Categories

Tag: data privacy

Patient Identity and Patient Record Matching

By ADRIAN GROPPER and DEBORAH C. PEEL

September 4, 2020

Thank you, ONC for the opportunity you gave me to speak in June. Also, thank you for the format of your August meeting where the Zoom chat feature offered a wonderful venue for an inclusive commentary and discussion as the talks were happening. Beats lining up at the microphone any day.

Here is a brief recap of my suggestions, in no particular order:

Continue reading…

COVID-19 is Bringing Data Privacy into the Spotlight – This is How Healthcare Companies Should Respond

By DAN LINTON

Privacy concerns across the country continue to increase, and consumers expect their healthcare information to be private. Headline-making data sales, skepticism of Silicon Valley privacy practices, and COVID-19 contact tracing concerns compounded with a general lack of consumer awareness have continued to generate an ongoing storm ofnegative press and political scrutiny.

With COVID-19 continuing to rampage throughout the country, there is a need for the contact tracing and other technology applications to assess public health. At the same time, changing HHS rules are giving Americans more access and control over their own health data. Both availability and the promise of positive impact of data on people’s lives has never been greater.

Despite the critical need and incredible potential, there is still a great deal of confusion, lack of awareness and heightened concern among consumers. Studies show that the vast majority of Americans think the potential risks of data collection outweighs the potential benefits.

Clamping down on data privacy stifles innovation, and moving forward as we’ve been doing presents a potential privacy minefield. So, what should the healthcare industry do about it?

Continue reading…

Community Organizations Can Reduce the Privacy Impacts of Surveillance During COVID-19

By ADRIAN GROPPER, MD

Until scientists discover a vaccine or treatment for COVID-19, our economy and our privacy will be at the mercy of imperfect technology used to manage the pandemic response.

Contact tracing, symptom capture and immunity assessment are essential tools for pandemic response, which can benefit from appropriate technology. However, the effectiveness of these tools is constrained by the privacy concerns inherent in mass surveillance. Lack of trust diminishes voluntary participation. Coerced surveillance can lead to hiding and to the injection of false information.

But it’s not a zero-sum game. The introduction of local community organizations as trusted intermediaries can improve participation, promote trust, and reduce the privacy impact of health and social surveillance.

Balancing Surveillance with Privacy

Privacy technology can complement surveillance technology when it drives adoption through trust borne of transparency and meaningful choice.

Continue reading…

Health Data Outside HIPAA: Simply Extending HIPAA Would Be a #FAIL

Vince Kuraitis
Deven McGraw

By DEVEN McGRAW and VINCE KURAITIS

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Early in 2019 the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services (CMS) proposed rules intended to achieve “interoperability” of health information.

Among other things, these proposed rules would put more data in the hands of patients – in most cases, acting through apps or other online platforms or services the patients hire to collect and manage data on their behalf. Apps engaged by patients are not likely covered by federal privacy and security protections under the Health Insurance Portability and Accountability Act (HIPAA) — consequently, some have called on policymakers to extend HIPAA to cover these apps, a step that would require action from Congress.

In this post we point out why extending HIPAA is not a viable solution and would potentially undermine the purpose of enhancing patients’ ability to access their data more seamlessly:  to give them agency over health information, thereby empowering them to use it and share it to meet their needs.

Continue reading…

Angels Have Our Health Data

A holiday song from @MLMillenson, December 2019

Angels we’ve heard from the Cloud on high
Or maybe it was Spotify.

Our health data’s floating hither and yon
Monetized by Google and Amazon.

Gloria, in excessive profits
Gloria, in excessive profits                                                                      

Investors, why this jubilee?
’cause you’ve made us healthy and absent pain?
Is care improved and costs controlled?
Or our data just fuels your capital gains?

Gloria, in excessive profits
Gloria, in excessive profits

Come to Silicon Valley and see
Start-ups whose birth the VC’s sing.
Come adore on bended knee
Promises of health care transforming.

Gloria, in excessive profits
Gloria, in excessive profits

Taking on Facebook for Health Data Privacy: Fred Trotter, CareSet Systems

By JESSICA DaMASSA, WTF HEALTH

While patients can often find comfort, compassion, and support in Facebook Groups dedicated to their health conditions, they don’t realize that their identity, location, and email addresses can be found quite easily by other members of their closed group — some of whom may not have well-meaning purposes for that information. Called a Strict Inclusion Closed Group Reverse Lookup (SICGRL) attack, this is a privacy violation of unprecedented magnitude. 

Fred Trotter is one of the leaders of a group of activists co-led by Andrea Downing and David Harlow that is taking on Facebook to correct this health data privacy violation. 

While this interview was filmed at Health Datapalooza in the Spring of this year, Fred has just published an update that details how Facebook continues to ignore the issue and remains unwilling to collaborate on a solution. 

Catch up on the background behind this data privacy issue — currently, one of the most important opportunities we as healthcare innovators have to learn about what NOT to do when it comes to user privacy and sensitive data. 

Registration

Forgotten Password?