Survey: Healthcare Organizations Lack Confidence in Secure Data Sharing | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Survey: Healthcare Organizations Lack Confidence in Secure Data Sharing

December 7, 2015
by Heather Landi
| Reprints

According to a new survey, the demand for access to health data is outpacing the ability of organizations to ensure patient privacy. A survey conducted by Privacy Analytics, a de-identification technology vendor, found that more than two out of three healthcare organizations lack complete confidence in their ability to share data without putting patients’ privacy at risk.

The survey, conducted in collaboration with the Electronic Health Information Laboratory, a group that conducts theoretical and applied research on the de-identification of health information, also indicated that despite organizations’ lack of confidence, data sharing activities continue to grow.

The survey, called The State of Data Sharing for Healthcare Analytics 2015-2016, polled 271 professionals with various levels of seniority in their organizations, from the C-suite level to managers and employees. One in three individuals surveyed identified as being responsible for privacy and compliance in their healthcare organization, and another 23 percent work in the IT department. Others surveyed identified themselves as researchers, clinicians, project managers, analyst and consultants.

More than half of the respondents of the survey said they plan to increase the volume of data stored or shared within 12 months and two-thirds currently release data for secondary use. And, secondary use of health data applies to protected health information (PHI) that is used for reasons other than direct patient care, such as data analysis, research, safety measurement, public health, payment or provider certification.

Health records are the leading type of data being stored or shared, followed by medical claims data, trial data, survey responses, membership/enrollment and device data.

The survey findings indicated that individuals lack familiarity with advanced methods of de-identifying data, and, as a result, these individuals release information that has been stripped of its usefulness or share data in a way that puts them at an unacceptably high risk of a breach, the survey authors reported.

And, most organizations use data sharing approaches that can result in unknown data privacy compliance and increased risk, as 75 percent of respondents reported that their organizations use approaches such as data-sharing agreements, data masking or Safe Harbor methodology.

According to the survey authors, these approaches do not adhere to globally accepted data sharing guidelines, including those from Health Information Trust Alliance (HITRUST), the Institute of Medicine (IOM), and the Council of Canadian Academies. Although Safe Harbor is recommended by regulators, it represents a minimum standard for de-identification that can leave data vulnerable to a breach.

While there is currently no universal standard for the de-identification of protected health information (PHI), efforts to create a framework are underway. HITRUST recently released a de-identification framework, which organizations can use when creating, accessing, storing or exchanging personal information.

The survey found that nearly half (48 percent) of respondents cited patient re-identification as a key challenge. Additional challenges include low staff knowledge on managing data safely, low staff knowledge of data sharing practices and tools, cost concerns and lack of organizational policies.

 

Get the latest information on Staffing and Professional Development and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

NewYork-Presbyterian, Walgreens Partner on Telemedicine Initiative

NewYork-Presbyterian and Walgreens are collaborating to bring expanded access to NewYork-Presbyterian’s healthcare through new telemedicine services, the two organizations announced this week.

ONC Releases Patient Demographic Data Quality Framework

The Office of the National Coordinator for Health IT (ONC) developed a framework to help health systems, large practices, health information exchanges and payers to improve their patient demographic data quality.

AMIA, Pew Urge Congress to Ensure ONC has Funding to Implement Cures Provisions

The Pew Charitable Trusts and the American Medical Informatics Association (AMIA) have sent a letter to congressional appropriators urging them to ensure that ONC has adequate funding to implement certain 21st Century Cures Act provisions.

Former Michigan Governor to Serve as Chair of DRIVE Health

Former Michigan Governor John Engler will serve as chair of the DRIVE Health Initiative, a campaign aimed at accelerating the U.S. health system's transition to value-based care.

NJ Medical Group Launches Statewide HIE, OneHealth New Jersey

The Medical Society of New Jersey (MSNJ) recently launched OneHealth New Jersey, a statewide health information exchange (HIE) that is now live.

Survey: 70% of Providers Using Off-Premises Computing for Some Applications

A survey conducted by KLAS Research found that 70 percent of healthcare organizations have moved at least some applications or IT infrastructure off-premises.