With new technologies I don't think this has to be so zero sum. Using a combination of blockchain technology and secure compute can enable a world where data is pooled at enough scale to be used for ML purposes while still not breaking privacy laws.
Kara is a good example of just that: https://www.technologyreview.com/s/613520/how-ai-could-save-lives-without-spilling-secrets/
1
Tsk, tsk, tsk.
Why don't you work on implementing a good regulation of our data first, AND THEN ask us to share our data? I'm already sick and tired of how my data are being stolen and exploited by the credit bureaus and silicon valley companies (FACEBOOK).
Although I'm not a member of facebook or any of its subsidiary apps, for some reason, they have a data of myself constructed from my acquaitances. Don't you think there's something fundamentally wrong with this situation?
Work on to establish some sensible regulation that can protect the consumers if you want to work on our data.
Or else you are a just reckless mad scientist.
I appreciate a researcher's perspective on the value and need for aggregate data.
I fail to see adequate attention to the risks for patients/consumers if their data are leaked, hacked, sold/bartered/traded to profit-making entities.
At a time when access to basic health insurance is under threat from GOP legislators, this failure to attend to risk is lamentable. What remedy do you propose when someone's "pre-existing condition" is exposed?
Or when someone's genetic material is given to a for-profit entity for their exploitation?
2
I have been exposed to the uses of AI and to data sharing of health information data internally within Heath care settings and externally including with health insurers. There are real risks in the reductionism and biases incorporated in a great many AI algorithms. Even more alarming is the misuse of the shared data that is routinely practiced by health insurers.
4
I am more concerned with doctors not being to share my data than my data being available to data miners. The government should regulate health data so it is standardized and sharable between electronic systems. If vendors have to rewrite their code to comply so be it. My tax dollars would be better spent fixing these disparate data bases than funding research on my data.
Health data was were put under strict privacy because insurers and employers are (were) allowed to use health issues to raise prices and deny employment. We have taken some steps for health insurance, but not employment. Why not make these practices illegal with substantial penalties similar to racial bias?
1
This is a huge question to be sure. Currently the law clearly protects an individual’s health history. There are obvious and perfectly good reasons for this. After all, what is more personal than our health? While I see the author’s point, I am in complete disagreement with it. First of all, A.I. is still an unknown danger to us all. Do we really want computers to think for themselves? Regardless of the reason or reasons? It’s truly a Pandora’s Box which should remain closed.
1
A number of responses here point out the problem with personal data being used under asymmetric power relationships. But a point that I have NOT seen made is the delusional nature of anonymised medical data.
I do industrial research in databases and there have been multiple papers published demonstrating that anonymised data is easily de-anonymised. So assuming (as the author does) that the power relationship could be defused by anonymisation using "legal experts, statisticians and other experts" is pure fantasy.
3
So be it. The data researchers can live with it.
HIPAA is something that I cannot figure out for the life of me. All I know is that, when I go to a doctor's office and wait to be called for my appointment, the nurse techs come into the waiting room, no matter how large, and virtually whisper a first name. No matter how common. Steve, Kathy, whatever. And if there is a small number of people, the tech will walk right up to you and tell you your name and invite you to come along. Which begs the question: how did they know who I was?
And they talk about my privacy as something they are safeguarding?
I get that HIPAA compliance can be onerous, but I sure am glad Luke Miner doesn’t have access to my health information. He fails to see the importance of individuals understanding how their information will be used and giving consent for that specific use. Instead, he frames the unfortunate norm of unregulated accumulation and sale of personal data as a model to be emulated in one of the few areas where our personal records are actually protected, and he proposes a terrifying race to the bottom where consumer health information is shared freely with good and bad actors alike.
4
Reality bites, Mr. Miner.
You are worried that a google search for, say, a pair of shorts inserts unwanted ads into your NYT articles, and you perform all kinds of protective measures to prevent this. But then you want to harvest everybody's genetic markers for predictive medicine. And what happens when insurance companies get this data and refuse to cover a patient with a serious condition?
Kind of hypocritical, don't you think.
6
So who is Luke Miner? Read the links below. and then use your imagination because the answer is straight out of the creepiest episode of Black Mirror.
Luke Data-Miner works for a San Francisco company called Plaid, Inc. whose products include algorithms that boil a person's "financial health" down to a three digit number. They've sent Mr. Data-Miner to be Pied Piper to dangling the prospect of a long life with improved health through data sharing.
What Data-Miner doesn't say is that the time will soon come when we will have to pay the piper in the form of a complete loss of privacy. Be diagnosed with any serious or chronic condition and you will have a virtual scarlet letter emblazoned on your chest that will remain with you until you die.
https://relationshipscience.com/person/luke-miner-206624336
https://plaid.com/company/
4
Longer, healthier lives are what's causing most of our problems. Social security would not be in trouble except for that. Highway deaths in Florida, ditto. Medicare insolvency? And the list goes on.
We're mortal. Accept that. Let's die nobly, like elephants, without our privacy being invaded. There's nothing to feared about death, but plenty to be wary about loss of privacy.
I'm kind of surprised the Times published this article. It shows a real lack of understanding of health care and privacy issues. Most data breaches involve health care data. Plus, the type of medical app he is referring to would likely take decades to develop and to amass credible peer review science for before any health plan would cover it. Those are just one of many issues he raises that don't make sense.
It feels like this guy had an idea to create an app using AI and was annoyed when other companies wouldn't share data (probably because he couldn't convince them he didn't have the right protections in place or a business model that would allow for ROI for their involvement).
I'm sorry, but the editors of the Times should be more discerning of editorial content IMO.
6
While I don’t agree with giving up personal data that is promoting in this article, I am glad the Times published it. I applaud this effort in the balance of multiple opinions.
The NYT articles on health care and innovation plus the responses they encourage from all over the world provide valuable information. It's not that one has to believe it all but it gives you a basis for asking intelligent question. An example was an article from 2017 which discussed the reporters' findings about dermatologist clinics in Florida and their seemingly excessive excisions.. It caused me to ask more questions about the diagnostic and treatment practices of my own clinic.
Current datasharing facility has even without AI led to a crisis in science, because so many clinical trials and research results cannot be reproduced. They may or may not be fake science, but often much money and work has been expended, and researchers may have invested money in companies using the results. Unless data is in a format that can be shared easily and checked cheaply, important results cannot be confirmed and should not be accepted. Overconfident and biased researchers are reluctant to share, or make it difficult by mixing raw data with proprietary analytic software such as custom AI programs. Reforming HIPAA would be a good idea, but not sufficient to fix datasharing problems. Patients cannot control this process once data is anonymized even when access is audited.
2
The author believes the problem is that developers don't have access to the data they want to drive a program. I think the problem is that we have not put the control of data squarely in the hands of the patient. Patients want to know who is using their data, who it is being shared with, who is profiting from their data and whether it is being used for their benefit. They also want to make sure that it is not used to discriminate against them (insurers/employers) and that they and their communities are not stigmatized by misuse of data by others. Unthinkingly handing data over to someone without nailing down these fact is like handing someone a loaded gun--that may be used against you.
Patients and the public need to understand and consent to data use in a truly volitional manner. Contracts of adhesion--where there is no real choice (you want the service? give me your data to use as I please)--are not choice. Put the power to control data in the patients hands.
They may elect to use a community data steward to ensure that their data is used properly. In the Lyme community, which faces significant stigma, discrimination, and access to care issues--LymeDisease.org has launched a patient registry, MyLymeData. Our responsibility is to ensure that data is used for the benefit of the patient community.
4
I am always intrigued by people who are opposed to something when it is abstract, theoretical, or benefits others, but then when it benefits them, they are suddenly wildly enthusiastic. What is that about?
1
The author is unaware of many of the efforts put forward by the Precision Medicine Initiative.
One effort is the Sync for Science program that would let researchers have direct access to your medical records if you sign off on it. It hasn't been implanted by most EHR companies. Politicians are dragging their feet on requiring implementation.
Another is the "All of Us research program". In a few years there will be 1 million people's curated medical records, genetics, and other information in one database for researchers to use.
1
I saw a program on PBS how "Smartphone" got coined. It was done after extensive Market Research, just like the present phrase "Climate Change" was done after extensive market research instead of the previous a little too alarming phrase "Global Warming". The catch phrase about Smartphone was "See it is so smart, it knows everything about you".
My health data is currently shared with my healthcare insurance providers within the limitations set forth in HIPPA. I don't care what good a researcher thinks they can do with my health data, I don't want access to my health data expanded beyond what is currently allowed under HIPPA. If you want to do some real good for the health of society, go after the anti-vaxxers and legislate compulsory vaccination, to prevent disease that have been eradicated from being resurrected.
3
There is potential in the uses Mr. Miner described. But I wasn't surprised to find that, while he used the word "onerous", he didn't once mention some other realities possible with sharing data in an environment where the party in control of White House, Senate and the Supreme Court love using "onerous" to attack things.
Algorithms that detect predisposition can be used by hospitals and insurers, large and small, for cost-cutting if it becomes legal. Hospital consolidation is a real thing, and don't think it's happening to avoid cost-cutting - while financially rewarding those with the money.
Insurers are unable to ban coverage for pre-existing conditions today (thanks again, Obamacare!) but again, keep in mind that the party in charge of a lot of our current lawmaking apparatus have only failed to overturn the law because of incompetence and infighting.
AI that leads to increased recognition also imperils what could have been acceptable levels of anonymization, too. So people signing up in good faith could find that technology makes them identifiable by inference after the datasets are worked, expanded and the algorithms discover new, unsuspected links.
So for people wanting to live a long, healthy life - eat right, exercise, get your checkups - and then push your elected and medical officials for rock-solid protections on medical data.
3
As a researcher at a public university, all I know is that HIPAA and a host of other well-intended regulations make it time consuming and expensive to do human subjects research. We must do more to insure the privacy of personal health information without making biomedical research any harder than it already is.
2
Make sure that our data is actually safe from hackers (and that the hospitals that fail to keep it safe are actually punished in a meaningful way) and I'll bite.
Until then, don't float me a line that it won't get skimmed or outright stolen. There have been no real punishments for the companies that allow our data to be stolen (Equifax, Allstate, Adobe, etc. I'm looking at you), and hospitals are notorious for shoddy network security protocols.
