Download Electronic Medical Data – Powerful New

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Data vault modeling wikipedia , lookup

Open data in the United Kingdom wikipedia , lookup

Business intelligence wikipedia , lookup

Privacy International wikipedia , lookup

Information privacy law wikipedia , lookup

Transcript 
MedicalandPharmaceuticalSectors
I
ElectronicMedical
Data–Powerful
NewCommunication
ToolsCreatePrivacy
Challenges
By Carol A. Umhoefer
and Winston J. Maxwell
Telecom companies use the
slogan “anytime, anywhere”
to describe ubiquitous access to
entertainment, e-mail accounts
and corporate networks using
broadband connections.
26
CommerceinFranceN°73–Autumn2009
n the field of healthcare, “anytime,anywhere”takesonanew
meaning, allowing doctors and
other healthcare professionals to consult images of a patient who might
be located thousands of miles away;
to consult, with a simple mouse click,
a patient’s comprehensive health records,includingtestsresultsandimages collected in several hospitals locatedindifferentcitiesatdifferenttimes;
to monitor, in real time, patients’ vital
signs,whetherthepatientisatwork,at
home,orintransit.
Anenlighteningcasestudy
Nonetheless, new technologies associatedwitheHealthapplicationswillraise
new privacy challenges for both U.S.
andFrenchauthorities.Thesechallenges were highlighted in a recent report
bytheEuropeanNetworkandInformation Security Agency (ENISA), which
focusedonacasestudycalled“Being
diabetic in 2011.” The case involves
ahypotheticalpatientcalledRalphwho
wearsbiosensorsthattransmitinformationonhisglucoselevel,heartrateand
blood pressure to his watch, which in
TheadvantagesofeHealthapplications turntransmitstheinformationtoacenaretwo-fold:theysavemoneyforthena- tralized care center. Ralph receives
tionalhealthsystem,andtheysavelives. a daily message on his mobile phone
The cost savings come from the ability reminding him to take his medicine,
to avoid unnecessary and
and must respond to the
duplicative tests, and to
message—otherwise he
Many eHealth
permit more health maniscalledbysomeonefrom
initiatives raise
agement at home instead
the care center. If Ralph
privacy concerns
ofincostlyhospitalrooms.
needs help, the sensors
that are serious—
The life-saving aspects inwilltriggeranalarmand
but so are the
cludeavoidingmedicalergeolocalization will perlife-saving benefits
rors, improving preventive
mitemergencyservicesto
associated with
medicine,andgettinghelp
reachhimquickly.Every
eHealth."
topatientsquickly.
evening,Ralphmakesentriesintohisonlinehealth
France and the U.S. are investing journalregardinghisdietandexercise
heavily in new eHealth initiatives as that day, as part of a global diseasepart of economic-recovery programs. management program prescribed by
ManyeHealthinitiativesraiseprivacy his doctor. After validation by a docconcerns that are serious—but so are tor, parts of Ralph’s health journal are
thelife-savingbenefitsassociatedwith includedinRalph’selectronichealthreeHealth. As usual, a careful balance cords,whichcontainallofRalph’stest
hastobestruckbetweenprivacyand results and physician notes. Those reother important social values before cordsarecentralizedinasecuredatasuch initiatives can be deployed on base.Ralphhasaccesstocertainparts
a broad scale. Policymakers on both of his electronic health records and to
sides of the Atlantic are advancing the various consents that he has given
withcaution,knowingthattheprivacy inconnectionwithusingthoserecords.
andsecurityriskswillhavetobemanaged so that these new applications ENISAusedthiscasestudytohighlight
canbedeployedquickly.
the enormous benefits associated with
Ralph’s program, but also the risks of
TheU.S.isperceivedashavingweak deployingsuchaprogramonabroad
privacy protection compared to Eu- scale.
rope.Thisisnottrueforhealthdata.
The U.S. has had health-specific privacyrulesinplaceforoveradecade, Howtodealwithinformed
andthoseruleswererecentlystrength- consent?
ened by the American Recovery and
Reinvestment Act (ARRA) of 2009. Most eHealth applications require the
France’s law on privacy contains spe- informed consent of the patient. Incial provisions on health data, which formed consent sounds easy, but it is
areconsidered“sensitive”andrequire one of the most thorny issues in data
specialprotections.
protection.Inthehypothetical,Ralphis
MedicalandPharmaceuticalSectors
abletounderstandtheconsequencesof
hischoices,andissufficientlycomputer
literatetoaccesshisonlinerecordsand
review his consent parameters from
timetotimetomakesuretheyarestill
valid. New Web 2.0 tools make it
easier to put the user in control of his
orherprivacyprofiles,andtomanage
thoseprofilesovertime.ButineHealth,
thiskindofuser-centricapproachhasits
limitsbecausemanypatientsarenotin
apositiontomakedecisions,letalone
access parameters online. Existing
practices and regulations in the health
field with respect to informed consent
may be too elaborate to enable widespreaduptakeofeHealthapplications.
UnauthorizedaccesstoRalph’s
data?
Electronic health records will contain
sensitive information on Ralph, and
potentially millions of others. The information will be centralized and accessible to healthcare professionals
andnationalhealth-insuranceschemes
forpurposesofadministeringtreatment
and reimbursing costs. Systems will
