Categories

Category: Data

Community Organizations Can Reduce the Privacy Impacts of Surveillance During COVID-19

By ADRIAN GROPPER, MD

Until scientists discover a vaccine or treatment for COVID-19, our economy and our privacy will be at the mercy of imperfect technology used to manage the pandemic response.

Contact tracing, symptom capture and immunity assessment are essential tools for pandemic response, which can benefit from appropriate technology. However, the effectiveness of these tools is constrained by the privacy concerns inherent in mass surveillance. Lack of trust diminishes voluntary participation. Coerced surveillance can lead to hiding and to the injection of false information.

But it’s not a zero-sum game. The introduction of local community organizations as trusted intermediaries can improve participation, promote trust, and reduce the privacy impact of health and social surveillance.

Balancing Surveillance with Privacy

Privacy technology can complement surveillance technology when it drives adoption through trust borne of transparency and meaningful choice.

Continue reading…

How Traditional Health Records Bolster Structural Racism

By ADRIAN GROPPER, MD

As the U.S. reckons with centuries of structural racism, an important step toward making health care more equitable will require transferring control of health records to patients and patient groups.

The Black Lives Matter movement calls upon us to review racism in all aspects of social policy, from law enforcement to health. Statistics show that Black Americans are at higher risk of dying from COVID-19. The reasons for these disparities are not entirely clear. Every obstacle to data collection makes it that much harder to find a rational solution, thereby increasing the death toll.

In the case of medical research and health records, we need reform that strips control away from hospital chains and corporations. As long as hospital chains and corporations control health records, these entities may put up barriers to hide unethical behavior or injustice. Transferring power and control into the hands of patients and patient groups would enable outside auditing of health practices; a necessary step to uncover whether these databases are fostering structural racism and other kinds of harm. This is the only way to enable transparency, audits, accountability, and ultimately justice.

A recent review in STAT indicates that Black Americans suffer three to six times as much morbidity due to COVID-19. These ratios are staggering, and the search for explanations has not yielded satisfying answers.

Continue reading…

The New Scarlet Letter

By KIM BELLARD

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

If you live in one of the jurisdictions that have imposed stay-at-home requirements, you’re probably making your essential excursions — grocery store, pharmacy, even walks — with a wary eye towards anyone you come across.  Do they have COVID-19?  Have they been in contact with anyone who has?  Are they keeping at least the recommended six feet away from you?  In short, who is putting you at risk?   

Well, of course, this being the 21st century, we’re turning to our smartphones to help us try to answer these questions.  What this may lead to remains to be seen.

We long ago seemed to shrug off the fact that our smartphones and our apps know where we are and where we have been.  No one should be surprised that location is of importance to tracking the spread of COVID-19.  No one should be surprised that it is already being used.  We may end up being surprised at how it will be used.

Continue reading…

A Patient’s View of the Cures Regulations

By ADRIAN GROPPER, MD

How should we react to 1,718 pages of new regulation? Let’s start by stipulating the White House and HHS perspective

“Taken together, these reforms will deliver on the promise to put patients at their center of their own health care — you are empowered with control over your own health care choices.” 

Next, let’s stipulate the patient perspective via this video lovingly assembled by e-Patient Dave, Morgan Gleason, and the folks at the Society for Participatory Medicine. In less than 3 minutes, there are 15 patient stories, each with a slightly different take on success.

Continue reading…

Getting Ahead of Privacy and the CCPA – Healthcare Needs to Move Beyond HIPAA

By DAN LINTON

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Privacy concerns are on the rise. Over the last couple of years, survey after survey have clearly shown a dramatic rise in overall consumer privacy awareness and concern – driven primarily by the never-ending litany of ongoing data breaches that make the news.

The healthcare industry has been somewhat shielded from this, seemingly due to the trust that patients extend to their doctors and, by proxy, the organizations they work with. HITECH and HIPAA legislation have acted as a perceived layer of safety and protection.

But healthcare is not immune from privacy issues.

Most people aren’t even aware of the hundreds of data breaches of unsecured health information in the last 24 months which are being investigated by the U.S. Department of Health & Human Services Office for Civil Rights. In fact, research indicates that consumers still trust healthcare organizations with their data more so than many other industries.

But for how much longer?

Continue reading…

Healthcare in the National Privacy Law Debate

This article originally appeared in the American Bar Association’s Health eSource here.

By KIRK NAHRA

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Congress is debating whether to enact a national privacy law.  Such a law would upend the approach that has been taken so far in connection with privacy law in the United States, which has either been sector specific (healthcare, financial services, education) or has addressed specific practices (telemarketing, email marketing, data gathering from children).  The United States does not, today, have a national privacy law.  Pressure from the European Union’s General Data Protection Regulation (GDPR)1 and from California, through the California Consumer Privacy Act (CCPA),2 are driving some of this national debate.  

