Skip to content Skip to navigation

The Evolving Set of Privacy Controls

February 24, 2014
by John DeGaspari
| Reprints
New Privacy requirements and the mechanisms to put them in place

What are the essentials to get privacy right? In a pre-conference education presentation, “Privacy and Security Challenges and Opportunities in Healthcare Identity,” Barry Hieb, M.D., chief scientist at Global Patient Identifiers, Inc., Tucson, Ariz., laid out what he thinks is necessary.

  1. Accurate identification. There is no substitute for this. If you don’t know who the person is, then probably everything you try to do for this person will end up, at the least, not doing what you wanted, and at the worst, causing harm, he said.
  2. Almost as important is simplicity. This has to work in such a way that you can be explaining to a naïve person in two minutes, how they can manage the privacy of their information. That will need to be done for millions of people, he said.
  3. Patients need to be empowered, meaning that the patient is going to be in control. They will need the ability to make a difference in their privacy. If the don’t have it, patients will not trust the system, and if they don’t trust the system, they won’t use it, he said. “We have got to build a system where they are in control, and that that builds the trust that they need to trust the system,” he said.
  4. For the foreseeable future, there are going to be multiple concurrent privacy paradigms, so whatever systems we put in place to manage privacy has to be able to execute across those various concurrent paradigms, and support them accurately. In addition, those systems are going to have to be able to operate across independent information systems, each with a different technology.
  5. It has to be cost effective.
  6. The only effective privacy scene available is one that involves data segmentation, which empowers the patient to segment their data and then to manage each of those segments separately, he said. So we have to put in place a system that lets the patient segment their data across those different information systems.This is a complex thing, and errors are going to occur; so a prime requirement, is to have the ability to easily correct these errors once their effective. He said that is very possible, but very hard is figuring out how to detect the errors that are happening, to know what needs to be corrected.
  7. Anonymization is another major requirement. The same data on an individual is going to be used in many different ways; and for clinical use, they might want to keep that data very private. But they might also want that data to be available for education and research. Anonymization is going to be required to use the data in different ways and in different contexts.

With all of those requirements, patient safety cannot be compromised, so it’s necessary to be smart about is how to put in place mechanisms. Even though the patient is segmenting their data, the patients, physicians and provider organizations need to be protected when mistakes are possible.

Hieb said privacy requirements will evolve over time. Similarly, system requirements and capabilities are going to evolve over time. What’s necessary are a privacy solution or solutions that will track that evolution and manage the changes properly.

He also suggested that it would be great if we could use the same solution to reduce the risk of identity theft, to make it possible to easily manage the correction of data breaches.

Few believe that while consents are useful, they are very limited, and the reason they are limited is that they are entirely backward looking. “You can only set up a set of consents for your information, based on what you have experienced to date. And if next week you have a cancer diagnosis or become depressed and need psychiatric therapy, your consent is going to change,” he said. More than consent documents, he sees the need an Internet-based network of privacy servers that allows individual patients to go in at any point and make an update their privacy constraints and then have the confidence that those changed constraints are now going to apply to all future uses of your information.