Security and Privacy of Patient Data Subject of Regulatory Hearing

Representatives of patients, providers, insurers and tech companies testify before federal panel yesterday at the HIT Policy Privacy & Security Tiger Team Virtual Hearing on Accounting for Disclosures.

“We believe it’s the patient’s right to have digital access that is real-time and online for accounting of disclosures,” said Dr. Deborah Peel, the head of Patient Privacy Rights, a group she founded in 2004. Patients “need and want the data for our own health. We need to have independent agents as advisors, independent decision-making tools, we need independence from the institutions and data holders that currently control our information. We need to have agents that represent us, not the interests of corporations,” she said.

“I think the day will come when people will understand that their health information is the most valuable personal information about them in the digital world and that it’s an asset that should be protected in the same way that they protect and control their financial information online,” Peel said.

To view the full article click Security and Privacy of Patient Data Subject of Regulatory Hearing

To view a PDF of the hearing click HIT Policy Privacy & Security Tiger Team Virtual Hearing on Accounting for Disclosures

 

Patient privacy evangelist, analytics officer spar over data rights

To view the full article, please visit: Patient privacy evangelist, analytics officer spar over data rights

“…At the HIMSS Media/Healthcare IT News Privacy and Security Forum in Boston, patient privacy advocate Deborah Peel, MD, of Patient Privacy Rights, and UPMC Insurance Services Division Chief AnalyticsOfficer Pamela Peele took the stage to debate the highly-contested issue of whether patients should have full consent over how and with whom their personal health information records are shared.”

Key quotes from Dr. Peel:

“Forty to 50 million people a year do one of three things: avoid or delay diagnosis for critical conditions like cancer, depression and sexually transmitted diseases, or they hide information,” said Peel. “There’s the economic impact of having a system that people don’t trust.”

“He found that only a whopping 1 percent of the public would ever agree to unfettered research use of their data. Even with de-identified data, only 19 percent would agree to the use of their data for research without consent,” said Peel. “On the other hand, when people are asked if they want to participate or have their data used with consent, the public is very altruistic, so we get something very different fuller information, more complete information when the public knows what you’re doing with it and they support the project.”

 

Trust must be mutual for patient engagement to work

“A recent study in the Journal of the American Informatics Association reports that nearly one in eight patients has withheld information from their healthcare providers due to security concerns. Moreover, most of the respondents were very concerned about the security of their information when it was being shared electronically or by fax. Just last week, advocacy organization Patient Privacy Rights sent a letter to the U.S. Department of Health & Human Services urging the agency to improve privacy protections of patients’ electronic health records, particularly in the cloud and in HIEs.”

Read more: Trust must be mutual for patient engagement to work – FierceEMR http://www.fierceemr.com/story/trust-must-be-mutual-patient-engagement-work/2013-09-18#ixzz2fRtzIBsV
Subscribe at FierceEMR

Five More Organizations Join Lawsuit Against NSA Surveillance

National Lawyers Guild, Patient Privacy Rights and The Shalom Center Among 22 Groups Asserting Right to Free Association

 

San Francisco, Ca – infoZine – Five new groups—including civil-rights lawyers, medical-privacy advocates and Jewish social-justice activists—have joined a lawsuit filed by the Electronic Frontier Foundation (EFF) against the National Security Agency (NSA) over the unconstitutional collection of bulk telephone call records. With today’s amended complaint, EFF now represents 22 entities in alleging that government surveillance under Section 215 of the Patriot Act violates Americans’ First Amendment right to freedom of association.

 

The five entities joining the First Unitarian Church of Los Angeles v. NSA lawsuit before the U.S. District Court for the Northern District of California are: Acorn Active Media, the Charity and Security Network, the National Lawyers Guild, Patient Privacy Rights and The Shalom Center. They join an already diverse coalition of groups representing interests including gun rights, environmentalism, drug-policy reform, human rights, open-source technology, media reform and religious freedom.

 

Health apps run into privacy snags

“The next time you use your smartphone to inquire about migraine symptoms or to check out how many calories were in that cheeseburger, there is a chance that information could be passed on to insurance and pharmaceuticals companies.

