Reentry

A Novel Data Exchange Flow

Inspiration

We've gotta SAFELY get people back into society! A recent source suggested that the economic impact of the disruptions caused by the virus is currently nearing 7 trillion USD. In addition to large, macroeconomic disruptions, people being out of work is causing catastrophic effects to their ability to stay housed, to stay fed, to care for their family and other loved ones, and to be healthy themselves. And, from a psychological perspective, the lockdown which many states are imposing is taking a serious toll on mental health.

We need a way to get people 1) feeling safe, 2) able to work, 3) able to participate in life, and 4) able to participate in society again.

To do so, we need a digital equivalent of an immunization card--you know, the little yellow card(s) you have to show your children's school, or your university, or a border agent at customs in some countries. But, COVID is showing us we need to have a LEAN mechanism to do it. We have to have the HCP certify your immunity status, and then we need a safe & secure way for you to share that with the people you choose.

This will be a challenge even in the developed world. Yet, our experience on the ground in developing countries, particularly sub-saharan Africa, tells us that we need a solution that's robust, scalable, and easy--not just for people in the US, UK, or Europe--but everywhere in the world.

What it does

It's an app (with a backend) that links you with your HCP. During a 'link' phase, the app will establish a secure connection between the two parties, each running the app. Then, it allows the HCP to virtually "sign"--thereby certifying--the immunity status.

Armed with this status, third-parties who need to know your immunity status--and ONLY that immunity status--can use the same app, go through a linking process, and validate that you are, indeed, as certified by the HCP, immune. We are starting with COVID, but there is no reason it cannot be broadly applicable to any test.

This will allow children to return to schools that wish to validate immunity status, employees to return to work for employers who wish to validate, and for you to be able to connect with anyone you choose by letting them see ONLY this status.

The intent is also to retain as much privacy as possible. In other words, in the current version of the app, the third-party (school or employer) is only able to ask one question: "Does this person in front of me have a positive antibody test for SARS-CoV-2?". They cannot, through Reentry, learn anything else about you that they don't know by you standing in front of them.

How we built it

The system will have a single, unified, Android apps with 3 modalities; one each for individuals (that need to certify their immunity status), HCP (who provide that certification), and third-party-requesters (e.g., schools & employers) who want to see that status.

On the backend is a serverless data lake which captures the interactions of certifying a test result and validating a result. An offline batch process will eventually record these interactions (certification and validation) into a blockchain, which will ensure that the transactions are traceable, audit-able, and immutable.

Challenges we ran into

The main challenge, so far, is that the existing healthcare system does very little to ensure that it preserves, protects, and is able to update identities of both HCPs and Patients. While robust mechanisms exist in other industries, the same principles have not reached the public health mainstream. For example, in E-commerce, websites which use EV SSL certificates (which require a significant burden to acquire) can then offer the user a high degree of confidence in the identify of the certificate holder so that consumers, for example, can shop and bank online securely.

Establishing these identities--and creating healthcare data workflows which conform to cryptographic best practices to protect them and the integrity of the data with which they are associated--is very challenging. We are pursuing a novel approach to identity management which is streamlined.

Accomplishments that we're proud of

We are excited about how much we were able to dig deep and learn over the past 48 hours about an industry in which we had little to no experience. We took an epistemological approach to learning it, using our experience in domain modeling, to make sure we understood what the problems are, and to focus a lean attack to the heart of those problems.

Like all the other teams, we're proud that we were able produce a proof of concept which functions the way we would like the product to function in the field in just over 48 hours. We're proud to have also produced a short video in that same timeframe.

What we learned

Healthcare is a challenging environment which has a tremendous mass of legacy systems, legacy processes, and regulatory requirements. That inertia makes innovation particularly difficult. The landscape, particularly in the IT vertical, is very fragmented, and expertise across all aspects of the vertical can be hard to gather in one place.

We've also learned that people are wonderfully generous with their time, passionate about helping the world through this crisis, and have an amazing will to persevere through these and other challenges.

We've learned there's plenty of reason to be hopeful.

What's next for Reentry

Funding will be a challenge; the volunteers on this team all have day-jobs.

We would be excited to have funding to pursue this to the end. To fully productize this would require adding the blockchain components, making the validations more robust, adding technologies like QR code scanning and NFC scanning for other modalities, to integrate with other digital systems in the broader healthcare space (with ETL pipelines and API integrations where possible), and to continue field-testing the UX with clinicians and practitioners so we can refine the UX to be as unobtrusive as possible while being incredibly powerful.

We'd also like to build system which can CREATE identities, especially in the developing world, and tie them to heath records. With persistent identities, people in developing countries could seek aid, obtain public sector support, and connect to NGO programmes in place to monitor and help. So this system, for those people, would have a very positive externality of providing them with an ID. The challenge, in that context, would be to develop a system that could produce a persistent identity; we are researching the use of biometrics and probabilistic systems to generate those IDs.

Beyond funding, networking within the digital healthcare space is critical to future progress. An integration, for example, with providers of POC tests could allow systems to form "early bindings" which would obviate identity issues (at least in the developed world). And, in addition to these challenges, there would be the standard range of issues to address in a production deployment, including security audits, integration with other healthcare systems, regulatory compliance, outreach, continued development, logistics, public sector advocacy and adoption, etc. Achieving global scale is a significant challenge.