The conventional wisdom is that, while the United States is moving towards this legislation, there is still a long way to go.  Part of this debate is a significant disagreement about many of the core provisions of what would go into this law, including (but clearly not limited to) how to treat healthcare — either as a category of data or as an industry.

So far, healthcare data may not be getting enough attention in the debate, driven (in part) by the sense of many that healthcare privacy already has been addressed.  Due to the odd legislative history of the Health Insurance Portability and Accountability Act of 1996 (HIPAA),3 however, we are seeing the implications of a law that (1) was driven by considerations not involving privacy and security, and (2) reflected a concept of an industry that no longer reflects how the healthcare system works today.  Accordingly, there is  a growing volume of  “non-HIPAA health data,” across enormous segments of the economy, and the challenge of figuring out how to address concerns about this data in a system where there is no specific regulation of this data today.

Continue reading…

Health in 2 Point 00, Episode 105 | JP Morgan 2020: Virta, Arcadia, Teladoc & more

Today on Health in 2 Point 00, Jess and I bring you the first ever cliffhanger episode—money was flying everywhere during JP Morgan last week, so stay tuned for more tomorrow. Jumping right in, on Episode 105 we discuss Virta Health raising $93 million for diabetes reversal treatment in a super secret way; Blue Mesa getting acquired by Virgin Pulse for diabetes prevention; population health analytics company Arcadia’s $29.5 million raise; Teladoc acquiring InTouch Health for $600 million, and finally Mona Siddiqui leaving the HHS. —Matthew Holt

Health Data Outside HIPAA: Simply Extending HIPAA Would Be a #FAIL

Vince Kuraitis
Deven McGraw

By DEVEN McGRAW and VINCE KURAITIS

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Early in 2019 the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services (CMS) proposed rules intended to achieve “interoperability” of health information.

Among other things, these proposed rules would put more data in the hands of patients – in most cases, acting through apps or other online platforms or services the patients hire to collect and manage data on their behalf. Apps engaged by patients are not likely covered by federal privacy and security protections under the Health Insurance Portability and Accountability Act (HIPAA) — consequently, some have called on policymakers to extend HIPAA to cover these apps, a step that would require action from Congress.

In this post we point out why extending HIPAA is not a viable solution and would potentially undermine the purpose of enhancing patients’ ability to access their data more seamlessly:  to give them agency over health information, thereby empowering them to use it and share it to meet their needs.

Continue reading…

Healthcare Might Look Good in Plaid

By KIM BELLARD

I don’t really follow FinTech — I can’t even keep up with HealthTech! — but it caught my eye when Visa announced that it was acquiring FinTech company Plaid for $5.3b; a 2018 funding round valued the company at $2.65b.  A 100% increase in valuation within a year suggests that something important is going on, or at least that people think something is.  

I suspect there may be some lessons for healthcare in there somewhere.  

For those of you who are equally as unfamiliar with FinTech’s terrain, Plaid has been described as the “plumbing” that supports many other FinTech companies.  Launched in 2013, one in four people with a U.S. bank account are now believed to use Plaid to connect with 2,600 FinTech developers connected to more than 11,000 financial institutions.  Its customers include Acorns, Betterment, Chime, Coinbase, Gemini, Robinhood, Transferwise, and Venmo.  Plaid claims it connects with 200 million consumer accounts. 

Continue reading…

Top 3 Myths About Digital Identity in Healthcare

By GUS MALEZIS

Healthcare is in the midst of a digital transformation, creating information security, compliance, and workflow challenges. The engagement of an increasingly decentralized workforce along with anytime anyplace healthcare and the proliferation of cloud-based applications, databases, and mobile devices have now (or soon will have) eroded the once well-defined network perimeter.

The healthcare industry remains one of the most highly targeted for cyber-attacks – a recent report from Beazley Breach Insights showed that, 41 percent of all breaches in 2018 occurred in the healthcare sector. This means that, going forward, healthcare organizations must pay particular attention to cybersecurity and do so without restricting or compromising access to the systems and services providers and patients are now using and may do in the future. A successful cybersecurity plan requires these organizations to focus on establishing and managing trusted digital identities for all users, applications, and devices throughout the entire extended digital healthcare enterprise – from the hospital, to the cloud, and beyond.

Why are modern hackers targeting healthcare? Because they can, and they have the opportunity to do so! Hackers also know the value of the data stored within provider systems. Today, medical records fetch up to ten times more money on the dark web than the average credit card.  

Continue reading…

Registration

Forgotten Password?