be designed1 to mitigate risks of unauthorized access, including identitymanagement systems that will authenticateindividualsandtailortheamount
ofdatathatcanbeviewedbyagiven
professionaltoonlytheminimumnecessaryforthatperson’sfunction.Nevertheless,aspointedoutbyENISA,the
dataareallinoneplace,andnosystem is completely fool-proof. Consequently,therearerisksassociatedwith
malicious hackers, or even insiders
seeking medical information about a
famouspoliticianorsportsfigure.User
authentication will be key, but again,
thisiseasiersaidthandone.Sophisticated identity-management systems
areemergingtodealwiththisrisk,but
thefamousNewYorkercartoonstating
that “On the Internet nobody knows
you’readog”stillraisestrickysecurity
problems for network professionals.
And beyond electronic-security issues,
thereissimplehumanerror—assome
of Europe’s more notorious examples
of data loss indicate, massive loss of
data may result from nothing more
thananotebookcomputer’sbeingleft
onacarseat.
Unauthorizeduseofdata?
backbone, the call center’s patient-management system, the central electronic
ENISAalsounderlinestheriskof“mis- health-records database itself. Doing
sion creep,” i.e., that government bu- awaywithpaperrecordscarriesbenefits
reaucrats would find new uses for the butrenderseveryonemorevulnerableto
data, which may be laudable (in the technical failure, which may be caused
caseofmedicalresearch)butneverthe- by congestion, natural disaster, saboless exceed the scope of the original tage,ortheproverbial“grainofsand.”
patient consent. ENISA also points
to law-enforcement access to medical After telling the horror story of everydata. In Sweden, police obtained ac- thingthatcouldgowrong,ENISAlists
cess to electronic medical records to the benefits of Ralph’s eHealth prohelp locate a murderer, even though gram, which involve rights and intersuch access was not originally part of ests that are every bit as important as
the patient's consent. Finally, ENISA privacy, including better protection of
mentionstheriskthatmedicaldatawill Ralph’s life, more efficient use of taxbeusedforotherkindsofsurveillance payereuros,andtheabilityofRalphto
and profiling, including by insurance leadarelativelynormallifeinspiteof
hisdisease.
companies.
What’s“anonymousdata”?
Havingaccesstomassivepatientdata
can help medical research. One ECfunded project is called @neurIST—IntegratedBiomedicalInformaticsforthe
Management of Cerebral Aneurysms.
This project is based on analyzing
large quantities of scanner images of
individualshavingsufferedanaccident,
and using those data to better predict
when an aneurysm presents a health
risk requiring intervention: “By uniting
currently fragmented clinical data and
integratingconceptsoftheVirtualPhysiological Human, @neurIST will have a
major impact on the management of
cerebral aneurysms.” Yet this project
faces significant privacy challenges,
becauseitinvolvesthesharingofelectronic health records across European
countries.Oneofthekeyissuesforthis
project and others is what it means to
“de-identify” data. Even this relatively
simple question has no clear answer.
Whatisanonymousdatainonecontext
maybepersonaldatainanother,ifitis
possible to connect data from diverse
sourcestoidentifyanindividual.
The path forward will involve IT and
telecomcompanies’implementingsecurity features early in the design stage,
at deeper and deeper levels in the
network; systematic training of public
and private actors, and greater public
awarenessofprivacyrightsandobligations.Onlybyapproachingprivacyas
a continuum involving all actors in the
chain(suchaswiththemulti-stakeholder
approachintheDMP(DossierMédical
Personnel) project recently relaunched
by French Health Minister Roselyne
Bachelot)willthebalancebetweenprivacyandeHealthbefound.
Carol A. Umhoefer, a Partner
at DLA Piper, is Chair of AmCham’s
Legal Affairs Task Force.
(
France Member since 1961)
www.dlapiper.com
Winston J. Maxwell, a Partner
at Hogan & Hartson, is Co-Chair of
AmCham’s New Media & IT Task Force.
(
France Member since 2004)
www.hhlaw.com
Systemcrash
InthecasestudyinvolvingpatientRalph,
ENISA points to any number of links in
the chain that could fail, in spite of redundancy:thesensorsonRalph’sbody,
thewireless-accessnetwork,thetelecoms 1. Using an approach called “privacy by design”
CommerceinFranceN°73–Autumn2009
27
Related documents
Computer Science 9616a, Fall 2011 Project Description Your project
Computer Science 9616a, Fall 2011 Project Description Your project
Computer Science 9616b, Fall 2016 Project Description Your project
Computer Science 9616b, Fall 2016 Project Description Your project
Donor Privacy Policy
Donor Privacy Policy
Call for Papers The 4th International Workshop on Security and
Call for Papers The 4th International Workshop on Security and
Privacy Policy This privacy policy discloses the privacy practices for
Privacy Policy This privacy policy discloses the privacy practices for
DIRECT MARKETING
DIRECT MARKETING
Data Privacy and Security
Data Privacy and Security
References
References
notice of privacy practices - Saleeby Chiropractic Centre
notice of privacy practices - Saleeby Chiropractic Centre
Making Private Data Useful
Making Private Data Useful
THOMAS ARKLE III, DDS, MSD, PA
THOMAS ARKLE III, DDS, MSD, PA
Descendants of Fornjotur Kvenland King
Descendants of Fornjotur Kvenland King