Groups develop privacy framework for health IT

To view the full article, please visit Groups develop privacy framework for health IT.

An article written at ModernHealthcare.com about our new Privacy Trust Framework explains how the framework came into being and what it’s major principles are.

Key quote from the article:

“‘This comes from what the American public wants and was devised by Microsoft and PricewaterhouseCoopers,’ Peel said. ‘Some of the bigger corporations see the future as the public controlling things. Microsoft wanted to distinguish itself from Google Health (its one-time rival as a developer of PHR platforms) and wanted HealthVault to be the privacy place and wanted to compete in that way.’ PricewaterhouseCoopers saw a future auditing opportunity, she said. ‘We’re now moving with the Blue Button where patients can access their information and control it. The ultimate consumer is the patient.’”

The Privacy Trust Framework can be found here.

Framework Outlines Key Principles for Protecting Privacy of Patient Data

To view the full article, please visit Framework Outlines Key Principles for Protecting Privacy of Patient Data.

iHealthBeat released an article about the Privacy Rights framework explaining its goals and principles.

Key quote from the article:

“The framework aims to help health care organizations measure how well their IT systems and research projects meet certain best practices for protecting patient privacy.

Patient Privacy Rights eventually intends to develop a system to license organizations based on their privacy policies and practices.”

The full Privacy Trust Framework can be viewed here.

New Framework Details 15 Core Health Privacy Principles

To view the full article, please visit New Framework Details 15 Core Health Privacy Principles.

HealthDataManagement.com recently posted this article about Patient Privacy Rights’ Privacy Trust Framework. The article tells HealthDataManagement readers “The Framework is designed to help measure and test whether health information systems and research projects comply with best privacy practices in such areas as whether patients have control over their protected health information, an organization obtains meaningful consent before disclosing data and obtains new consent before secondary data use occurs, patients have the ability to selectively share data, and the organization uses servers housed in the United States, among other factors.”

The key principles for our Privacy Trust Framework:

*Patients can easily find, review and understand the privacy policy.

* The privacy policy fully discloses how personal health information will and will not be used by the organization. Patients’ information is never shared or sold without patients’ explicit permission.

* Patients decide if they want to participate.

* Patients are clearly warned before any outside organization that does not fully comply with the privacy policy can access their information.

* Patients decide and actively indicate if they want to be profiled, tracked or targeted.

* Patients decide how and if their sensitive information is shared.

* Patients are able to change any information that they input themselves.

* Patients decide who can access their information.

* Patients with disabilities are able to manage their information while maintaining privacy.

* Patients can easily find out who has accessed or used their information.

* Patients are notified promptly if their information is lost, stolen or improperly accessed.

* Patients can easily report concerns and get answers.

* Patients can expect the organization to punish any employee or contractor that misuses patient information.

* Patients can expect their data to be secure.

* Patients can expect to receive a copy of all disclosures of their information.

The full framework can be viewed at Privacy Rights Framework.

The Immortal Life of Henrietta Lacks, the Sequel

This is an amazing article written by Rebekah Skloot, author of ‘The Immortal Life of Henrietta Lacks’, demanding consent and trust.

Rebecca is right—-the only way Americans will trust researchers is when they are treated with respect and their rights of consent for use of genomes and genetic information is restored.

The public does not yet realize that they have no control over ALL sensitive health information in electronic systems. We have NO idea how many hundreds of data mining and research corporations are collecting and using our blood and body parts. We ALSO have no control over our sensitive health information in electronic systems violating hundreds of years of privacy rights.

This week the many stories about CVS showed employers can force employees to take blood tests, health screenings, and be forced into “wellness” programs–all of which REQUIRE collection of sensitive health information—which employees cannot control.

We have NO map of who collects and uses personal health data—Henrietta Lacks family was NEVER asked for consent to use her genome.

Contribute to build a map to track the thousands of hidden users of health data at: www.localhost:8888/pprold

Attend or watch the 3rd International summit on the Future of Health Privacy (free). Register at: www.healthprivacysummit.org

Big Data Is Opening Doors, but Maybe Too Many

To view the full article, please visit Big Data Is Opening Doors, but Maybe Too Many.

