(1/3)
@serapath
> With keet you have plenty of rooms woth 1000s of peers in them chatting
Is that where everyone who used to be on Matrix has gone? Must give it a go.
Discussion
Loading...
Discussion
@strypey yeah, and the data sovereignty is very suspect, too. I think it's owned by a Singaporean company. I believe the same software is deployed in many other countries in the world, under different names.
@lightweight
> data sovereignty is very suspect, too
> data sovereignty is very suspect, too
I haven't had a thorough dig, but I don't see anything about how how the system works, what kind of encryption they use, where their servers are located and on whose property, etc.
> I think it's owned by a Singaporean company.
They say they're NZ-owned;
https://managemyhealth.co.nz/about-us/
But that might be referring to the franchise to use the system in Aotearoa under license. There may be a parent company that's from somewhere else.
@strypey yeah, I looked into it a while back and the 'kiwi owned' part didn't stack up, but I can't remember the details.
@lightweight
> I looked into it a while back and the 'kiwi owned' part didn't stack up
> I looked into it a while back and the 'kiwi owned' part didn't stack up
Good to know. Shall we combine forces and write an Open Letter to Te Whatu Ora? Laying out how such a system could be designed, pointing out the various problems this reveals with MMH, and making some proposals for implementing a publicly-owned replacement, and properly regulating corporate providers like MMH?
To be published, say, mid-2026?
@strypey I'm not sure I have the energy to do more than poke around a bit - but this sort of thing should be the responsibility of Te Whatu Ora, but, of course, there's no evidence that they have sufficiently capable (and incredulous) people to assess such things.
@lightweight
> I'm not sure I have the energy to do more than poke around a bit
That's why I say "open letter" rather than "report" or even "paper" ; )
I'm thinking of a conversation starter that captures our POV as ethical technologists, and that others with more resources can reference in their own campaigns. Along the lines of;
@strypey interestingly, after submitting my concerns to my local doctor's surgery, they recently (perhaps partly due to my concerns) switched to yet another service from ManageMyHealth. Haven't had time to review the new one yet, but in this field of medical health data management, my impression is that there's a preponderance of dubious ethics and 'location washing', where businesses pretend to be 'local' but aren't.
@lightweight @strypey my gp switched from MMH to something called myinidici™ from Irish headquartered https://www.valentiatech.com/
I haven't used the new one yet, I stopped using MMH when the portal insisted on agreement to new terms
1 more replies (not shown)
@lightweight
> there's a preponderance of dubious ethics and 'location washing', where businesses pretend to be 'local' but aren't
> there's a preponderance of dubious ethics and 'location washing', where businesses pretend to be 'local' but aren't
No doubt. At least partly because we defeated some of the Corporate Rights Treaties (MAI? TISA?) that had the goal of framing preferences for local suppliers - even publicly-owned or not-for-profit ones - as a "barrier to free trade".
@strypey
The page that link takes me to doesn't say they are locally owned. It talks in friendly terms about 1.85 million kiwis a lot, which makes them seem local, I guess. But it's not at all specific about ownership, or where our info is hosted.
The page that link takes me to doesn't say they are locally owned. It talks in friendly terms about 1.85 million kiwis a lot, which makes them seem local, I guess. But it's not at all specific about ownership, or where our info is hosted.
I do feel qualms when I get messages about test results from my hardworking GP late at night, and I can see it would be convenient for both of us for me to access them myself. But you aren't the only person I've seen raise concerns, so I've not gone there.
@RedRobyn
> The page that link takes me to doesn't say they are locally owned.
> The page that link takes me to doesn't say they are locally owned.
It's right at the bottom, just above the list of franchise contacts;
"We’re passionate about helping Kiwis stay well, we’re New Zealand-owned and we continue to develop new technology to help everyone live a healthier life."
> it would be convenient for both of us for me to access them myself
100%. The problem is not with the concept, but in the execution (see my full thread for details)
There are benefits to local ownership. But in and of itself, being NZ-owned is no guarantee of ethical business practices. AFAIK the company Darleen Tana and her husband used to exploit workers was NZ-owned.
@strypey
Thanks
Missed that while being distracted by all the puff (and overseas contact addresses)
@lightweight
Thanks
Missed that while being distracted by all the puff (and overseas contact addresses)
@lightweight
Before I talk about the reasons why I think it's safer to assume platforms like Manage My Health are DataFarmers, let's zoom out a bit. A few years ago I was talking to a friend who works in public health, about how health information store-and-sync services might work in my utopian Aotearoa.
Essentially we're talking about a health internet, linking the internal networks of all health providers that patients choose to use. The fundamental principles are privacy and consent.
(2/?)
