On the heels of forming a new partnership with Google (GOOGL), Mayo Clinic announced it has hired Dr. John Halamka — a Harvard professor and hospital IT veteran — to guide its efforts to apply artificial intelligence to vast stores of data from patients and devices.
Halamka will leave Beth Israel Lahey Health in Boston to become president of the Mayo Clinic platform, a unified data repository the Minnesota-based health system is creating to develop new analytics capabilities and digital services. His appointment will take effect Jan. 1.
The hire underscores Mayo’s eagerness to tap into the opportunities offered by AI and the exploding digital health industry, and its awareness that doing so carries plenty of risks.
Halamka, who served in the Obama and George W. Bush administrations, told STAT his goal is to create a kind of data “innovation factory” at Mayo while updating privacy and security protocols to reflect the modern age of wearables and cloud analytics. He said Mayo is seeking to harness data to build services in three areas: in-home health care services to enable more remote care; digital diagnostics to monitor and respond to health problems; and clinical analytics to personalize and improve treatment of a range of conditions.
“Of course, that’s a hard thing to do, with a lot of moving parts,” Halamka said. “You have to decide ahead of time, what are ethical uses of data? Where is consent required? How do you de-identify [data]? And where is data aggregated and for what purpose?”
In recent weeks, some hospitals and their partners — Google and Ascension, for example — have courted controversy for failing to publicly address those sorts of questions before entering into partnerships on patient data.
The uproar over such deals underscores for many experts that HIPAA, the federal patient privacy law enacted in 1996, is verging on obsolescence, with hospitals now sharing personal health information with giant companies whose size and reach was not foreseeable in the mid ’90s.
Halamka, who is an advocate for storing data in the cloud, said a core part of Mayo’s work will involve working with Google to take advantage of its security capabilities and machine-learning tools. But he emphasized patient data will be kept in a Mayo-controlled environment, with Google only allowed access to certain information shared by Mayo to support research projects. Some of that information, as allowed under current law, may be identifiable, but a Mayo spokeswoman said the hospital system will strive to use de-identified data whenever possible and make sure legal and ethical obligations are met.
Still, the volume and breadth of that data, from smartwatches and phones, electronic health records, genetic tests, and medical devices, pose a range of thorny dilemmas that Mayo and other health systems must answer before plowing ahead.
“You have to approach a project like this with great humility,” he said. “We’re going to have to ask questions like, Is there such a thing as a de-identified genome? Where can we use an algorithm that is not FDA-approved software as a medical device but helps you stay well? These are not black-and-white questions.”
Clarification: This story has been updated to clarify the conditions under which Mayo Clinic will share patient data with Google.
By Casey Ross