Data Privacy Concerns with Big Data in the Health Care Field

 

The medical field is always looking for new breakthroughs. Through the introduction of big data, specialists in the field are starting to realize the benefits that have been and still continue to be introduced. Big data can help the medical field multiple ways: by measuring hospital quality, developing scientific hypothesis, through increasing genomic wide association studies, comparing the effectiveness of different interventions, and monitoring drug and device safety (Price & Cohen, 2020). Through the marriage of artificial intelligence (AI), machine learning (ML), and big data, new patterns are being found within health care data to help make predictions and recommendations in personalized treatments. Image analysis is using algorithms to help identify cancerous skin legions and diagnosis of diabetic retinopathy. This marriage of technologies is also being leveraged to predict when trauma patients are about to experience a cataclysmic hemorrhage and to help make treatment recommendations (Price & Cohen, 2020).

However, along with the positive impacts that big data is having on the medical field, there are also negative impacts that mostly have to do with patent anonymity, data privacy, and security. The Health Insurance Portability and Accountability Act (HIPAA) protected health information (PHI) is prohibited from being disclosed outside of specific circumstances (Price & Cohen, 2020). HIPAA allows the use of PHI for health care treatment, quality improvement, payment, operations, public health, and law enforcement but does not allow the use of PHI without an individual review board (IRB) waiver or patient authorization. In the world of big data, the number of data sources covered by HIPAA is only a small part of the larger health data ecosystem (Price & Cohen, 2020). This is part of the problem; the legalities have not all together caught up with the rapidly advancing technology. It is important to understand that HIPAA does not cover the following health care data:

·        Data recorded by life insurance companies and other data generated by outside entities.

·        Data generated by other products or people, other than the patient.

·        User generated information such as smart phone apps (blood sugar tracking), Google searches about certain symptoms, or insurance coverage for serious disorders.

·        Medical related purchases such as at home pregnancy tests, or other non-prescription purchases.

There are real world examples that prove “anonymized” health data, stripped of personal identifiable information, are able to be linked to other available data sets to re-identify the patients. For example, in the 1990’s the state of Massachusetts purchased health insurance for its government employees and consequently released data regarding the hospital visits for every state employee. William Weld, the Governor at the time, assured the public that the data had been stripped of personal identifiable information (PII). However, Latanya Sweeny, a graduate student demonstrated that many attributes were not properly scrubbed. She knew that the Governor lived in Cambridge, Massachusetts and purchased the complete voter records for the city of Cambridge. Latanya was able to pair the data sets and she was able to re-identify the Governors prescriptions, diagnosis, and medical history (Price & Cohen, 2020).

The health care industry is currently protecting patient’s medical data through HIPAA and its legal ramifications. Privacy concerns with big data analysis expand well outside of the health care industry. Enormous data sets are being made available to the public; they are currently available for free download on certain internet sites. With the release of these tidal waves of data, in other, lesser regulated industries, it is a bit terrifying to think that this data can be combined with other data sources, to help build a data-generated forensic profile on all of us. Some of these privacy concerns haven’t even been realized yet, and with the quickly advancing technology of big data, AI, and machine learning, new data privacy laws will be needed to protect against the over-release of personalized information.

 

 

References

Price, W. N., & Cohen, I. G. (2020, January 7). Privacy in the age of Medical Big Data. Nature medicine. Retrieved February 6, 2023, from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6376961/