Health care is big business, and everyone wants in on the game. But it’s not a game. In the rush to develop the latest innovation or disruptor, and despite HIPAA’s protections, concerns remain around protecting the privacy of our health data in the digital age.
More than 80% of hospitals and office-based physicians are now using electronic health record systems, so there’s plenty of data to slice and dice, and big tech companies are eager to get at it for largely noble purposes. Nonetheless, how vulnerable is our private health data in the digital age? The Wall Street Journal’s video journalism team explains how three companies are using our health data right now in Why Big Tech Wants Access to Your Medical Records.
One tech innovator, for example, allows physicians to recommend products and services for patients from within their EHR. It creates a digital shopping list for the patient, who can easily select any of the recommended products and services. When the patient selects an item, a connection is made directly with the vendor’s site. This level of convenience likely improves the rate at which patients adopt the recommendations of their doctors.
A vendor on the platform provides patients with transportation to and from surgeries and appointments. Since transportation issues can prevent some individuals from receiving needed care, that service may help address an important social determinant of health. Other vendors might provide products like compression socks, vitamins, instructional videos, newsletters and more.
One of the concerns from a privacy perspective, however, is that all this information is connected through the patient’s EHR. The current data-sharing industry is opaque to the consumer, and nondisclosure agreements that require secrecy between companies and their medical partners are common. If a vendor in this sort of agreement is receiving its orders for products and service via technology within the patient’s EHR, can the patient be truly confident their personal health data is protected and safe?
The biggest concern is that the personal health data we relinquish, knowingly or not, may eventually be used to exclude sick people from employment or insurance coverage. If an algorithm can perform a risk assessment to identify people at risk of a disease even before they’re symptomatic, the potential to intervene and resulting health benefits are obvious. But might the same algorithm be used to refine actuarial science, making it harder to get life or disability insurance?
HIPAA, the Health Information Portability and Accountability Act, became law in 1996, well before Google and Facebook came along and when Amazon was just a toddler, the Wall Street Journal notes. Technology has outpaced regulation, leaving our medical histories vulnerable. Therefore the health care industry and its innovative big tech partners must do everything they can to protect our health data, because current laws and regulations may not.
Is your organization ready to “have the talk” and demonstrate sound stewardship of taxpayer funds? Consider these strategies to help prepare and lead this i...