When the Covid-19 pandemic hit, many of us were suddenly forced to work from home – including GPs. No longer at the surgery, they had to see their patients remotely and securely. Dr Omobolaji Iji, GP and co-founder of Tekihealth Solutions, sat down with Danny Bluestone, CEO of digital transformation agency and ODI Members Cyber-Duck, to discuss the future of primary healthcare
Authors: Danny Bluestone, Cyber-Duck and Dr Omobolaji Iji, GP and Tekihealth Solutions
Danny: Iji, how did you end up working with patient data?
Iji: My cofounder, Stephen Katebe, and I each have more than 20 years’ experience in hospital medicine and then in general practice. After our GP training, Stephen moved to the Lake District, where he was struck by the huge shortage of GPs.
At the same time, I was doing some remote consultation work with two of the main players in telemedicine at the time. That gave me some insight into its advantages, but also its limitations. They were struggling to get GPs on board, and I could see why.
As a remote GP, with just a video-consultation approach, I didn’t have the ability to examine my patients. If you cough, I’d have to guess whether it’s a chest infection, you’ve got heart problems or a completely different issue. This was because I couldn’t listen to your heart and lungs with a stethoscope.
And crucially, these privately run organisations didn’t have access to NHS data at the time. So as a GP, I only knew what my patient remembered or chose to tell me. There was no independent way to get the information to help me manage their condition.
Danny: What impact can that have on your patients?
Iji: Well, if a patient asks me for more inhalers, at an NHS practice I can look at their records and see if they’re using more than usual. That can show there’s something that needs investigating. Otherwise, by the time you’ve prescribed inhalers 3-5 times, your patient could be getting poorly and you won’t know. You don’t have the information to pick up the deterioration early enough.
So Stephen and I decided to see if we could find a way to mitigate this. In the States, we came across companies that offer telemedicine boxes that allow remote patient examination. One of the candidates we considered was actually in use on Airforce One. This kit contained a digital camera, stethoscope and an otoscope (to look into the ears).
Our latest product, the Tekihub, is an upgrade which is completely wireless, portable and contains an all in one digital camera, stethoscope, otoscope and thermometer as well as a blood pressure monitor, a portable ECG and a spirometer, which checks lung function – all the things a GP would need to arrive at a more accurate diagnosis. It also has internet connectivity via an antenna or dongle.
We formed a medtech company, Tekihealth Solutions, and got a grant from the Science and Technology Facilities Council to carry out a pilot. I was taken on as a locum at Stephen’s practice. I had access to patient notes, so I could do almost all of what I can normally do face to face.”
Danny: What did you learn?
Iji: There was a preconception that people always want to see you in person. The pilot debunked that. Even older patients just want access to a doctor who can help them. I could do that remotely and the examinations were carried out in person by a healthcare assistant, almost like my avatar.
Our star patient was 80 years old and had never owned a mobile. She came in for a video consultation thinking she’d be filmed with the doctor, but she let us go ahead. She was an asthmatic patient and her use of inhalers was increasing. No one had really listened to her heart. I was able to do that remotely. I picked up a suspected heart condition and could refer her to a cardiologist.
Our next pilot was in Norfolk. Normally GPs visit housebound or seriously ill patients at lunchtime. In a rural area, where you might have to travel far between patients, you can only see 1-2 in that time, whereas in the surgery you could see 4-6.
We thought this might be the best way to demonstrate the cost effectiveness of telemedicine. It really comes into its own when a small number of GPs are covering a large geographical area.
Danny: What happened when Covid-19 hit?
Iji: The NHS went from 30% remote primary care consultations to 90% – a huge jump. People’s acceptance jumped too. The NHS provided clinicians with laptops set up with computer firewalls and other appropriate safety measures so they could also work from home and access patient data remotely.
Danny: And how has that changed things for you?
Iji: Prior to Covid-19, we were knocking on doors trying to convince people about the benefits of telemedicine. Now, we have people knocking on our door asking to find out about our solution.
We’re still not there yet – the NHS is a complicated organisation – and there are a lot of hurdles to providing remote care, especially with data and understandably so.
There’s now a data security and protection toolkit from the NHS. That framework is designed for remote consultation networks and platforms. It’s where you enter the data security measures and evidence to demonstrate that your patient data is secure.
