The first commandment of health information disclosure dictates that data shalt not be disclosed to any third party beyond what the patient has consented to.
Unfortunately, organizations create, store and have access to our health data. Big data is big business and there are a variety of commercial beneficiaries. For example, hospitals and health insurers use data to provide benchmarking for eligibility, or these days more likely, ineligibility, for services. The pharmaceutical industry relies on this data to support its claims of community need for new and high-cost drugs. App developers and e-health brokers mine large datasets using artificial intelligence to produce direct-to-consumer health care. And recently, researchers have used big datasets to inform the global response to the COVID-19 pandemic, and are poised to target work on important health concerns lost in the post-pandemic backlog.
But big data is made up of a lot of little parcels of individual data and quite often individuals don’t know the ways in which their data is being used or misused. For example, under the US health privacy statute known as HIPAA, a health care provider may rely on an individual’s informal permission to list in its facility directory the individual’s name, general condition, religious affiliation, and location in the provider’s facility. The provider may then disclose the individual’s condition and location in the facility to anyone asking for the individual by name, and also may disclose religious affiliation to clergy.
Individual ownership of data is the only way to ensure appropriate disclosure and ensure that our data is not used against us. And just as important, it is time for our individual data to provide benefits to us, and not just to organizations. For example, enrolees should be able to sell part or all of their data on the open market or at least exchange it for benefits. Perhaps our health data should be denominated in points, like a frequent flier program, with patients getting rewards for providing demographic information and more points for giving information about their health, such as prescriptions and treatments.
Allowing us to be custodians of our own health data would circumvent some of the thoughtless disclosures that are sprouting up everywhere. For example, in many jurisdictions any party involved in legal adjudication can command medical records by subpoena or discovery. Litigation lawyers and their staffs are often tone-deaf about protecting their own clients’ health care information and it too frequently ends up as public information. Often it is up to a judge, who may or may not have training or sensitivity about the consequences on individuals of their decision, to determine what part of the medical record should be made available and what is to be redacted. Many a high-profile celebrity can attest to the long-standing psychological damage they have suffered as these disclosures are aired in court. And that must be the tip of the iceberg.
In any country, for those of us taking out private health insurance, it is a minefield. Many countries have laws that require insurers to send to policyholders’ explanations of benefits and denied services. When the patient and the policyholder are two different people or an organization, however, disclosure of patients’ sensitive information to the policyholder can expose the patients to danger or deter them from seeking health care.
The situation in countries with national health care coverage only differs by the organisations that are the data custodians. In the case of the UK, it is the NHS, in Australia, it is Medicare and in Canada, it is the Canadian Institutes of Health. To date, these datasets are passive collections that do not require individual patient consent for use as patients are considered to have acquiesced to a passive opt-in to data collection.
The recent Goldacre review in the UK has highlighted the breadth of disclosure possible through these large datasets. Women, for example, face particular concerns: knowing someone’s approximate age, approximate location, and the approximate time at which they had children can also often be enough to make a confident unique match. Who wouldn’t be at least discomforted to know that the researcher in the lab down the street knows about her pregnancy, or abortion, or birth control prescription?
Currently in the UK, the only way to remove access to an individual’s data for anything beyond immediate care is to opt-out of collection. That requires filling out a form and presenting it to your GP. How many users of the UK system even know about that option?
Incentive to opting in, with control, would be a better option.