Gaithersburg, Maryland - When you email a friend, you don’t have to worry about whether they use Gmail, Outlook, Yahoo or some other email provider. You just enter their email address, write your message and hit send. The reason this works is because there are layers of standardized protocols that all the email clients have adopted so emails can seamlessly fly between users regardless of which client they choose.
Many other types of digital information exchange are not interoperable like email. Instead, if you want to share some data with another user, you often have to use the same software. I encountered this challenge both through my research as a science policy fellow with the National Institute of Standards and Technology (NIST) Public Safety Communications Research (PSCR) Division and my personal experience as a user of diabetes management technologies.
Since 2012, I have used a continuous glucose monitoring sensor, which is coupled to my insulin pump. When my blood sugar is heading toward a dangerously high or low threshold, my glucose sensor will wirelessly alert my pump, and my pump will alarm so that I know I should either eat something or deliver more insulin. This only happens because both devices are produced by the same manufacturer. If I chose to buy a glucose sensor from a different manufacturer, I would have to manually dial my glucose values into my pump to calculate the correct insulin dose. As a user, this lack of interoperability feels limiting and inefficient, and introduces additional risk if I were to enter a number incorrectly.
Public safety agencies adopting new data sharing technologies face a similar problem. In recent years, technology developers have created platforms that enable fire, emergency medical services (EMS) and law enforcement to access useful data streams that could support their operations, such as building floor plans, electronic health care records and surveillance cameras. However, each of those data streams usually exists in a proprietary or nonstandardized format. This means that any given data tool is restricted to a small segment of the potential available data, and it can’t be shared with first responders using a similar tool from a different vendor.
Imagine if you were experiencing a medical emergency and the responding EMS personnel couldn’t see your medical records simply because the software their agency subscribed to didn’t have access to your healthcare provider’s databases. This is the reality for most public safety data sharing today.
With such a wide variety of data types and a rapidly evolving field of technologies, public safety agencies have a hard time keeping up to date on the latest developments in data standardization that might be relevant to their specific needs. As NIST social science research has shown, first responders often lament the gap between the technology available to the general public and the tools available to them. Public safety agencies do not typically have in-house technology experts to track these developments and weigh in on the agencies’ needs and preferences on a technical level.
Public safety is also a grassroots affair. Agencies derive most of their funding from local taxes, and therefore have a locally oriented approach to their operations. This helps them stay focused on the needs and expectations of the people they serve, but it can also inhibit discipline-wide strategizing and coordination. If one jurisdiction adopts a certain technology without consulting with its neighbors or national groups, it will miss out on lessons learned from previous implementations and maybe also on opportunities to pool resources when making major technology investments.
As I delved into this challenge, I quickly realized that it encompassed both technical issues, due to the need for proper data exchange standards, and governance issues related to decisions that needed to be made across disciplines and among different jurisdictions. Motivated by both the importance of addressing this challenge for PSCR’s public safety stakeholders and my own experience of the limitations of noninteroperable data, I chose to tackle this problem during my science and technology policy fellowship at NIST.
Looking at What’s Worked
As I reached out to stakeholders I met at conferences and workshops, I learned about previous efforts to standardize public safety data and the obstacles they had encountered. As NISTers know well, setting standards is not easy! I gradually became familiar with the long list of relevant stakeholders and experts (and even then, I was probably only scratching the surface).
One common message quickly became clear: Even if technologists could identify the “right” features of the necessary standards for all the diverse data types a first responder might need, it was far from clear how these standards should be implemented into public safety technologies. Agencies would need guidance on how to set requirements for their vendors, how to test conformance with standards, and how to craft data policies to ensure their practices followed all applicable laws, policies and best practices.
Since the solutions to these challenges could potentially take many different forms and would ultimately need to be driven by stakeholders, I chose to focus my study on highlighting examples of relevant data-sharing initiatives and key partners that public safety leaders would need to work with to address this challenge. I studied initiatives like the National Capital Region Network (NCRnet) that simultaneously addressed the technical and policy aspects of various data-sharing applications. By analyzing this initiative and others, I identified the features of previous efforts that were most relevant for a wider data interoperability framework.
For example, the governance of NCRnet falls under the regional Council of Governments, which leverages an existing cross-jurisdictional forum to share multiple agencies’ experiences and make collective decisions and investments. In June, I published the findings and recommendations of this study, which combines technical detail and plain language summaries to help public safety leaders move the community toward a fully interoperable future for public safety data sharing.
Privacy Concerns
As a science policy fellow, I also had the opportunity to explore the broader context in which public safety technology developments are evolving. In recent years, concerns about the privacy and security of data sharing in commercial and government contexts have exploded in the public consciousness. Incidents like the hack of federal employee data from the Office of Personnel Management and the use of Facebook user data by Cambridge Analytica have inspired many people to think twice about the potential risks of data systems, especially those containing highly sensitive information with limited public accountability.
Public safety agencies constantly deal with sensitive data related to people and places, and therefore ensuring that their data systems are defended from intrusion and conform to policy is critical. As I spoke with public safety experts, I also tracked policy developments related to emerging technologies such as artificial intelligence (AI) and 5G networks to better understand how PSCR’s stakeholder perspectives fit into the larger conversation about data policy and regulation.
At NIST, I have been able to attend congressional briefings, international conferences and federal roundtables where academics, lawyers, businesspeople, lawmakers and agency leaders wrestled with the tension between the need to mitigate harms associated with the use of emerging data applications and the desire to unleash their potential. NIST has played a vital role in this process, for example by leading the effort to set federal technical standards for AI. These activities will shape the future of data sharing policy, research and development for all sectors of society in the coming years, and it’s been very exciting to participate in this work as a fellow at NIST.
Data analytics for public safety, just like for all other sectors, is moving increasingly toward automated and self-regulating systems. When it comes to diabetes management technology, this means integrated glucose sensor and insulin pump systems that autonomously monitor and correct a patient’s blood sugar without frequent input from the human user (sometimes referred to as an “artificial pancreas”). Such a product is already commercially available in the U.S., but just like my nonautonomous system, it only works with components manufactured by the same company.
Some insulin pump users decided that they didn’t want to wait for commercial products with fully open data and software and built an Open Artificial Pancreas System through crowdsourcing. It will take continued advocacy from patients like them to push the commercial market and regulators to create interoperable products that are accessible to the general public. Likewise, the public safety community will need to continue advocating for their technology needs to ensure that their data sharing tools can meet the needs of modern emergency response. NIST’s technical experts will be right alongside to support them on that path.