With the development of digital infrastructures in healthcare, there is
growing need to work all the data available into a ‘data fabric’, a technology connecting
data across locations, formats, IT systems and computer programs. It improves
analytics by providing smooth access to various types of data in the
multi-vendor, multi-user and multi-shareholder environments of modern hospital
systems. It strengthens data management, improves revenue cycle management and opens
the way to transforming day-to-day operations. Furthermore, it facilitates
handling of the legal issues that may arise in such complex environments.
To minimise potential lega lchallenges, organisations may look into assessing the gaps in and conducting due diligence of
the existing agreements. They should also pay attention to legal arrangement of
their data’s ownership, sharing and use, since these aspects are yet to be
fully regulated by law.
Gap Analysis
The first and foremost issue is the technology contracts, covering IT infrastructure, data management, intellectual property and master services, being up-to-date. They must include provisions for the hospital’s IT vendors services needed for a data fabric operation and machine learning and comprehensive analytics support. An organisation, therefore, should devise the appropriate technical and legal framework. This would allow it to perform a ‘gap analysis’ for out-dated agreements, assess the risks and decide whether to revise those agreements immediately or at the next due date, or replace them altogether.
You might also like:
Due Diligence
Integrated inspection
of existing contracts may help to identify if a vendor is using systems that
pose risks for patient health’s analytics, such as hidden clouds. Vendors’ compliance
with the hospital’s information security and remote data access rules, is
another direction for due diligence. These matters should be thoroughly revised
and contracts updated, if needed, to include all the necessary provisions.
New Legal Issues
Since the rules on data IP ownership are yet to be developed, data rights should be set by contract. These rights are a fairly new issue hence they may not be properly outlined by agreements drafted earlier, even the relatively recent ones. IT services increasingly require collaboration between a hospital’s IT vendors, and this emerging context asks for new vendor management models.
Another matter for organisations to look into is the use of open source
software which is popular among academic institutions. Here a choice of the best-matched
licence would help to keep IP out of the public domain. Another recommendation
is to establish rules for the use of open source both internally, by the staff,
and externally, by service providers.
Conclusion
With huge volumes of medical data generated, recorded and stored today, data
fabrics help to manage datasets and enable high-level analytics. However, combining
new data and software technology carries risks with regard to data ownership,
sharing and use. These risks should be addressed and minimised by up-to-date
comprehensive legal agreements. Thus, review or replacement of existing
contracts is necessary to address new legal issues.
Source: Bloomberg Law
Image Credit: iStock