Steve Lohr likens today’s Big Data issues to the introduction of the mainframe computer in the 1960s. Even then, new technology threatened the “common notions of privacy”.

A few key quotes from the article:

“…the latest leaps in data collection are raising new concern about infringements on privacy — an issue so crucial that it could trump all others and upset the Big Data bandwagon. Dr. Pentland is a champion of the Big Data vision and believes the future will be a data-driven society. Yet the surveillance possibilities of the technology, he acknowledges, could leave George Orwell in the dust.”

“The World Economic Forum published a report late last month that offered one path — one that leans heavily on technology to protect privacy. The report grew out of a series of workshops on privacy held over the last year, sponsored by the forum and attended by government officials and privacy advocates, as well as business executives. The corporate members, more than others, shaped the final document.”

Re: Your Online Attention, Bought in an Instant

Natasha Singer unearths more about the instantaneous selling of intimately detailed profiles about Americans in her article in The New York Times: Your Online Attention, Bought in an Instant

Best case: We get more ‘targeted’ ads. We supposedly want personalized ads so badly that we willingly give up deeply intimate portraits about who we are to the hidden data mining industry forever. Really? When did we ever have ANY meaningful choice about who collects and sells our most intimate personal information? See Duhigg’s NYTimes story.

Worst case: Hidden, technology enabled discrimination prevents us from getting jobs and destroys our reputations before anyone will meet with us. Companies like Rubicon literally know more about us than our partners, our mothers or fathers, our best friends, our children or our psychoanalysts. This information is used to harm us—-read Prof Sweeney’s paper on how ads like “YOUR NAME, arrested?” pop up next to the names of African-Americans but NOT next to Anglo-sounding names. What happens when future employers see ads like that when searching for information about you online? Read her paper here.

HELP FIX THIS PRIVACY DISASTER
HELP BUILD a map that tracks all hidden users and sellers of our sensitive health information.
DONATE to the Harvard/Patient Privacy Rights’ research project at: https://org2.democracyinaction.org/o/6402/donate_page/donate-to-thedatamap

European citizens have far stronger protections for their sensitive health and personal data than US citizens.
Learn why and learn about solutions to strengthen US data protections. Register for free to attend the 3rd International Summit on the Future of Health Privacy June 5-6 in DC: www.healthprivacysummit.org

Re: The Internet is a surveillance state

In response to the CNN article by Bruce Schneier: The Internet is a surveillance state

Bruce Schneier is wrong. Privacy is not over — the public is just now learning how invasive Internet technology, tech corporations, and government really are, and that they ACT to protect and maintain the US surveillance economy. When enough citizens tell Congress and the President to stop, this privacy disaster will stop.

The public is just beginning to WAKE UP. Today is the start of privacy in the Digital Age in the US, not the end.

It’s a lie that people happily give up privacy for “targeted ads” — tech giants like Google, Facebook, etc. have PREVENTED us from having apps and tools that enable privacy (ie, our right TO control personal information online). We have NO choices because government and the data mining industry have prevented us from having meaningful choices.

Signs of intelligent life in the Universe:

  • Attend or watch the 3rd International Summit on the Future of Health Privacy (its free). The EU Data Protection Supervisor will keynote and so will the US Chief Technology Officer—-the stark differences between US and EU data protections will be discussed—register at: http://www.healthprivacysummit.org/d/vcq3vz/4W
  • SnapChat—millions of free downloads of an app that shows people want technology that gives THEM control over their data: single use of info (a picture in this case) and the ability to delete info. See: http://patientprivacyrights.org/2013/02/snapchat-and-the-erasable-future-of-social-media/
  • A recent Pew Research Center study found smartphone users are taking action to protect their privacy:
  • The default for Microsoft’s Windows 8 browser is ‘Do Not Track’
    • Microsoft’s Chief Privacy Officer Brendon Lynch said a recent company study of computer users in the United States and Europe concluded that 75 percent wanted Microsoft to turn on the Do Not Track mechanism. “Consumers want and expect strong privacy protection to be built into Microsoft products and services.”
    • See more in the New York Times article: Do Not Track? Advertisers Say ‘Don’t Tread on Us’

DONATE to help Latanya Sweeney and Patient Privacy Rights build a health data map—-we MUST prove that thousands of hidden data users are stealing, using , and selling our personal health data: http://patientprivacyrights.org/donate/

SEE Latanya describe thedataMap at: http://patientprivacyrights.org/thedatamap/
This is the beginning of privacy, the war has just begun.

