Fake Vaccine Cards and the Challenges of Decentralized Health Data

By Carmel Shachar and Chloe Reichel

Soon the U.S. will have vaccinated all adults who are not vaccine hesitant. Our next key challenges will be reopening workplaces, restaurants, schools, and other public areas, as well as encouraging vaccine uptake among those who are hesitant or resistant to the vaccine.

Vaccine passports or certifications could be a tool used to address both of those challenges.

But our approach to health care data management may undermine this next stage of the pandemic response.

While the White House is supportive of secure and free immunity passports, according to Andy Slavitt, White House senior advisor for COVID-19 response, “It’s not the role of the government to hold that data and to do that.

Thus, the task will fall to states and private developers. But without a centralized database of vaccination data, it will be that much harder to verify an individual’s eligibility to be a pass holder.

There will be a significant chance of faked vaccine documentation, because non-vaccinated individuals with objections to the vaccine will have strong incentives to become pass-holders. Already, falsified CDC vaccination cards can be purchased online for as little as $20 each. If fake CDC vaccination cards become widespread, other countries may restrict travel even for vaccinated Americans, or otherwise restrict border reopenings.

Private developers, such as IBM Watson, will have to find ways to access existing government databases or to verify documentation provided by individual users. And if multiple immunity passport apps become the norm in the United States, then individuals will have to go through the potentially onerous process of verifying their vaccination status over and over again. Multiple databases or verification systems may also increase chances of privacy breaches.

These challenges all emanate from the same key issue: namely, the lack of a centralized health care data system in the U.S.

Vaccination Data in the U.S.

The United States has always had a patchwork approach to health care data, and COVID-19 vaccination data is no exception. There is no comprehensive repository of vaccinated individuals. The federal government, state governments, and private actors are all imperfectly communicating with one another.

States are supposed to report relevant data, including name, address, sex, date of birth, location of the vaccine administration, and product received to the Centers for Disease Control and Prevention (CDC). But there are over 100 data systems involved tracking vaccine data in the U.S., including commercial partners such as FedEx and CVS. This includes multiple systems run by the CDC itself, including its pre-pandemic Vaccine Tracking System (VTrckS), the newer Vaccine Administration Management System (VAMS), the IZ Gateway and Clearing House, the IZ Data Lake, and a centralized tool named Tiberius. In some cases, the fragmentation of the system is driven by states’ preference for homegrown solutions over the CDC’s VAMS, which has been widely seen as flawed and unresponsive to the needs of patients and providers.

This decentralized model raises serious interoperability concerns. For example, the 64 immunization registries in the United States that cover states, territories, and large cities are not meaningfully connected to each other, although they all do report into the CDC’s data management infrastructure. This can slow down real-world data tracking, which is crucial for maintaining a nimble system responsive to outbreaks and other rapidly changing needs. These registries are also governed by state and local law, which means that they do not all include the same information. For example, race and ethnicity of COVID-19 vaccine recipients is important data because we know that there is uneven vaccine distribution and adoption across communities of color. But Minnesota state law prohibits sharing this data, despite the CDC requesting it from its partners.

Local laws are not the only barrier to comprehensive data collection. Kaiser Health News discovered that Texas, Virginia, Colorado, and Maryland were missing this data for a significant percentage of people vaccinated. Sometimes this missing data can be explained by the need to quickly roll out vaccine tracking programs before they were fully ready, such as in Texas, where the system did not properly record administered doses. This is nevertheless worrisome, in part because future allocation of COVID-19 vaccines factors in past vaccination rates.

Gaps are also common in the databases of commercial partners. For example, CVS and Walgreens have administered millions of COVID-19 vaccines under the federal pharmacy partnership, but have not appeared to release data on the race and ethnicity of the recipients.

Beyond the challenges these gaps in epidemiological data pose to a vaccine passport system, they also hamstring our ability to track vaccine adoption, adequately deploy future vaccine shipments, flag which communities need additional resources to encourage higher rates of vaccination, or track any post-vaccination impacts, such as adverse events.

