Earlier this year, Dossia established a partnership with the Children’s Hospital Informatics Program (CHIP) at Children’s Hospital Boston to use the Indivo platform that CHIP developed. Indivo has been used in a couple of trial personal health record (PHR) applications, including one at HP for an employee flu immunization program and more recently at MIT for students using MIT’s healthcare facilities. It is also being made available to all patients at Children’s Hospital Boston. With Dossia, the Indivo team will look to expand the capabilities of this open source application to evolve beyond a PHR to becoming a personally-controlled health record infrastructure (PCHRI) system that will be the foundation for a potentially wide range of personal health applications (PHAs). Therefore, like Microsoft’s HealthVault, Dossia will not be a PHR, but a personal health platform (PHP).
At last week’s PCHRI 2007 event, Colin Evans, President of Dossia and Omid Moghadam, Strategy Director, outlined Dossia’s strategy and plans. There will be two posts on this subject. This first one which follows addresses Dossia’s “Utility Model”, architecture and governance. The second will look more broadly at Dossia’s strategy and its implications in the broader personal health market.
Employing a Utility Model
Dossia will structure itself on a utility model, providing foundational, personal health record services for the broader community, which in this case are the employers, and the employees they represent, who will participate in Dossia. As a utility, Dossia will provide a single, common infrastructure for the collection and storage of personal health information. In addition, Dossia will establish a common set of application programming interfaces (APIs) to allow various PHAs to access data for presentation to the consumer. Lastly, Dossia will create a single set of certification standards for PHAs to insure that they conform to policies and protocols regarding data use and distribution,
To become self-sustaining in the future, (currently Dossia is funded by significant sponsor contributions) one can imagine Dossia using a similar revenue model as that of a utility assessing various service fees for such activities as data collection and reconciliation (claims, labs, EMR, prescriptions, etc.), application hosting, and benchmark reporting (e.g., employer comparing their wellness incentives against the success of others within the Dossia community). This revenue model differs significantly from others in that it will not rely on advertising revenue, which is a model used by many including Microsoft and safe to assume it will be Google’s as well. Nor does the model rely on data mining, an approach used by a small fraction of PHAs, or subscription/service fees which is a more common model among PHAs.
An interesting aspect of the Dossia utility model is that the personal health data residing within the repository will not be owned by Dossia, nor will Dossia control how that data is shared – that decision will be left to the rightful data owner, the consumer, which in this case is the employee of one of the employer sponsors. The consumer will decide whom they will share their personal health information with and Dossia further states that the data will be portable, allowing the consumer to take the data with them, should they leave their employer or wish to leave the Dossia platform for any other reason. The specifics as to how this will all work remain unclear (e.g., level of granularity for data sharing or how one would receive their health data to transfer to another platform), but these are Dossia’s intentions.
Extending the personal, consumer ownership of data, the Dossia entity will not sell any of the personal health data contained within it, including de-identified data. They will leave the decision entirely up to the consumer letting them decide as to whether or not they wish to participate in any program/application (e.g., clinical trials, health surveys, medication side effect studies) that would require use of their personal health data residing within the Dossia repository.
The architecture envisioned for Dossia (see figure, warning PDF) is a three-tiered model. It begins with a foundational data services layer followed by a data repository on top of which will sit a the final layer which will consist of a collection of open, standards-based APIs. These APIs will allow third party PHAs, which comprise the Dossia ecosystem, to access the data repository for subsequent retrieval and display of consumer-specific data within their application.
What is important to note here is that as a utility, Dossia’s desire is to remain a neutral provider of common services that provides current and future Dossia members the ability to choose from a wide range of PHAs depending on their specific needs. Dossia will not dictate which PHR or for that matter any other PHA to use leaving that choice to the Dossia employer sponsor. What Dossia may dictate, however, is that the PHA be Dossia certified. What that certification will look like has yet to be defined but one can reasonably assume that certification will include strict guidelines on privacy and security of health record data.
In addition to the developing a common set of APIs for PHAs at the upper layer, as a utility Dossia will also establish a single clear gateway for personal health data to be piped into the data repository. This may prove to be just as critical to the broader personal healthcare market as the APIs mentioned previously.
Providing a single data gateway to providers of data (pharmacies, physicians, payers, laboratory services, etc.) will greatly simplify the data collection process, which to date as been the bane of most PHR initiatives. The PHRs that are currently available in the market simply don’t have the scale/consumers to entice a data provider to deliver the data in a standard format that is readably usable by a PHR provider. This prevents automation of data collection and population of a consumer’s PHR leaving the consumer to input such data manually. Dossia instantly brings scale to the market through its representation of some 8.5 million consumers. This number will likely grow, clearly providing the scale that justifies a data provider’s conformance to Dossia’s data gateway standards.
Dossia’s leadership team is comprised of senior executives from a number of its founding member employers. Both Colin and Omid are on “loan” from Intel to lead the Dossia initiative and a number of other employees from Cardinal Health, Intel, Pitney Bowes and Wal-Mart play key roles as well.
Working with the Indivo team at CHIP, Dossia.org will define the services and protocols to collect personal health data from a wide range of pertinent sources and the mechanisms by which that data will be stored within the data repository. Although Dossia has yet to make any firm commitments it will likely adopt such emerging standards as the clinical document architecture (CDA) and continuity of care record (CCR) as well as future adoption of PDF Healthcare (currently being balloted by ASTM with expected release in early 2008) as Intel played a significant role in the development of PDF Healthcare.
At the API layer, Dossia intends to create a special interest group (SIG) that will define this, the most critical layer in the Dossia architecture. In a brief call I had yesterday with the Dossia representative who is leading the SIG effort, I was told that this group is still very much in the formative stages, but future representation will include Dossia employer sponsors and PHA representatives. One of the key charters for this group will be to define exactly how data will be securely and seamlessly accessed from the data repository. Dossia did state at PCHRI 2007 that they intend to use “open” APIs, with published specifications.
A utility model for Dossia makes a lot of sense. It establishes Dossia as a neutral aggregator and distributor of personal health information with no secondary agenda, unlike Microsoft and in the future Google. This will make Dossia attractive to both data providers and PHAs that may have a conflict of interest issue with other aggregator/platform providers. This also makes Dossia attractive to future employers for as a utility, it will not dictate which PHA to use, that choice is left to the employer and/or employee based on their specific needs. Finally, as a utility Dossia should be able to create a self-sustaining revenue model based on utility like services for employer participants. Similar to your electric bill being billed out at kilowatt hours, one can envision Dossia billing employers on a similar usage fee, say number of employees accessing the system per year.
There is not too much to say about the architecture. Indivo uses a common architectural model that is not too dissimilar to the one Microsoft has deployed for HealthVault. Its a widely accepted architectural model and it works. But as everyone knows, the devil is always in the details and such models, this early in development are purposely vague.
As for governance, the chief concern I have here is regarding the API layer and the SIG that will be formed to guide its development. Yes, Dossia is still in the early stages of development having only recently chosen Indivo after a falling out with its previous partner Omnimedix, but this is the most critical layer in their architectural stack and the lack of a clear charter and membership combined with the planned limited roll-out of Dossia by year-end and broader roll-out in 2008 gives one pause for concern as this has the potential to stall this roll-out do to a potential lack of functionality at the API layer.
Within the next week or so there will be a follow-on post addressing the implications of Dossia in the broader personal healthcare market including its impact on providers, payers and least we forget, the multitude of PHA providers in the market today.