Health IT Gurus predict the Next Big App

To view the full article, please visit Health IT Gurus predict the Next Big App.

“Mobile healthcare apps are multiplying fast and putting a vast array of new tools in the hands of patients and the providers who deliver their care. The pace and scope of innovation makes it hard to imagine what app developers will create next. So we put the question to some of the thinkers in the best position to know what’s needed and what’s possible.”

Here are a few key quotes from the article:

Dr. Deborah Peel, founder of Patient Privacy Rights Foundation, a privacy advocacy organization:

“People want control of their information. They want to be able to decide who sees it and make it go away. And so I think that the next big thing in healthcare is going to be that kind of control for patients over their information.”

Dr. Farzad Mostashari, head of the Office of the National Coordinator for Health Information Technology at HHS:

“We are going to be in an era where everyone is going to be looking to improve health and healthcare at lower cost. And we are going to be looking at every underutilized resource in healthcare. And the greatest, the most underutilized resource in healthcare is the patient and their family members…”

Re: PNAS study on predicting human behavior using digital records

Picture a box with 2,000 or 10,000 puzzle pieces inside—any one puzzle piece reveals nothing about the picture. But when all the pieces are assembled, an incredibly detailed picture FULL of information is created.

The data mining industry—including Google, Facebook, Acxiom and thousands more unknown corporations and foreign businesses—assembles the puzzle of who we are from thousands of bits of data we leave online. They know FAR MORE than anyone on Earth knows about each of us—more than what our partners, our moms and dads, our best friends, our psychoanalysts, or our children know about us.

The UK study shows how easy it is for hidden data mining companies to intimately know us (and sell) WHO WE ARE.

Most Americans are not aware of the ‘surveillance economy’ or that data miners can easily collect intimate psychological and physical/health profiles of everyone from online data.

The study:

  • “demonstrates the degree to which relatively basic digital records of human behavior can be used to automatically and accurately estimate a wide range of personal attributes that people would typically assume to be private”
  • “is based on Facebook Likes, a mechanism used by Facebook users to express their positive association with (or “Like”) online content, such as photos, friends’ status updates, Facebook pages of products, sports, musicians, books, restaurants, or popular Web sites”
  • correctly discriminates between:
    • homosexual and heterosexual men in 88% of cases
    • African Americans and Caucasian Americans in 95% of cases
    • between Democrat and Republican in 85% of cases
    • For the personality trait “Openness,” prediction accuracy is close to the test–retest accuracy of a standard personality test

The “surveillance economy” is why the US needs FAR STRONGER LAWS at the very least to prevent the hidden collection, use, and sale of health data, including everything about our minds and bodies, unless we give meaningful informed consent.

This urgent topic, ie whether the US should adopt strong data privacy and security protections like the EU—will be debated at the 3rd International Summit on the Future of Health Privacy June 5-6 in DC (it’s free to attend and will also be live-streamed). Register at: www.healthprivacysummit.org

Re: Celebrity Credit Reports and more, hacked

Multiple celebrities have had their personal information hacked and posted online recently, and this is nothing new. We’ve seen breaches of health information of celebrities in the past, and this will continue to happen, even when privacy and security is a top priority as it is in financial institutions and credit bureaus.

It is critical that privacy be the foundation in Health IT, or Americans’ health information will be the most valuable and available information on the market.

From the Fast Company Article: Michelle Obama’s Credit Report Hacked

“Three of the major credit agencies were hacked and information about Michelle Obama, Beyonce and numerous other celebrities has been leaked on an unnamed website, gossip site TMZ first reported on Tuesday.

Experian, TransUnion, and Equifax confirmed to Bloomberg News that they had found cases where information had been accessed unlawfully by hackers.”