A few weeks ago, I wrote about your personal health data and how much control you would like to have over it. I have been thinking about this question more recently.
This week, I attended a SATVA meeting during which we discussed our own responsibilities toward security and privacy of behavioral health patient data as software vendors. We also talked about the move of some of our customers toward using mobile Apps as treatment aids for their patients.
On November 6, 2014, FierceHealthIt newsletter published an article entitled Making the case for personal health data sharing. In it the author discussed what some people see as our “responsibility to help advance medicine by sharing our health data.” This article focuses on the value to the healthcare system and to public health of sharing de-identified healthcare data. The claim is that the compilation and analysis of all that data will enable the development of more effective ways of providing treatment, of evidence-based practices, and of improved care for everyone.
An article by Beth Seidenberg, M.D. in Wired magazine on 11/6/2014 argues strongly that we all ought to allow our data to be shared. You Should Share Your Health Data: Its Value Outweighs the Privacy Risk argues from the perspectives of public health, patients, providers, and entrepreneurs that sharing health data is crucial. “The author, Beth Seidenberg, M.D., is a general partner with Kleiner Perkins Caufield & Byers (@KPCB), focused on life science and digital health investing. Before joining the firm in 2005, she worked at a number of pharmaceutical businesses, mostly recently as chief medical officer at Amgen.” This author is a medical professional who has mostly worked on the entrepreneurial side of medicine rather than the patient care side.
My partner is a tech professional, a tech hobbyist and fitness buff. Several months ago, he purchased one of those personal fitness tracking devices which he wears all the time. I asked him recently what happens to the data his device gathers every day. He pulls the data off the device and into the App each morning. Garmin’s privacy policy says that they do not share the data, but he can share it with other Garmin users. There is currently no way for him to bring the data into HealthVault or send it to his physician. It is likely that HIPAA does not cover these devices.
In my opinion, we are currently in a time of rapid transition with few guidelines and safeguards. Those of you who are governed by HIPAA have certain constraints upon the data you gather from patients. If you are using an electronic medical record and if you have applied for stimulus funds to purchase that software, you will at some time be required to report certain de-identified data to the Centers for Disease Control or some other such bodies. You will be required by the law to make sure that data is private and secure, even as you report it.
But what about others who do not have such requirements? What about the Apples and the Microsofts and the Googles and all of the small vendors who collect a variety of health data? Do you want them to have your data? What do you want them to be allowed to do with it?
Please share your thoughts and comments below.