Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago

Well, I finally got around to evaluating the portal;

managemyhealth.co.nz/about-us/

When my GP suggested I sign up with it, I presumed it was a public service offered by Te Whatu Ora, like My Health Record;

tewhatuora.govt.nz/health-serv

So what do I think of Manage My Health? Not impressed. This is a privately-owned, for-profit digital platform, that I can't be certain isn't patients who sign up with it.

(1/?)
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago
@lightweight
> data sovereignty is very suspect, too

I haven't had a thorough dig, but I don't see anything about how how the system works, what kind of encryption they use, where their servers are located and on whose property, etc.

> I think it's owned by a Singaporean company.

They say they're NZ-owned;

https://managemyhealth.co.nz/about-us/

But that might be referring to the franchise to use the system in Aotearoa under license. There may be a parent company that's from somewhere else.
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp yesterday
@lightweight
> I looked into it a while back and the 'kiwi owned' part didn't stack up

Good to know. Shall we combine forces and write an Open Letter to Te Whatu Ora? Laying out how such a system could be designed, pointing out the various problems this reveals with MMH, and making some proposals for implementing a publicly-owned replacement, and properly regulating corporate providers like MMH?

To be published, say, mid-2026?
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp yesterday

@lightweight
> I'm not sure I have the energy to do more than poke around a bit

That's why I say "open letter" rather than "report" or even "paper" ; )

I'm thinking of a conversation starter that captures our POV as ethical technologists, and that others with more resources can reference in their own campaigns. Along the lines of;

openstandards.nz/
Dave Lane :flag_tino: 🇳🇿
@lightweight@mastodon.nzoss.nz  ·  activity timestamp yesterday
@strypey interestingly, after submitting my concerns to my local doctor's surgery, they recently (perhaps partly due to my concerns) switched to yet another service from ManageMyHealth. Haven't had time to review the new one yet, but in this field of medical health data management, my impression is that there's a preponderance of dubious ethics and 'location washing', where businesses pretend to be 'local' but aren't.
1 more replies (not shown)
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp yesterday
@lightweight
> there's a preponderance of dubious ethics and 'location washing', where businesses pretend to be 'local' but aren't

No doubt. At least partly because we defeated some of the Corporate Rights Treaties (MAI? TISA?) that had the goal of framing preferences for local suppliers - even publicly-owned or not-for-profit ones - as a "barrier to free trade".
Robyn
@RedRobyn@mastodon.nz  ·  activity timestamp 2 days ago
@strypey
The page that link takes me to doesn't say they are locally owned. It talks in friendly terms about 1.85 million kiwis a lot, which makes them seem local, I guess. But it's not at all specific about ownership, or where our info is hosted.

I do feel qualms when I get messages about test results from my hardworking GP late at night, and I can see it would be convenient for both of us for me to access them myself. But you aren't the only person I've seen raise concerns, so I've not gone there.

@lightweight
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp yesterday
@RedRobyn
> The page that link takes me to doesn't say they are locally owned.

It's right at the bottom, just above the list of franchise contacts;

"We’re passionate about helping Kiwis stay well, we’re New Zealand-owned and we continue to develop new technology to help everyone live a healthier life."

> it would be convenient for both of us for me to access them myself

100%. The problem is not with the concept, but in the execution (see my full thread for details)

@lightweight
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago

Before I talk about the reasons why I think it's safer to assume platforms like Manage My Health are DataFarmers, let's zoom out a bit. A few years ago I was talking to a friend who works in public health, about how health information store-and-sync services might work in my utopian Aotearoa.

Essentially we're talking about a health internet, linking the internal networks of all health providers that patients choose to use. The fundamental principles are privacy and consent.

(2/?)
𝓼𝓮𝓻𝓪𝓹𝓪𝓽𝓱【ツ】☮(📍🇬🇧)
@serapath@mastodon.gamedev.place  ·  activity timestamp 2 days ago
@strypey

Wouldnt it be great if all health data is with patients and they give access to doctors they visit?
Its stored with users on their devices and has an arbitrary number of encrypted backups ...and users can give temporary or permanent access to their health data to other parties if they want.

The main app would be structured like a messenger where you can chat to healthcare providers and make appointment and it keeps your entire history and you are the main admin.
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago
@serapath
> its stored with users on their devices and has an arbitrary number of encrypted backups ...and users can give temporary or permanent access to their health data to other parties if they want

... and then you drop your phone in the toilet and lose your entire medical records, with no possibility of recovery. As Tony Stark put it, not a great plan.

