All responsible startups have a duty of care over their data. In healthtech, however, where the data is highly personal, sensitive, and potentially life-threatening in the wrong hands, such sovereignty and security takes on extra meaning, not to mention enhanced regulation. Especially in the case of European healthtech firms operating on a global scale.
One such firm is AlgoDX. Founded in 2018, AlgoDX uses artificial intelligence, machine learning and predictive analytics to determine a patient’s chances of developing disease. Through its Navoy platform, AlgoDX is currently able to spot the early-warning signs and predicators of sepsis. An evidence-based algorithm for detecting acute kidney damage is currently being clinically validated, and there are three other – yet undisclosed – trials underway as part of the longer-term product roadmap.
The stream of patient data
In order to develop these algorithms, AlgoDX manages a stream of highly confidential and sensitive data shared by its healthcare partners via a private cloud, provided by OVHcloud. Within this secure environment, AlgoDX parses and cleans the data, securely stores it and then trains the algorithm using a range of parameters – blood pressure, heart rate, blood gases, lab test results and more – before returning it to the clinician. From here, the algorithm and its determinations form part of the clinician’s wider armory of diagnostic tools and become integrated into their workflow. It’s a powerful tool in both reactive and preventative care, while also helping to increase efficiency for many healthcare services.
The use, storage and movement of this data is governed by a host of local and Europe-wide regulations, most notably General Data Protection Regulation (GDPR). Yet because of its sensitive nature, health data is additionally governed by specific, additional safeguards. For instance, the process of identifying health data, as a rule, is prohibited, unless the companies involved can cite specific exemptions. In AlgoDX’s case, it’s exempt because its processing “is necessary for the purposes of preventive or occupational medicine” as well as “the provision of health or social care or treatment…pursuant to contract with a health professional.”
These regulations then place a specific ban on the transfer of such “special category” data to countries outside the EU and the European Economic Area (EEA). Again, there are exemptions in place but these are stricter and they require the country of the receiving party to have adequate and appropriate safeguards in place that align with GDPR’s protections.
The global dilemma
This poses a particular problem for healthtech companies in Europe when it comes to choosing a global cloud host and partner, particularly if they’re looking to scale globally. Firstly, the company and/or its infrastructure needs to be based in Europe to protect the sovereignty of the data and adhere to strict GDPR specifications. This immediately rules out US giants such as Amazon’s AWS or Google Cloud. At the same time, the European provider must have a strong performance and legacy working in the US in order for companies like AlgoDX to partner with hospitals and clinicians in the States.
Secondly, the cloud provider needs to have the very best safeguards in place to guarantee the secure movement of the data and comply with the regulations. This refers to both the encryption and wider security protocols in place, as well as the service’s reliability and uptime guarantees.
Thirdly, the transfer of data in healthcare settings is incredibly timely. In the case of diagnosing and/or preventing sepsis, AlgoDX’s algorithms need to help clinicians analyse the data and make recommendations in real-time. Even a short delay in diagnosis and the administering antibiotics can increase the chances of septic shock, which can in turn lead to organ failure and even death. Thus, the cloud provider must offer adequate and consistent speeds.
And finally, the cloud provider needs the infrastructure and protocols in place that enable the healthtech firm to scale quickly and effectively. From a startup with limited resources to a scaleup and beyond.
“The team spent weeks researching options but OVHcloud came out on top for ticking all these boxes,” said Calle Österlind, CIO at AlgoDX. “It has a reputation as the largest, most reliable and trusted cloud system in Europe, with a strong performance and long history of working with companies globally.”