As our dependence on data continues to grow, it is becoming increasingly clear that the inability to use data that resides on different, frequently incompatible databases makes our computer-based activities less efficient and more costly than we would like. Computer scientists call this ability to access, search, retrieve, and use data that resides on two different databases, “interoperability.”
This new feature is expected to increase efficiency and reduce costs. Various technologies have sought to reach this level of functionality for years, but as of yet, their efforts have been largely unsuccessful.
To be sure, achieving this goal will continue to require technological advances. Even so, the lack of serious work that’s been done in constructing a systematic method of analyzing the legal issues inherent in the widespread use of such a significant technological accomplishment is also unfortunate. Interoperability may be a great technological achievement, but it will present a variety of legal issues that must be addressed.
Legal interoperability exists when one can legally access, search, retrieve, and use the data that exists in both databases.
Legal interoperability exists when one can legally access, search, retrieve, and use the data that exists in both databases. In addition, that user must also be able to legally access, search, retrieve, and use all combined or resulting derivative data, each without needing to get recurring authorization from the owners of the original, combined, or derivative data.
ANALYZING LEGAL INTEROPERABILITY
In order to analyze whether legal interoperability exists between two or more separate databases, you must analyze each database on a stand-alone basis to consider ownership of the data on that database as well as the right to legally access, use, reproduce, alter, and disseminate that data. This study will be multi-faceted. It includes matters such as identifying the type of data, such as health records, that reside on an individual database to understand the additional requirement and/or possible limitations.
The next step is to assess who has the right to grant, condition, or deny, the right to access, use, reproduce, alter, and/or disseminate that data to determine whether those actions were lawfully done in that single database.
The issues discovered in the first step must either be properly resolved or the risks related to all uncured concerns should be allocated by contract between the parties that own those databases.
Then you can properly consider the legal issues relating to the combination of such data, the creation of derivative data, and the right to its access without the need to obtain additional approval from its owners. This analysis of the “shared” databases will take essentially the same form as the analysis used for each database separately, but it remains an important step nonetheless.
There will likely be a number of key issues in the concept of legal interoperability, and they will undoubtedly be discussed and analyzed –- both in and out of the courtroom –- for years to come.
For example, who is liable if the first database no longer complies with applicable cyber security requirements while the other database remains in compliance? What law is to be used to determine the underlying legal rights to the data if it resides on cloud-based servers located in countries other than the U.S.? How will such issues be addressed in a data access agreement between the owners of the two databases and/or in the interoperability software license itself?
Unfortunately, the analysis will not end once all legal issues have been properly resolved. Key areas of concern relating to the practical effect of such interoperability must also be considered. Said differently, what about the law of unintended consequences?
The expected benefits –- such in cost reduction and increased efficiency as well as societal goals, such as the delivery of better health care –- make these efforts well worth it.
For example, what result if all of the data is available from both databases, but it is not presented in a usable format?
Will a doctor who practices in a hospital system with technical and legal interoperability with its outside service providers be liable if she relies on data that was entered incorrectly five years before she loses a patient she was treating based on incorrect information?
These and other practical considerations will arise as the law struggles to stay current with technology as we move toward interoperability. The expected benefits –- such in cost reduction and increased efficiency as well as societal goals, such as the delivery of better health care –- make these efforts well worth it.
However, the pace of that progress and the breadth of issues that will arise along that path are far from certain.
Delivering what’s new and next in Dallas-Fort Worth innovation, every day. Get the Dallas Innovates e-newsletter.