Who Owns Patient Data?

Who owns a patient’s health information?

·The patient to whom it refers?
·The health provider that created it?
·The IT specialist who has the greatest control over it?

The notion of ownership is inadequate for health information. For instance, no one has an absolute right to destroy health information. But we all understand what it means to own an automobile: You can drive the car you own into a tree or into the ocean if you want to. No one has the legal right to do things like that to a “master copy” of health information.

All of the groups above have a complex series of rights and responsibilities relating to health information that should never be trivialized into ownership.

Raising the question of ownership at all is a hash argument. What is a hash argument? Here’s how Julian Sanchez describes it:

“Come to think of it, there’s a certain class of rhetoric I’m going to call the ‘one-way hash‘ argument. Most modern cryptographic systems in wide use are based on a certain mathematical asymmetry: You can multiply a couple of large prime numbers much (much, much, much, much) more quickly than you can factor the product back into primes. A one-way hash is a kind of ‘fingerprint’ for messages based on the same mathematical idea: It’s really easy to run the algorithm in one direction, but much harder and more time consuming to undo. Certain bad arguments work the same way — skim online debates between biologists and earnest ID (Intelligent Design) aficionados armed with talking points if you want a few examples: The talking point on one side is just complex enough that it’s both intelligible — even somewhat intuitive — to the layman and sounds as though it might qualify as some kind of insight … The rebuttal, by contrast, may require explaining a whole series of preliminary concepts before it’s really possible to explain why the talking point is wrong.”

The question “Who owns the data?” presumes that the notion of ownership is valid, and it jettisons those foolish enough to try to answer the question into a needless circular debate. Once you mistakenly assume that the question is answerable, you cannot help but back an unintelligible position.

Ownership is a poor starting point for health data because the concept itself doesn’t map well to the people and organizations that have relationships with that data. The following chart shows what’s possible depending on a given role.

Person / Privilege Delete their copy of data Arbitrarily (without logs) edit their copy of data Correct the provider’s copy of the data Append to the provider’s copy of the data Acquire copies of HIPAA-covered data
Sourcing Provider No. HIPAA mandates that the provider who creates HIPAA-covered data must ensure that a copy of the record is available. Mere deletion is not a privilege that providers have with their copies of patient records. Most EHR systems enforce this rule for providers. No. While providers can change the contents of the EHR, they are not allowed to change the contents without a log of those changes being maintained. Many EHRs contain the concept of “signing” EHR data, which translates to “the patient data entering the state where it cannot be changed without logging anymore.” Yes. Providers can correct their copy of the EHR data, providing they maintain a copy of the incorrect version of the data. Again, EHR software enforces this rule. Yes. The providers can merely add to data, without changing the “correctness” of previous instances of the data. EHR systems should seamlessly handle this case. Sometimes. Depending on the ongoing “treatment” status of the patient, providers typically have the right to acquire copies of treatment data from other treating providers. If they are “fired,” they can lose this right.
Person / Privilege Delete their copy of data Arbitrarily (without logs) edit their copy of data Correct the provider’s copy of the data Append to the provider’s copy of the data Acquire copies of HIPAA-covered data
Patient rights Yes, they can delete their own copies of their patient records, but requests to providers that their charts be deleted will be denied. No. Patients cannot change the “canonical” version of a patient record. No. While patients have the right to comment on and amend the file, they can merely suggest that the “canonical” version of the patient record be updated. Yes. The patient has the right to append to EHR records under HIPAA. HIPAA does not require that this amendment impact the “canonical” version of the patient record, but these additions must be present somewhere, and there is likely to be a substantial civil liability for providers who fail to act in a clinically responsible manner on the amended data. The relationship between “patient amendments” and the “canonical version” is a complex procedural and technical issue that will see lots of attention in the years to come. Usually. Patients typically have the right to access the contents of an EHR system, assuming they pay a copying cost. EHRs frequently make this copying cost unreasonable, and the results are so dense that they are not useful. There are also exceptions to this “right to read,” including psychiatric notes and legal investigations.
Person / Privilege Delete their copy of data Arbitrarily (without logs) edit their copy of data Correct the provider’s copy of the data Append to the provider’s copy of the data Acquire copies of HIPAA-covered data
True Copyright Ownership (i.e. the relationship you have with a paper you have written or a photo you have taken) Yes. You can destroy things you own. Yes. You can change things you own without recording what changes you made. No. If you hold copyright to material and someone has purchased a right to a copy of that material, you cannot make them change it, even if you make “corrections.” Sometimes, people use licensing rather than mere “copy sales” to enforce this right (i.e. Microsoft might have the right to change your copy of Windows, etc.). No. Again, you have no rights to change another person’s copy of something you own the copyright to. Again, some people use licensing as a means to gain this power rather than just “sale of a copy.” No. You do not have an automatic right to copies of other people’s copyrighted works, even if they depict you somehow. (This is why your family photographer can gouge you on reprints.)
Person / Privilege Delete their copy of data Arbitrarily (without logs) edit their copy of data Correct the provider’s copy of the data Append to the provider’s copy of the data Acquire copies of HIPAA-covered data
IT Specialist Kind of. Regulations dictate that IT specialists and vendors should not have the right to delete patient records. But root (or admin) access to the underlying EHR databases ensure that only people with backend access can truly delete patient records. Only people with direct access to source code or direct access to the database can completely circumvent EHR logging systems. The “delete privilege” is somewhat difficult to accomplish entirely without detection, however, since it is likely that someone (i.e. the patient) will know that the record should be present. Yes. Source code or database-level access ensures that patient records can be modified without logging. Yes. Source code or database-level access ensures that patient records can be modified without logging. Yes. Source code or database-level access ensures that patient records can be modified without logging. No. Typically, database administrators and programmers do not have the standing to request medical records from other sources.


