challenge in order to come up with solutions.

News flash; we already have a unique, non-government-issued identifier: it's called a cell phone number.

It's obvious why we want a universally accepted patient identifier.  Providers and insurers have to agree on who you are to exchange claims and payments.  Different providers have to agree on who you are if we're ever going to get to interoperability of health information.  Andrew Gettinger, the chief medical information officer, views the unique identifier as a crucial safety measure -- he prefers the term "individual safety indentifier."  As he said at the AHIMA 2016 conference:
Until we can consistently identify who our patients are, aggregate their information regardless of where it’s stored and allow clinicians to use that information in their patient care, we’re going to continue to struggle.  Right now, folks at Google know more about our medical information than the doctors and nurses caring for you.
We can't/shouldn't use social security numbers, and not everyone has a drivers license number.  Health insurance numbers change whenever you change insurers, or even stay with the same insurance company but change employers.  What to do?

Thus the cell phone number.

According to the Pew Research Center, in 2015 92% of U.S. adults had a cell phone (almost three-fourths of which were smartphones, by the way).  That's not everyone, but not everyone has a social security number either.  When you do business with almost any organization these days, you are likely to be asked to provide your email and cell number number.

The New York Times reported on how the cell phone numbers have already become a widespread identifier.  As a security consultant told them, it has become "kind of a key into the room of your life and information about you."  It may be linked to even more information about you than your social security number, leading Robert Schoshinski, the assistant director for privacy and identity protection at the FTC, to say: "The point is the cellphone number can be a gateway to all sorts of other information.  People should think about it."

As The Times pointed out, there are no legal requirements for companies who have your cell phone number to keep it private, unlike protected health information (PHI).  To be fair, they also noted how poorly protected social security numbers have been as well, leading to billions of dollars in annual fraud losses.  With cell phones, though, hackers have shown that, once they have your number, not only can they link you to various databases, but they can also listen to your phone calls, read your texts, even track your location.

However, it's not all bad news.  You can lock your phone or change your number if you think your cell phone number has been breached.  A former deputy director of the Consumer Financial Protection Bureau offered hope, telling The Times: "What you can do with the cellphone number and mobile technology represents a pretty substantial advantage in the ongoing war against fraud and identity theft."

Let's look back at the CHIME challenge guidelines.  The proposed solution has to:
  • Easily and quickly identify patients
  • Achieve 100% accuracy in patient identification
  • Protect patient privacy
  • Protect patient identity
  • Achieve adoption by the vast majority of patients, providers, insurers, and other stakeholders
  • Scale for usage in care settings across the country, regardless of size
If we were to get legislation protecting the privacy of our cell phone numbers -- as we should be demanding for a variety of reasons anyway -- then are there any of these criteria that cell phone numbers don't meet?

Like it or not, our cell phones are becoming our lifelines to the world, including but in no way limited to health.  Health care might as well acknowledge that fact, the way that most other industries are already starting to.  You can send money to someone using just their cell phone number; why not file a claim or link electronic records?

Don't want to use your cell phone number as your identifier?  OK, get a free Google Voice number, or use an app like Sideline to add a free second number to your existing mobile phone.

Your cell phone itself may already be more of an identifier than we realize.  New research at the University of California San Diego School of Medicine claims that the molecules we leave behind on our phones can create surprisingly detailed "lifestyle sketches" about us.  They see the technique as a new forensic technique, allowing law enforcement officials to help identity people, but they also see health care applications like monitoring medication adherence or how well someone is metabolizing new prescriptions.

While the technique is far from perfect, and not as precise as DNA or even fingerprints, lead author Pieter Dorrestein told The Wall Street Journal that in their test on 39 participants, "We got 90% of the people correctly identified based on the chemistry of the phone."

It kind of makes worrying about using our cell phone numbers as an identifier seem trivial.

It will be interesting to see what creative solutions result from the CHIME Challenge, or if Congress will finally allow HHS to develop a solution.  Either way, the solution is likely to introduce yet another number in our life, and one that may come freighted with the burden of being a "federal ID."  Adoption will take time, as the numbers would have to be issued, systems updated to store the number, and protocols developed to communicate with it.

Meanwhile, most systems even in health care already can and probably do store our cell phone numbers.  It'd be just like health care to develop an expensive new solution to a problem.  For once, could we go the obvious route?


Wednesday, November 9, 2016

Not Just a Game

I fear the Apocalypse may be here.

No, don't worry; this has nothing to do with our recent Presidential election.  Many others have already opined on that, from all perspectives, and I'll leave any further discussion about it to them.  No, what struck a nerve with me is something that drew much less attention: a U.S. university has given out what is believed to be the first varsity scholarship for esports.


That's crazy, right?  We know what college sports are, and they're not esports.  Are esports even sports?  Why would a university be giving out athletic scholarships in them?

