Panel: Big data’s role in healthcare remains unclear

Big data is an enigma when it comes to healthcare, as described by a panel on Wednesday at the third annual Health Privacy Summit in Washington, D.C., hosted by Patient Privacy Rights. On one hand, according to Deloitte principal Deborah Golden, there are infinite positive possibilities for big data use, such as improving patient safety via openly available medication information.

On the other hand, according to Harvard professor Latanya Sweeney, big data also represents big privacy issues.

“A lot of our problems come from giving data away,” Sweeney said.

Much of the conversation focused on those problems, particularly as they related to data being used without patient consent–or knowledge that they gave consent.

“In the U.S., we tend to take a sector-specific approach to privacy regulation,” David Jacobs, an attorney with the Electronic Privacy Information Center, said. “We’re nowhere near where we should be as far as consumer access to their own medical information to find out where it does and to exercise control over it.”

Sign the Petition for Patient-Controlled Exchange of Health Information

Sign the petition asking Congress to put you in control of exchanging your sensitive health data via Health Data Exchanges (HIEs)!

Sign the petition here.

By the end of the year, every state must have one or more Health Information Exchange (HIEs) so your health data can be transferred to other doctors, the state, the federal government, insurers, technology companies, researchers, commercial users, and many other institutions.

Today those institutions and organizations decide when and to whom to transfer your health data—not you.

KEY PRINCIPLES FOR DATA EXCHANGE USING HIEs:

• You should control whether or not your health information is exchanged.

• You should have full access to electronic copies of all your health information.

• You should know what information the HIE exchanges, stores or collects, with whom your data is shared, and the purpose for using it.

View and sign the petition asking Congress to strengthen the law so Americans can trust electronic health systems and data exchanges.

States’ Hospital Data for Sale Puts Privacy in Jeopardy

Before speaking at the 3rd Annual Summit on the Future of Health Privacy, Jordan Robertson did extensive research with Latanya Sweeney, PhD and theDataMap.org team to expose a nationwide privacy problem. MANY states are selling de-identified hospital records, which can be easily re-identified by using your local newspaper. Using other publicly available information makes re-identification even easier.

From Jordan Robertson’s article in Bloomberg News: States’ Hospital Data for Sale Puts Privacy in Jeopardy

Hospitals in the U.S. pledge to keep a patient’s health background confidential. Yet states from Washington to New York are putting privacy at risk by selling records that can be used to link a person’s identity to medical conditions using public information.

Consider Ray Boylston, who went into diabetic shock while riding his motorcycle in rural Washington in 2011. He careened off the road and was thrown into the woods, an accident that was covered only briefly, in the local newspaper. Boylston disclosed his medical condition and history to a handful of loved ones and the hospital that treated him.

After Boylston’s discharge, Washington collected the paperwork of his week-long stay from Providence Sacred Heart Medical Center in Spokane and added it to a database of 650,000 hospitalizations for 2011 available for sale to researchers, companies and other members of the public. The data was supposed to remain anonymous. Yet because of state exemption from federal regulations governing discharge information, Boylston could be identified and his medical background exposed using only publicly available information.

UofL professor wins health information privacy award

Patient Privacy Rights, a leading health privacy advocacy organization, will award one of its two annual Louis D. Brandeis Privacy Awards to University of Louisville professor Mark A. Rothstein on June 5 in conjunction with the Third International Summit on the Future of Health Privacy at the Georgetown University Law Center in Washington.

Established in 2012, the award is given with the approval of the Brandeis family and recognizes significant intellectual, cultural, legal, scholarly, and technical contributions to the field of health information privacy.

Rothstein holds the Herbert F. Boehl Chair of Law and Medicine at the UofL School of Medicine, and he also teaches at UofL’s Brandeis School of Law. The award’s ties to Brandeis make it especially meaningful to him, he said.

Patient Privacy Rights hires CTO

From the article and Q&A by Diana Manos in Health Care IT News: Patient Privacy Rights hires CTO

“Patient Privacy Rights appointed Adrian Gropper, MD as its first chief technology officer. Gropper is an expert in the regulated medical device field, an experienced medical informatics executive, and he has a long record of contributing to the development of state and national health information standards, according to a PPR news release.

Gropper, who has worked with federal initiatives and the Markle Foundation to help create the Direct Project’s secure email system and Blue Button technologies says he joins PPR because the challenges of runaway costs and deep inequities in the U.S. health system call for new information tools and inspired regulation.

“PPR’s deep respect for the medical profession and our total dedication to the patient perspective form the foundation for a series of policy and practice initiatives to shape health reform and electronic health systems,” Gropper said in the news release. “As a member of the PPR team, I look forward to driving a national consensus on the most difficult issues in the information age, including respectful patient identity, trustworthy consent, research acceleration, and effective public health.”

According to PPR, Gropper is a pioneer in privacy-preserving health information technology going as far back as the Guardian Angel Project at MIT in 1994. As CTO of one of the earliest personal health records companies, MedCommons, he actively participated in most of the PHR policy and standards initiatives of the past decade.”

