The century Foundation has recently come up, as there is increase in risks related with patient’s health data, as the technological evolution is on boom and the role of policymakers seeking in framing better and stronger polices.
As the anonymity in selling and trading patients health data in increasing, and are being made available for third parties for various reasons like, research purposes that can result beneficial for later for the larger population.
As there are other major concerning threats related with patients data, as social media sites, fitness devices and different applications related with health can show advertisements with some extra information that can be openly seen with even removing patients names and other details.
It can also be seen that the online retailers those who deal in selling health care products like books on back pain or say arm braces can sell his products on user’s profile. Just in case if the person is suffering from, carpal tunnel syndrome will going to see more ads on internet for products with that related with their specific medical disorder: as marketers are well informed or can infer their accessible audience and will put extra efforts to pitch them.
Sometimes organization claims that there data is anonymized, as the information was gathered a long time ago, but with that also great amount of clues can be gathered and can re-identify their specific customers.
As per the regulation given by HIPAA which carries restriction on data sharing, and presents how information can be de-identified. HIPAA is only applicable to restricted entities and business associates. Even patients data is also possibly sold to other outside organization which is not related to patient care.
Sometimes, a doctor or lab performing that work relating to cancer patients they can sell it to commercial company, but they need to remove eighteen different types of identifiers and it has been found that there are very small risk related to it that need to be re-identified. Few patients who have knowledge about it which have further allowed a trade to evolve over billion dollars.
There are data brokers who are involved in assembling and selling data of individual. But these kinds of data are exempted from HIPAA because they are gathered from outside healthcare, from various health plans or any intermediaries. All these data can be acquired from public forums, surveys, social media and from magazine lists.
Some customers unknowingly give information to these data brokers as they do not have much knowledge about the after effects of health related implication that have been shared by doctor’s from outside. Therefore policy recommendation needs to broader even in HIPAA. And people need to know and should have control on how their data is handled.
As these data breaches are just one example in which sensitive data can fall in wrong hands. In fact people must feel confident on nation’s health system and that they will keep their data safe. Patients must be given more control and must be informed about their medical information if there is any further interaction of their data for scientific or commercial use. Certain organizations are also working on order to make health data that can be acquired from mobiles.