@strypey
Wouldnt it be great if all health data is with patients and they give access to doctors they visit?
Its stored with users on their devices and has an arbitrary number of encrypted backups ...and users can give temporary or permanent access to their health data to other parties if they want.
The main app would be structured like a messenger where you can chat to healthcare providers and make appointment and it keeps your entire history and you are the main admin.
@serapath
> its stored with users on their devices and has an arbitrary number of encrypted backups ...and users can give temporary or permanent access to their health data to other parties if they want
> its stored with users on their devices and has an arbitrary number of encrypted backups ...and users can give temporary or permanent access to their health data to other parties if they want
... and then you drop your phone in the toilet and lose your entire medical records, with no possibility of recovery. As Tony Stark put it, not a great plan.
(yes you'd have synced backups etc, but would your Grandpa? What about people who can't afford secure devices, etc)
@strypey
the backup and restore happens automatically.
the backup and restore happens automatically.
healthcare providers could literally offer this as a service.
...and because it works "torrent style" ....there can be many redundant backups and they all add additional benefit.
Beyond that - accessing the data will load it from the local device, but if not available, it will automatically fetch it from one or many peers that seed the backup seamlessly.
@serapath
> healthcare providers could literally offer this as a service
> healthcare providers could literally offer this as a service
> accessing the data will load it from the local device, but if not available, it will automatically fetch it from one or many peers that seed the backup seamlessly
What you're describing is exactly what Solid is designed to do, as I understand it. But if you have other protocols to offer as alternatives, I'd be happy to look at them.
@strypey
@dat_ecosystem
the dat stack a.k.a the hyper stack.
...does enable that. started in 2013 and ow mature and battle tested 🙂
2+ more replies (not shown)
@strypey
and if health care data is ever viewed on your device, it can be stolen... doesnt really matter if you use p2p or something traditional.
it only decrypts when you open the app.
its also possible to log in to a new device and remotely deactivate a lost device.
...
if you really want to emulate centralized infrastructure, just always purge the local device storage and always redownload the seeded data when you want to lookup anything.
@serapath
> if you really want to emulate centralized infrastructure, just ... redownload the seeded data when you want to lookup anything
> if you really want to emulate centralized infrastructure, just ... redownload the seeded data when you want to lookup anything
Oh no, we agree that local-first is a good design principle for server-client services. In fact, that's part of the data resilience.
In the system I envision, there's a full copy of your medical records synced to each of your devices, with version history. A full copy at your GPs clinic. Plus copies of individual bits of data at the originating practice.
The fundamental access model is that patients must have access to all data held about them. They must be able to correct and update information supplied by them, and to challenge the accuracy of data supplied by practices (in case of data entry or other errors), and get it reviewed.
So this is a patient-centric system. That's the first design consideration.
(3/?)
As I mentioned, I see it as a health internet. Obviously connections between health providers networks would be made through the net. But what I mean is, we're not talking about a centralised database, held by Te Whatu Ora or anyone else. This would be a juicy target for both network attacks ("hacking") by agents of data brokers, and political attacks (like corporatisating the service and selling it off)
So the second design principle; it's a decentralised system.
(4/?)
So obviously health practices use this hypothetical HealthNet (TM, patent pending) to supply patients with their health data. But what if the patient wants their current GP to have access to their whole medical record? Or they want their osteopath to see their back x-rays before a consultation? There would need to be a system for disclosure of specified data, with patient consent, with a timeframe (for A hours/ days/ etc, or ongoing).
So the third design principle; selective disclosure.
(5/?)
What intrigues me is that I'm pretty sure I'd never heard of the Solid protocol at the time. But...
"With Solid's Authentication and Authorization systems, one can determine which people and applications can access their data. Entities can grant or revoke access to any slice of their data as needed. Consequently, entities can do more with their data, because the applications they decide to use can be granted access to a wider and more diverse set of information."
https://solidproject.org/about
(6/?)
Sounds about right. I could go into a lot more detail about how a resilient and reliably-private health record system might work, and what tech could be used, but I really ought to ask Te Whatu Ora for $100 an hour as a "consultant" if I'm going to do that ; )
But I think that's enough of a sketch to give us something to compare Manage My Health against.
(7/?)
1+ more replies (not shown)
@strypey
solid is inferior in every way.
it requires to pick a single provider and ot multiple redundantly and you provide access of your data to that provider.
better if you can pick multiple providers redundantly or do it yourself altogether.
solid works online and p2p works offline first.
the only good idea about solid is that it popularizes the concept of separating data and app. so thx TBL for that 🙂
1 more replies (not shown)
bonfire.cafe
A space for Bonfire maintainers and contributors to communicate
Automatic federation enabled