3
Mr. Miner, as a physician-scientist, I work with large data sets and often envy my colleagues in national health care systesm who have access to data from millions of patients easily. Consequently, they are able to gather information about how many people are affected by a disease, the costs of care, the causes of illness, etc. that is difficult or impossible to do here in the US. However, I agree with many of the concerns raised:
a. GINA protects discrimination based on genetic data from health insurance companies but not from other insurance (e.g. life, disability, etc.) Through the Medical Information Bureau (MIB), health insurance companies already share info about patients so health data is not necessarily confidential; however, at least currently, we have laws regarding pe-existing conditions.
b. Companies regularly sell data to other companies without people's full, knowing consent. This is where I tell patients to read the fine print when using websites or services like 23andMe, PatientsLikeMe, etc.
c. Despite using anonymized data, anonymity is not a yes/no proposition but may be on a spectrum. A famous paper from MIT showed it takes as little as 5 pieces of data to locate a unique individual in the US. The National Academy of Medicine also published a report on data sharing in 2015 that is informative.
d. Data breaches like that in the UK NHS in 2017 are concerning. The records of 26 million patients were deemed to be at risk.
3
If the health care sector and health info tech firms want consumers to share more data so they can in theory give the public better service, maybe they should first work toward supporting a data privacy framework the public can trust.
As it is, the US does not have cross-sector statutory protections for their personal data. It's a lot to ask that we blindly trust health care providers, software companies, AI companies, biotech companies with our freely shared data. "The public good" is not a good enough reason to forego our health data privacy.
Show us how the government can put reasonable limits the exploitation of this data at the expense of citizens rights and maybe the public will be more open to this idea.
3
Is there potentially real health value in information? Yes.
But the health care industry isn't about saving, or improving lives. It's about maximal dollar extraction. See EpiPen. Or, perhaps a better illustration, the Diabetes Industrial Project, all brought about because Pharma successfully lobbied for a statistical redefinition of diabetes base line sugar level about 20 years ago. How many of us are suckling at the metformin teat that don't really need to? Lipitor?
Re the current article...the biggest problems are twofold. First - the healthcare industry are demonstrably poor stewards of private medical information. Not surprising, really, because in reality the primary purpose of the information is highly targeted marketing. Can't market without partners, can't get partners without sharing data. How did FaceBook discover I have diabetes, anyway?
Second - this newly accessible information can actually reduce access, by raising existing-condition barriers and elevated premiums for insurance companies, based on just-in data.
Neither the insurers nor the various companies on the provider side can be considered reliable partners for patients. So...I'll take my chances without, thank you.
If we rediscover patients and privacy in the health care complex I'll be willing to share. Until then, fudge off.
4
Here in La Belle Province citizens share their health data with the entire medical profession without fear of unaffordable private insurance coverage. Neoliberalism is not fine in 2019 and was not fine in the 19th century when it killed a million Irish peasants and deported a million more "lucky" hovel dwellers.
2
You want my data? Pay me. You want to track my internet searches? Pay me. You want to keep a recording of my voice and retinal scan? PAY ME.
5
I wish editors and authors would check the law first. It is too easily to blame HIPAA, which is actually a more workable privacy standard than what we currently have for ad-tech and social media. There are plenty of well-grounded analyses of what HIPAA actually says that are not reflected in this opinion. For example, there is this article in Milbank Quarterly: https://www.milbank.org/quarterly/articles/legal-barriers-growth-health-information-exchange-boulders-pebbles/. Or, showing that competition among health care providers may be driving the fact that even patients cannot get their data out of one doctor's office to another despite clear federal rights to that, there is this article recently published in ABA Antitrust Law Journal: https://www.researchgate.net/publication/332530889_Digital_Health_Data_and_Information_Sharing_A_New_Frontier_for_Health_Care_Competition
Furthermore, if the author so firmly believes in the power of AI in healthcare, he should join All of Us Research project at: https://allofus.nih.gov/
3
It's hard to keep a cooperative attitude in a country that has embraced greed as a virtue. It's hard to imagine a kinder gentler nation without the death of Christian republicanism.
Christian republicanism has turned America into a dog eat dog nation. They have made of America a militant jailer that is constantly at war and has the most unequal society in the advanced world.
1
It's a lot like copyright law, where a massive cudgel threatens innocent and harmless uses with extortionate fines. For example, if a scholar or scientist want to reuse a diagram from a published scholarly paper (no free use for images, or poems, and copyright lasts a century or more) he must ask permission. If the original author is dead, or unlocatable, or just ornery the reuser is effectively stuck because of the threat of enormous "statutory damages" (there are solutions in some cases, but they require a lot of expensive lawyering). Yet these scholarly images have no conceivable commercial value.
Because of the absence of a national medical records depository, I cannot determine if I am immune to measles---my childhood pediatrician retired or died decades ago, and his records were destroyed. It's easy to go get a MMR shot, but there are more significant reasons why it might be useful to have access to old records.
1
Yes. Current restrictions prevent certain kinds of research, but so do the other restrictions of civilized behavior, like informed consent. And that's ok. Not every kind of research needs to be done. That said, it should be as legally easy to donate your medical history to science after your death as it is to donate your physical body or organs (perhaps as easily as a checkbox on your driver's licence application). Such a legal change should not be difficult (though physically gathering a person's entire medical history may be challenging).
1
it is amazing how people are protective of their data for scientific purposes, but freely share this information and even more on Facebook. Privacy is a complicated question. It could be used to protect you, but also to scheme you. Not knowing what your colleagues are paid, allows your employers to underpay you. Your health data could protect you from health discrimination, but also prevent your doctor to get information that helps your treatment. Data are necessary component of progress, especially now when we have ability to analyze the data, I think we should recognize it and discuss the arrangements that will provide adequate protection while allowing researchers and doctors to develop techniques and products that helpful in treatment of health problem. Anonymity of health data could be one of such arrangement.
1
Another thought. I have tried and failed to get mistakes in my medical records corrected. I have been told that once the data is entered and saved, it can't be changed. Supposedly they made a note of my concerns in the record. I have to correct the medical provider constantly because the note of my corrections is apparently an addendum that no one ever looks at. How many major mistakes exist out there? I doubt anyone e knows.
5
There are several problems with the sharing approach.
First and foremost is that anonymity can't not be guaranteed. Furthermore, if the data is completely anonymous, how can its validity be verified?
Second, for profit research is used for corporate profit and not for the common good. The question of who will benefit from this research remains.
Third, people should go to the doctor whenever they don't feel good and most of them have the faculties to know when their symptoms are severe enough. The reason that they don't is that most of them do not have access to a physician for financial reasons. However there is this new approach of replacing "expensive " physician visits with online consultations that insurance companies try to shove down our throats as a perfectly good alternative. It isn't and most people know it.
Fourth, there is a trove of information that corporate health related and pharmaceutical companies refuse to share that would immensely benefit both traditional and AI research that no one is taking issue with. AllTrials is trying since 2013.
Do you want everybody to have a longer healthier life? Create an internationally open research pool for all clinical trials and studies, even the failed ones. Create more grants to support trials and studies happening in public institutions like universities and hospitals instead of for-profits. And finally, create an inclusive and comprehensive public health insurance system.
5
I appreciate the sincerity of the author. But we have an ugly history of personal data exploitation to benefit large profitable corporations , including so-called "non-profit" healthcare systems, Big Pharma, dialysis centers, labs, MRI centers, outpatient surgery centers, hospitals, medical practices, etc. etc.etc. It is now all about making money (ask your doctor about her productivity incentives in her salary). Giant health insurers are already mining huge amounts of personal data and every merger consolidates more and more personal information. All of this is about making money first . Quite frankly, we already know what would save the most lives and improve health the most -- diet and other lifestyle choices. But this about money, not lives.
1
AI comes from the minds of human beings. Human beings are not infallible.
Medicine is an art and a science; knowledge, experience, and judgment are required to provide the wisdom needed to make diagnoses and to recommend treatment.
AI, with its collection and analysis of data, especially, epidemiological, can be helpful in making diagnoses and suggesting treatment, but should not stand alone with regard to the making of medical decisions. Physicians acting alone or in concert along with second and/or more opinions and who take in all information should be the gold standard.
As for medical confidentiality, it no longer exists. Electronic medical records systems make available, and can broadcast, medical information with the click of a mouse to just about all, with no real prior restraints except for the threat of censure after an inappropriate disclosure.
Further, the nature and content of medical records themselves have changed. They have gone from the documenting of scientific/clinical information relevant to the patient's condition to, also, being legal transcripts, to, also, being documentation for fees charged, to, also, being editorialized and critical essays about the provider's personal perceptions of the provider's experiencing of the patient. Providers have become authors, sometimes with license or abandon, of a specialized area of medical literature.
Where AI would fit in to all this remains to be seen.
2
As you're apparently not just a data scientist but an economist trying "to quantitatively assess the effect of the Internet and new media on political accountability" (according to your Stanford bio), I can't help but wonder: Is this op-ed actually a means to measure willingness to trade privacy for a vague promise that sounds too good to be true?
Put me down as a hard pass.
5
This is a just a creepy excuse for mass data mining for no legitimate medical reason.
Few but the very well to do travel all over the world for medical care. And they can bring relevant records with them, or FTP them in advance if say MRI images need to be sent ahead.
Much of what Miner posits as “data” are easy (and cheap) to redo tests, or would be akin to noting you have an allergy to shellfish.
Specifically what turns genes on/off is not real well understood. Therefore there is no reason for the mass collection of DNA samples.
People who care about laptop camera privacy don’t use laptops with cameras. Yes, they exist. Not a surprise that Miner omits reference to a most important internet privacy tool: The VPN.
Submitted May 22nd 1:32 PM Eastern
4
How about Congress first enacts a comprehensive, robust national data privacy law along the lines of Europe's General Data Protection Regulation? That to me is a much more pressing priority than watering down HIPAA, as the author proposes.
4
Im sorry but this is a very weak argument, and puts forth several "dinner table" solutions which are poorly thought out and don't recognize that the buying and selling (that's what will happen) of such personal information goes beyond credit card numbers. Further it goes along the lines of helping us live longer. Given the state of the planet, living longer is the last thing I want to contribute to. At some point, responsible medicine has to balance the headlong rush to live forever. It's killing us all.
3
Just use data from someplace that doesn't have HIPAA. In places like the UK, where care is guaranteed, you could probably get the consent of tens of thousands at least, even more if it was a non-profit enterprise, to use their data.