See the full Q&A
See PPR’s Press Release

An American Quilt of Privacy Laws, Incomplete

The MOST “incomplete” US privacy law is HIPAA, which eliminated Americans’ rights to control the collection, use, disclosure and sale of their health data in 2001.

The new Omnibus Privacy Rule did not fix this disaster. It made things worse by explicitly permitting health data sales for virtually any purpose without patients’ consent or knowledge. These new regulations violate Congress’ intent to ban the sale of health data in the 2009 stimulus bill.

In addition to not being able to control personal health information Americans have no ‘chain of custody’ for their health data, so there is no way to know who is using or selling our health data.

We need a data map to track all the hidden users and sellers of our personal health information, from our DNA, to our diagnoses, to our prescription records:

  • -Watch Professor Sweeney describe the Harvard Data Privacy Lab/Patient Privacy Rights research project to track hidden users of our health data at: http://patientprivacyrights.org/thedatamap/
  • -WE NEED A DATA MAP TO SHOW THE GOVERNMENT IT’S TIME TO FIX THIS PRIVACY DISASTER!

Attend or watch the next health privacy summit June 5-6 in Washington, DC to learn about these urgent health data problems and potential solutions:

Re: The Internet is a surveillance state

In response to the CNN article by Bruce Schneier: The Internet is a surveillance state

Bruce Schneier is wrong. Privacy is not over — the public is just now learning how invasive Internet technology, tech corporations, and government really are, and that they ACT to protect and maintain the US surveillance economy. When enough citizens tell Congress and the President to stop, this privacy disaster will stop.

The public is just beginning to WAKE UP. Today is the start of privacy in the Digital Age in the US, not the end.

It’s a lie that people happily give up privacy for “targeted ads” — tech giants like Google, Facebook, etc. have PREVENTED us from having apps and tools that enable privacy (ie, our right TO control personal information online). We have NO choices because government and the data mining industry have prevented us from having meaningful choices.

Signs of intelligent life in the Universe:

  • Attend or watch the 3rd International Summit on the Future of Health Privacy (its free). The EU Data Protection Supervisor will keynote and so will the US Chief Technology Officer—-the stark differences between US and EU data protections will be discussed—register at: http://www.healthprivacysummit.org/d/vcq3vz/4W
  • SnapChat—millions of free downloads of an app that shows people want technology that gives THEM control over their data: single use of info (a picture in this case) and the ability to delete info. See: http://patientprivacyrights.org/2013/02/snapchat-and-the-erasable-future-of-social-media/
  • A recent Pew Research Center study found smartphone users are taking action to protect their privacy:
  • The default for Microsoft’s Windows 8 browser is ‘Do Not Track’
    • Microsoft’s Chief Privacy Officer Brendon Lynch said a recent company study of computer users in the United States and Europe concluded that 75 percent wanted Microsoft to turn on the Do Not Track mechanism. “Consumers want and expect strong privacy protection to be built into Microsoft products and services.”
    • See more in the New York Times article: Do Not Track? Advertisers Say ‘Don’t Tread on Us’

DONATE to help Latanya Sweeney and Patient Privacy Rights build a health data map—-we MUST prove that thousands of hidden data users are stealing, using , and selling our personal health data: http://patientprivacyrights.org/donate/

SEE Latanya describe thedataMap at: http://patientprivacyrights.org/thedatamap/
This is the beginning of privacy, the war has just begun.

Privacy Piracy Interview with PPR Founder

PRIVACY PIRACY HOST, MARI FRANK, ESQ. INTERVIEWS
DEBORAH PEEL, MARCH 11TH, 2013

On Monday, March 11th, 2013 Deborah C. Peel, MD, founder & chair of Patient Privacy Rights, was interviewed on Privacy Piracy with Mari Frank.

Among the topics of discussion were:

  1. The current state of Health Privacy
  2. How can individuals help to save and strengthen health privacy rights?
  3. What is the focus of the third International Summit on the Future of Health Privacy?

Should the U.S. Adopt European-Style Data-Privacy Protections?

You can read more of the Wall Street Journal debate between Joel R. Reidenberg (Yes) & Thomas H. Davenport (No) here: Should the U.S. Adopt European-Style Data-Privacy Protections?

This urgent issue will be debated at the 3rd International Summit on the Future of Health Privacy in Washington, DC on June 5-6, 2013 at Georgetown Law Center.

The opening keynote will be Peter Hustinx, the EU Data Protection Supervisor: A health check on data privacy”

Register to attend at www.healthprivacysummit.org .

theDataMap™

theDataMap™ is an online portal for documenting flows of personal data. The goal is to produce a detailed description of personal data flows in the United States.

A comprehensive data map will encourage new uses of personal data, help innovators find new data sources, and educate the public and inform policy makers on data sharing practices so society can act responsibly to reap benefits from sharing while addressing risks for harm. To accomplish this goal, the portal engages members of the public in a game-like environment to report and vet reports of personal data sharing. More…

Members of the public sign-up to be Data Detectives and then work with other Data Detectives to report and vet data sharing arrangements found on the Internet. Data Detectives are responsible for content on theDataMap™.

See the debut of theDataMap™ from the “Celebration of Privacy” during the 2nd International Summit on the Future of Health Privacy here: