National Health Database: Good Medicine Or Privacy Nightmare? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Healthcare // Electronic Health Records

National Health Database: Good Medicine Or Privacy Nightmare?

State health information exchanges could eventually pool patient data into a vast national database, but privacy advocates have significant concerns.

from consumers' medical data. And they wonder whether the government has other reasons for seeking such personal information from everyone -- even those it does not insure or treat.

For example, what if healthcare providers, government agencies, insurers, or self-insured employers were to marry consumers' health records with voluntarily revealed information from social media posts, or credit report data? Some insurers already buy consumer information from data brokers to identify high-risk patients -- those who smoke, regularly eat at fast food restaurants, or drink excessive amounts of alcohol, for example -- and use predictive modeling to find those patients who need the most medical attention.

Critics also worry that a nationwide central database could become a "back door" into other issues. Florida, for example, recently barred physicians from asking patients about gun ownership -- a ruling lobbied by the National Rifle Association, among other groups. The Firearm Owners' Privacy Act, which passed in 2011 in response to the American Medical Association's plea to promote safe gun ownership, was appealed but upheld in court. The Act, which aimed to help doctors discuss gun safety and storage, represented a privacy breach to some who worried it enabled government or other agencies to accumulate information about gun owners.

According to the Christian Science Monitor, for example, one physicians' office separated a mother from her children in order to question the youngsters about the family's gun ownership; in another case a pediatrician reportedly refused to serve a mother who declined to answer a question about guns. Judges ruled, however, that doctors are encouraged to ask about guns if relevant, such as in the case of someone threatening suicide, judges ruled.

Still, the likelihood of a national health record database being developed is slim, according to John Hoffstatter, a physician assistant and delivery director, advisory services, at CTG Health Solutions in Jacksonville, Fla. "Interoperability is just not where it needs to be," he said in an interview.

Given breaches like last month's hacking of Community Health Systems' network, consumers will be more concerned about data security, Hoffstatter pointed out. "People are more aware of breaches and the dangers they pose."

Chris Zannetos, CEO and founder of security developer Courion, agreed. "The advent of one health database is unlikely," he said, pointing to the industry's current integration woes, multiple disparate systems, and protection worries.

"Security professionals would look at this in contradictory ways," he noted. "On one hand, they would be extremely worried if the government had a single repository for all that information because it creates a single point of failure. From a security and privacy perspective, actually having information dispersed is in many ways viewed as optimal -- you don't have single point of failure or that catastrophic breach where everything is exposed." "On the other hand," Zannetos continued, "from healthcare provider's viewpoint, if there was a way for doctors to see all a patient's records, it would improve care."

Creating a central medical database is both a security risk and potentially beneficial, Cobb agreed. "There are trends in technology that would facilitate the move to that, and reasons to think it could be a good thing from a security and privacy view," he said. "If a central repository for everyone's healthcare data [became] a crown jewels situation, protected by people whose job is to protect things -- not people whose job is to treat patients."

If the world wasn't changing, we might continue to view IT purely as a service organization, and ITSM might be the most important focus for IT leaders. But it's not, it isn't and it won't be -- at least not in its present form. Get the Research: Beyond IT Service Management report today. (Free registration required.)

Alison Diana has written about technology and business for more than 20 years. She was editor, contributors, at Internet Evolution; editor-in-chief of 21st Century IT; and managing editor, sections, at CRN. She has also written for eWeek, Baseline Magazine, Redmond Channel ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 6   >   >>
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
9/10/2014 | 7:49:54 AM
Re: hours?
@Alison: Actually, now that you mention it, they gave me a survey to assess how -- if at all -- depressed I was.