2
The theory is sound, but for the fact that every good thing in life is always, 100%, abused. And as long as it's abused, you'd be a fool to share your data, any data, to anyone.
3
That is on one hand. On the other hand, you would be bombarded with a zillion emails and phone messages from a zillion companies trying to sell you rubbish you do not need for the rest of your life.
2
This is an extremely bad take. Personal health information can be effectively wielded as a weapon in the hands of conceivably ANYONE who comes into contact with that person. Imagine your employer having access to the fact that you'd been treated for depression or alcohol abuse. Imagine private firms having access to the entirety of your DNA. The NYT seems so ready to publish contrarian think pieces. This one is just silly and certainly not worth sharing or protecting.
7
My wife and I happily signed into a large national program seeking to better target "precision medicine" via research on a hoped-for 1 million participants willing to contribute their DNA. We look forward to what is learned from us and many more over the next 10 years from "All of Us" (https://allofus.nih.gov).
3
With a last name of Miner he was born to be a data scientist.
2
There is a counterargument to data sharing that the ACLU would be happy to make. It might be worthwhile if our esteemed editors and those choosing Times Picks would consider why some of us might want to keep our data private.
It is more than a little bit one sided to present this as a stand-alone opinion piece which makes points that are less ethically defensible than arguments that were made in the 1980s for perpetual quarantines for people with HIV.
4
Mr. Miner,
Interesting that you changed your thinking and that in turn changed your behavior in terms of what you are willing to share.
Sounds healthy.
Ms. Fields
What utter nonsense. Sharing the most intimate details of your life with the marketing departments of giant pharmaceutical and hospital holding companies serves only to further enrich the already obscenely wealthy.
5
Your cause might be better served if data and computer scientists got rid of the A.I. terminology. What it seems is actually required, and one hopes is taking place, is Computer-Assisted-Human-Intelligence. CAHI.
Next step: a happy CAHI cartoon.
To summarize, Mr. Miner seems to be making the argument that "Lowering data-sharing barriers [...] is especially important if we want A.I. to be equally effective for all Americans."
Somehow he's gotten the notion that A.I. will improve health care. My response is: how could an artificially intelligent system - that lacks empathy - possibly improve the quality of my health care? It's tantamount to hiring a psychopath as my doctor.
2
Nice try, Mr. Miner.
You have no right to my personal data. There's enough artificial intelligence today. OUR world need some real intelligence to stop the invasion of OUR lives so a few people can make money.
3
“ creating an artificial-intelligence app that would tell people whether their symptoms were severe enough to warrant a trip to the doctor or even the emergency room.”
I use my own natural intelligence to know if I need to go to my doctor or the ER ... and when that fails me my wife reminds me
3
why not just utilize/access the hypothetically less expensive chinese data to organize our own individual concerns rather than subject ourselves to the possibility of genetic-based discrimination?
2
Here is the problem. The author tells us we will all get better health care if we let everyone and anyone look at our medical data. That might be true in a perfect world but, surprise, surprise, this isn’t a perfect world. It’s a world where personal date is used to discriminate, intimate and destroy. Can you imagine if some right wing group got hold of the medicalmdara of all the women who ever had a miscarriage or medical procedures related there to? I can.
It’s not just corporations we need to worry about it’s relgious zealots who want to kill people in order to enforce their own relgious views.
Luke, it’s not a win win. Our medical data should be private. A.I. isn’t the panacea you think it is and it’s not infallible.
You say the data is atomized I say you’d ant have it both ways...give us better health care but no one knows who we are. Of course they do. Please don’t insult our intelligence.
One more thing, let’s arrange for universal medical care first and maybe we can talk.
3
Why I am enrolled in studies of aging, osteoP etc. and all of my MDs are associated with major medical centers. I don't think I'm special -- merely representative of a certain "tribe"-- middle European and Jewish. (inclined to eye problems, diabetes 2 and high cholesterol-- not no blockage yet!!, arthritis requiring knee replacement) Was interested to see the discussion of "racial" (tribal, environmental) differences in blood in the NYTimes about a week ago.
Yes, of course, there should be a national database. OTOH we all do get old and die... and my 102.5 year old cousin says she doesn't wish 102 on anyone. She's been complaining about her longevity for several years already!! (no problems, besides weakness, arthritis, and deafness - for which the new phones are a marvel in terms of treatment.)
Yes, it is is very true that science and knowledge grow best when there is a rich data stream.
The problem is trust...almost every large corporation has been involved in immoral and criminal behavior. That certainly includes the "Industrial Medical Complex".
Many of us do not trust that our most personal and intimate data will not be misused.
5
As a student of machine learning, I see all the potential benefits listed in the article. But the political situation calls for the exact opposite action: until a completely different privacy legislation is adopted, share nothing. Share tomorrow less than you share today, because the current political climate favors corporate and government abuse of data. Healthcare legislation is in flux, and the conservative view is that people who are ill "have led bad lives" and are responsible for their plight. The GOP "solution" to the rise in healthcare cost is to create cheap "skinny" insurance that only covers healthy people. Their plan calls for letting insurance companies charge more for people who have more severe health problems. To discriminate against you, insurance companies need your data. Do not give it to them! Press for privacy laws, and when those laws are adopted, share your data for all the reasons listed by the author of this article.
5
It's perfectly fine if it is voluntary. But if this information can be used by an employer to discriminate against you? Or a disgruntled acquaintance, or an "ex"? I can think of a myriad of ways your private information, medical and otherwise, can be used for purposes not beneficial to you.
3
So now lets just say that I have an encounter with a service provider and and associated diagnosis of "bipolar disorder manic with psychotic features" and a co-morbid diagnosis of "alcohol dependence, continuous", and lets just say for the sake of argument that in my health record I have 30+ encounters with that system (which I would have with those diagnoses - more likely it would be hundreds if I live) and each encounter is associated with a service location and a date and time stamp and lets say a medication record and lab results - which would create a record for me that would distinguish me from ABSOLUTELY EVERY OTHER PERSON in the dataset. And this property of "distinguishability" is a necessary (though admittedly not sufficient) condition for the possibility of re-identifying my record - see the work of Sweeney re: re-identification of former Gov. of Mass. and the VERY LARGE volume of work that followed upon the seminal contribution of Sweeney, her associate Samarati and others. So you are saying I should disclose this and no harm will befall me because surely nobody will (a) do anything to re-identify my data and (b) will use that either to make a name for themselves or to market to me or to harm me? Help me understand if that is what you are saying.
4
As it turns out, interoperability and data blocking are some of the topics the ONC is seeking public comments on for its proposed rule through June 3, 2019, based on part of the 21st Century Cures Act: https://www.healthit.gov/topic/laws-regulation-and-policy/notice-proposed-rulemaking-improve-interoperability-health Institutions will continue to treat patient data as a competitive asset until regulation or financial incentives alter their priorities. In general, there needs to be greater clarity and consensus regarding what types of data can be collected, stored or shared by medical/ scientific and for-profit entities. There is little to no regulation in the US addressing the latter, which the policies ex HIPAA addressing the former are outdated and not patient/consumer centered.
2
No, sharing your data won't offer you better health care; more likely, it will be used to exclude you from accessing it, especially in a country such as the US where only the rich can access reasonable health care.
And then there are all the other consequences of losing your privacy...
4
Tried to switch doctors once. My great oncologist died and the person the health company brought in to replace him was scary incompetent. It would have cost me several hundred dollars to have my records copied and transfered to a better doctor. Fortunately, the doctor was replaced with someone who knows what he's doing before I had this done. I'd like to see this 'monopoly' tactic reformed along with a lot of other things in our health care system.
But before I agree to change HIPPA or even this tactic, I want to be permanently protected.
2
I am not a data scientist but it seems to make sense that more data would enhance the likelihood of connecting gene A with disease X so I think if it can be gotten anonymously more data would be good for all of us.
Read DEEP MEDICINE by Eric Topol to get one view of how AI may benefit us and how it depends on big data.
This piece would have had so much more power if you had actually identified the real culprit in blocking access to health information for research purposes - and having been the HIPAA regulator for almost three years, I can assure you it is not HIPAA.
HIPAA actually permits sharing for research and other purposes, and you don't necessarily have to spend a lot of money to de-identify the data in order to acquire it for a genuine research purpose. But HIPAA does leave the decision about whether to share information for research in the hands of the covered entity who maintains that information -- and therein lies the problem.
If it's not in their interest to share that data with you, it doesn't matter how worthwhile your project is. So a conservative interpretation of HIPAA often masks the real excuse, which is more likely to be one (or more) of the following: not a priority for the data holder; data holder has concerns about what you'll actually do with the data (i.e., will you use it to competitive advantage); data is perceived to be a corporate asset (therefore rarely made available outside of the institution).
As for the "excessive fines," I can tell you that large fines have historically accrued not just based on the data breach in question (which brought the regulators in the door) but because, upon investigation, OCR found that the institute had been significantly lax in adopting basic security measures for YEARS.
9
When we have Medicare-for-All and a non-authoritarian government, sharing personal data is easier. Until then, it can be turned against us. And will by greedy insurance corporations.
5
The health care industry is not hurting for lack of access to data.
The corporation that now control's my internists' practice requires me--if I want access to my lab reports and 'visit notes'--to sign up for their online portal. The fine print includes a giveaway of all my data. Additionally, our health insurance has access to all of it.
I didnt sign up for the portal, and paid the $2 to get a hard copy of my lab results.
8
As this article clearly demonstrates, hustlers always have and always will sell snake oil as long as there are marks willing to buy it. And, marks there will always be, for as the endless weight-loss and sex-enhancement industries demonstrate, the fact that hope breeds gullibility just seems to be part of human nature.
2
Health records, suitably anonymous, should indeed be widely available. NIH for example, or CDC, could handle such a project of building a national database. It is individual tracking, and targeting, that is the unacceptable.
1
@PT NIH All of Us is working on a database of a million individuals as we speak. Granted, it's for cancer, but it had to start somewhere. And Joe Biden was a huge champion of starting this, just as an fyi
https://allofus.nih.gov/
1
While few would argue that HIPAA is flawed, I find pieces like this troubling.
Mr. Miner, who does not say whether he is at a for-profit entity, complains that it is too hard and difficult for him to get the data to create a product that he, or his employer, likely wants to sell.