(yes you'd have synced backups etc, but would your Grandpa? What about people who can't afford secure devices, etc)
𝓼𝓮𝓻𝓪𝓹𝓪𝓽𝓱【ツ】☮(📍🇬🇧)
@serapath@mastodon.gamedev.place  ·  activity timestamp 2 days ago
@strypey
the backup and restore happens automatically.

healthcare providers could literally offer this as a service.

...and because it works "torrent style" ....there can be many redundant backups and they all add additional benefit.

Beyond that - accessing the data will load it from the local device, but if not available, it will automatically fetch it from one or many peers that seed the backup seamlessly.
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago
@serapath
> healthcare providers could literally offer this as a service

> accessing the data will load it from the local device, but if not available, it will automatically fetch it from one or many peers that seed the backup seamlessly

What you're describing is exactly what Solid is designed to do, as I understand it. But if you have other protocols to offer as alternatives, I'd be happy to look at them.

2+ more replies (not shown)
𝓼𝓮𝓻𝓪𝓹𝓪𝓽𝓱【ツ】☮(📍🇬🇧)
@serapath@mastodon.gamedev.place  ·  activity timestamp 2 days ago
@strypey

and if health care data is ever viewed on your device, it can be stolen... doesnt really matter if you use p2p or something traditional.

it only decrypts when you open the app.

its also possible to log in to a new device and remotely deactivate a lost device.

...
if you really want to emulate centralized infrastructure, just always purge the local device storage and always redownload the seeded data when you want to lookup anything.
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago
@serapath
> if you really want to emulate centralized infrastructure, just ... redownload the seeded data when you want to lookup anything

Oh no, we agree that local-first is a good design principle for server-client services. In fact, that's part of the data resilience.

In the system I envision, there's a full copy of your medical records synced to each of your devices, with version history. A full copy at your GPs clinic. Plus copies of individual bits of data at the originating practice.
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago

The fundamental access model is that patients must have access to all data held about them. They must be able to correct and update information supplied by them, and to challenge the accuracy of data supplied by practices (in case of data entry or other errors), and get it reviewed.

So this is a patient-centric system. That's the first design consideration.

(3/?)
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago

As I mentioned, I see it as a health internet. Obviously connections between health providers networks would be made through the net. But what I mean is, we're not talking about a centralised database, held by Te Whatu Ora or anyone else. This would be a juicy target for both network attacks ("hacking") by agents of data brokers, and political attacks (like corporatisating the service and selling it off)

So the second design principle; it's a decentralised system.

(4/?)
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago

So obviously health practices use this hypothetical HealthNet (TM, patent pending) to supply patients with their health data. But what if the patient wants their current GP to have access to their whole medical record? Or they want their osteopath to see their back x-rays before a consultation? There would need to be a system for disclosure of specified data, with patient consent, with a timeframe (for A hours/ days/ etc, or ongoing).

So the third design principle; selective disclosure.

(5/?)
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago

What intrigues me is that I'm pretty sure I'd never heard of the Solid protocol at the time. But...

"With Solid's Authentication and Authorization systems, one can determine which people and applications can access their data. Entities can grant or revoke access to any slice of their data as needed. Consequently, entities can do more with their data, because the applications they decide to use can be granted access to a wider and more diverse set of information."

https://solidproject.org/about

(6/?)
Strypey
@strypey@mastodon.nzoss.nz  ·  activity timestamp 2 days ago

Sounds about right. I could go into a lot more detail about how a resilient and reliably-private health record system might work, and what tech could be used, but I really ought to ask Te Whatu Ora for $100 an hour as a "consultant" if I'm going to do that ; )

But I think that's enough of a sketch to give us something to compare Manage My Health against.

(7/?)

1+ more replies (not shown)
𝓼𝓮𝓻𝓪𝓹𝓪𝓽𝓱【ツ】☮(📍🇬🇧)
@serapath@mastodon.gamedev.place  ·  activity timestamp 2 days ago
@strypey

solid is inferior in every way.
it requires to pick a single provider and ot multiple redundantly and you provide access of your data to that provider.

better if you can pick multiple providers redundantly or do it yourself altogether.

solid works online and p2p works offline first.

the only good idea about solid is that it popularizes the concept of separating data and app. so thx TBL for that 🙂

1 more replies (not shown)