Ergo, neither a patient nor a doctor nor the programmer has an “ownership” relationship with patient data. All of them have a unique set of privileges that do not line up exactly with any traditional notion of “ownership.” Ironically, it is neither the patient nor the provider (when I say “provider,” this usually means a doctor) who is closest to “owning” the data. The programmer has the most complete access and the only role with the ability to avoid rules that are enforced automatically by electronic health record (EHR) software.

So, asking “who owns the data?” is a meaningless, time-wasting, and shallow conceptualization of the issue at hand.

The real issue is: “What rights do patients have regarding healthcare data that refers to them?” This is a deep question because patient rights to data vary depending on how the data was acquired. For instance, a standalone personal health record (PHR) is primarily governed by the end-user license agreement (EULA) between the patient and the PHR provider (which usually gives the patient wildly varying rights), while right to a doctor’s EHR data is dictated by both HIPAA and Meaningful Use standards.

Usually, what people really mean when they say “The patient owns the data” is “The patient’s needs and desires regarding data should be respected.” That is a wonderful instinct, but unless we are going to talk about specific privileges enabled by regulation or law, it really means “whatever the provider/programmer holding the data thinks it means.”

For instance, while current Meaningful Use does require providers to give patients digital access to summary documents, there is no requirement for “complete” and “instant” access to the full contents of the EHR. While HIPAA mandates “complete” access, the EHR serves to make printed copies of digitized patient data completely useless. The devil is in the details here, and when people start going on about “the patient owning the data,” what they are really doing is encouraging a mental shortcut that cannot readily be undone.

Fred Trotter is a recognized expert in Free and Open Source medical software and security systems and is the author of Meaningful Use and Beyond: A Guide for IT Staff in Health Care. He has spoken on those subjects at the SCALE DOHCS conference, LinuxWorld, DefCon and is the MC for the Open Source Health Conference. This post first appeared on O’Reilly Radar.

34 replies »

  1. On a couple of occasions they tried to get me drunk but as their
    own drinking became excessive I walked away. However, I am sure in a short
    period of time she would have told me the details about her
    unsuccessful return to her husband and what truly happened to their Office – Land franchise.
    Of course, they had the help of my friend, Bill Higgins,
    and my family.