The top-20 health and wellness apps, including MapMyFitness, WebMD Health and iPeriod, are transmitting information to up to 70 third-party companies, according to Evidon, a web analytics and privacy firm”

If you are a subscriber to ft.com, you can view the full article at: Health apps run into privacy snags

Between Paranoia and Naivete

This op-ed was written by the political editor of the German paper ‘Die Zeit’. He summarizes the historical/cultural perspectives of Germany and the US regarding data protection and rights to control personal information in electronic systems.

He recommends both nation’s approaches should be on the table for discussion to decide “best practices” for data protection.

But he makes some key assertions I disagree with.

He states:

1) A future dictatorship’s use of Facebook would be “the least of your problems”.

  • But actually Facebook spying is very valuable to dictatorships because it reveals contacts and thoughts.

2) Citizens of “liberal societies” are not “experiencing a change in values” and “no longer feel uncomfortable sharing personal even private information”.

  • There is no change in values. Research shows people care just as much as they always have about privacy: ie control over what personal information they share with whom.  People care most about controlling who sees sensitive personal health data—but in the US we have no control.
  • The problem is that privacy/personal control over pii was not built into electronic systems.

3) Re: the Internet as an “emergent system” which “functions so well because it works equally for everybody” and “might cease to offer the greatest benefit for the greatest number”.

  • The Internet has already brought an “advantage to a minority–the rulers”.  He fails to recognize that the Internet is controlled and who controls it now.
  • Lawrence Lessig’s classic book “Code” explains that software and hardware, ie ‘code’ regulates the Internet and determines who controls it.  We must legislate/regulate technology in order to build a cyberspace that supports fundamental democratic rights and values.
  • The NSA/Verizon revelations are proof that a minority in fact control/rule the Internet to the detriment of all; and to the detriment of freedom and our human and civil rights to be “let alone”.

To view the full article, please visit: http://www.nytimes.com/2013/08/29/opinion/between-paranoia-and-naivete.html?_r=0#!

Privacy Advocates Set Their Sights on the Wrong G-Men

In the wake of NSA revelations, key privacy advocates make the point that private corporations and the government are working to ensure total surveillance of all digital information about all 300 million Americans and lock in billions in corporate revenue from the sale of personal data and detailed digital profiles of everyone in the US.

Corporate and government collection, use, and sale of the nation’s personal data is opaque.  The author of the story below trashes several  privacy advocates and misrepresents their key points about the hidden ‘government-industrial complex’.  And he claims that “Individuals can choose not to use a particular social network, search engine or website.”  But individuals have no meaningful choices online. See the documentary: “Terms and Conditions May Apply”.

The lack of trust online and in all holders of personal data is why President Obama proposed the Consumer Privacy Bill of Rights (CPBOR). Unfortunately the proposed data privacy protections in the CPBOR do not apply to the most sensitive data of all, health data.

Meanwhile,  the ‘government-industrial complex’ is destroying Americans’ most fundamental rights to privacy. The highest right of civilized man is the right to be ‘let alone’—which happens to be the foundation of Democracy.  Yet all we read about are the wonders of ‘big data’ and the need to collect and use personal data without meaningful informed consent. We can certainly use big data for innovation and benefits—but the public wants to be asked permission for all uses of data, especially for ‘research’ uses. Big data analytics is research.

  • See Westin’s research that shows only 1% of the public approves use of health data for research without consent. See more of his findings here.

Today US citizens have no control over their most sensitive personal information: health data from DNA to prescriptions records to diagnoses—-because privacy-destructive technologies and system architectures prevent us from exercising our rights to give meaningful informed consent before health data is collected, used, disclosed, or sold.

To view the full article, please visit: Privacy Advocates Set Their Sights on the Wrong G-Men

Privacy groups criticize proposed $8.5 million Google settlement

“Five U.S. privacy groups have opposed a proposed $8.5 million settlement with Google in a class action lawsuit over search privacy, as it fails to require Google to change its business practices, they said.”

Read more at: http://www.pcworld.com/article/2047323/privacy-groups-criticize-proposed-85-million-google-settlement.html

Privacy Groups Seek To Scuttle Google’s $8.5 Million Data-Leakage Settlement

“Google’s attempt to settle a privacy lawsuit by donating $8.5 million to nonprofit groups and schools should be rejected, advocacy groups argue in a letter to U.S. District Court Judge Edward Davila.”

Read more: http://www.mediapost.com/publications/article/207420/privacy-groups-seek-to-scuttle-googles-85-milli.html#ixzz2eQQGnJNG