Saturday, January 31, 2015

Uncertain Health in an Insecure World – 21

“Expectations of Health Privacy – Paradise Lost?”

There is nothing more injurious to the human psyche than a violation of personal privacy.

Humans in most countries and cultures value privacy, linked to the shame and humiliation that we all feel, rightly or wrongly, when others see what we are “willing to do only if no one else is watching”. It resides deep in our primitive hind brains. Privacy is so important that its loss in Paradise is of biblical proportions in the world's Abrahamic religions.

Every digital world citizen should listen to reporter Glenn Greenwald’s October 2014 TEDGlobal talk titled “Why Privacy Matters”. Greenwald plumbs the deeply held human privacy instinct in the face of recent data revelations by Edward Snowden and others. Whether WIKI leaked to the press, posted on YouTube, or whispered in a hospital hallway, such violations are deeply hurtful, and have very real consequences for many victims.

Greenwald’s TED talk touches lightly on health privacy issues (“… things to hide”), but zeroes in on the pernicious role of personal big data sharing and for-profit data redistribution platforms such as Facebook and Google. We’ll see how these connect in frightening ways shortly… 

But some health privacy background might help.

In medicine and other health professions, caregivers are sworn to maintain the confidentiality of their patients’ medical stories and records. Patients rightfully expect that what they tell their doctor, psychologist, dentist and nurse will not be shared with others unless there is an absolute medical necessity tied to their well-being.

In addition to these accepted oaths and norms of health professional conduct, health information privacy laws have emerged in most developed world jurisdictions in the past twenty years. These laws codify the rights of patients to privacy under most circumstances, and provide civil and criminal penalties for violations, whether unintentional or malicious. 

The original intention of laws such as the U.S. Health Insurance Portability and Accountability Act - (HIPAA, or Kennedy-Kassebaum Act) of 1996 was primarily to prevent health insurance companies from denying continuing coverage to those moving from state to state, due to their unapproved covert discovery in medical records of pre-existing medical conditions. Such conditions were commonly used as a reason to deny health insurance coverage & benefits, which still remains a real risk despite laws like HIPAA.

Over the past two decades, driven by the desire of public and private health insurers to better manage the costs and paths of care, the electronic medical record (EMR) has emerged as the new reality within modern health care systems. These EMR’s, largely designed for the expensive inpatient hospital care setting, are being rapidly on-boarded at hospitals and clinics to track utilization costs that are the basis for reimbursement to health care systems and doctors. The emergence of alternative payment models – pay for good performance and penalties for poor quality (like <30 day hospital re-admissions) – are now an accepted cost of doing business in the health care sectors of many developed world countries.
Of course, when hundreds of thousands of people (i.e. EMR “approved users”) enter, access and transfer health information into and through massive databases that are controlled and managed by “custodians” – two common problems emerge. The first problem fulfills the garbage in-garbage out adage, reflecting the degradation of data over time due to serial un-reconciled problems with EMR data entry errors, care complexity, software & operating system updates, and inpatient-outpatient system interoperability. Users interfacing with these EMR’s express their frustration and helplessness; eventual system performance failures ensue. 

The second problem is the risk to privacy associated with the churning of such patient data through health systems, insurance companies, and governmental agencies. These entities have appropriately strict risk management rules to mitigate their exposure to loss of privacy problems & penalties. Unfortunately, these rules and laws are subject to human error and foibles. The stolen clinical trial investigator laptop computer with unencrypted patient data is the poster child for personal health information (PHI) loss, and a sentinel event for system failure. The lure of personalized or precision medicine tied to one’s genetic make-up, is highly leveraged on the capacity of big data managers and analytics to safely and securely manage de-identified PHI (see post #18).

Recent revelations are even more disturbing!

On January 24, 2015, the Associated Press (AP) reported that the U.S. website enrolling patients in Obamacare insurance plans was “… quietly sending consumers’ personal data to private companies that specialize in advertising and analyzing Internet data for performance and marketing”. Read – Google, Twitter and Facebook!!!

That same day in a New York Times Op.Talk piece by Anna North, privacy law professor Woodrow Hartzog queried, “Are third party recipients of this information allowed to share with other people? Are they under an obligation to keep from trying to re-identify that (PHI) information?” 

In the days ensuing, the Obama Administration argued that “private sector tools” were essential to standing up a consumer-focused ‘Window Shopping’ feature on the once-failing web site. Amid a public outcry over privacy, the Obama Administration then relented by scaling back public-private information sharing and adding more layers of data encryption.

Do you feel more secure after this health privacy asteroid near-miss?

Privacy is reflexive… a core bodily function… likely breathing air, or swallowing food.

Let's be serious about protecting ourselves from abuses, wherever they lurk in the Square.

No comments:

Post a Comment