If you don't know what esports is, you're probably over 30 -- make that over 40 -- and you're someone who should probably really read this.  Put simply, esports refers to online, multi-player gaming, both the actual playing and, believe it or not, watching the gaming being played.  It's no longer a fringe sport.  There are recreational, college, and even professional players (some of whom make millions of dollars).   And there are active attempts to turn esports into something that is more like the NFL or NBA.

People not only play esports, but watch them, both online and in-person in esports arenas.  Two years ago I wrote about Twitch, the online gaming viewing platform that Amazon paid nearly $1b for, and which is one of the most trafficked sites in the U.S.  Twitch claims 550,000 average concurrent viewers in 2015.  In the most recent month, they attracted some 13 million unique global viewers and over 150 million views.  ESPN has its own esports section of its website, covering it like other sports.

So, we can debate if esports is a real sport or not, but it is a big deal.

The university in question is Robert Morris University (Chicago).  It doesn't have just a esports club, as many other universities do, but actually treats their esports team as a varsity sport, including giving out scholarships.  It is listed on their athletics page (although, to be fair, separate from either men's or women's sports).  Great Big Story (which produced the above video) declares Varsity Gamers Are The New Jocks on Campus.

It's not just Robert Morris that is getting into esports.  The University of California Irvine, for example, launched an esports initiative this fall, including a "state-of-the-art" arena that allows esports to be played, viewed, and webcast.  They aren't offering athletic scholarships -- yet -- but they are offering ten academic scholarships.  "We hope to attract the best gamers from around the world," says their vice chancellor for student affairs.  Why not?  72% of their students identify as gamers and 89% supported creation of an esports team.

Mark Deppe, the head of UCI's esports initiative told The New York Post, "We're going to be the Duke basketball of eSports."

Riot Games, the creator of League of Legends, one of the most popular esports games, has a head of  collegiate program, who says UCI is one of the over 300 college gaming clubs that they support.  League of Legends attracts over 100 million users each month (not necessarily all college students), and has a uLoL campus Series, which is their version of the BCS/Final Four.

Unlike other NCAA athletes, gamers can win prize money -- in addition to any scholarships they may have.  The Post estimated a four year players could earn $200,000.  It's good preparation for a career in gaming, but Mr. Deppe believes that the skills involved in esports "are things that transcend every single industry and field."

Well, maybe, but if you want to attract the best computer science students, it's a pretty good strategy.

We seem to be a long way from health care, but, if so, that's the point.  I've written related posts on interesting efforts to use gamification in health care and how Pokémon Go is applying augmented reality better than health care is, and I continue to think health care leaders don't really get what is going on, or why it is -- not just will be -- important to them.  

Here are three reasons why they should:

1.  Talent: the health care industry has many fine computer programmers and designers, but somehow I don't think Riot Games -- or Apple, or Google -- is too worried about losing top talent to, say, Epic or The Cleveland Clinic.  If UCI thinks it needs to offer a robust esports program to get the best computer science students, what do health care organizations and institutions need to do in order to get the best computer science workers?  What about the esports strategy can the health care system learn from and adopt to in order to ensure that they compete for the best talent?

2.  Time: Someone pointed out to me that, while it is true that the younger generation(s) are heavily involved into gaming, the people who most heavily use the health care system are not from those generation(s), and so it does not need to be adapted to them just yet.  That's valid, but consider this: PCs have been ubiquitous for over 30 years and the Internet has been for over 20 years, yet we still don't have EHRs that users like or that can easily communicate with each other.  So, if we want to get the health care system ready for the coming (gaming) generations, we need to be starting to make changes now.

3.  Health, not health care:  Even if the gaming generation(s) isn't (aren't) interacting too much with the health care system now, they are developing many of the health habits that will dictate their health status in years to come.  We tend to stereotype gaming as less healthy than taking a walk or playing a (physical) sport, as well as with consumption of large amounts of junk food.  There is probably some truth to those stereotypes, but they underscore why we need to change them.  We know gaming is a key interest of many teenagers and young adults, but what we haven't figured out is how to use that interest to help them prepare for a lifetime of good health.

OK, so maybe it isn't the Apocalypse, but esports represents a tidal wave that looks further away to the health care system than it really is.

Tuesday, November 1, 2016

You May Become Your Own Medical Record

Got any favorite movies on VHS or have any old files on floppy drives?  Too bad you can't read them.  What, you backed everything up on  DVD?  Unfortunately, your new computer doesn't have a DVD drive.  Hard drives?  Don't make me laugh; after 3 - 5 years they start to fail.  Flash drives?  They've got a finite number of read/writes, and after ten years or so start to degrade anyway.  Magnetic tapes?  Keep them away from heat and magnets, and maybe they'll last 20 years.

We love our devices and are storing ever more data from them, but when it comes to long term storage -- and that means as short as a decade or two -- we still can't beat paper.

