Survey: Healthcare Organizations Lack Confidence in Secure Data Sharing | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Survey: Healthcare Organizations Lack Confidence in Secure Data Sharing

December 7, 2015
by Heather Landi
| Reprints

According to a new survey, the demand for access to health data is outpacing the ability of organizations to ensure patient privacy. A survey conducted by Privacy Analytics, a de-identification technology vendor, found that more than two out of three healthcare organizations lack complete confidence in their ability to share data without putting patients’ privacy at risk.

The survey, conducted in collaboration with the Electronic Health Information Laboratory, a group that conducts theoretical and applied research on the de-identification of health information, also indicated that despite organizations’ lack of confidence, data sharing activities continue to grow.

The survey, called The State of Data Sharing for Healthcare Analytics 2015-2016, polled 271 professionals with various levels of seniority in their organizations, from the C-suite level to managers and employees. One in three individuals surveyed identified as being responsible for privacy and compliance in their healthcare organization, and another 23 percent work in the IT department. Others surveyed identified themselves as researchers, clinicians, project managers, analyst and consultants.

More than half of the respondents of the survey said they plan to increase the volume of data stored or shared within 12 months and two-thirds currently release data for secondary use. And, secondary use of health data applies to protected health information (PHI) that is used for reasons other than direct patient care, such as data analysis, research, safety measurement, public health, payment or provider certification.

Health records are the leading type of data being stored or shared, followed by medical claims data, trial data, survey responses, membership/enrollment and device data.

The survey findings indicated that individuals lack familiarity with advanced methods of de-identifying data, and, as a result, these individuals release information that has been stripped of its usefulness or share data in a way that puts them at an unacceptably high risk of a breach, the survey authors reported.

And, most organizations use data sharing approaches that can result in unknown data privacy compliance and increased risk, as 75 percent of respondents reported that their organizations use approaches such as data-sharing agreements, data masking or Safe Harbor methodology.

According to the survey authors, these approaches do not adhere to globally accepted data sharing guidelines, including those from Health Information Trust Alliance (HITRUST), the Institute of Medicine (IOM), and the Council of Canadian Academies. Although Safe Harbor is recommended by regulators, it represents a minimum standard for de-identification that can leave data vulnerable to a breach.

While there is currently no universal standard for the de-identification of protected health information (PHI), efforts to create a framework are underway. HITRUST recently released a de-identification framework, which organizations can use when creating, accessing, storing or exchanging personal information.

The survey found that nearly half (48 percent) of respondents cited patient re-identification as a key challenge. Additional challenges include low staff knowledge on managing data safely, low staff knowledge of data sharing practices and tools, cost concerns and lack of organizational policies.

 

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

Survey: Infrastructure, Interoperability Key Barriers to Global HIT Development

A new survey report from Black Book Research on global healthcare IT adoption and records systems connectivity finds nations in various phases of regional electronic health record (EHR) adoption. The survey results also reveal rapidly advancing opportunities for U.S.-based and local technology vendors.

Penn Medicine Opens Up Telehealth Hub

Philadelphia-based Penn Medicine has opened its Center for Connected Care to centralize the health system’s telemedicine activities.

Roche to Pay $1.9B for Flatiron Health

Switzerland-based pharmaceutical company Roche has agreed to pay $1.9 billion to buy New York-based Flatiron Health Inc., which has both an oncology EHR and data analytics platform.

Financial Exec Survey: Interoperability Key Obstacle to Value-Based Payment Models

Momentum continues to grow for value-based care as nearly three-quarters of healthcare executives report their organizations have achieved positive financial results from value-based payment programs, to date, according to a new study from the Healthcare Financial Management Association (HFMA).

Cerner, Children's National to Help UAE Pediatric Center with Health IT

Al Jalila Children's Specialty Hospital, the only pediatric hospital in the United Arab Emirates, has entered into an agreement with Washington, D.C.-based Children's National Health System to form a health IT strategic partnership.

Telemedicine Association Names New CEO

The American Telemedicine Association (ATA) has named Ann Mond Johnson its new CEO, replacing Jon Linkous who stepped down suddenly last August after 24 years as the organization’s CEO.