Politics

Health startups anxiously await new data-sharing rules

The fight over proposed medical data rules pits privacy against startups, but the startup community sees it differently.

23andMe CEO Anne Wojcicki

23andMe CEO Anne Wojcicki argues that privacy means giving patients a choice in how they use their data — including not sharing it at all.

Photo: Kyle Grillot/Bloomberg via Getty Images

Jay Desai's healthtech startup may be poised to have a very, very big year.

PatientPing, where he's CEO, is a digital health coordinator that shares real-time patient information with health care providers across organizations so patient care is streamlined and tracked in one place. The Boston-based startup already works with more than 1,000 U.S. hospitals — approximately one-sixth of the total in the country, according to numbers from the American Hospital Association. But if the government approves a new set of patient data-sharing rules soon, systems like PatientPing could become a must-have for hospitals across the land.

"We're just sort of anxiously waiting for the final rule," Desai said. "As an entrepreneur, you have to be comfortable managing for uncertainty and ambiguity."

Get what matters in tech, in your inbox every morning. Sign up for Source Code.

The fate of his company is currently in the hands of the White House, which is considering whether to approve new rules first set forth by the U.S. Department of Health and Human Services in February 2019. The proposals are controversial, pitting some incumbent health companies against startups like PatientPing and bigger tech companies like Apple and Google, with everyone arguing over patient rights versus patient privacy.

At their core, the new rules are meant to make it easier for people to obtain their medical data and share it with third-party apps or other doctors. They would require the health care industry to allow patients to access their personal health information through open APIs. The directives would penalize information-blocking and would require hospitals to send admission, discharge and transfer notifications as a condition of their participation in Medicare and Medicaid programs.

Unlike other tech sectors, where consumer taste and trends shape company outcomes, health care is highly regulated, and the industry can experience massive shifts as new rules come into effect. Making it easier to share and combine data could be a windfall for healthtech startups like Desai's.

"I think in some ways it's akin to what I think about the internet: that you have this ability to create an ecosystem where, by allowing people to move their information around, you're going to enable a lot of development," said 23andMe CEO Anne Wojcicki, whose home DNA-testing company has been on the vanguard of delivering health data directly to patients. The company is also well-known for its battle with another regulatory agency, the FDA, which famously forced 23andMe to change its entire product after it launched.

In the new and intensifying fight for health data-sharing, the government seems poised to come down on the side of innovation, which alarms privacy advocates and some industry veterans.

Epic, the nation's largest electronic health record provider, is strongly against the proposed rules. The company argues that the data-sharing could put patient privacy at risk and "that patients and their family members will lose control of their confidential health information," it said in one of its notes to hospital CEOs, according to CNBC.

I don't think it's appropriate for a company like Epic to be saying, no, you do not have the ability, that your data should not be moved around because of potential risk, and that you as an individual are not necessarily capable of having that judgment. Like, how dare they? That's insulting. — Anne Wojcicki

In early February, Wisconsin-based Epic signed a letter alongside 60 health systems representing 400 hospitals, urging government regulators to delay implementation. Wisconsin Gov. Tommy Thompson, a former HHS secretary, came out against the rules, claiming it would hurt Epic's business and Wisconsin's economy. Epic also previously threatened to take legal action.

"We are supportive of the goals of the proposed regulations, but we believe that important changes must be made to the rule before it becomes final in order to protect the privacy of patients and their personal health information," said an Epic spokesperson. "We appreciate the work that HHS is doing to incorporate different perspectives and ensure that the final rule is a good one."

Some startups Protocol contacted about the regulation declined to comment, given the tenor of the political battle. POLITICO reported that other big tech companies, like Google and Apple, have done some lobbying and met with officials, but have otherwise largely remained on the sidelines.

Wojcicki thinks Epic and its allies have taken a very "paternalistic view" of consumer privacy. "Fundamentally, my bank doesn't put those restrictions on me, and frankly, that's a lot more sensitive," she told Protocol. She argues that privacy is giving patients a choice in how they use their data — including not sharing it at all. She pointed to 23andMe's research programs for instance, which are opt-in, as an example of how to give people options safely. Still, 23andMe has been dogged by privacy concerns of its own. Consumer fears over DNA ending up in the wrong hands was a factor in 23andMe's decreased sales and subsequent layoffs in January.