That may be changing.

Let's start with diamonds.  The slogan "diamonds are forever" was coined by an ad agency to foster the tradition of using them for wedding rings, but it is not far wrong.  They are considered to be the hardest natural mineral, and are chemically very stable.  They might not last forever, but they last a long, long time.  As it happens, they often contain slight impurities, mainly boron and nitrogen, and those are now being exploited for use as a storage mechanism.

Researchers at City University of New York (CUNY) just announced that they had used the nitrogen electrons to encode data (fittingly, images of physicists Albert Einstein and Erwin Schrödinger).

In their words:
As a proof of principle, we use multicolor optical microscopy to read, write, and reset arbitrary data sets with two-dimensional (2D) binary bit density comparable to present digital-video-disk (DVD) technology.
Got that?

The New York Times gleaned two key quotes from the authors:
  • "A DVD is like a 2-D puzzle, and this diamond technique is like a 3-D model," (thus allowing for vastly more storage)
  • "There is a no way you can change it. It will sit there forever."
The approach is a long way from being commercialized, but the prospect of a storage device that can be made inexpensively (the researchers said that the industrial diamond they used was the cheapest part of the experiment), has huge storage potential, and lasts "forever" will almost certainly attract entrepreneurs.  If you thought bejeweled DVD cases were cool, then you should really love this.

Using diamonds to store data is pretty nifty, but it seems almost prosaic compared to using DNA to store data.  What's so new about that?  After all, nature has been using DNA to write, store, and read genetic information for, as best we can tell, almost all the time there has been life on earth.

What's new is using DNA to store other types of data.  Earlier this year, Microsoft leapt past previous efforts by coding some 200 megabytes of data into a small amount of synthetic DNA (see below).  That's not much in the scheme of things -- in this case, some 100 literary classics, the seed database of Corp Trust, a music video of "This Too Shall Pass" -- and is still very expensive, but Microsoft believes the effort is important, given the explosive growth in data.

As Microsoft's lead researcher Karin Strauss said, "If you look at current projections, we can’t store all the information we want with devices at the cost that they are."  She estimates that a shoebox of DNA could hold the same amount of data as 100 huge data centers.  Another of the lead researchers, Luis Ceze at the University of Washington, goes further: "You can archive all the data on the internet in a shoebox."

With all this talk of using shoeboxes, you'd think Nike was funding the research.

DNA has one thing in common with diamonds as a storage device; it is extremely durable.  As Dr. Ceze points out: "Some results a few years ago sequenced DNA from 700,000 year-old bones," and I'll bet those bones weren't stored in any nice storage facility, not even a shoebox.

Best of all, it is unlikely that the technology will fall out of favor, unlike most other forms of data storage.  After all, we'll be reading DNA as long as there are lifeforms based on DNA, so unless someday our silicon overlords decide we're superfluous, someone will know how to access data stored in DNA.  

As Dr. Ceze said,
We see DNA as potentially the ultimate backup media—super durable, incredibly dense and never becomes obsolete...We see no fundamental physics reason why the cost and speed of DNA-based storage can’t be cheap and fast enough for main stream storage.
He thinks it will be viable within a decade.  If that sounds far-fetched, consider that there are already DNA storage devices on the market (although with only 512kB).

SingularityHub reported on a recent panel on the topic at SynBioBeta 2016.  The panelists agreed on the need for better long term storage solutions and on DNA's potential as one of those solutions, as well as the need to make the processes much faster and cheaper in order to be commercially viable.  They cited four open questions in the field:

  1. How do we design for security?
  2. What will the user interface look like?
  3. How will the world receive this?
  4. What kind of information do we want to store using DNA?
How we answer those questions may drive our the field advances, and how fast, but, as with diamonds, the potential is too great to ignore.  

Instead of an ever-growing number of massive data-centers, each consuming large amounts of energy, it's nice to imagine a small number of diamond or DNA-based storage centers.  It literally is possible that we could each someday carry around our own data center.

It seems very likely that, within the foreseeable future, you will be able to have your DNA sequenced in near real-time, analyzed for defects/mutations, and have therapies specifically tailored to your results -- possibly even actually editing your genes/DNA.  This is, after all, the goal of Precision Medicine.  

What would make this even cooler is that, as long as we're reading your DNA, your entire medical history is also being read  -- maybe from the cloud, but maybe from synthetic DNA that you've had implanted, or even from your own DNA, if we start writing directly to it.  And, of course, these DNA records would be updated in near real-time as well.  

Talk about owning your own data!

Monday, October 24, 2016

Your Toaster May Be Bad For Your Health

Quote of the week/month:

In a relatively short time we've taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters.