Hmmm...
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
9/8/2014 | 10:07:34 AM
Re: Little of both
A national database would provide researchers, government, pharmaceutical companies, and others with tremendous insight into all sorts of things. For example, they could know, in real-time, when and where people are getting contagious diseases like flu, measles, or mumps, then act accordingly. It would also help combat things like Ebola and MERS, as well as cancer. As you say, @pfretty, it would be vital for buy-in that any and all participants reassure the general public about the sanctity of this data, that it's truly de-identified, and secure. Without those valid assurances, then the repercussions could be dangerous (as in some people might avoid healthcare, lie to clinicians, etc.).
pfretty
50%
50%
pfretty,
User Rank: Ninja
9/8/2014 | 9:29:31 AM
Little of both
Assuming organizations are diligent in complying with best practices, this goal of a centralized health database has far more benefits than detractors. Not only could it help ease usage when people travel, it also opens up the opportunity for strategic big data analysis that could help create better interfaces and treatments. Insight discovery is one of the most powerful goals as echoed in a recent SAS survey. The more organizations understand their environment, the better they operate. The key is compliance and adhereance to proven security tactics. 

 

Peter Fretty
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
9/2/2014 | 9:33:52 AM
Re: Sounds like a fairy tale more than a nightmare
Thanks for the international perspective, @Li Tan. Would you prefer to have your healthcare providers linked, so you (ideally, anyway!) didn't have to repeatedly provide new doctors or testing centers with the same information? Or do you prefer the way your healthcare system is structured? Is China looking to a more integrated network or is it keeping the status quo? It's fascinating to learn how other nations tackle this common problem: I think all countries face the same challenges -- trying to reduce the cost of care, while simultaneously improving the quality and scope. 
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
9/2/2014 | 9:30:09 AM
Re: hours?
Did the doctor's office say or do anything after you checked the "no" box, Joe? Like you, I certainly read the fineprint very carefully these days, although I wish I had gone to law school sometimes because some providers' paperwork is far from clear. I've never had a problem when I won't give an SSN, although I'm amazed at how many offices still include that line in their forms. 
Li Tan
50%
50%
Li Tan,
User Rank: Ninja
9/2/2014 | 1:43:48 AM
Re: Sounds like a fairy tale more than a nightmare
Some cents from my side - in China we are far from establishing a centralized data warehouse to store personal health information. Even different hospitals are not interconnected and patient information is not shared. In other words, you need to create a new profile if you change the hospital! So the threats/fairy tale described in this post should not happen in short term in China.:-)
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
8/29/2014 | 10:28:40 PM
Re: Another Epic Government Fail to Screw Americans
@Susan: There's also insurance carriers.  Cyberinsurance carriers may require their clients to do more than the bare minimum.  What's more, some take measures to help ensure that their clients have better security, including training.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
8/29/2014 | 3:37:48 PM
Re: hours?
@Alison: I suppose that's true (re: the cumulative effect).  At the same time, from a risk standpoint, I'm not convinced it's worth it -- especially considering the heightened spotlight being shed on data breaches.

At my most recent physical, I was given a very lengthy, fine-print consent document to sign regarding putting all of my health data in a third-party-maintained public cloud database.  Given that the words "secure database" were used so often, the rather extreme fearmongering language used to coax me into signing (i.e., that i might not get the best medical care in an emergency), and my specialized knowledge of the subject of healthcare data security, I quickly checked "No, I do not consent" before I finished reading even half of it.

I've already had one compromise of my electronic health data.  I don't care for another.
progman2000
50%
50%
progman2000,
User Rank: Ninja
8/29/2014 | 9:16:49 AM
Re: Sounds like a fairy tale more than a nightmare
Yes - the whole basis of our application is to collect the whirl wind of documentation that surrounds a patients visit, he had no concept of any of that.  We didn't didn't hire him although it would have been interesting to see how he would have worked out.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/29/2014 | 9:06:33 AM
Re: Sounds like a fairy tale more than a nightmare
It is interesting to hear how different countries operate. I come from the UK originally, home of course to National Health which is also run by government. As I recall (I was a child when I relocated to US), you're given a National Health number when you're born (we don't have SSNs in UK). So of course the government knows all your health info. OTOH, you cannot be deprived of health insurance, irregardless of your condition. And, contrary to some things I've seen online, if you're wealthy enough or choose to spend your hard-earned money in this manner, you can purchase private insurance. 

Was this gentleman surprised at the complexity of the US system, since it's private instead of government-run? Really interesting story!
Page 1 / 6   >   >>
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
Commentary
If DevOps Is So Awesome, Why Is Your Initiative Failing?
Guest Commentary, Guest Commentary,  12/2/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll