Hi folks - I've really appreciated listening in on the calls over the past few weeks. Thank you all for your important work.
I have concerns about how to address the potential harms that can come from this kind of interoperability.
Consider this article describing a (long overdue) concept called 'abusability.' This is primarily about Silicon Valley's platforms, but applicable to healthcare and government. And the article describes security issues, but it's not just about cybersecurity. It's about anticipating potential uses that might cause unintended consequences.
It would seem that protocols for data sharing between health institutions, human services, and government agencies have a significant potential for abusability.
How do we ensure that people's personal information doesn't, say, get into the hands of overreaching (and potentially unlawful) authorities who might break up families because of a data point?
Given that we know there are systemic patterns of inequity in both the health system and key government systems (say, criminal justice, immigration, etc), how can we ensure that establishing more interoperability among these systems doesn't also unintentionally increase inequity? (See Virginia Eubanks' terrific Automating Inequality for more examples of these patterns.)
It seems like these questions sprawl far beyond matters of cybersecurity, and they might not be entirely encompassed by consent and permissioning systems. These seem like the kinds of use cases that should be at the center of these conversations: if we're going to promote interoperability, how are we doing so in a way that deliberately reduces the potential harms thereof?