  2. One question: What was the date of this article? It seems to be July 20, 2012 (based on the URL and the date shown just above the comments). Yet the comments start on July 11. I am asking for proper research citation purposes. Thanks

  3. Fred,
    With all due respect, your arguments are rather confusing. There is no “deep question” here that requires “careful discussion”.

    Patients own their health care information.
    Patients should be the sole decision makers regarding who can look at, or use their data, in any shape or form, and for any purpose, except as required by law.

    The argument that programmers who (at their employer’s behest) are most able to avoid regulations, somehow gain ownership rights based on this infraction, is frankly ludicrous.

    If data sharing benefits the patient, surely the informed patient will give you permission to share it.
    Or do you think that people other than the patient are better qualified to decide what is good for the patient?
    And who may those people be, now that doctors, who take an oath to protect patient information, are not allowed to be paternalistic anymore? Programmers?

  4. Margalit,
    Your framing of my city example implies that cities have no control over how healthy their environments are. I could also say that you could compare BP data to a particular medication usage instead of a city, but then you would say that the drug manufacturer is taking advantage of the patient. Perhaps if my example had used carrots, but then grocery stores might take advantage of patients. Of course, a study that used this de-identified data to study the effects of grass consumption might seem innocuous enough, until you consider how lawn mower manufacturers would then take advantage of patients. A study of sex and blood pressure might benefit condom companies and ObGyns. A study comparing the BP data I mentioned to nothing but itself might benifit patient, but also the statistician doing the work. Technically, all of these examples would move science forward and help patients overall. But all of these examples all serve to create profit. By your logic, none of them would be valid.

    You link to a project sponsored by Dr. Peel et al. then expect me to defend the notion that you are spreading FUD? It is not worth the bother…

    Just to be clear, I have never represented that patients should have no rights regarding how their information is shared. That is your label on my position, and not my position.

    Still, your comments have ensured that I will be doing a follow on to this post. There are enough patient activists who have decided to swallow the Dr. Peel created and Dr. Sweeney endorsed FUD regarding data privacy that it is obvious that a careful discussion is required.

  5. Medical data before it is given away should always have the permission of the patient. This data is a confidential matter and known only between the patient and the health care service provider.

  6. One of my sources is the Georgetown U. Health Information Privacy Project


    A lot of their stuff is rather dated. Unless you have Westlaw and Lexis Nexis accounts (and I don’t, given the $$$), you can’t keep up with all the various states’ stuff in timely fashion.

    Part of my HIE work in Nevada goes to PHI privacy and security issues, so I stay on this stuff.

  7. Fred,
    The example you are providing for use of BP readings is actually a very nice illustration how data could be used to benefit entities other than patients. Why should people be forced to share their BP readings in order to provide some company better tools to increase profits? What do patients get out of that? Particularly those in cities where people are less healthy, probably because they are poorer, and now the jobs are going to go away to the prosperous healthy cities, making people even poorer and sicker?
    You could have tried for a better example…. However it would have been impossible to come up with a legitimate clinical research example where you don’t need enough elements to enable reidentification, wouldn’t it?

    When most data hungry people say research, they don’t mean clinical research.

    As to asking people about their willingness to participate in clinical trials, your argument rests on an assumption that has been repeatedly refuted by participatory and engaged patients organizations, i.e. the doctor knows best (or in this case the pharma company looking for subjects and paying for information).

    If you would like to see where your data may be traveling to, I suggest following this project http://healthprivacy.blogspot.com/2012/06/health-data-map-latanya-sweeney.html

    I am not sure why asking that patients provide consent for all data sharing, without exception, is considered in open source circles as FUD. I thought most open source folks are opposed to corporations listening in on their cell phones and such. Surely they are opposed to corporations listening in on their heart beats…. I would think…..

    Finally Fred, how can you want patient control and patient empowerment and simultaneously state that patients should have no rights regarding how their information is to be shared with others?

  8. Margalit,

    The following statement:

    “because everything can be reidentified”
    “the entire big-data concept rests on combining multiple sources of information”
    “completely de-identified data is useless for research.”

    All of these are utterly false. Let me prove it.
    BP 127 / 83
    This is a real persons blood pressure measurement. Can you re-identify it? I do not hold out much hope for your success. Feel free to pass it to a re-identification expert and see if they can make a better stab at this.