"I think there should be appropriate warnings, but I don't think it's appropriate for a company like Epic to be saying that no, you do not have the ability, that your data should not be moved around because of potential risk, and that you as an individual are not necessarily capable of having that judgment," she said. "Like, how dare they? That's insulting."

While the interoperability rules could help 23andMe's research business by making it easier to connect patient health records to 23andMe, Wojcicki still thinks it will be a long time before the rules really start to affect her business. "At 23andMe, we do not have anyone like just sitting here, waiting at the gates for the data to flow out," she said.

Instead, startups focused on enabling interoperability, like PatientPing, may be some of the first to feel the change. And already, new startups are launching that seem perfectly poised to take advantage of it. This month, venture capitalist Hemant Taneja and his team launched Commure, which is building a developer platform and APIs for health care.

Venture firm Venrock's Bob Kocher told Protocol in an email that he expects startups working on tech-enabled care like urgent care, telemedicine, primary care and home-based care to be among the beneficiaries — alongside patients.

"Health care data is oxygen for entrepreneurs and indispensable for patients," Kocher said. "Data is what enables entrepreneurs to personalize experiences, anticipate what will happen, act early to prevent complications, and make health care more like every other modern experience."

He said this kind of data sharing will help patients explore more options for their care, and will help doctors access and learn from patients' past treatments.

Yet Kocher, Taneja and others are venture capitalists, another group singled out by Epic as profiting from the regulation. "The primary beneficiaries of this rule are venture capitalists and others taking advantage of patient data," Epic executive Sumit Rama told POLITICO. (The company declined to comment on his remarks.)

"I mean, the statement in and of itself is obviously a bit alarmist," said Julie Yoo, a partner at Andreessen Horowitz who works on the firm's biotech fund. "It just struck me as very ironic that the very companies who benefited from this type of regulatory change and policy change are the very ones who are pushing back against sort of the obvious and logical next wave of regulatory change."

The new rules won't change her investing strategy too much, she said, as there are already a lot of startups that are trying to be the connective tissue between different vendors and systems. "But it might positively affect the capital, for instance, that these companies will have to raise to accomplish their goals," Yoo said.

As for the risk of a third-party app running away with health care information, that's a real concern, but she hopes venture capital could exert a positive influence by refusing to back businesses that might use data in nefarious or insecure ways. "Things take time in this space," Yoo said. "We always lament the fact that health care is 10 years behind and everything's slower. We certainly acknowledge that there's merit to that, because if we get it wrong, we're talking about patients' lives being at stake."
Fintech

Data privacy and harassment could spoil Grindr’s Wall Street romance

As it pursues a long-held goal of going public, the gay dating app has to confront its demons.

Grindr may finally be a public company.

Illustration: woocat/iStock/Getty Images Plus; Protocol

Grindr's looking for more than just a hookup with Wall Street. Finding a stable relationship may be tough.

The location-based dating app favored by gay men was a pioneer, predating Tinder by three years. It’s bounced from owner to owner after founder Joel Simkhai sold it in 2018 for $245 million. A SPAC merger could be the answer, but businesses serving the LGBTQ+ community have had trouble courting investors. And Grindr has its own unique set of challenges.

Keep Reading Show less
Veronica Irwin

Veronica Irwin (@vronirwin) is a San Francisco-based reporter at Protocol, covering breaking news. Previously she was at the San Francisco Examiner, covering tech from a hyper-local angle. Before that, her byline was featured in SF Weekly, The Nation, Techworker, Ms. Magazine and The Frisc.

Sponsored Content

Why the digital transformation of industries is creating a more sustainable future

Qualcomm’s chief sustainability officer Angela Baker on how companies can view going “digital” as a way not only toward growth, as laid out in a recent report, but also toward establishing and meeting environmental, social and governance goals.

Three letters dominate business practice at present: ESG, or environmental, social and governance goals. The number of mentions of the environment in financial earnings has doubled in the last five years, according to GlobalData: 600,000 companies mentioned the term in their annual or quarterly results last year.

