Just as in the other industries, the pharmaceuticals, healthcare and life sciences sectors in the region have been slowly warming up to the advantages enabled by the cloud. Reports cite up to 85% penetration and projected spending of more than $40bn by 2017.
With the rising tide of wearable technologies and IoT trends, the deluge of data being collected for enhancing business intelligence and agility; drug research; digitization of records; patient care; tele-health and treatment outcomes has skyrocketed. The vast potential of data analytics in this sector, however, may need to be moderated before it can bring material results to market at speed.
At a Health Innovation breakfast briefing hosted in Singapore by Equinix for high level representatives of healthcare, pharma and IT vendors, a persistent underlying theme surfaced: while cloud technology facilitates cost-effective access to heavy computing power to crunch the increasingly available flood of big data, what avenues of checks and balances are required now and in the future, to make sure that the data is being managed legally and ethically?
Even as more academics and administrators in the clinical sector convince themselves of the innumerable benefits and sensibilities of leveraging on cloud-based data management, looming over the horizon are huge ramifications played up by notable cases of data theft and data-privacy breaches that have rocked the world.
Participants of the roundtable discussion, consisting of senior representatives from government bodies, hospitals, research laboratories, academic institutions and technology vendors, generally agree that professionals in the health-related sectors are wary of the risks of public clouds, that they prefer to migrate only non-critical data there, and that they are keeping their core data in-house for the foreseeable future. High-profile incidents of data and identity theft, sabotage and data-privacy lawsuits seem to be the causal deterrent factors, while the rising awareness of patient-data privacy rights has collided head-on with the deluge of personal data that is now capable of being collected through smartphones and IoT.
On the one hand, with access to the necessary software and computing power to mine data into valuable ideas and catalysts for innovation and improved medical care, the sector is positioned for accelerated transformation and growth. Yet, on the other hand, the increased social awareness brought about by cases of data abuse and a whole barrage of related crimes have necessitated urgent data privacy and security legislations in the West.
Here in the region, however, it is noted that legislations on data privacy are still at the nascent stage. While each country in the region is relying on the legislative frameworks of Europe and America as templates, a bespoke approach is necessary to cater to demographic and socio-political needs, and it will arguably lead to confusion and ‘cloudiness’ for both the healthcare and tech industries leveraging on cross-border collaborations.
According to the Asia Cloud Computing Association (ACCA), eight previous regional roundtable discussions involving the same industries have drawn similar debates and conclusions about the need for intra-regional summits to harmonize government and sectorial policies to include provisions to cater to cross-border collaborations. The current independent silo approach simply hampers or deters agile and tentative adoption of enabling technologies. Additionally, with the rising use of wearable technology and accessibility to data-collection devices, public education will have to keep pace too. Only when the public is educated on their rights and options to data privacy, can informed consent be safely granted and enforced on data collection, use, sharing, retention and disposal. Only then can legislation and jurisdiction be effectively monitored and calibrated to address emerging trends and national mandates.
Leading the crowd in this area is Singapore, with its recent enforcement of the Personal Data Protection Act, and subsequently the Multi-Tier Cloud Security standard set by the Ministry of Health and the Infocomm Development Authority of Singapore. These initiatives pave the way for establishing transparency regarding the rights and obligations of both data owners and data consumers. This in turn helps both groups to dictate best practices when choosing and implementing technology. Similarly, the tech industry would benefit from across-the-board transparency and help to establish multiple layers of trust among the disparate stakeholders. Such enhanced levels of trust and accountability will not only benefit the healthcare, pharmaceutical and life sciences sectors, but also trickle all-around to the other industries.
It has been argued that the solutions and standards for enhancing data security and privacy are already available, so many of the fears by government and the public are not justifiable compared to the resulting drastically-reduced accessibility of life-saving data. This argument, however, addresses only the technical side of the equation. As anecdotal evidence has demonstrated in numerous global incidents, social behavior patterns and assumptions can be used to foil security measures or simply render them moot. In the same vein as social expectations of data privacy rights get broadened by technology, complying with data privacy protocols at a very granular level will remain a moving target until an inclusive set of legislations is developed throughout the region and beyond.
But even as all the technical, legal and social variables require sufficient time to be accounted for and balanced out, it is expected that the industry will continue on its momentum to capitalize on disruptive technologies for better and more cost-effective healthcare and wellness outcomes.