health privacy – The Health Care Blog

Getting Ahead of Privacy and the CCPA – Healthcare Needs to Move Beyond HIPAA

Feb 18, 2020

By DAN LINTON

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Privacy concerns are on the rise. Over the last couple of years, survey after survey have clearly shown a dramatic rise in overall consumer privacy awareness and concern – driven primarily by the never-ending litany of ongoing data breaches that make the news.

The healthcare industry has been somewhat shielded from this, seemingly due to the trust that patients extend to their doctors and, by proxy, the organizations they work with. HITECH and HIPAA legislation have acted as a perceived layer of safety and protection.

But healthcare is not immune from privacy issues.

Most people aren’t even aware of the hundreds of data breaches of unsecured health information in the last 24 months which are being investigated by the U.S. Department of Health & Human Services Office for Civil Rights. In fact, research indicates that consumers still trust healthcare organizations with their data more so than many other industries.

But for how much longer?

Angels are Taking our Data

Dec 20, 2019• 1

By ePatient Dave deBronkart

A response to Michael Millenson’s holiday song

Angels seeking Clouds to buy
But healthcare’s not like Spotify
My health data’s here and yon
Monetized by Amazon

Gloria, in excessive profits
Gloria, it’s excessive net cash flow

Investors, why this jubilee?
You’ve done naught to soothe our pain
No care’s improved nor costs controlled
My data just fuels cap’tal gains

Gloria, in excessive profits
Gloria, it’s excessive net cash flow

Silicon Valley come and see
Start-up births thy VCs sing
Come invest on bended knee
But health care’s not yet transforming

Gloria, such excessive profits
Gloria, just excessive net cash flow

What Google Isn’t Saying About Your Health Records

Nov 14, 2019

By ADRIAN GROPPER, MD

Google’s semi-secret deal with Ascension is testing the limits of HIPAA as society grapples with the future impact of machine learning and artificial intelligence.

Glenn Cohen points out that HIPAA may not be keeping up with our methods of consent by patients and society on the ways personal data is used. Is prior consent, particularly consent from vulnerable patients seeking care, a good way to regulate secret commercial deals with their caregivers? The answer to a question is strongly influenced by how you ask the questions.

Here’s a short review of this current and related scandals. It also links to a recent deal between Mayo and Google, also semi-secret. A scholarly investigative journalism report of the Google AI scandal with London NHS Foundation Trust in 2016 might be summarized as: the core issue is not consent; it is a conflict of interest at the very foundation of the information governance process. The foxes are guarding the patient data henhouse. When the secrecy of a deal is broken, a scandal ensues.

The parts of the Google-Ascension deal that are secret are likely designed to misdirect attention away from the intellectual property value of the business relationship.