Many large healthcare organizations are willing to share data as long as the person requesting is willing to: 1) Pay for the real cost of curating and deliver the data, 2) Sign a Business Associates Agreement that indemnifies the organization if the data are breached. We don't have a shortage of data so much as we have a perceived shortage of cheap data.
I have noticed a troubling pattern among many scientists. They say effectively, "The raw material for my research (e.g. data) should be free, but the result of my research (e.g. apps and algorithms) should be protected by intellectual property."
Let is all remember that the US has NO law protecting health data. HIPAA only addresses data produced by some healthcare companies. Any health information that Facebook and Google derive from your posting, browsing, purchasing, location tracking etc. is COMPLETELY UNPROTECTED.
8
The premise of this article is disingenuous. The states, by law, already collect hospital discharge data for inpatient and outpatients that is available to real researchers from these government agencies; here is WA state it's known as CHARS. What the author is talking about is making health data COMMERCIALLY available to for-profit companies. Everyone is already on board with the former (it already exists), I would guess almost no one (except for the companies trying to profit off of it) believes the latter is a good idea.
6
The entire problem of privacy and sharing data is based on surveillance capitalism using our private information to herd our behaviors for their profit. This is subliminal behavior modification. All the corporations are jumping onto this technology, which they share. They are destroying our freedom and our humanity.
We could delink and anonymize our private lives, represented by our data tracks, from corporate monetization. And we might altruistically think that our scrubbed data would be beneficial to the common good, that we'd be teaching a machine to do good. But we know that under the guise of making your life more personal and more convenient, corporations would use that average human behavior based algorithm to their advantage, and against ours.
Profit-making corporations never place our interests above theirs. They always use us for their own ends, while telling us it's for our own good. You cannot trust them because they continually lie.
We think that we're the consumers but actually it's the corporations that are consuming us. They see us as free raw materials.
67
@Fourteen14
I Absolutely agree . The author's deluded conclusion that the corporate entities mining our data and treating us as no more than a commodity to be bought , sold and traded at will have our best interests , health and wellbeing as part of their agenda shows the author himself tooth be blinded to reality as well as having an extreme bias in favor of Tech for Tech's sake .. all others be damed !
Simply stated the author is part of the problem ... and is in dire need of reevaluating his personal ethics , philosophy and morality which on the surface appears to be more in line with Ayn Rand... than any sense of altruism or concern for our health or well being [ Ayn Rand strongly condemned altruism , generosity , concern for one's fellow man and charity while lauding narcism , greed etc as positive personality traits to be sought and cultivated * ]
* As a digestible and condensed reference to the destructive philosophy and ideologies of Ayn Rand and the damage it has created from Silicon Valley to DC to faith and religion in the US [ mainly christianity in all its forms ] I highly recommend :
"Mean Girl : Ayn Rand and the culture of greed " ; by Lisa Duggan
6
@Fourteen14 Your comment is dead on, 100% correct. We have entered a neo-colonial era where Oligarchs and huge corporations have assumed the position that the sovereign nations of Western Europe held from the 15th through mid-20th century. These neo-colonial oppressors are strip mining our wallets and any semblance of privacy or dignity we have sought to shield from them. They have purchased the governments that are supposed to represent us in order to change any laws that stand in the way of their greedy imperialist objectives in order to make their theft from, and enslavement of the common man seem legal.
4
@Fourteen14
Thought I should add that my privacy concern is with profit-making entities and not the non-profits. And Mr. Miner is likely making the correct point that big data is needed to feed those learning algorithms designed to make our lives truly better.
This is another area, by the way, that China's AI has a leg up due to their vast population data (maybe using our phones too). Whichever country that pulls ahead first with AI rules the future. (Moreover, their command economy is very well suited to AI).
A-student researchers have deep knowledge in a narrow domain. They are purists unsullied by concern for profit. The B-students, whom they work for, focus on that. The naivety of the researcher locked into his lab is understandable. They make the breakthroughs but the money guys own and fund their research.
Profit, not data, is the root of evil. You don't need it (as they say you do) to make a corporation viable. Profit is excess, all expenses including reinvestment and salaries have already been paid. Profit is rent to risk investors and a cushion for a rainy day. But you don't need it; non-profits work fine without the premium and are not pushed to monetize everything at all costs.
I'd have no problem with non-profit research groups using big data to fulfill their mission. They have no inherent motivation to get greedy. It's only the profit-at-any-cost corporations that we need to protect against. They will kill your entire family for a dime.
4
A lot of commenters think the author's case would be a good idea, if there were sufficient regulation. Unfortunately, they don't seem to understand that, when it comes to the internet, regulation -- even presuming such were enforced -- is largely meaningless. Contrary to what we all would like to believe, the "bad guys" are as smart as the "good guys" and, likely more motivated.
In any case, as the internet is truly international infrastructure, it would take a world comprised of nations with very differing values and agendas to agree on the what and how of such regulation, a concept even science fiction writers would have trouble maintaining in any credible manner.
5
People with medical conditions often have to make multiple trips to various doctors (often affiliated with different hospitals) and various imaging offices in order to collect valuable reports and CDs of scans so they can be read and scrutinized by others.
Not every doctor gives out email addresses. Not every household has a fax machine. Not every patient has the stamina to fetch actual CDs from archives offices and deliver them elsewhere.
Allowing medical records to be accessed is a good thing. Yes, personal information is included. So's one's social security number at times. But I think the barn door's been left open on that one.
16
@B.
This is phenomenally foolish and short sighted. Many people also have conditions, like sexually transmitted diseases, or diseases which may carry a social stigma in their communities. If you want to share your data, be my guest, but what you are advocating is functionally going to lead to the elimination of privacy protections for everyone.
7
@B.
Someone needs to have a talk with George Orwell.
2
Do you mean more facebook disasters are needed?
Do you mean do this so a few scientists can make personal fortunes off our data? Only later to sell us products many people can't afford? and that aren't very effective in the majority of cases anyway?
You would have to pay me - a LOT - to get me to share my data with the folks who tell us they will cure every disease soon if we would all just give them our data.
It's the ultimate scam.
53
@Nancy
You really nail the risk that Mr. Miner otherwise elides: if we give our healthcare data away freely to corporate entities, we have no control over how they may decide to sell the fruits of that data back to us.
Take the not-so-hypothetical example of a company that develops an AI to spot tumors in lung CT scans. Thousands of patients may contribute their medical images to help with such an endeavor. And what does society get in the end for such cooperation? A single company that now owns the IP for the world's best method for diagnosing lung cancer. Given recent price-gouging controversies in the pharma industry, I can't say that I'm reassured by the idea of business entities locking up more aspects of humanity's collective understanding of healthcare. We should tread carefully when it comes to the ownership of health data.
33
I'm sorry, but in the scope of problems with our healthcare system, reforming HIPAA so that millennials can build healthcare apps doesn't strike me as a burning priority. There's a lot of hype regarding AI and medicine, and this is one area where we don't need to "move fast and break things."
73
As long as we move towards universal health care and carefully exclude penalties for pre-existing conditions, then the arguments here may have some merit. But in a world where our health data are put under a microscope to set and constrict coverage this sort of data sharing can also do a great deal of harm. As is often the case, the problems may not be due to the technologies themselves, but on how others choose to use them, particularly for financial gain.
If spread too far and wide, employers can also easily discriminate--it is not much of a step to people with many chronic health conditions would be avoided in the workplace, if those health data could be used.
Any employer who had to pay health insurance premiums would be tempted to try to gain access. Pharmaceutical firms could further target their marketing.
I know the old argument is that sunshine is the best medicine; it also kills.
62
@JSK
This writer hasn't heard of anonymizing, so medical data cannot be traced to any individual. With a little care, it works. Researchers want averages over large numbers of individuals, not to tie a name to any one record.
1
@Jonathan Katz
I am not sure anonymizing works as well as you think: https://www.theguardian.com/world/2018/jul/13/anonymous-browsing-data-medical-records-identity-privacy .
1
The author should know better.
The collection of personal information including healthcare contacts, medical encounters, surgeries, pharmaceutical use, and DNA alleles should belong to the individual and not to those who collect it and sell the information to others for profit.
Remember Henrietta Lacks whose harvested immortal cells spawned an entire cell culture industry.
A much better approach to advancing health outcomes would be universal healthcare for all Americans.
Epidemiological studies of that covered group would show the modifiable effects of alternate environments on the risks of premature death and disability.
Diet, clean water, sewerage treatment, air quality, prevention of smoking, exposure to guns, lifestyle differences, unsafe products, unsafe transportation, harmful drugs and alcohol abuse are where the biggest payoffs lie.
Collection of your personal data and health information by strangers and corporations is not benign and the mergers of for driven by profit corporations (CVS and Aetna) with non-profit healthcare provider "partners" (hospital chains and medical providers) creates information pools for data miners to enhance their profits at the expense of you and also your DNA relatives.
72
Ms. Lacks's cells came in handy for untold numbers of people.
As I get to the end of my days, I think less about cremation, my first choice, and more about giving my body to a medical college. I certainly wouldn't expect my family to profit from whatever good might come out of it.
4
@JMT
Henrietta Lacks was provided with high end (for the time) medical care, which unfortunately was not enough to save her. Her cells were not harvested maliciously or dishonestly, but as part of her treatment. For her cells, after removal, to not belong to her any longer was normal then and still is today, unless that has changed very recently.
ALL of us, EVERY TIME we have blood taken or cells harvested for a biopsy or Pap smear or whatever, or have a tumor removed, etc., are DONATING our cells and tissues to the system. If any of us had cells as interesting and useful as the HELA cells, our cells would probably be commercialized also, if a doctor/scientist noticed their special properties. We could only hope that our cells provided benefit to as many people as the HELA cells.
[I believe that Henrietta Lacks descendants have received some compensation. There is some problem in how they (the family) were treated earlier to obtain information and it is unfortunate (perhaps, unless they are not unhappy about it) that their private personal information was made available. However the cells entering the public domain was not the issue.]
2
Until there is a gaurantee that big data wont be used to preclude people from care, especially for pre-existing conditions, I don't want my health info being seen or used by anyone!
122
So-called "Obama-care" guaranteed that pre-existing conditions could not be used to exclude people from health coverage. I personally was very relieved when it passed even though I had medical coverage through my job. (Hey, almost anyone can lose a job.)
