The proliferation of fitness devices like the Fitbit, health monitoring applications and advancements in social media and mobile device technology provide new opportunities for health care providers, but also raise some pertinent privacy issues, according to a report from the California HealthCare Foundation.
The author of the report, health economist and consultant Jane Sarasohn-Kahn, concludes the proliferation of extremely large databases of health information challenge regulators’ and society’s ability to ensure individuals’ data rights and privacy.
For example, while personal health information held by health care providers and insurers is protected under the Health Insurance Portability and Accountability Act (HIPAA), many other sources of consumer data are not covered and can be disclosed to third parties.
The report notes user-generated data that could be used in health profiling are held by gyms, Websites, banks, credit card companies, cosmetic medicine groups, fitness clubs, home testing labs, massage therapists, nutrition counselors, alternative medicine practitioners, disease advocacy groups, and marketers of non-prescription health products and foods.
Another form of consumer-generated data is personal check-ins on social networks. So far, the growth and adoption of sites like Facebook, Foursquare and others have outpaced public policies designed to protect the privacy of consumers.
The report warns data shared on a social networking site can become a “digital tattoo” for a consumer, and it is almost impossible to remove.
However, several projects and companies are developing tools for consumers to control their user-generated data. The personal data locker is one such concept.
Former chief medical officer of Practice Fusion, Dr. Robert Rowley, is developing FlowHealth, a next-generation communication platform for care teams and patients, facilitating transitions of care, and aggregating patient-centered data from the sources where it is found.
The health care industry and pharmaceuticals sector already have a high volume of security incidents and slow response times, according to a May report from BitSight Technologies.
In addition, the average number of days between the first time BitSight observes an event to the last time, also known as the event duration, is longer than any other industry, at 5.3 days.
The sector also saw the largest percentage increase in the number of security incidents observed by BitSight over the time period.
A report earlier this year from Accenture revealed that although the vast majority of U.S. patients want to control their health data, more than half (55 percent) believe they do not have very much—or any—control over their medical information.