Cognitive health software development and medical research go hand in hand. With today’s technology, it’s possible to explore, analyze, and derive value from health data in new and exciting ways. For example, one of our clients uses custom software to collect and mine data that helps identify early signs of Alzheimer’s Disease and other cognitive disorders. But not every story about the use of modern technology and the collection of medical data has a happy ending. The recent legal action involving University of California, San Diego and University of Southern California is an example of what can go wrong when policies and procedures don’t keep up with the realities health software development in today’s data-centered world.
Who Owns the Research Data?
This summer, two California universities became embroiled in litigation over access to data from a massive research project called the Alzheimer’s Disease Cooperative Study (ADCS). When a top researcher at UCSD and some of his staff were headhunted by USC to create a new Alzheimer’s institute, his former employer was understandably upset. But the accusation that the scientist allegedly took decades of ADCS research data with him was what really caused a stir.
The Alzheimer’s research data was apparently hosted on Amazon’s cloud services. However, the staff at UCSD found that they did not retain full access to this account after the scientist’s departure. According to Amazon, since UCSD was not specifically named as the account holder, the university was out of luck. Amazon would not reveal the name of the listed account holder to UCSD due to internal privacy policies—yet insisted that UCSD contact this mystery person to get the password to the account. The cloud services provider wouldn’t let them change the password or allow them to make any administrative changes without a court order.
Whoever controls this irreplaceable data is in line to receive hundreds of millions in funding for continued research—and potentially billions in profits for treatments or therapies developed as a result. The custody battle over the ADCS data is expected to drag on for a long time. That’s bad news for ongoing research that might be interrupted as a result. Patients can’t afford to have research institutions squabble over who owns the information that could hold the key to a cure.
Key Questions to Consider for Your Software and Data
How can you keep this nightmare scenario from happening to you and your patients? If your organization using health software development in the cognitive health field, there are a number of concerns you should address from the outset:
- Who owns the data that is collected using the software?
- Where and how will it be stored?
- If cloud storage is used, will there also be backups on alternative services or a hard copy?
- Will an individual or organization be the primary account holder for any such storage services?
- Who can access the data? For what purposes? Can this access be restricted or terminated?
- Are members of your organization prohibited and prevented from taking data with them if they leave to seek other employment? What data security processes are in place to enforce this policy?
- How will you prevent your organization from losing control of data?
Having the ability to collect, store, and analyze medical data is about finding ways to better serve patients. But it pays to consider how others might want to these resources for their own benefit—and take steps to protect your data!