So I was puzzled when so many people voted for Trump and the GOP, who called for abolishing this humane law.
21
@B. I don't think anyone anticipated the pre-existing condition rule of the ACA to be changed - that was a surprise paid for by the insurance lobby.
2
How can the voting in of Republicans NOT have meant the death of that clause?
5
I think that there are a lot of people like me who don't have preexisting conditions that an employer or insurance company or individual would care about.
I would have no problems with and support researchers using my medical history, to advance better medical care. I don't see why a person couldn't sign to opt out of HIPPA for research, if the opt out clearly stated the reasons why a person might not want to have their medical records accessible. And a person could opt back in at any time.
Currently, medical practice is largely defined by insurance corporations, whose well-paid legal teams work to maximize corporate profit. The downside of the previous medical model, which had the doctor as an independent, unquestioned priest, has been replaced by the downside of the patient being reduced to a statistic to be harvested.
Doctors, who once had impressive clinical experience dealing with and latitude to treat an individual body, are now reduced to busily spending the very brief patient interaction furiously typing away on a keyboard and figuring out which legal algorithms and protocols to quickly usher the patient out the door with.
Much as car mechanics no longer know how to fix a car's parts, largely left to the expensive "art" of replacement because of the way cars are designed, doctors have largely become just technical purveyors of computer-driven modeling.
It used to be that for a buck eighty-nine, a screwdriver, and five minutes of my time, I could change a headlight. The other day a friend took her Toyota into the dealer to change a headlight because the headlight in her car was not accessible, and she was told it would cost $350 and to make an appointment to return and spend an hour there. Medicine is now similar.
"In Health Care, Too Much Privacy Is a Bad Thing" trumpets the title of this article. As one who strongly values quality over quantity, I would instead be inclined to write a piece headlined, "In Life, Too Little Privacy Is a Bad Thing."
3
Safely anonymized health data would revolutionize cancer and heart disease diagnosis as a minimum. What seems to stand in the way is concerns about insurance company usage of this data.
A solution to that concern would be a national health care system that tightly regulates the insurance providers, like other advanced nations have.
2
I have been told by medical record security experts that the per person price on "dark web" internet sites for stolen medical records presumably intended for unlawful/fraudulent use by ID thieves and other scammers (and possibly by currently legitimate targeted marketing businesses?) is normally higher than the per person price of most stolen "normal" financial records.
Note that such medical records usually contain social security, payment methods and other financial info, as well as extremely sensitive personal medical information.
It is easy to understand the reason for this pricing difference, and why most informed people have great hesitancy about electronic medical data, given the lack of uniform security standards and effective and appropriate liability for entities and individuals involved in data collection, storage and transmission.
2
One ought to be able to voluntary share data to a data base just as one can volunteer to participate in a clinical trial.
Artificial intelligence will not really be a diagnostic tool, although it may help to perfect differential diagnosis. Differential diagnosis is the mental exercise every physician goes through to decide on a diagnosis for their patient. It is the laundry list of possible ailments for which we order tests and look for symptoms, and signs in the patient in order to rule them in or out as a diagnosis. For example, Mr. Miner's father, his diagnosis would have depended on several things: 1) the lung abnormality on chest x-ray, 2) work and exposure history, which might have suggested mesothelioma over other types of lung cancer and 3) a lung biopsy results for a definitive diagnosis. Mr. Miner has my condolences on his loss, but A.I. would not have made a diagnosis, but it might have suggested it or made a pathological diagnosis more accurate.
HIPAA was instituted during the beginnings of "managed care". People we're worried about being fired from work, being refused a place to live, being excluded from opportunities, etc. on the basis of a diagnosis of HIV or cancer. Development of A.I. requires lots of data, but that data would need to be anonimized. I am surprised to hear that Chinese companies have access to our data. That sounds like a case that the ACLU should be taking on. A.I. is a great thing, but I would still prefer a human physician to deal with me. No video conference. There are things that can't be picked up on a questionnaire or video that can affect patient care.
1
I have always found it curious that HIPAA is supposed to keep our healthcare data private from everyone except the insurance companies - the one actor who can use this data in the most nefarious ways.
7
It is too soon to know if I am a cancer survivor, but that is my goal.
Since I started treatment I have been asked three times by my HMO Kaiser to participate in various kinds of studies. I say yes every time, if only to honor those who went before and to aid, however I can, those who come after.
4
As a senior technology administrator in a major medical system, I disagree.
>Reforming HIPAA does not mean opening up all of our personal data to the highest bidder or for all uses.
As a matter of fact, it does. Piracy, viruses, we're all susceptible to them. Hospitals are hit all the time, and there goes HIPAA. Insurance companies would like this data, marketers for pharmaceuticals, vendors for medical products. It's been shown that anonymity is impossible at this point.
No thanks.
6
Given the rate that privacy is being eroded it is strange to read a headline saying that "Too Much Privacy Is a Bad Thing" when it comes to health care. There are endless arguments to give up privacy such a better health, a better running car, more efficient financial transactions, an optimized home, the ease of using voice commands, etc. Yes, there are some real advantages but the trade offs are generally not worth it. Privacy itself is an important goal and is not worth giving up because someone like Mark Zukerberg makes the outrageous claim that privacy no longer exists. We need to get our privacy back before we wind up like China with social credit scores being used to control our behavior. If we want optimal health then we will allow sensors to be attached to numerous parts our bodies which will provide a constant stream of data to AI algorithms which will assess our health status at every instant and the data will be used for targeted advertising and decisions made about our health insurance as well as our health. There are trade offs here between health and constant surveillance that need to be given much thought.
2
The author is probably connected with a Big Data company which will be bribing government officials to change the laws to his liking anyway. He does not say who he works for, which is a bit ironic since he wants us to share all our information with him. He also does not include the justifiable belief that AI programs can easily deduce all our personal information from the "anonymous" medical information we give him. Birth Date, City, Height, etc. can be reverse engineered to point directly at me, if someone wants to do it.
I'd be open to this general idea if my data were kept at my physician's office and only released to the AI professionals at my death, much as my organs will be contributed to needy patients at my death. I'd be even more willing to do this if I was paid handsomely for this contribution, which would not have the ethical issues involved with being paid for my organs.
As others have already said, there are many more and better ways to improve health care in the USA that do not involve providing large corporations with yet another source of income.
5
I am a retired physician who dealt with HIPAA for a number of years, and I would have to say that of the many things that caused me to retire, HIPAA stands tall as one of the most important. I was really brought to the understanding of the issue when I found that I had to talk to my internist about some lab studies, rules imposed my my far too conservative and frightened clinic.
Our medial system would be far more efficient if HIPAA didn't exist and our much touted (and entirely failing) electronic charting system were allowed to mature into a functional system.
In my years of practice, the unspoken rule to not talk about my patients' illnesses was an occasional issue for my wife, when one of her (sometimes best) friends would ask her when I was operating on her husband and she had no clue that I had even seen him. I guess that puts too much trust on the medical profession, but it has worked for many millennia.
HIPAA and electronic medical records have combined to make practicing medicine much less efficient and I'd say likely more error prone than it was prior to those touted reforms.
3
As a researcher based in a healthcare system for much of the last 20 years, I can validate many of the author's assertions. Appropriate access to health data for approved research is challenging (but possible!) & the data are often very messy (but usable!). I'd be over the moon if we did live in a more altruistic world where data donation for advancing our understanding of health & healthcare was the norm, with thoughtful principles that enable individuals to decide who may use their data, under what circumstances. Further, we must acknowledge that these decisions & preferences are dynamic, and may change if the individual/family is befallen with illness, has their data compromised by a "bad actor" or for myriad other reasons.
But our current reality is less conducive to a utopian ideal of data sharing as a public good. Data is valuable, both at the individual & aggregate level. Yet calculating this value is no less than a Gordian knot--permutations of how the value is quantified are infinite. That said, biotech & tech see infinite potential & payoff our health data.
Unfortunately, current regs (HIPAA, chiefly) were created in a pre-digital era. Modernization cannot come soon enough, and GDPR is a great template for the U.S. Additionally the Genetic Information Nondiscrimination Act (GINA) should be expanded to encompass all medical information (MINA!)
Only through sensible policies can culture change follow. Otherwise, tech & corporate leaders will set the agenda.
1
Well, at least it is obvious the writer has a vested interest in his proposal. And an obvious blindspot that appears to be endemic in the tech world: the potential for truly evil outcomes. The writer seems to assume the data harvesters will be benign and honorable in their desire for and use of our data. Like Cambridge Analytical? Only the potential for truly horrific consequences arise when medical and eventually genetic information is disseminated without specific individual control. Yes- AI can help in medical advancements. No- we don’t have adequate ways to safeguard the privacy of the individual. Please technologists: solve the problem before asking for our information.
6
HIPPA: HEALTH INSURANCE PORTABILITY and Privacy Act was all about health insurance companies having easy access to information they could use to deny coverage for “preexisting”conditions when patients switched health insurance carriers, with the ruse of protecting patient privacy. Patient privacy was long lost in the process and health insurance companies got open access to all the data they want to control their profit margins.
5
"In Health Care, Too Much Privacy Is a Bad Thing" trumpets the title of this article. Actually, as one who strongly values quality over quantity, I would be inclined to write a piece headlined, "In Life, Too Little Privacy Is a Bad Thing."
5
"An app that would tell people whether their symptoms were severe enough to warrant a trip to the doctor or even the emergency room." More like .."An app that would give payers ammunition to reduce utilization/deny claims." That's the world we live in Mr. Miner and to think otherwise is simply naive.
10
Oh, yes, we want free data to create apps, medications, or diagnostics whose benefits will be sold to us later. Or insurance might lock us out somehow.
6
"One solution is to increase patient control. The government could create a data repository to which patients could upload their information and that would give them controls over how much they wanted to share and with whom."
In practice, no one wishing to share their data would upload it. Rather, anyone wanting to see a physician, or wishing to be covered by health insurance would be asked to sign paperwork akin to the "terms and conditions" many of us routinely sign to use apps and websites. In short, there would be no functional way to opt out and still receive health care. Indeed, very likely even patients paying cash would not be permitted to opt out.
What this means is that patients would lose control over their data, likely in a way that would be irreversible. As health care providers are also increasingly asked to document lifestyle issues that may relate to health, like sexual orientation and practices, immigration status, legal history, firearm ownership, history of physical or sexual abuse, or job or marital conflicts that cause stress or insomnia, this information is likely to end up being shared in perpetuity with health care organizations.