    Now suppose that I have every blood pressure measurement taken in the city of Houston today, listed in exactly the way I have listed this measurement, with no other personal information. Then I could compare that with every measurement taken in Bolder, CO.

    Houston has a reputation as an unhealthy city and Bolder a reputation of a healthy city. Companies make decisions about where to be “based” in part because of healthcare costs. Which means that A. using impossible to re-identify data, it would be possible to evaluate the claim that Bolder is more healthy than Houston. B. That information could impact real world decisions, which in turn have impact on thousands of people.

    Big data can be used to compare and analyze these data sets without, any need to merge databases. In fact, if you recorded every BP measurement in two cities for a year, you would have some pretty rich data indeed.

    That is de-identified data that is impossible to reidentify using big data methods that has a real world impact. Your statements are proved false by simple example.

    You said:
    “Third, antibiotics should not be prescribed for a viral infection any more than garden variety snake oil should…. There is no balancing act here. It’s bad all the way around.”

    You will find that my post never mentioned the word “Virus”. I was referring to the proper ordering of anti-biotic medication, to avoid resistance build up. For any given patient, the strongest anti-biotic that would work is always has the best chance of removing a given infection. But this is bad for the collective. This is precisely a balancing issue.

    You write:

    “I appreciate the clinical trial example, but I don’t see any compelling reason for the physician to make your information available for search without your permission.”

    This only makes sense to you, because you have been tricked in to presuming “de-identification does not work”, rather than the far more subtle “de-identification does not always work”. If a doctor asks “Hey would you like to be in a clinical trial”, without first knowing that there is one that the patient qualifies for, means that the patient is going to be given false hope. That is a great reason not to say that. Because the doctor is -more- than capable of determining if a patient qualifies for a trial -without- revealing her identity, there is literally no reason not to do that before offering the option to the patient.

    The simple reality is that the case you have presenting here is full of the kind of polarizing presumptions that I am trying to debunk. We need to have a conversation around how we are going to ensure that technology will respect patient rights, but lambasting technology with false accusations is a really bad place to start. I can assure you, reality is bad enough without you needing anyone to resort to hyperbole.

    We cannot have a nuanced discussion about these issues until we stop confusing what we “know” with what we “believe”. At least some of things you write are beliefs, which are trivial to show false.

    This is especially dangerous because you are providing mis-information and you are also fear mongering. i.e.

    “such as having your private information travel to places beyond your imagination (and beyond your benefits), and possibly be used against you or to exploit you.”

    In the open source community, we call this FUD, Fear, Uncertainty and Doubt. It is a propaganda technique and it is impossible to have a real discussion about issues when one party is spreading it.

    I agree with your priorities. We want the same things: patient control and patient empowerment. But I strongly disagree with your methods on this one.


  9. Bobby,
    Your point that state law dramatically impacts these issues is well-taken. I should have mentioned that in the core article. I would also love to have links to the information that you are referencing, since it is the kind of thing that I like to keep up on.

    So you think that the Florida and NH actually muck about regarding who holds the copyright? That is a fascinating possibility.


  10. I like a “market approach” to healthcare data. This is the approach that the medical banking people take. They take this idea to its extreme.

    Hard to tell if it will work, but that does not mean it is not a good idea.

  11. Fred:

    Bravo for a thoughtful take on medical record ownership that has real potential to break through meaningless chatter and stakeholder deadlock. It’s a shame that so much of the discussion here became tangential, but perhaps a forum of hospital IT folks and patient advocates might spark a different dynamic.


  12. If I were to advocate a pure market position, I would state that there is a price for everything. Let’s start with the position that most of the data we are addressing are not currently available to the individual himself. He needs an expert to gather the data.

    So, there could be a lower price for data remaining private, and a higher price to make the data more widely available. I’m pretty confident that the market would figure this out. Alternatively, if the data were to be used for research, there could be a policy of not allowing a person who does not share his data from benefitting from the therapies developed with that type of data. I think it’s pretty obvious that would be unenforceable.

