Data Privacy and the Digitization of Healthcare
In early November, news of Google’s ambitious move to healthcare dubbed “Project Nightingale” broke. According to the Wall Street Journal, the initiative has deliberately given the tech giant access to tens of millions of patient data without their consent. The data came from Google’s partnership with Ascension, a Catholic chain of 2,600 hospitals and private clinics, and the news broke out after some users expressed concern over the tech company buying Fitbit for $2.1 billion.
This is just the latest effort made to digitize the healthcare industry and accelerate digital transformation. Like Google, Silicon Valley giants Amazon, Apple, and Microsoft have all been on an acquisition and investment spree focusing on healthcare over the past few years
Cybersecurity and anonymized data
While the digitization of the industry has numerous life-saving benefits like the development of Apple’s fall detection technology, recent reports highlight how it also poses risks to consumer data privacy. Perhaps this is best illustrated by the fact that over 6.1 million individuals were affected by healthcare data breaches in 2018 alone, according to TechCrunch. The National Consumer Health Survey conducted last year revealed that only 11% of respondents were willing to share their data with tech companies.
With the number of data breaches and increasing public scrutiny, maximizing the gains of digitization for both users and healthcare providers requires a high level of cybersecurity protocols—including anonymization.
One pivotal concept in utilizing patient data is de-identification. Stripped of basic personal identifiers, anonymized healthcare information can aid research for improving crucial services. Sadly, a new study published in the Journal JAMA Network Open found that most health-related apps share sensitive health data with advertisers. The data being shared ranges from smoking habits and period cycles to mental health, and possibly even things like Adderall use. What’s more, that 96% of apps tested shared data with at least one of the giant third-party advertisers like Facebook and Google.
Compliance and regulation
When they bought fitness tracker company Fitbit, Google said that they would in no way use health data to target people with personalized ads. But the recent revelation of its clandestine partnership with healthcare provider Ascension is making people very concerned. For their part, Ascension notes that their initiative with Google was in compliance with the Health Insurance Portability and Accountability Act—making it completely legal.
While HIPAA allows such partnerships, regulations like the California Consumer Privacy Act require for-profit companies to put safeguards in place. Navigating today’s dynamic regulatory environment concerning data privacy requires rigorous compliance strategies. Special Counsel explains how attorney recruitment specialists excel at matching corporate legal departments with the right firms and professionals, a service that’s increasingly valuable in an ever-changing legal landscape. Considering how the digitization of healthcare can impact health laws, it’s particularly crucial for healthcare providers to have the right legal talents at their side.
The digitization of the healthcare industry can revolutionize how patients are being cared for and treated. But without placing the necessary privacy protection measures in place, the risks may be greater than the rewards.