Israel and the Green Pass

By contrast, Israel has demonstrated that a smart, well-organized, centralized health care data system can open unexpected opportunities.

In late February 2021, Israel began to reopen malls, gyms, hotels, theaters, and other leisure facilities through its “Green Pass” system. Individuals who had completed their vaccination series or recovered from COVID-19, i.e., those with some sort of immunity, are allowed to be pass-holders in this system.

By presenting a vaccination certificate or demonstrating their status on an app run by the Israeli Ministry of Health, pass-holders are allowed to go to the gym to work out, enjoy watching a movie on big screens, and engage in other similar activities.

Part of the reason that the Green Pass system could be implemented relatively quickly was because of the centralized nature of Israel’s health care data.

Big Data

More than 98 percent of Israelis are enrolled in one of four health maintenance organizations (HMOs). These four entities control the medical files of almost everyone in the country.

In 2018, the Israeli government launched its National Digital Health plan, with the goal of unifying the records from these four companies into one database that would be available to researchers and companies. This move received critiques regarding patient privacy and confidentiality.

Nevertheless, this centralized database and strong health care data tracking system gave Israel a significant bargaining chip when it attempted to secure COVID-19 vaccine doses. Prime Minister Benjamin Netanyahu agreed to provide Pfizer with “statistics” from its rapid vaccine roll out to help secure millions of doses from the pharmaceutical company.

Not all the terms of this deal are public, so it is difficult to know what level of aggregation and de-identification is expected for the data delivered to Pfizer. But it does appear that having access to well-maintained vaccination and medical records for an entire country was enough for Pfizer to commit enough vaccine doses to immunize all Israelis above the age of 16 by March. And the Israeli HMOs are already releasing comprehensive data on the performance of the Pfizer COVID-19 vaccine, including its efficacy after only one dose.

Moreover, the Ministry of Health knows who has been vaccinated and has therefore relatively easily implemented the Green Pass system and verified eligibility of pass-holders.

Looking Ahead

Other countries with similar approaches to health care delivery and health care data are following similar roll outs. For example, Australians will have their vaccine details pulled from the National Immunisation Register to create vaccination certificates in their existing health care app. These vaccination certificates could be used to gain access to restaurants or other businesses, similar to the Green Pass.

The Green Pass has its share of critics. On a practical level, the app at its center, Ramzor, was critiqued by cybersecurity experts as flawed and poorly designed, even sending private communications meant for the Ministry of Health to an employee’s private Gmail account.

While the app’s code can be fixed, some of the ethical critiques of immunity passports are harder to address. These include the potential for discrimination against vulnerable populations and the erosion of privacy.

Nevertheless, the benefits of immunity passports likely outweigh the challenges, especially in regard to reopening pandemic-stricken economies. Immunity passports can also provide a significant incentive for the vaccine hesitant to change their minds, bringing communities closer to the ultimate herd immunity goal. The World Health Organization, acknowledging that many countries are likely to follow Israel’s lead, is developing specifications and standards for a Smart Vaccination Certificate.

The United States, however, faces significant logistical hurdles in implementing any such analogue. And we have already accepted some fairly steep tradeoffs in the COVID-19 vaccination roll-out due to our fragmented health care data management system.

While it is too late to redo our vaccine roll out with better data management, we should apply these lessons moving forward, with an eye to problematic COVID-19 variants or to the next big pandemic. A centralized approach to health care data can allow us to build a more nimble, pandemic-responsive public health system.

Carmel Shachar

Carmel Shachar, JD, MPH, is the Executive Director of the Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School. She is responsible for oversight of the Center’s sponsored research portfolio, event programming, fellowships, student engagement, development, and a range of other projects and collaborations. She is Co-Lead of the Center’s Involvement with the Regulatory Foundations, Ethics, and Law Program of Harvard Catalyst | The Harvard Clinical and Translational Science Center.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.