Healthcare Information Security

Patient Privacy News

Considering Healthcare Data Privacy with Health Data Sharing

Healthcare data privacy is not necessarily compromised in data sharing initiatives, but data collection and privacy policies need to be transparent.

By Elizabeth Snell

Information sharing is not without certain healthcare data privacy risks, but the potential rewards should be understood so individuals can make an educated choice when considering the trade off, according to Dr. Joseph Kvedar.

Health data privacy important aspect to health data sharing

In a recent blog post, Kvedar explains that cybersecurity threats are continuing to evolve, which could leave consumer data either stolen or leaked. However, there is also much to gain through healthcare data sharing.

“The same information that can be used to create highly personalized programs to help people stay healthier and happier, can also be a key factor in improving efficiencies and reducing healthcare costs,” writes Kvedar, who is also vice president of Connected Health at Partners HealthCare. “Further, it’s been shown that sharing data with providers, friends or social media groups can actually help people stay on track with their health and wellness goals.”

Kvedar adds that there is always some sort of potential risk when sharing personal information. When it comes to healthcare data privacy though, communicating and sharing that data with providers is worth the potential risk.

Not all companies are forthcoming in their privacy policies, which can be a turnoff for some consumers, he states. This could prevent individuals from knowing how their data will be used or potentially shared with other organizations.

Furthermore, data breaches that make the headlines are constant reminders of what could happen to individuals’ personal information.

“We can combat much of consumers’ fear by making privacy policies transparent; putting a halt to spying on people without their consent and creating systems to keep data confidential,” Kvedar says. “Bottom line, the rights of individuals must be protected, and organizations – healthcare providers included – need to do a better job explaining privacy issues and safeguards.”

Healthcare payers, providers, and other organizations in the industry must remain transparent and forthcoming in their privacy policies, he maintains. The language should be simple so consumers can understand exactly how their data may be used.

Finally, consumers should understand that “there’s no such thing as a free app.”

“If it’s a free service, more than likely the business model will sell advertising – or data – including subscriber lists, to marketers,” warns Kvedar. “In most cases, without this revenue stream, there would be a fee attached to the service.”

Overall, individuals need to understand what they will be gaining through sharing their healthcare information, and not just be worrying about the potential healthcare data privacy risks.  

Kvedar raises quality concerns though, especially when it comes to healthcare applications. The Office of the National Coordinator (ONC) recently collaborated with the Federal Trade Commission (FTC), the Food and Drug Administration (FDA) and the HHS Office for Civil Rights (OCR) to create an informative online tool about mobile application security.

Application developers must be mindful of potential mobile security issues and any applicable regulatory requirements as they create new health apps, according to ONC.

This interactive tool helps guide developers through a short assessment of their app with a series of questions about the nature of the app, including its function, the data it collects, and the services it provides to its users,” ONC Chief Privacy Officer Lucia Savage, J.D. and ONC Senior Health Information Privacy Program Analyst Helen Caton-Peters, MSN, RN wrote in a blog post.

Not only should HIPAA regulations be considered in the development process, but developers must also consider the FTC Act, the FTC’s Health Breach Notification Rule, and the Federal Food, Drug and Cosmetics Act (FD&C Act).

Dig Deeper:

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks