Notes on the Privacy and Security of Electronic Health Information
In 2015, the insurance company Anthem announced that they had been hacked and as many as 78.8 million former and current policyholders had personal information stolen. This information included names, addresses, dates of birth, social security numbers, and more. This data leak alone put the lives of nearly a quarter of the US population at some risk. This breach, while the largest on record, is far from an isolated incident. As mentioned in our notes about EMRs (March 2021), the ubiquity of electronic health records (EHRs) has supported the creation of transformative digital tools to better monitor, diagnose, and treat patients. But, EHRs also pose serious privacy and security concerns. How big of a problem is it? Why should we care? And what types of opportunities will open up to make sure EHR data is treated appropriately?
The news has been riddled with an ever growing set of privacy concerns linked to health information being shared with third parties without patients’ consent or knowledge — Google acquiring massive amounts of health data with the University of Chicago Medical Center in 2017, and partnering with the Ascension health system through the Nightingale Project in 2019 to name two. Concurrently, there is also a rise of security concerns due to data breaches caused by cyber and ransomware attacks on health insurers and providers. For example, in April 2021 there were 62 reported healthcare data breaches, that is more than two breaches every day of the month. 19 of these reports involved more than 10,000 records, including seven that involved more than 100,000 records.
Although related, privacy and security have different features and should be addressed with different sets of tools.
Privacy refers to the right that someone has to determine for themselves when, how, by whom, and at what level their personal health information may be accessed, shared, or transferred by others. These concerns are directly addressed by the Health Insurance Portability and Accountability Act (HIPAA) signed into law in 1996. The Privacy Rule provision for which HIPAA is best known was developed as people started to worry about genetic privacy. The law generally prohibits healthcare insurers and providers from disclosing private information to anyone other than a patient and the patient's authorized representatives. It is important to note, however, that although HIPAA’s Privacy Rule gives the right to control health information disclosures, it only protects information held by specific health care providers. For example, being asked to reveal one’s vaccination status is lawful and anyone can provide information about their own vaccination status without violating HIPAA. Similarly, whatever personal health information is stored on one’s Apple Watch or Fitbit is usually not covered, and genetic information shared with sites like Ancestry.com or 23&me are not covered by HIPAA. It is with this understanding that The Digital Medicine Society, a non-profit supported by the Digitalis Commons that aims to develop digital medicine research and standards, launched a collaborative called the Digital Health Measurement Collaborative Community (or DATAcc) to develop best practices for measuring health through mHealth platforms. DATAcc aims to coordinate and harmonize practices across the healthcare industry to improve health outcomes, health economics, and health equity, but also to ensure privacy and security for all stakeholders.
Security is defined as the methods by which and the levels at which accessing someone’s personal health information is controlled and allowed for authorized users. In other words, it describes the mechanisms necessary to protect the privacy of health information. Why is it so important to make sure health data are protected? Some theorists would argue that privacy is a basic human good or right with intrinsic value. The more common, and practical view, is that it promotes other values such as personal autonomy, individuality, respect and dignity. On top of these values, a breach of privacy and confidentiality can cause harm through identity theft or discrimination. Among the classic features ensuring the security of data stored by health systems and providers are access control tools like passwords and PIN numbers, encryption of stored information, and enforcement of an audit trail feature to record who accesses information and what changes were made and when. More recently, blockchain technology has come forth as fulfilling many of the features required for optimal security with decentralization, security, pseudonymity, immutability, autonomy, incentive mechanisms, and auditability as described in a 2020 publication.
To adapt digital technologies to healthcare needs and have them adopted broadly by health systems will require continued investment and innovation. But in our rush to implement the new, we must be careful not to forego deep consideration and implementation of privacy and security measures as core components of our electronic health system.