    However, as I think about this more dynamically, I think power will shift from the diagnostic provider to the consumer, with respect to privacy. This will result from technology becoming less expensive and more user friendly. For example, I suppose that a few generations ago, people could not inexpensively figure out how much they weighed. Today, anyone can buy a bathroom scale.

  13. Margalit et al.,

    It’s hard to see how a healthcare record is even that useful without the involvement of the patient. The patient needs to be able to see the information; correct or at least challenge incorrect information; give others such as advocates or family members access to help if they need that kind of help. Without that, I don’t think people can even rely on it – there are so many errors, many not seemingly significant but may be used in entirely unexpected ways.

    A few years ago a lawyer contacted me because I had documented in a hospital (years previously) that a patient lived with her mother. They were trying to prove the patient still lived at home to obtain an insurance benefit that was barred if that was not the case. I usually made a notation like that in case I needed to assist with discharge planning, but it was for my benefit not for someone else to rely on it. When looking at the record, I could see where I had obtained that information, and I could tell I hadn’t gotten first hand information myself. That information was never meant to be relied upon, so its secondary use gave an inaccurate representation. If patients are involved, they can correct those all-to-frequent errors (I’ve heard estimates of 10% of all data in records from a medical researcher). And with patients’ involvement, you will both add context and additional, very useful information that will allow gaining more knowledge when it is aggregated. And then patients can be fully informed when it’s aggregated and continue to have trust in their providers and in the system.

  14. a good few interesting points raised here, from a patient perspective i think it would be unerving to know that you don’t own your own health information and that the people that created it had a right to distribute it to who they wish. I think thats a breach of confidentiality and trust and must go against many principals. Once your dececed i think its a different stopry but until then…

  15. Well, Fred, let me start by saying that I appreciate your point of view and do not have any doubts about your intentions being good.

    However, let me assure you that mine is not a knee-jerk reaction. We have evolved the health care conversation to use words in very peculiar ways and to confuse people in order to preserve the rights of corporations to profit.

    First of all data de-identification is largely a myth in this day and age, because everything can be reidentified and the entire big-data concept rests on combining multiple sources of information, which is how you reidentify supposedly anonymous data sets. And BTW, completely de-identified data is useless for research.

    Second, we are selling patients on this empowerment idea (nothing about me without me, I believe), and then you say “If they needed your permission to do this, nothing would work smoothly.” Don’t you think that the two statements are contradictory? I do appreciate the importance of having the trains run on time, but at what cost to the individual?

    Third, antibiotics should not be prescribed for a viral infection any more than garden variety snake oil should. This does have an effect on society, but the primary reason not to do it is that it is bad medicine for the individual. There is no balancing act here. It’s bad all the way around.

    Fourth, I appreciate the clinical trial example, but I don’t see any compelling reason for the physician to make your information available for search without your permission. Do you want to be in a clinical trial? Do you want me to advertise your condition and try to find you a clinical trial? An informed and participating patient surely has a right to weigh in.

    I don’t want to be safe or included. I want my individual rights to be respected by the “system”. Folks are rebelling against the supposedly “paternalistic” approach of physicians to health care on one hand, but have no problem with a “paternalistic” behavior of a faceless and nameless “system”, or so it seems.

    I am not debating the benefits or lack thereof (I could, if needed) of data sharing. I am debating the right to pull the trigger. Patients should be allowed to choose if they want those benefits or not, and should be made aware that there is a price to pay for the benefits, such as having your private information travel to places beyond your imagination (and beyond your benefits), and possibly be used against you or to exploit you.

    No matter how many benefits are in becoming a herd of populations, people may choose to remain individuals for a little bit longer and individuals have a right to privacy, which has been recognized by the courts, and this is where this matter belongs, inclusive of jail time for offenders (my knees are both perfectly still 🙂 )

  16. I’m not conflating copyright broadly with PHI specifically. HIPAA is silent on the issue of “ownership” of PHI, but individual states are free to enact more strict PHI laws and take on “ownership” should they choose to. For exmaple, only one state declares that a patient “owns” their PHI (NH, IIRC). Florida law states that the provider “owns” “the medical record,” but that patients explicitly “own” any genetic information contained therein. My state (NV) may soon issue regs stating that the patient “own” their PHI. The other states are all over the map, and we can expect that new laws and regs will continue to change in the face of increasing ePHI deployment.