Concurrently, the US Dept of Health and Human Services is also trying to re-interpret HIPAA laws to allow for what amounts to unlimited data sharing. Dept of HHS is currently asking for comments to be offered on this (Docket HHS OCR 0945-AAOO) but virtually every news outlet has been ignoring this.
4
For a longer, healthier life, stay away from doctors!
3
AI : the ultimate, faceless functionary against whom there will be no appeal. Programmed by humans unable to predict the consequences of tiny algorithmic subtleties, it scares me ... and it should scare you.
3
Yes of course -- the writer works in big data, and is telling us go ahead, give up your data.
There is zero trust left, thanks to the fact that entire industries -- the worlds most valuable companies -- have built their business models on wanton disregard of privacy in their use of the most personal user data imaginable.
May the writer take a long walk on a short pier. Preferably over shark-infested waters.
4
Medical data brokering is already an immensely lucrative business. You and your health are not benefitting. Corporations are:
https://www.fastcompany.com/90310803/here-are-the-data-brokers-quietly-buying-and-selling-your-personal-information
Have a close look at the second graphic in this article: "In 2017, data giant Acxiom provided up to 3,000 attributes on 700 million people. In 2018, the number was 10,000, on 2.5 billion consumers." This included readily bought-and-sold health data which insurers/pharmas/and other providers collect on you.
https://www.wired.com/story/veritas-genomics-scoops-up-an-ai-company-to-sort-out-its-dna/
Note in particular: "With AI, Cifric [the founder of Veritas] believes Veritas will be able to not only dig up these various genetic contributors, but also assign each a statistical score showing how much it contributes to the overall risk." Risk = the amount of resistance an insurer has to covering you for this (possible) disease. When ACA is repealed, this will happen. Any genetic info will be fair game.
2
This article: Data scientists like privacy until it cuts into their bottom line.
4
Ever tell a secret to someone you trust and then they use that against you later.
2
China has no problem accessing the medical data of its citizens, maybe this should be a clue to where this is going.
5
Health insurance companies should keep and analyze all health records - for clients that elect the service. Because many would not trust the government, private companies would be a necessary part of future health care systems. As digital monitoring expands with technology, most data could b0
@Eugene Patrick Devany Should they? Or will those insurance companies merely use such data to jack up premiums on certain people as "high risk" customers? If protections for pre-existing are shredded, insurance companies can use that data to argue that they don't need to cover anyone who is genetically predisposed for cancer or other illness. People may not trust the government, but we already have death panels. They work at insurance companies and they are devoted to making sure they maximize profits even if we end up dead or broke for the crime of getting sick and needing insurance.
3
@Eugene Patrick Devany
And you are naive enough to trust private companies? I would trust folks at the NIH over a private company any time.
@Rob Kotecki
I wrote my comment on the train and sent it before finishing. My thinking is that technology will require AI to efficiently review the health data of all who elect to participate. Private health insurers are a natural for keeping and using the data that will come in the 5g world.
Premiums are always going to be health costs plus 10% and the incentive must be for people to pay until the government takes over at 65. Different premiums for those who are ill or healthy are a political issue which has nothing to do with digital records and treatment recommendations.
1
The author is in the data field. Not surprising he is of course all about giving it away for “a good cause.” That’s exactly how we give away all our privacy, rights, freedoms - one good cause at a time.
3
We don't have privacy it's all pretend
2
You should want to give away your anonymized billing data, too. "Privacy" of medical charges just allows the medical industry to make those charges arbitrarily high.
I am with Luke on this one. I have shared my data and lots of health information with 23andme, Kaiser Permanente research, Nebula Genomics, and soon others. I am not concerned about the risk and the gain to humanity could be large. Even if you had a guarantee, that does not mean there is no risk. I feel that the risk is very small and the possible gain is enormous. I am taking one for the team, my gift to humanity. We need more pioneers. Oddly, so many people are willing to volunteer for a one way trip to Mars, to me this is a much better risk vs outcome bet.
1
I’ve worked in public health and understand first hand the importance of population level data. However, I’ve also worked in health care with a company that was building a non-hippa complaint platform with AI to harvest data. Until we get profit out of health care, there is absolutely no way I’d give my data away to an organization to make a profit or worse make discriminatory decisions. For now, I’m keeping my data close.
6
@FM has this right: the profit motive tarnishes and adds loads of risk to anything involving privacy. A solution not mentioned here is pushing for use of free, open-source EMR (electronic medical records) software throughout the country with built-in, established and vetted, automatic data sharing. Not only would this greatly reduce the cost for health providers (eliminating licensing fees and most of the costs of transferring patient records), it would also speed all-sorts of research as all persons' anonymized data would be readily available for research use.
@EDF The UK NHS has all its general practitioners using EMRs. There are several differenth ones, some of them developed and improved by GPs themselves.
Data sharing works between all of them, but only to a limited extent. There is a standard document listing patient name, date of birth, address, family doctor and his contact information, and then the medical info.
This is a set of diagnosis codes for the patient's chronic conditions, a set of experienced diagnoses (e.g. what has he had so far e.g. measles, diabetes, fragile bones, fractures . .), and a set of current and past prescriptions, allergies etc.
It sounds like a lot, but it amounts to two pieces of paper or a short email. If you have it with you any doctor in the country can look at it and know enough to treat you, or enough to make an informed diagnosis.
The NHS does in fact use information like this to study what works and what doesn't, and for whom.
It is one of the great benefits of a national health service. The information in your record cannot easily be used by a commercial entity to make money by denying you insurance or for 'pre-existing conditions.'
As someone now living in the US I'd have to be out of my mind for allowing my information to float around freely. It's worth too much to someone else, and it's going to be at my expense.
1
What if you have a serious medical condition that you don't want the world to know about? If Mr. Luke Data-Miner gets his way, the only way you'd be able to keep your secret is to completely avoid the health care system.
No, Mr. Data Miner, we're not willing our most fundamental rights to privacy just to give you more numbers to play with.
7
The National Academy of Medicine has an ongoing work group that is addressing the issue of data sharing from the perspective of patients, researchers and healthcare administrators. The workgroups are currently identifying obstacles from each of these perspectives and proposing pragmatic solutions. More information about this project is available on NAM’s website.
By the way, HIPAA imposes no impediments to sharing de-identified data; the data can be shared freely. However, there are still costs and obstacles, such as a lack of willingness to share data.
3
The United States has a profit-driven health care system. The use of patient data, in the end is about making money. While it may help a few people get rich and rich people stay alive, we already know the best way to stay healthy - prevention. What is odd about our system is that it is impossible to ascertain what a procedure actually costs, but that is part of the secret formula for our corrupt health care system. Data is power. Be careful how you give it away.
7
Mr. Miner, as one scientist to another let me respond that there is no "good fairy magic" to that ill-defined term "Artificial Intelligence". In my work programming expert systems and neural nets I often encountered the awe of interested researchers and business people about the "Great Mystery" of computers that could boldly go beyond what mere people had been able to find. Bunk.
What I actually found running such programming on real-world problems was that AI, like computers, is basically a slide rule writ large. My massive data sets were crunched by well-known math formulae and even a few new math tricks, and really could find in minutes correlations no one had yet found in the piles of data. My friend was actually doing similar work on a health insurance company's data on several million customers. But it ain't magic, it's math, big, fast math.
I find AI a useful tool, better than my college K&E slide rule or my first HP calculator. But I have also encountered enormous amounts of "Artificial Stupidity", in misunderstanding what AI is and how it can be used and abused. AS from people awed by surprize results from the black box of AI. Worse, AS from the computers' inability to tell significant results from random correlations that occur in large enough data sets, and of AI to interpret that data in the human context.
FDA can take a decade to approve a new Rx drug that works. We need similar caution with AI.
9
Except the people whose data is used to generate all these wonderful things won't benefit form them. Will they ? Rather like the 84K hepatitis C cure the results will be reserved for those who can afford it. Why should I give up my data to make a handful of people and companies rich off IP. IP whose results That I will never be able to afford if i need it?
7
@Stephan I don't think we should necessarily give our biometric data away because I fear the consequences of discrimination based on that information. But this doesn't strike me as a strong reason. If it doesn't cost you anything, why not help people in the future?
Or let people participate financially in the event that the research borne by them leads to successful treatments.
@Paul
If you want to help people in the future, clean up the environment and help get climate change under control.
There is a real problem with sharing and I'll take my chances with cancer rather than share. That problem is that every time I share, I end up regretting because the entity I shared with has found some way to exploit whatever I've shared and I have no recourse to stop them. Good luck with your research, I would actually love to help, but I don't trust you or your firm, sorry.
5
A person's health status can, and is being used as a screening tool for employers and health insurance companies who penalize those with chronic health problems. If we had Medicare-For-All, why would anyone care if their health status was widely known?
So, there are many good reasons to adopt Medicare-For-All, including huge overall annual cost savings in the $500 Billion to $1 Trillion range. THAT is a pretty significant cost savings!
7
Doctors take the Hippocratic oath to do no harm. Have data scientists made the same commitment or is their strategy to play it fast and loose and beat regulators to the finish line?
History has shown time and time again that when a society is vulnerable and desperate for solutions, exorbitant amounts of money get spent on promising technologies that fail to live up to the hype. By the time the mistake is realized, the circus has already moved on to another town.
7
The writer may be a "data scientists" (whatever that is) but apparently he doesn't read quality medical journals as in virtually every issue they have studies based on data sets where patient information is pooled.
If you have health insurance of any kind or even if you don't but have sought care from a healthcare professional, and that's pretty much the entire U.S. population, you have long since been included in many data sets. You may not be aware of it but be assured that you are.
7
If Congress would pass a mandate that our health data could not be used for premium pricing in our current insurance/health care system (or life/disability insurance), than I am sure more people would be willing to share their health care data. Why would we share something that would only be used against us?
4
Like the author, I, too, am fastidious about my online data privacy. However, I willingly shared all of my past, current, and future medical data with the All of Us Research Program. It's run by the National Institutes of Health and they're hoping they can gain a large enough dataset of individuals from diverse backgrounds that they can share anonymized data with researchers.