Mr. Jarmoc was, of course, referring to the cyberattack last week that shut down access to many major websites (including, ironically, Twitter) for much of the day Friday.   The attack was what is called a distributed denial of service (DDoS) attack, which means that the hackers flooded a key part of the Internet infrastructure with essentially spam service requests.  In this case, they targeted a company called Dyn, whose Domain Name System serves as a directory for web addresses.  Legitimate requests to it were not able to be fulfilled.

What makes this even more interesting is that the hackers conducted the attack using hundreds of thousands, perhaps millions of Internet-connected devices -- e.g., webcams, routers, TVs, DVRs, security cameras, perhaps even the odd toaster or two.  This "botnet army" used a code called Mirai that was originally developed by gamers to deny online access to rival gamers.

As FastCompany reported, there had been warnings about attacks by these "Internet of Things" devices for some time, but the attack was still successful, rendering over 1,000 websites unavailable.  The reasons for it are not clear.  A security blogger told The Wall Street Journal "I believe somebody’s feelings got hurt and that we’re dealing with the impact. We’re dealing with young teenagers who are holding the internet for ransom."

I don't know if that should make me feel less scared, or more.

The New York Times warns of "a new era" of attacks powered by IoT devices, noting that many of them come with weak or nonexistent security features -- and that there soon could be billions of them in use.  A recent survey (The Internet of Stranger Things) confirms that most of us are worried about the cybersecurity risks of our various devices, but few of us have actually done anything about them.
We may buy cybersecurity programs for our computers, and try to beef up our passwords, but probably most of us aren't doing the same for our refrigerators or our cars.  Yet those are the kinds of devices we now need to worry about.

It's worse than that.  As The Times further noted:
The difference with the internet is that it is not clear in the United States who is supposed to be protecting it. The network does not belong to the government — or really to anyone. Instead, every organization is responsible for defending its own little piece.
Decentralized is good, until it is not.

What does this have to do with health care?  Plenty, as it turns out.  IoT devices are increasingly helping us manage our health and medical care.  IoT in health care is expected to be a huge market -- perhaps 40% of the total IoT, and worth some $117b by 2020, according to McKinsey.  Expected major uses include wearables, monitors, and implanted medical devices.  .

The problem is that many manufacturers haven't necessarily prepared for cyberattacks.  Kevin Fu, a professor at the University of Michigan's Archimedes Center for Medical Device Security, told CNBC: "the dirty little secret is that most manufacturers did not anticipate the cybersecurity risks when they were designing them [devices] a decade ago, so this is just scratching the surface."

Again, I'm not sure if the fact that there already are such centers as Dr. Fu's should make me feel less scared, or more.

Cybersecurity concerns for health care don't just involve the Internet.  Earlier this month J&J warned that one of its insulin pumps was vulnerable to hackers, who could spoof communication between the device and its wireless remote control.  The company sent letters about the risk to some 114,000 patients and their doctors, while claiming that the risk was low and that they knew of no such attacks -- yet.
  
One has to wonder how many other vulnerable devices there may be.

When it comes to health care, DDoS would be at best an inconvenience, and at worst life-threatening, but the cybersecurity risk most people still worry the most about is privacy.  We're going to need to be reassured both that the Internet-based services will be there when we need them, and that our privacy won't be compromised by them.  Those are, unfortunately, tough asks.

After all, healthcare is the industry whose data and systems are already being held for ransomware by hackers so amateur that they've sometimes settled for as little as $17,000 in bitcoin.  Meanwhile, cyberattacks on electronic health records are growing "exponentially," according to a new GAO report.  The GAO estimated that 113 million records were breached in 2015 -- up from 12.5 million in 2014, and less than 135,000 in 2009.  One has to imagine hackers are drooling over the vulnerability of IoT data.

The Street reports that "traditional" IT security firms (such as Symmatec) are already focusing on IoT, as well as new players like PTC or Synopsys, but also warns that, when it comes to IoT for health, security is still a major concern.  As Ivan Feinseth of investment bank Tigress Partners told them, "the connected car and house are really, really cool, but none of that is more important than healthcare."

Unfortunately, investment in cybersecurity for IoT remains low, with estimated spending on it only around $390 million, according to ABI research.   That's out of some $5.5b healthcare cybersecuity spending in 2016.  ABI estimates IoT cybersecurity spending will triple by 2021, but that still may lag far behind the spread of health IoT devices.

We've grown used to being hyperconnected, through email, the web, our mobile devices, and are just starting to explore the possibilities of IoT.  The Pandora's Box of connectivity is not going to close.  However, the basic structures of the internet are some 40 years old now, those of the World Wide Web some 25 years, and it may be time to figure out what comes next, especially because of IoT.

Whether that is the "Internet2," whether that is the "browserless experience" Acquia Labs envisions, whether that is blockchain -- I don't know.  What I do know is that a cyberwar in health is one in which we can't afford to lose many battles, so we better figure out sometime quick.

Before my toaster decides to do something mean to me.