We have learned from ePortfolios and personal health records that:
- Being digital transforms the nature of documents and associated practices.
- By making people the managers of their personal data, the fragmentation of personal information is dramatically reduced, leading to an improved quality of communication across people, departments and institutions, as well as a better performance of the system as a whole.
- Giving people a sense of ownership of their personal data improves their understanding, self-esteem and ability to achieve their goals, as learner or patient.
- The separation of personal data records based on institutional boundaries (e.g. learning records and health records) are not relevant to the individual and is eventually counter-productive for the institutions.
- The nature of learners and patients is social, so is the contents of their personal records: patients records are evidence of performance of medical staff as individual ePortfolios evidence of performance of education staff, e.g. for quality assurance purpose. And profile data can be used to create communities of interests, lobbies and communities of practice.
- Experience shows that we cannot trust private or public organisations to host securely personal data. Despite all security measures, if one organisation is allowed to have massive amount of personal data, there always the risk that someone will loose a DVD in a train or sell the data on eBay.
The use digital technologies with portfolios or health records, has lead to a much greater transformation than the mere dematerialisation of documents. ePortfolios are not just paperless portfolios, nor are digital personal health records, paperless health records. Both are transforming the practice of their owners as well as that of the professionals working with them. When empowered with the management of their personal data, learners like patients tend to take more responsibility with their own learning or healing. Relationships with and among teachers / doctors are also transformed, as well as that with fellow learners / patients.
Moreover, personal health records can be viewed as some kind of learning records as patients need to learn new facts, procedures and reflect on their behaviour —and before being a patient, proactively maintain one’s own health and contribute to that of others. And for athletes, healthcare data are also evidence of their learning and material for reflecting.
From the point of view of the individual, there is no clear separation between a learning record and a healthcare record. They both are an aggregation of attributes, some of the attributes are common to both aggregations: for example, work patterns are of interest to doctors and dietary requirements useful to other than doctors —e.g. conference organisers…
In terms of privacy, publicity and security, both share the same constraints. There is a need to manage the level of privacy from totally private data, to data restricted to certain groups of people and professionals, up to publicly available records —e.g. qualifications / blood type. But we cannot allow that organisations, private or public, host massive amount of personal data on a server without being under a strict control of individuals and making the massive export of data impossible to achieve or exploit —e.g. by making each individual record jammed with individual real-time encryption keys provided with the informed consent of individuals (with a ‘break the glass’ policy, if the principal is unconscious, something addressed by TAS3).
Just like patients have to deal with different professionals at different points in time, learners and workers have to deal with a number of different institutions. One can be working as an IT professional in a company, be a member of an IT professional body like the British Computer Society, teach at a university and provide support to local businesses, all this contributing to his/her identity as ‘IT professional’. The way systems are set today, this IT professional will have a number of accounts, at best federated, dealing with the idiosyncrasies of various information systems to keep-up with his/her personal data. His/her identity will be fragmented.
While current implementations of federation of identities and services allow one person to unify a number of fragmented accounts, an Internet architecture “subject centred” should allow one person to have a unified account (a kind of ‘digital safe’) that would be used in a number of different transactions. For example, I would have one ePortfolio repository and each of the different institutions I am interacting with would pull/push data from/to this repository (probably distributed, for security reason) encrypted by one or more public key.
A subject centred Internet should allow us to regain control on how our personal data are being stored, accessed and managed.