My dad had a rare and terminal disease. Research and trials from other individuals willing to share their medical conditions helped him to live 3 years beyond what we expected. Every single one of those days was precious. As the anniversary of his death comes in a few weeks, I've been thinking a lot about this.
At the end of your life, you can't take any of it with you. What matters is what you've given away to help others. I don't know that my health records will lead to any medical breakthroughs for anyone, but if there's even a chance they might, I am willing to risk some loss of privacy.
2
In Health Care, Too Much Privacy Is a Bad Thing is, on its face, unarguable until you factor in the threat posed by autocratic and self-serving governmental systems designed not only to allow the predators the advantage in a financial transactions, but data gathering for criminal referrals for sexually associated acts.
Said differently, talk to me about this when presidents are not acting as if they are above the law and sidekicks aren't plotting another way to separate families by locking them up.
2
A lot depends on the people/agencies sharing medical data. I had a major medical emergency in March, but my treatment was provided by a team of doctors within my hospital/medical group. Since they were all within the same broad organization, they all had access to my historical records and could update them with new test results and consultation records. The team approach within this group solved my serious problem(s) and saved my life. Credit goes to their centralization of all my data, but fortunately it's self-contained within their system. I'm grateful for that and I feel safer that my records won't likely be compromised.
1
If the trend is the monetization of data then why should I freely provide my details so that others could profit?
Yes, the end result may be for the greater benefit, but if I receive no residual payment while others are greatly enriched that seems unfair.
My pinion is that MY blood or health experience should NOT be used to enrich Wall St.
Saying that HIPAA is restricting research and the access should be allowed is one thing, making the results available to all, at cost, with limited or no profit should be the next step.
5
Here's the problem. In a nation in which access to quality is a privilege, not a right, citizens have good cause not to share their personal health data. Such data can be used against them (e.g., with respect to pre-existing conditions). And it can be generate considerable profits, which can be used against them, by monopolistic entities, fraudsters, hucksters, and unscrupulous state (and non-state) actors.
25
Exactly this. We have the worst health care information system, employers can easily learn everything and doctors know nothing, while everyone fills out mountains of paperwork. It's a broken system propped up by Republicans.
7
Yes. If we want people to share their health data, it should exchange for lifetime guaranteed high-quality healthcare. The people who will benefit the most from the application of big data science are not the “average joe” but companies that will enrich their owners/investors. I am all for using data to improve health care, but their should be a real benefit for the data sharer.
3
Unfortunately, using an individual’s health data is as likely to be used for increasing profits as improving health outcomes. Health insurance companies denying coverage, or charging higher rates based on the data you willingly provide. You would need to move to a “single payer” system (as we have in Canada) where improving health outcomes equals lower costs, not increased profits.
13
Sharing health data is fine with me as long as I know what is being shared and with whom. This sharing does widen the gap between the healthiest of us, usually those with access to technology and those who do not have the technology such as wearable monitoring devices. Often the sickest, who put off routine health checks or taking medications such as anti-hypertensives, are not part of data sharing thus creating inferences by researchers that are not accurate. As a surgeon in an urban area, many of the people that wind up on my operating table, have not seen a physician in years or have many years of health neglect. Today, living a longer and healthier life depends on educational level and income which should not be part of healthcare.
2
This article hits on a subject that has bothered me for some time. HIPAA caters to the most paranoid among us. While The strict rules may help some for who it is important or desirable to keep medical information private, many like myself could not care less if anyone finds out we have bad knees or BPH. In our case HIPAA causes much unnecessary hassle and little or no benefit.
In my opinion patients should be able to opt out, so that their information can be easily shared between providers, accessed for our own benefit or shared for research, reducing paperwork and overhead in the process.
One very strict size does not fit all.
2
I share my health information anonymously with All of Us research program. I had a one time visit to a clinic, had all my vitals taken. I answer questions and my medical history is shared with them. I also share my fitbit info with them. I just believe it is worth it to help future generations with health. I maybe naive and trusting, but if this can help keep people healthy, I feel it is worth the risk.
2
@Anthony White I also signed up to All of Us, but this is not what the author of this article is referring to. Your AllofUs info is covered by HIPAA and is de-identified as per standard protocols. The fitbit info I'm not sure about and do not share this. Bottom line, research is currently possibly, it's just that some want to take shortcuts to access that data at the expense of our privacy. AI is has shown promise with identifying patterns, but so far not in symptom checking.
I briefly held a clerical job at a large hospital and can tell you the problems are deeper than HIPAA. My clerical and medical colleagues were consummate professionals, but patients' data was still not terribly secure.
This was partly due to an antiquated and patchwork system of recordkeeping, and partly to management's priorities elsewhere, namely on cutting expenses with little strategic thinking--except cutting their own salaries, of course.
As a result, I withdrew from a hospital-sponsored medical study because I knew my data would not be as secure as I was told.
8
AI is the new bright and shiny toy. As with genetics, the promise is great and the ROI is scant. Frankly, if AI is controlled by the "sharks" that run tech I am very, very wary, and so should you be.
17
HIPPA emerged out of an ugly divorce case where health data was used in child custody issues. Sadly, the legislation ironically reflects the need to protect us from ourselves while at the same time constraining our ability to improve ourselves. As a physician, it’s clearly a massively expensive and labor intensive anchor that slows not only the sharing of data among hospitals and doctors, but incurs huge waste in a system already filled with inefficiency.
Despite the pitfalls in using big health data in research, and there are many, the positives of having that access hugely outweigh the negatives. Imagine the questions that could be addressed with such information.
However, until our government changes the laws surrounding how our health can be used against us, we we always be like the ancient mariner: water water everywhere and not a drop to drink.
7
While I personally could support anonymous data sharing, I wonder how useful it would be. My primary physician has a completely electronic office, but she has really no use for data that comes from my fitness watch. She would get a general idea of how well I sleep, how much exercise I get, and how my weight changes. It does go into written notes when I see her twice a year,but not something upon which she can professionally take action. Luckily I maintained good health. My tests for physicals are electronic, but since the ranges for the tests already appear on sheet, somebody already knows that data. Consequently my added info for a well person does not add much. Any learning from primary docs would have to come from digesting written notes from hundreds of thousands of doctors.
My guess is the mother lode of data is at hospitals. You have data on actual sick people, coded diagnoses, and all kinds of numeric data points. Are not hospitals allowed to use data for own patients? As hospitals become part of networks, I would expect that data becomes large enough for AI to work. It would be strictly regional, but still could cover several million patients. That population is not 325 million patients, but it surely would be enough to provide some benefits while abiding HIPAA.
Maybe some like spending their lives in doctors offices and taking tests to diagnose possible upcoming diseases, but I'd rather live a full life outside of any doctor's office, then go out at the end as people did for millennia.
I'm not sure that all the research helps patients' longevity at all; rather it keeps people paying for medical tests, consultations, and mental stress as another dire possibility is examined and eventually put to rest or treated with side effects. How much more time we might have for good living if all those tests didn't interfere?
11
Well, say it again when you have a condition that is not terminal but with a decent diagnosis and medication you can keep going in a reasonably healthy state.
I am with you on a speedy, comfortable death when things begin to get rough. Adding another 2-8 months of life in and out of hospitals is not my idea of a good end. I've seen it far too often in too many relatives.
But until then -- .
1
Thanks for raising this all important topic. As you can see from other responses, healthcare is complicated, and a lot of people in the field have difficulty seeing the forest through the trees. While reliable/validated benefits of AI/ML in healthcare are still 5-10 years out, the early returns are truly remarkable. Healthcare policies that drive greater data accumulation and utilization will substantially expedite progress towards improving health outcomes. The public needs to be better informed about the benefits realized by their "consent" to contribute data to this worthy cause. Their lives and the lives of future generations will depend on it. All this happening while the life span numbers decline!...
2
@Gene Guselli you're conflating a couple of different things here. The US has poor healthcare outcomes combined with high costs. Healthcare for all could solve this. Data driven analysis - we don't need another measles/ autism debacle, so I'm happy to take the usual cautious approach here. Correlation doesn't necessarily prove cause and effect, which large data sets could incorrectly imply. Computers as an aid in diagnostics has been great, but more testing and information doesn't necessarily help. For most people, it doesn't matter how much you monitor your fitbit or how many blood tests or scans you take, the advice for most is the same, watch your weight, have a healthy diet and exercise. Greater testing aimed at healthy people can just lead to greater anxiety, false positives, and greater costs, without any improvement in quality of life.
1
My doctors put my medical info into various systems they lease, and I get no realistic assurance of privacy, in spite of HIPAA, because the security of these systems is not ensured and there are no penalties for leakage. Meanwhile each doctor has a different system, and data can't go from one to another. If you want your records transferred to a new doctor, the office faxes some papers over. Nobody does data entry from them; they just store the faxes electronically as attachments, which the doctor is unlikely to look at. And yet the healthplans and insurance companies have all the metadata (diagnostic codes) centralized. Very functional for them, dysfunctional for the patient. Then when you need to be hospitalized, the staff lack access to the info they need for acute care. And on top of all that, much of the data in medical records is what you told the doctor's assistant who was bothering you, or the doctor's hasty, unproofed anecdotes. There's no quality control of the data. The sad truth: doctors work with messy records full of inconsistent info that is impossible to sort out in the few minutes they spend on it. Yet if you had a serious diagnosis twenty years ago (correct or not), the insurance people know all about that.
10
Couldn't these kinds of study be done within a single institution? i.e the study on emergency room visits.
The following sentence has a clause with a singular subject 'instrument' that should take a singular verb 'doesn't'.
"These fines are a blunt instrument that don’t correspond to varying levels of harm, creating a climate of fear that discourages sharing. "
It is good article. HIPAA is complicated and not always interpreted correctly.
1
I don’t know who Mr Milner works for as a data scientist. He doesn’t make that clear. But the idea that Milner would just decide to write an app all by himself and could get his hands on large data sets of medical records is kind of scary. It should be difficult for an individual, or a firm without proper controls, even if they mean well, to get access to the protected health information of individuals.