Danny: And that’s where user-centred design and privacy by design can support your data strategy. By mapping your data’s journey from where it’s collected to how it’s stored, processed and shared, you can ensure it’s kept safe.
We’re trying to understand exactly from a UX perspective all the touchpoints that Tekihealth has at the moment and where it needs to be, then helping them with the service design, reimagining how it could be in the short, medium and long term. That’s very early stages.
When Tekihealth look at redesigning parts of their system, we are working with them to construct the strongest process to secure their data. It’s about usability and utility meeting security and confidentiality.
Iji: Yes, there are different types of data that we have to manage appropriately. We also have to mitigate against collecting too much. Critical data can include images of patients’ skin, ECG readings and so on. We have a Data Protection Officer, who has conducted impact assessments on our operations and those of our partner organisations.
We mirror what happens in in-person consultations. A GP makes a home visit, uses their stethoscope, goes back to the surgery and enters notes on the patient’s electronic medical record (EMR). They can’t store the auscultation (the sounds you hear inside the body).
With remote consultations, we try to mirror that. What we hear is documented in the patient’s EMR as you usually do.
If you need a second opinion, to save examining the patient again, you can record the auscultation and share a secure link to it. That clinician uses the link to generate a code to access the recordings on a cloud server. But this is an exception, rather than the rule.
Danny: Yes, healthcare data according to the ICO and GDPR is sensitive data, so it needs to be protected. Privacy by Design, a framework that’s been around since the 1990s, is the best approach. It helps you design products and services that are secure from the start – the systems, processes, access and compliance.
Our clients come from a broad range of sectors and we see that different industries are in different stages of their data privacy journey. You alluded to the NHS. It’s fair to say that – not by design – it is an archaic and fragmented ecosystem with lots of bureaucracy. It then becomes a challenge for outside innovators like Tekihealth to interface with them.
Let’s say someone requests their medical records from their GP. The records will be printed, or PDFs will be created. There are multiple points of failure in the data journey. Even when people are acting in the best possible way and their intentions are pure, the process is open to impersonation. Data can get into the wrong hands.
There are risks – take India, for example. One healthcare website was hacked and 6.8 million records were exposed. You can buy sets of healthcare data on the dark web for $2,000. It’s why people are afraid of their data being stored digitally.
On the other hand, in Estonia, a paramedic can get someone’s records in 30 seconds and it doesn’t matter which pharmacy you visit – everything’s stored and accessible as long as you have the right permissions.
But in the NHS, none of the security standards are at an enterprise level yet. Amazon and PayPal are far more secure than the NHS. The system is behind the curve although it’s improving.”
Iji: Yes, to add to what you’re saying, one of the challenges we’ve found is that when it comes to data security, the NHS is a fragmented organisation. Each part of it has their own data protection assessment tool and process. Sometimes this delays implementation of the service, as each part has its own specific questions. The NHS should have centralised guidance on data management, so everyone’s following the same guidelines. In reality, you go into one primary care group and the process is slightly different, or you have to go through it all again – the fact that you’ve gone through the same process with another CCG doesn’t reassure them.
Danny: Yes, it’s duplication of procurement. Due diligence is one of the most painful parts, even for agencies much bigger than ours. The NHS could be reassured that a business is compliant and follows best practice. But each NHS trust works in quite a different way.
Iji: But it does seem that with Covid-19, this is improving. NHS Digital have created toolkits and standards for vetting people especially in the online space. That conversation is ongoing. One of the requirements is an interoperability standard. That’s frustrated everyone for a long time, but since Covid-19, people are beginning to listen – they’re less worried about data being centralised. NHS Digital is finding ways to create standards that will guide everyone in how data usage access and interoperability will look like.
Danny: And interoperability is key if you’re an organisation like Tekihealth. If you’re storing data in a different format from the NHS, that’s not going to work. As per what you say, Iji, I believe that Government Digital Services (GDS) and NHS Digital are starting to drive standards based on international norms. This will then empower users to know that their data is accessible.
Danny: How would you like to see the use of data develop in the health sector?
Iji: I’d like to see patients have access to their own data and for the data sharing to be a lot smoother and easier. At the moment for clinicians, there’s still lots of blocks on access to patient data. Getting hold of records takes ages. Make patients custodians of their own data, with access to all their x-rays, medication records and so on. When I see them, create a mechanism to share that information with me. Then I can help them a lot faster.