Secure AI-enhanced Policy Framework for Digital Health Data

This proposal is part of the Data-mdapps project which is a collaboration between Kingston University and the WHO European Office for the Prevention and Control of Noncommunicable Diseases (NCD Office) and focuses on addressing the challenges of developing a technical and security policy framework for digital health behavioural data processing. Data-Driven Decision Making (DDDM) refers to the practice of basing decisions on the analysis of the data rather than purely based on intuition. In the early days, decisions were made based on intuition, but with the popularity of the big data culture, the emphasis has shifted towards the data.

DDDM is important for global organisations such as the WHO, since their decisions affect millions of lives. Therefore, their decisions need to be efficient, effective and ethical. Further, they are accountable for the decisions they make. Hence their decisions need to be strongly backed by data. In order to make data-driven decisions, data needs to be collected, cleaned and analysed in such a manner that the decision-makers are aware of the true picture represented by the data. In other words, decision-makers should be aware of the various biases such as sampling bias, outliers in the data and seasonal trends.

At present, the WHO is actively using data in its operations, both in internal decision-making and in educating the general public. For example, a framework named Evidence-to-Decision (EtD) supports the decision-making process. In addition, various dashboards, such as the covid dashboard, are used to educate the general public. Further, the WHO NCD Office is actively researching in digital health behavioural data processing.

The following challenges have been identified and will be addressed in this project:

-      Confusion in the term 'Health-related data'. When the phrase 'Health-related data' is heard, patients' medical records come into everyone's mind. Personal health records are confidential and should only be accessed by the users who absolutely need to refer to them. However, personal health records represent only a tiny part of the health-related data. A significant portion of the health-related data is from other areas such as digital and physical food environments, activity monitoring and many more.

-      Data governance regimes differ profoundly in different jurisdictions. For example, the age of majority is 18 years in all EU Member States except for Scotland, where children are considered to have full legal capacity from the age of 16 years.

-      Training Artificial Intelligence (AI) and Machine Learning (ML) algorithms responsibly without introducing biases resulting in racial, religious, economic, disability or gender discrimination.

-      Unavailability of simple, easy and secure data visualisation tools and techniques geared towards health care professionals (non-IT professionals).