But meeting those ESG goals can be a challenge — one that businesses can’t and shouldn’t take lightly. Ahead of an exclusive fireside chat at Davos, Angela Baker, chief sustainability officer at Qualcomm, sat down with Protocol to speak about how best to achieve those targets and how Qualcomm thinks about its own sustainability strategy, net zero commitment, other ESG targets and more.

Keep Reading Show less
Chris Stokel-Walker

Chris Stokel-Walker is a freelance technology and culture journalist and author of "YouTubers: How YouTube Shook Up TV and Created a New Generation of Stars." His work has been published in The New York Times, The Guardian and Wired.

Inside the Crypto Cannabis Club

As crypto crashes, an NFT weed club holds on to the high.

The Crypto Cannabis Club’s Discord has 23,000 subscribers, with 28 chapters globally.

Photo: Nat Rubio-Licht/Protocol

On a Saturday night in downtown Los Angeles, a group of high strangers gathered in a smoky, colorful venue less than a mile from Crypto.com Arena. The vibe was relaxed but excited, and the partygoers, many of whom were meeting each other for the very first time, greeted each other like old friends, calling each other by their Discord names. The mood was celebratory: The Crypto Cannabis Club, an NFT community for stoners, was gathering to celebrate the launch of its metaverse dispensary.

The warmth and belonging of the weed-filled party was a contrast to the metaverse store, which was underwhelming by comparison. But the dispensary launch and the NFTs required to buy into the group are just an excuse: As with most Web3 projects, it’s really about the community. Even though crypto is crashing, taking NFTs with it, the Crypto Cannabis Club is unphased, CEO Ryan Hunter told Protocol.

Keep Reading Show less
Nat Rubio-Licht

Nat Rubio-Licht is a Los Angeles-based news writer at Protocol. They graduated from Syracuse University with a degree in newspaper and online journalism in May 2020. Prior to joining the team, they worked at the Los Angeles Business Journal as a technology and aerospace reporter.

Climate

The minerals we need to save the planet are getting way too expensive

Supply chain problems and rising demand have sent prices spiraling upward for the minerals and metals essential for the clean energy transition.

Critical mineral prices have exploded over the past year.

Photo: Andrey Rudakov/Bloomberg via Getty Images

The newest source of the alarm bells echoing throughout the renewables industry? Spiking critical mineral and metal prices.

According to a new report from the International Energy Agency, a maelstrom of rising demand and tattered supply chains have caused prices for the materials needed for clean energy technologies to soar in the last year. And this increase has only accelerated since 2022 began.

Keep Reading Show less
Lisa Martine Jenkins

Lisa Martine Jenkins is a senior reporter at Protocol covering climate. Lisa previously wrote for Morning Consult, Chemical Watch and the Associated Press. Lisa is currently based in Brooklyn, and is originally from the Bay Area. Find her on Twitter ( @l_m_j_) or reach out via email (ljenkins@protocol.com).

Enterprise

The 911 system is outdated. Updating it to the cloud is risky.

Unlike tech companies, emergency services departments can’t afford to make mistakes when migrating to the cloud. Integrating new software in an industry where there’s no margin for error is risky, and sometimes deadly.

In an industry where seconds can mean the difference between life and death, many public safety departments are hesitant to take risks on new cloud-based technologies.

Illustration: Christopher T. Fong/Protocol

Dialing 911 could be the most important phone call you will ever make. But what happens when the software that’s supposed to deliver that call fails you? It may seem simple, but the technology behind a call for help is complicated, and when it fails, deadly.

The infrastructure supporting emergency contact centers is one of the most critical assets for any city, town or local government. But just as the pandemic exposed the creaky tech infrastructure that runs local governments, in many cases the technology in those call centers is outdated and hasn’t been touched for decades.

Keep Reading Show less
Aisha Counts

Aisha Counts (@aishacounts) is a reporter at Protocol covering enterprise software. Formerly, she was a management consultant for EY. She's based in Los Angeles and can be reached at acounts@protocol.com.

Latest Stories
Bulletins