    I agree with you that we use key terms in unclear and sometimes outmoded ways. “Ownership” may well be one of them.

  17. Margalit,
    I think John has mostly gotten it right. By letting go of the notion of ownership, we can have a more nuanced discussion.

    I want to specifically kibbitz some of your assertions here.

    First, clinical information is only sometimes “about you”. The whole notion of deidentification is to make data that is still a valid clinical fact, but not a fact “about you”.

    Even without de-identification, the use of the clinical data is not just for “the sole purpose of providing you with services that you purchased” the clinician can, and should use that data to improve performance, to do research, to test hypothesis. Your assertion is that the only use for the data is for the private benefit of the patient, but doctors/clinicians are always weighing your private benefit against the pubic good. This is why you cannot get antibiotics whenever you want. It damages the public good. Tracking the rate and proper prescription of antibiotics is precisely the kind of thing that a single patients clinical data can and should be used for by the provider.

    You write:
    “Any other use of your information should be considered theft and larceny and should be prosecuted. People should actually be sent to jail for trafficking in clinical data.”

    This is exactly the kind of useless hyperbole that I am advocating against with this article. It seems right at first read, but even thinking about a little more deeply for a moment makes it obvious that it is a ludicrous conclusion. I understand and appreciate your outrage, and your frustration at the appalling lack of practical influence that patients have with relationship to data that refers to them, but your methods are backwards.

    You further write:
    “Just because it’s not a tomato and you can’t take it home with you, doesn’t mean they have a right to sell rights to it without your permission.”

    It is important to note here that clinicians leveraging patient data for secondary purposes, even selling it, typically ends up benefiting patients. At least indirectly and often in very real and direct manners. When a clinician contacts a patient and says “you qualify for a clinical trial for your stage IV cancer”, they are doing that as the end of a process of “sharing” your data in precisely the way you oppose here.

    If they needed your permission to do this, nothing would work smoothly.

    Consider thinking more carefully about what you actually want. Do you want to be safe? Your position does not end up providing that, but there are other ways to get that. Do you want to be included? Your position does not end up providing that either, but again there are other ways…

    Work backwards from what you want, recognizing that the current data use system is already giving you alot of benefits, and consider what solutions keep the benefits that you are already getting, while adding the ones that you feel you are lacking. What you are doing right now is just knee-jerk.

  18. Adrian,
    I have to applaud you, because you are the first commenter to fully embrace my core point: the conversations that really matter start after you stop debating ownership.

    To be very specific, I would be dubious about any health IT expert who would answer any of your questions is any way other than the following:

    In our digital age, how do we define access to our own information?
    – I don’t know, and I am trying to figure that out.

    When will access mean an easy-to-use UI?
    – I don’t really know how to define an “easy to use UI” and even if I did I would not be able to answer the question of “when?”.

    When will it mean actionable analysis of your health information?
    – I don’t know that either.

    Metadata explaining your health record and links to outside sources on your condition?
    – Where would the links go? How would the links map to the health record? It is just evidence that this is a great question that the only real response is more questions.

    Access to the person who put that in your health record to ask them questions, correct their errors?
    – Don’t know how to define “errors”, don’t know how to define “correct”, don’t know how to define “access”.

    I can stop there, you get the idea. You are asking really good questions, which is what you can start doing, when you stop answering bad questions like “who owns the data?”

  19. I agree with Sandra_Raup. Lets tie this issue back to patient data ownership or lets drop it. I am sure THCB would be happy to host an entirely separate article on body part ownership…

    Body part ownership is very interesting, but what does it have to do with patient data?

  20. Steven,
    I agree completely that the real question is “who have the right to muck with the data?”.

    I also agree that in a healthy patient/doctor relationship it is something “like” putting intellectual property (I term I use ironically) in an LLC. But strictly speaking, only one entity has original copyright ownership of the data, and it is not the patient. So it is “like” that, but only by analogy.