24
As a hospital physician I've often been both frustrated by the difficulty often involved in obtaining medical information from outside sources on newly admitted patients, and am puzzled as to why the current level of restriction is felt to be necessary. The current HIPPA regulations often enough lead to unnecessary delays in treatment, and to a range of potential errors, such as repeating of treatments that had already failed, or not recognizing that what appears to be a new problem is in fact chronic. It is widely recognized that certain types of health information are sensitive enough to merit restriction, but the current regulations are overly broad. Many patients might hope that information regarding drug and alcohol treatment would given a fairly high level of restriction -- but not so high that it was effectively inaccessible when needed. I have never met a patient who was especially concerned that others might find out he/she had hypertension, a broken wrist, or had their gall bladder removed, but I have met many who justifiably express frustration with the fact that our difficulty in rapidly accessing important outside medical data. I'm sure it's very noble to be the champion of patient privacy, but there is a significant price to all this privacy, which I suspect is far higher than we realize or care to admit.
7
This reminds me of the controversy regarding law enforcement access to our DNA files on genealogy websites. The major players all promise to protect our DNA and only provide it as required by a court, but my feeling is let them use it to help identify a murderer I'm related to (hopefully not too closely, or in my mirror...) or an unidentified body.
There is another nonprofit website I have uploaded my DNA info to, where members of all the various sites can find people on the other sites, and this one has no restrictions for law enforcement. I believe that site is the one used in such cases recently.
1
The question that should be asked, and is not, in this piece is who owns my health records and the data therein.
I should be the one who decides how and when that data is shared.
11
I can see that one-size-fits-all fines can cause disproportionate harm to the small operators, and I sympathise with those having to draw up a new contract for data sharing every time (although it does make them think about what they're doing).
But this article paints far too rosy a picture of what the Pharmaceutical sector can do with our data. The stance in the U.S. toward intellectual property rights for Big Pharma is very aggressive. These individuals parting with their own clinical data are not doing so for the good of humanity. Real corporations (with real history) will make real money from it.
And they have shown themselves capable, in the past, of asserting their commercial rights to deprive real people of their own genetic data. patients with rare disorders have found themselves prohibited from seeking treatments with commercial rivals because a Big Pharma player has said 'Your genes are my property now'.
So reform HIPAA by all means; but do so cautiously. As Americans are well aware, drugs companies are not in the business of philanthropy.
3
Privacy? Thats debatable if taking into consideration how often hospital computers are hacked and patient information stolen. Hospitals frequently fail to advise said patients their info has been stolen and thus their identity compromised. Add insult to injury many physicians do not familiarize themselves with patient history by viewing patient files as they used to which can increase duplicate testing or worse, no testing at all for follow up care..
1
I suggest teaming up with health researchers who are already pursuing your question. They will already be trained and credentialed sufficiently to know the ethical boundaries (and they are good, important boundaries) around collecting, storing, and using health data from human subjects, so your expertise can add to their work while they handle the part you’ve found irksome. At the University of Wisconsin, the All Of Us Project is a good example. As you go through this work, though, as annoying as they are, try to respect for the limitations on what you can do with just any health data. The limits are there for good reason.
4
Two problems here. First, there is no evidence that big data is better data. The failure of IBM’s Watson to be utilized and the problems with electronic medical records illustrate this. Second, research institutions and companies already compile and analyze data compliantly. The author’s complaints seem based more on personal frustration and lack of experience, and so do not suggest a “societal fix” is needed.
18
@LTJ Watson has lead to further work that goes far beyond it in AI .... It was not it a failure
In medicine, we learn there are certain harbingers of disease. Back pain and depression may be the first clue to pancreatic cancer; iron deficiency anemia may herald colon cancer. But what other relationships are out there?
It is possible to imagine another scenario. If you consider your health as a chronology, you could list each diagnosis made in life on a single page, Dr. Weed's eponymous Problem List.
With the aggregation of enough patients, data scientists can develop tools to study the evolution of these lists and answer the fundamental question: which condition B follows which condition A more often than should occur by chance alone?
The very real possibility exists of uncovering manifold clues to earlier and better diagnoses, all to improve health to all people and release us from the requirement of dependence upon one doctor's brain or training to guide us.
One doctor can indeed be skilled but each doctor using the leverage gained from aggregate data can be better.
5
Doing more to assure that there is a net benefit to patients commensurate with the loss of privacy would help the argument to lessen privacy and security safeguards. But that would be a hard sell in a world where industry has a habit of taking things for free (e.g. taxpayer funded research) and turning it into product and services that so many people can't afford (e.g. drugs).
10
I think you know that anonymized data can be analyzed to identify individuals. This exposes them to the repercussions of their health care data being exposed potentially leading to loss of employment, insurance etc. There are many well designed clinical studies developing diagnostic AI platforms which use appropriate consent and strict measures to prevent data disclosure. Some have already been approved by the FDA. What you wish is for open access so health data can be linked up with other available data and exploited by the tech bros. My advice is get a health care related degree and work with Institutions that respect and know how to ethically deal with health care data instead of proposing short cut policy.
41
@Daniel Salazar
"What you wish is for open access so health data can be linked up with other available data and exploited by the tech bros."
Except that he doesn't say that at all, and criticizes the lack of regulation of wearables, which are indeed made by the tech bros.
Obviously, our data shouldn't be a free-for-all, but I think there is a strong argument to be made that we may be shooting ourselves in the foot by not pushing for more centralized banks of health data.
1
@Meagan Born
All wearables require user consent to share their data. So consumers need not use them or withdraw consent. There are many centralized banks of health care data being used by excellent researchers. They are created with strict rules to protect patient data and with patient consent and in accordance with HIPPA.
3
There is not a simple answer here.
Medical privacy and law enforcement will always be locked in tension. The same type of tension will always exist between Big Business, which considers consumer data its personal property, and individual citizens, whose data are inextricably tied to both civil and property rights. Then there is the matter of personal safety and self-protection from crime.
A one-size-fits-all, common sense solution to this issue simply does not exist.
3
Considering the loss of our privacy to marketers why would anyone actually trust you to keep their information private? Although your instance sounds reasonable, I doubt the loosening of HIPPA would be limited to research and in fact, it would lead to even more data for sale to insurers and advertisers. Even the use of it by medicine is for profit. Yes, it might find cures, but there is little likelihood that the medical industry will act on such findings unless it is seen as profitable, which means that most findings will simply be ignored unless they are for expensive cancer drugs, an area perceived as being a profit opportunity by pharmaceuticals. Granted, the profit aspect is possibly why the US does cancer work well, as opposed to the failings of the rest of the system.
On a minor note, I find the mention of competition with China a bit of a canard. It sounds like you have drunk the Trump Kool-Aid. If we purchased inexpensive equipment from another country, so what? That is the benefit of trade, comparative advantage, an exchange of goods that benefit both parties.
15
Research is not the only area where HIPPA is doing more harm than good. Much of HIPPA was designed to prevent employers and insurance companies from discriminating against employees or plan participants based on health status.
If the protections of the ACA were extended to Medicare Supplement and Advantage plans, this concern would be largely eliminated for retirees. Also HIPPA is routinely used to deny care givers access to patient information in a timely fashion, ostensibly to protect the patient’s privacy when the real motive is to hid healthcare mistakes and neglect. Care givers should be given streamlined access to patient data.
6
When we go to a Single Payer system for healthcare, then people will support this. Until then, nobody is going to trust insurance companies or current or future employers to not discriminate based on what's in their file.
Fight for Single Payer, then you can fight for dats access.
92
@B. Australia has recently digitised/ centralised its population's medical records. It offered an opt-out period. So far, 10% of the population has opted out. From most people I know, it was due to security concerns. I can't see a centralised system beng implemented in the US, but it appears that efforts are being made for shared access. e.g. I have portals with HSS, NYP, Cornell and NYU and they all allow sharing.
Privacy is important, but it can be overdone. For as long as HIPAA has been in play, whenever I've been asked who can access my medical data, I've said "ANYBODY"! For all I care they can publish it in the newspaper and broadcast on TV.
OK, that's extreme. But wouldn't most of the (legitimate!) concerns that prompted HIPAA be eliminated if, say, we extended Medicare to all?
8
To offer the health data, electronic records must separate accounting from the patient chart. It’s combined now, business and medical information all in the same system.
Secondly, pre-existing condition coverage must be guaranteed. No one wants to be at risk for losing coverage. Also a good reason to not do DNA testing with 23&Me and the like. They sell your medical data.
17
Why would the "medical stakeholders" (doctors, hospitals, insurance companies and lawyers) ever allow AI to become an important part of medical care?
6
The concept of electronic records was based on the cost savings and the value of stored information. The step - a transfer of data to a central depository and the programming to do it - failed because we are terrible at privacy.
And the temptation to sell that data always remains huge.
All of that is at odds with the reality of ever more detailed ICD 10 codes, ever more complex e-records requiring more data, more complex data management with a framework of decreased time to see a patient.
Personally, I believe that all records should be automatically able to be transferred into a common format both anonymously to share with researchers and identified to share with other doctors.
But to do that, we'd need to learn to take security seriously, and as breaches from Equifax to Target show, there are more holes in our knowledge than we know about.
25
@Cathy - I think that the failure of electronic health records (EHR) is more attributable to the inclination of doctors, and now hospitals, to lock-in patients. Freely available records would allow patients to leave practices for better care. Its corollary is the efficient medical records system of hospitals, allowing them to make it easy to keep someone in the system, but not so much to let those people leave the system. EHR fails because participants in the medical system are themselves against an open system, one where you could easily look up complaints, successes, and costs, let alone freely move among its suppliers.
I work in technology, and the idea for doing this is so simple as to be absurd...
4
@Cathy
The other day, I went to my pharmacy for a MMR vaccination and had to fill out a form. I then went to a vision clinic for an eye test and had to fill out basically the same form. I want my medical information in one place to be shared and added to by any of the providers I visit.
3
@James Igoe It's not the doctors or hospitals that maintain data silos as a business imperative. It's the EMR vendors. When EMRs were mandated the feds forgot to insist on interoperability. It could have been done. There was an existing EMR, the VA system. A mandatory two way interface with the VA system would have meant interoperability among EMRs.
The vendors did not want this, because they would be unable to lock in their customers.
As it stands, a fax is the most commonly used way to exchange information.
The vendors have taken this now to such an extent that if you exceed the capacity of your EMR and order an upgrade the vendor will make a hefty charge to port the data from the old version to a new one. They don't even interchange with each other.
1
It‘s obvious that more sharing of data iwill be necessary for advances in both in the medical and economic spheres. At the same time protection of privacy will remain essential. We clearly need a balanced approach, something that has been in the short supply for a while.
7