The health-care industry is about to lead the way in personalization, but I'm afraid their example won't be a good one to follow. In the wireless industry we discuss personalized content, commerce, and advertising. The principles and challenges are the same, and so is the solution.
According to an article recently published in The Industry Standard, the Bush administration has endorsed the sweeping medical privacy rules issued in the final days of the Clinton administration. The stunned health-care industry (which gave the Republicans over $25 million for the last election and lobbied vigorously against these regulations) says that implementation will cost billions of dollars and take more than the two years allowed. I believe it may take forever without incorporating three components that are key to all personalization and privacy schemes: permissions, synchronized data, and identification. They all need to work together to make medical records (and any other set of personal information) work for consumers, rather than against them.
Under these new rules, patients can request that custodians of their medical records provide an audit trail to show who has seen their health information. That means every doctor's office, medical insurer, and hospital must devise a system to track patients' data, and limit information released to third parties. But privacy is just one part of the new rules. They also require the adoption of uniform standards for electronic transactions by October 2002. To complicate matters, regulations have yet to be issued to establish standards to ensure the security of patients' medical information, as required by the law.
We talk about personalization in the realm of business to consumer (B2C), which usually takes one of two approaches: (1)How can a business maximize one-to-one marketing without offending their customers? or (2) How can customers use a tool or e-wallet to store and retrieve their information whenever they wish? This article addresses a different method, one I feel is needed in order to accommodate a future where the environment adjusts itself to the individual, not the other way around. It uses an ever-evolving set of shared, synchronized preferences geared to and controlled by the individual, yet doesn't depend on a device or even a relationship with an individual vendor.
Companies need a return on investment to justify the technology required to store and incorporate personalized information. Consumers need to control who accesses this information, and how it is used. Security is assumed as a given, and requires a whole different set of standards and implementation guidelines. This article focuses on how personalization can be maximized by vendors, yet controlled by consumers.
Let's use something less vital than medical records as an example. Renting a car is an experience that can already be personalized by signing up for a "premium membership" with a vendor. Once you fill out and send in the forms (with your personal information), renting a car is much more convenient. You simply call the car company (or go to their Web site), identify yourself, and specify when and where you want the car, and it will be waiting for you when you arrive, sometimes with the trunk open and the motor running. One more identification point (as you leave the parking lot) and you're on your way. All the credit card transactions, obtaining keys, or waiting in line are either eliminated or run "in background."
That is, unless you want to rent a car from a different company. Then you have to go through the whole sign-up process again. All that personal information that could be reused stays with the original company. From a consumer standpoint this is tedious, time-consuming, and downright boring. From a company standpoint it's an asset that will keep you coming back to them for your car rental needs. It's also a big roadblock to creating a personalized future, where a customer can pick a vendor, and the vendor automatically knows the right amount of personal information about the customer to provide him or her with the level of service desired.
The wallet approach is not the answer. Wallets get lost, they have to be managed, and as they get fat with the consumer's information, they get complicated. You don't want the rental-car company to know about your medical information, for instance. And having the individual companies keep track of your personal information beyond your control invites misuse. There must be a way to give consumers enough control, and vendors enough access over personalization. Let's start with the first of the three key components I mentioned earlier: permissions.
The concept of permissions has been around for quite some time. If you work in a networked company, you log in to your computer, which gives you permission to access some, but not all, of the company's data assets. You can look at Internet sites, for instance, but not at the human resources records of your fellow employees. Permissions are one key to enabling what I call shared personalization. The consumer can specify what information can be shared and what can't - by the vendor. Thus the consumer is in control of his or her preferences and other personal information, even though it's stored in a remote location. The consumer can specify, "This information (such as favorite destinations and airline seating) can be shared by all vendors, but this other information (such as credit card information) must be granted only by my permission. Ask me before you use it."
Then the information can be used only when the consumer is actually interacting with a vendor, unless the permission is stated differently. That way a portion of the consumer's information can be used for data mining by vendors; the rest can not. These permission points must become a part of the personalized information, so that each piece of information is branded with a permission and controlled only by the consumer.
The second key to shared personalization is synchronized data. The consumer's personal information must be available to all vendors so that when the consumer wants to interact with a new vendor, the necessary information is immediately available. Using synchronized data, a consumer can rent a car from any rental company, and receive the same convenience and rapid processing from signing up to driving out the gate. This requires a peer-to-peer synchronization server, one that stores and forwards the user's information to whoever needs it. Each time a consumer adds or modifies a piece of personal information, it would be synchronized - along with the consumer's permissions - with all the other servers that have that information. These servers would also provide an audit trail for what happens to every individual piece of information and who used it.
The third key is identification, and can exist in many forms, from the e-wallet that would contain all of a consumer's information (and also be part of the peer-to-peer synchronization described above). Or a consumer could use a unique number, fingerprint, retinal scan, or other method that would uniquely identify him or her as the owner of a set of personal information. In this way, even if a wallet was lost or unavailable, the consumer could still be identified, and receive personalized and hassle-free service.
Together, these three keys enable a system that would allow business vendors to offer the one-to-one services and marketing opportunities that they need, and enable consumers to control and tune just how personalized they want their interactions with vendors to be.
But why would vendors give up their customers' information? Why would consumers allow their data to be used for marketing and advertising? What's the incentive? For medical records, of course, the consumer incentive is apparent, as is the patient's need to control the flow of the information. For businesses, part of the synchronization server's process would enable a payment system, so that vendors and consumers could actually be paid for giving up the information.
And what about consumers who don't want to give up any personal information? They can set all of their information to private so they're notified each time the information is requested. Or they can continue to fill out the vendor's forms each time they initiate a transaction.
In order to implement a system that the medical and any other industry can use to share a consumer's personal information, standards must be set by the organizations that are already involved with setting standards for storing and retrieving information. They need to add standards for permissions and for identification that will enable a system such as the one I've described. It's not just for consumer comfort and vendor ROI. I want a world where the environment knows what I like and adjusts itself accordingly. But now it's more than convenience. It's about personal health, life, and death.