Getting the balance right with privacy and e-health | HIPAA Compliance for Medical Practices | Scoop.it
Recent advances in data management and analysis, such as the introduction of Electronic Health Records (EHRs) have the potential to save lives – and on a huge scale. However, it is increasingly clear that such innovations will only be realised if we can overcome a significant hurdle: the public’s concern that private medical data could fall into the wrong hands. To do that, we must convince people to play a more active role in establishing which information they want to keep private and which they are willing to share.

EHRs and the transformation of patient outcomes

Before we look at privacy, it is worth discussing just how transformative EHRs promise to be for the prevention and treatment of illnesses.

EHRs are much more than just a digital version of the paper-based health records of the past. In fact, EHRs embody a totally new approach to healthcare in which the wider ecosystem expands the centre of gravity beyond hospital borders. In this ecosystem, care becomes more distributed, with the burden shared by an extended family of health providers – GPs; physiotherapists; pharmacists; home-carers; family members; private health clinics; gyms; etc.

The patient is at the centre of a network bound together by his or her data, which in turn is shared and managed across all members of the healthcare web through the EHR. The EHR therefore is the main source of a comprehensive view of patient information.

> See also: Tackling the scourge of paper-based patient data

The advantages of this approach are compelling: primary care givers are provided with an unprecedented view of the patient, allowing them to come to more accurate decisions in shorter timeframes and improving patient outcomes.

The empowered patient

Importantly, however, the same data innovations that are driving connected healthcare are also empowering patients to play a much more direct role in managing their own health. This is due in great part to the proliferation of wireless health devices and apps as well as social media platforms.

In the IDC/EMC Whitepaper ‘Taking-On the Chronic Disease Burden in the Hyper-Connected Patient Era’ the analysts Massimiliano Claps and Nino Giguashvili discuss how through smartphones and tablets, patients can monitor their daily activities, such as exercise and diet, and share results with their healthcare network. They can also, if they choose to, share their results through social networks, using gamification to drive health benefits.

It is not just through smartphones that such data can be shared; today a wide range of wearable devices such as smart watches, wristbands and even clothing can track wearers’ physical activity, calorie intake and other vital statistics. These data sources can be used by the wearer to manage their lifestyle, helping to prevent illness. Through EHRs moreover, this data can be shared with the user’s healthcare web, enabling their healthcare providers to deliver the best possible treatments over the course of the patient’s life.

As IDC puts it: 'The vast amount, wide variety, and velocity of data that is pushed to and pulled from the hyper-connected patient ecosystem represents an unprecedented opportunity to generate insights that can enhance the appropriateness of prevention and care.'

This is, of course, only if the patient is willing to share such information.

Privacy – a stumbling block to integrated healthcare?

EMC’s recent Privacy Index revealed that when it comes to privacy in the healthcare sector people have some major worries. In fact, a full 72% of people around the world are concerned about the future of the privacy of their medical data. While this figure is less than for other sectors – such as finance or retail – it is still intolerably high.

People do not, it appears, trust healthcare organisations with their data. This is largely understandable. People have a natural anxiety about organisations collecting too much data about them – it has a whiff of ‘big brother’ about it. With a news agenda that is full of stories of privacy breaches, data loss and the misuse of data by businesses it is understandable why people may wish to keep their medical data private.

The digital world is still very new and it is evolving rapidly. The evolution of what we can do with data is moving so fast that many people have been caught unprepared. Fundamentally, allowing a select group of medical professionals to access data in order to help you is a very different proposition to businesses or governments accessing/using your data without your consent. Unfortunately at present the two things are often conflated.

As we grow used to our digital world however we will soon begin to understand that we can both ensure privacy while also enjoying the full benefits that a free flow of information promises. Technologies already exist to make digital records more secure than paper – it is now our behaviours that need to change.

Taking control of digital privacy

The change will come when people take more control of their online selves and take more steps to protect their own privacy.

People are already able to protect their privacy on social media sites through privacy settings, although far too few currently choose to do so. This needs to change.

When it comes to EHRs, privacy settings can easily be enabled. Patients need to select exactly who can access what portions of their health record. To that extent they will make decisions on how much of their privacy they are willing to trade off in order to receive better treatment. They will in short be empowered to use their own data as a discretionary tool.

> See also: How big data can turn around our National Health Service

This has implications beyond the health sector too. For example, if I am a fitness fanatic who exercises every day and only eats the healthiest of foods, I will be able to input this information into my EHR via my smart devices. Then, if I so chose, I could allow my life insurance company access to this data in order to help lower the premiums I pay each month. The key here is that it would be my choice to do so. I would have made a conscious and positive choice to trade a small portion of privacy for a clear benefit.

The future is in our hands

The promise of EHRs is not illusory. Already today innovative projects are improving the lives of people worldwide. Take Finland where its ePrescription service allows doctors to dispense with paper prescriptions and instead communicate electronically with pharmacies. Crucially, Finland has also implemented consent management and patients are therefore able to filter exactly what information is viewed by whom.

Implementations such as these will gather in pace and as they do so patients will better understand why the controlled sharing of private information benefits them – as long as the control rests firmly with them.

Secure EHRs really do have the power to transform healthcare, but it is important patients are aware and ready to make decisions about who has access to their data. Part of these decisions will be made on how secure the systems are that hold their data. Part will be based on what benefit they can receive from allowing access to this data. Through this process patients will be empowered to take greater ownership of their data and given the chance to improve their wellbeing through a more efficient approach to healthcare. While a new concept, we would argue that this is something patients should embrace rather than be concerned about.