Jun 1, 2021

Vaccine passports and data protection

vaccinepassport
Data
covid-19
digitalhealthpassport
4 min
Jenn Markey, Product Marketing Director of Identity Solutions at Entrust talks us through the main concerns around vaccine passports and how to resolve the

Vaccine passports are a hot topic at the moment, with some saying these will be pivotal to reopening economies, while others argue they endanger people's privacy. 

Jenn Markey is the Product Marketing Director of Identity Solutions at Entrust, a global company that creates software to conduct secure transactions and authenticate users. We asked her about the main concerns raised around vaccine passports and personal data, and how these can be resolved. 

What are the biggest concerns people have around vaccine passports and their data?
A key consideration surrounding the idea of digital vaccine passports is citizen ownership, control over their own health credentials and related personal health information (PHI). As countries around the globe consider adopting digital COVID-19 credentials, there has been debate over data privacy concerns and the ability of governments to keep this personal data secure.

To minimise these concerns, stakeholders involved in the creation of vaccine passports need to build an ecosystem of trusted identities, health credentials and transactions with a chain of trust across all of these interactions that uses certificates to digitally sign and seal the credential. In theory, this could be a physical card-based vaccine certificate with a seal or a mobile-based certificate with a digital seal.

Could people's data be misused by linking it to other personal information? 
Everyone wants to get back to normal, but no one wants to carry around several sets of credentials – so I do not think we'll see multiple purpose-built passports. That said, having just one unified credential still raises privacy concerns. For example, people likely don’t want the usher at the movies to have the same level of access to their PHI as the customs agent at a travel destination or their manager at the office. As such, it will be important to manage these credentials to avoid possible misuse of data, while ensuring individual privacy concerns are addressed.

An underground market for fake vaccine cards has emerged on the dark net. Would vaccine passports be easily exploited in the same way? What can be done to prevent this?
From a citizen perspective, the appeal of creating fake vaccine cards is obvious, albeit selfish: a quick return to normal without having to wait to get a vaccine or test. From an organised crime perspective, it’s relatively easy and profitable to sell fake digital passports and forged documents, especially with no current standardised regulation surrounding vaccine passports.

It is also important to consider the “street value” of Personal Health Information (PHI) versus Personally Identifiable Information (PII). Credit card information and PII sell for $1-$2 on the black market, but PHI can sell for as much as $363. This is because you can’t change your PHI like you can your credit card, and unlike financial fraud, medical identity theft often goes undetected for weeks, even months, leading to much more elaborate and lucrative schemes.

However, the ability to fake health credentials comes down to how secure it is in the first place. Today, Americans getting their vaccines are presented with a white paper card from the Centers for Disease Control and Prevention (CDC) with their vaccination record, which is not hard to fake. However, a digital credential will significantly reduce the ability to exploit the document due to premium security measures that are simply not available with a physical card.

There are concerns they would reinforce existing inequalities, for instance among people who are not eligible for the vaccine. What are your thoughts on this?
As with any credential, there needs to be a number of characteristics that can be flagged. This can include a flag for those who are exempt, showing that they are still eligible for whatever activity requires the credential, and any special considerations that may need to be taken.

What are the benefits of introducing health vaccine passports?
With summer just a few short weeks away and a worldwide vaccination effort underway, airlines, hotels and tourist destinations are eager for the return of travelers. But before we can return to normal, consumers need assurances that their plans are safe. By creating a policy that requires vaccine or test credentials for consumers, travel providers and hospitality businesses can better assure their customers and communities that they can operate safely.

If implemented correctly and securely, digital health credentials have the potential to be a travel game-changer for all parties, increase consumer confidence and reduce the time and complexity of check-in or entry processes.

On balance, do you think implementing these is a good idea?
It will come down to the risk-reward continuum both for industry, government and the population. Where risks are high and threaten an industry’s very existence and there are no viable alternatives, for example the travel industry, passports become a viable and necessary option. For other use cases, where social distancing and digital operations are possible, passports are far less necessary and likely.

While there are pros and cons to the implementation of vaccine credentials, it is not a black and white issue. There are a range of contributing factors, including local rates of infection and variants, regulatory policy and vaccine adoption levels. There is a significant grey area due to the importance of looking at this subject on a case-by-case basis. Ultimately, what we need to get to is herd immunity; COVID-19 credentials are just a stepping stone on this journey.

Share article

Jun 18, 2021

Skin Analytics wins NHSX award for AI skin cancer tool 

AI
NHS
skincancer
Cancer
2 min
Skin Analytics uses AI to detect skin cancer and will be deployed across the NHS to ease patient backlogs

An artificial intelligence-driven tool that identifies skin cancers has received an award from NHSX, the NHS England and Department of Health and Social Care's initiative to bring technology into the UK's national health system. 

NHSX has granted the Artificial Intelligence in Health and Care Award to DERM, an AI solution that can identify 11 types of skin lesion. 

Developed by Skin Analytics, DERM analyses images of skin lesions using algorithms. Within primary care, Skin Analytics will be used as an additional tool to help doctors with their decision making. 

In secondary care, it enables AI telehealth hubs to support dermatologists with triage, directing patients to the right next step. This will help speed up diagnosis, and patients with benign skin lesions can be identified earlier, redirecting them away from dermatology departments that are at full capacity due to the COVID-19 backlog. 

Cancer Research has called the impact of the pandemic on cancer services "devastating", with a 42% drop in the number of people starting cancer treatment after screening. 

DERM is already in use at University Hospitals Birmingham and Mid and South Essex Health & Care Partnership, where it has led to a significant reduction in unnecessary referrals to hospital.

Now NHSX have granted it the Phase 4 AI in Health and Care Award, making DERM available to clinicians across the country. Overall this award makes £140 million available over four years to accelerate the use of artificial intelligence technologies which meet the aims of the NHS Long Term Plan.

Dr Lucy Thomas, Consultant Dermatologist at Chelsea & Westminster Hospital, said: “Skin Analytics’ receipt of this award is great news for the NHS and dermatology departments. It will allow us to gather real-world data to demonstrate the benefits of AI on patient pathways and workforce challenges. 

"Like many services, dermatology has severe backlogs due to the COVID-19 pandemic. This award couldn't have come at a better time to aid recovery and give us more time with the patients most in need of our help.”

Share article