    Your point of “the provider can delete eventually” is true, and I probably should have mentioned that there are cases/states where that can eventually occur. But my point is that there are limits on the providers right to delete. If it were mere copyright ownership, the provider could delete at any time.

    So a patient has some rights that kind of make “as though” they owned the patient data, and the doctor has some limitations on their rights under traditional copyright to make it “as though” they do not have complete ownership.

    Again, what we are doing in these threads is proving that the issue is so complex and subtle that talking about it in terms of ownership is just a waste of time.

  21. BobbyG,
    In the strict legal sense of copyright ownership, I do not think it is in flux at all. I know of no state which actually modifies who owns the copyright. (not to say there isn’t just that I have not heard of one).

    What you mean, I think, is that the underlying “what rights does the patient have?” question is in flux, and that is certainly true, and changing very rapidly.


  22. You figured it out wrong, John. Clinical data is information about you, the collection of which is incidental to services for which you have paid (or someone paid on your behalf). These people do not own anything. They have access to it for the sole purpose of providing you with the services you purchased and a fiduciary responsibility to safeguard your clinical data at all times.
    Any other use of your information should be considered theft and larceny and should be prosecuted. People should actually be sent to jail for trafficking in clinical data. Just because it’s not a tomato and you can’t take it home with you, doesn’t mean they have a right to sell rights to it without your permission.

  23. Kidney is a bad analogy. It is a thing, not data. This is an excellent post, framing what I’ve been trying to figure out for a long time. Challenging the notion of “ownership” is just what I needed to come to grasp with it.

    The patient cannot own (most of) the data because the patient did not create (most of) the data. How can I “own” my cholesterol count? For most of human history, nobody even knew such a thing existed. How can I own that which I don’t know exists?

    In some philosophical sense, the party which collected the data also created the data, and therefore has rights to it.

  24. Most people look to the case, Moore v. Regents of the U of California that discusses privacy vs. property rights in relationship to our own bodies and body parts. Here’s the wikipedia discussion of the case: http://en.wikipedia.org/wiki/Moore_v._Regents_of_the_University_of_California. This has traditionally been a sanctity of life issue that’s also reflected in laws against suicide and selling organs.

    But your question addresses the central issue in Moore – can a 3rd party profit from someone else’s body parts? It looks like they can if they have consent of the individual. Are you suggesting that’s a parallel example for uses of patient data?

  25. Fred, I completely agree with you when it comes down to “ownership” being a useless term for health data. If I’m reading correctly, I agree that what it really comes down to is patient access to data.

    And access, for me, is even more complicated than ownership. In our digital age, how do we define access to our own information? The current Blue Button standards allow access to a .pdf of our medical records. When will access mean an easy-to-use UI? When will it mean actionable analysis of your health information? Metadata explaining your health record and links to outside sources on your condition? Access to the person who put that in your health record to ask them questions, correct their errors? Access to functionality that makes notes in your own health record? Access to an API that allows external applications to use that data?

    I do not think we will have real access to our healthcare data until we have the tools to actually utilize it. Access is an empty concept without utility.

  26. Fred, always enjoy reading your posts.

    I would disagree that providers cannot delete a record. After the required retention time, they can delete.

    I believe that the partnership of patient and provider own the data (where “provider” includes the clinician and the organization together). Kind of like putting intellectual property into an LLC.

    The real question is who has what right to access to the data?

  27. It depends on if it’s still in your body. If in your body, you have a privacy interest in it (you have the right to have a say what happens with it, such as donate it, if it’s not going to carry significant risk to you life but you do not have a right to commit suicide); if outside your body, it’s probably discarded (like a blood sample or other tissue and can be claimed by a research institution or lab if it has a legitimate use for it after it has come into its possession). Many people believe they have a property interest in their own body and tissue but that is not generally the case at this time.

  28. Good post, Fred.

    As a legal matter, PHI “ownership” (as inadequate as the word may be, beyond the essential attribute of “right to control”), varies broadly from one state to another and is in flux.