There are various patient confidentiality laws on the books in the US. The idea behind them is to give patients the confidence of confiding in their physicians without the information leaking and their privacy being compromised. This develops a bond between doctors and patients and allows patients to get treatment with confidence.
Hampering big data
On the other hand, this isn't great news for big data analytics. Big data can be used to analyze patient procedures, habits, and other aspects of their medical lives for the benefit of medicine. Without patient confidentiality laws on the books, it may appear that a lot of data is incomplete or cannot be used for the benefit of the field as a whole.
According to the American Medical Association, “a physician may not disclose any medical information revealed by a patient or discovered by a physician in connection with the treatment of a patient.”
What does the Hippocratic Oath mean for big data gathering?
This means that it isn't just private information about patient habits that is protected by the confidentiality laws. It is any medical information the patient discloses to the physician while he or she is being treated. Big data analytics could benefit from having this information available so treatments can be improved and new symptoms caught early.
The value of complete records
Data processing and analysis should be as complete as possible for the best results so the data can be used in the field. However, with these laws in place, general patient and health information is used for analytics -- rather than specific pool groups of actual patients on a massive scale. Doctors may disclose trends they see, but analytics can't tap into the vast resources of the patient record databases.
Data laws in US healthcare
In the US, there are two current laws that probably pose the biggest obstacle to effective big data analytics in healthcare. They are the Health Insurance Portability and Accountability Act (HIPAA) of 1996 and the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009.
HIPAA protects the privacy of individually identifiable health information. It comes with a security rule that sets national standards for securing electronic data and patient records. It also comes with a patient safety rule that protects patient identity and information used to analyze patient safety events.
The HITECH Act expands on the HIPAA law and modernizes it. The act deals with the protection of health records and the electronic use of health information by various institutions.
Because of these laws, health records often cannot be used in a way that would allow big data to really help the medical field. A solution to not being able to use massive patient pools for data collection and information from any source is using volunteers. These volunteer pools of patients can disclose information for the benefit of big data analytics. However, big data deals on a massive scale, and the patient confidentiality laws make data collecting and analysis on such a scale very difficult.
Another idea is for the acts to be amended so that patients can be given the option of having their data be used for analytics every time they see their physicians. Disclosure agreement forms could be given every time patients visit their clinics or when they sign up for new clinics. Most patients would probably have nothing against electronic records being used for research as long as personal information like their names would be left out.
The good news is that the data collection, and often even data mining, is already completed and saved in electronic form. The electronic records exist, despite all of these laws and protections. It may take some convincing for the laws to be bent so that cures and other benefits to the field as a whole can take place. Stem cell research proves that the government does care about research despite controversy, so analytics may have a strong future in the healthcare industry despite these handicaps.
The other good news is that despite patient data being protected, data related to the field of healthcare is often available for analytics on a massive scale. Data about diseases, physicians, hospitals, treatments, and more is available for use.
However, the fact remains that there is a lot of strong opposition to allowing companies or institutions to analyze patient data. I found a paper by Nicolas Terry called "Protecting Patient Privacy in the Age of Big Data" (registration required) showing just some of the arguments against big data analytics from patient records and advocation of patient privacy. It argues that big data analytics is a huge threat to patient privacy.
The abstract alone is worth reading as it mentions some of the solutions that exist in this field to big data analytics:
The very concept of health sector specific regulation is flawed because health related or medically inflected data frequently circulates outside of the traditionally recognized health care sector.
As you see, patient information and data is often still available to tap into -- just in forms other than health records. It may be harder to find it for analytics to take place, but it still may circulate outside of the healthcare records. This may be another solution to overcoming these laws: Finding the information from patients through other sources or records.
Responsible public policy
The abstract also mentions the value in using big data from patient records for analytics, but the author thinks it should be done by request:
There is great value in patient information that could be extracted and used by responsible medical and public health researchers. Responsible public policy suggests that researchers should be able to request that information from patients.
Big data, on the other hand, relies on massive scales of data so tracking down pools of patients after they were treated will probably not be as effective as analyzing data live.
These laws will make effective big data analytics more difficult, but they are needed for the patient-doctor trust to exist and patients being comfortable in going to the doctor without worrying about their privacy being leaked. A woman may get pregnant, for instance, and she may not want her family to find out right away. These acts are designed to protect her.
According to Stanford Law Review, “Information regarding individuals’ health, location, electricity use, and online activity is exposed to scrutiny, raising concerns about profiling, discrimination, exclusion, and loss of control.”
This is a huge concern, and there needs to be a balance between privacy protection laws and research to take place to improve the medical field as a whole.
Re: Benefit but balance @kiran the first issue is that we do not even have access to our own medical records let alone share them with others!
And I don't want my records, no matter how anonymously, shared on anything as insecure as Facebook!
Unless human error could be totally eradicated then no amount of security can avoid the unscrupulous from gaining some advantage from this information.
User Rank: Megabyte Messenger 2/7/2013 | 1:03:03 PM
Re: Benefit but balance well yes, if permission of the patients is taken then it will be easy for the hospital staff to share the information openly, and with the names hidden i dont think people will have any problem sharing their medical history and records? and looking at from an other side, its for the betterment of the society, the future health systems will improve if big data helps, therefore i think if we educate people and encourage them they might be ready to share their information.
User Rank: Megabyte Messenger 2/6/2013 | 8:33:35 AM
Re: Benefit but balance The big data analytics can take help from the tweets and open sharing of experiences on facebook and other social mediaa platforms. The medical terms can be looked out for and by analyzying the data and tweets gathered from them data analyst can take help and find something useful for their research and to save.
Re: Benefit but balance @Keith - and people complain about a Nanny state! It sounds exactly what we need. The apathy will indeed be something that needs to be overcome.
In my personal opinion, people seem to become less apathetic towards medical needs and concerns once it really hits home (here in the UK anyway). In terms of gathering data in a potential big data medical future - there would be a concern that those opting in would consist largely of those who had already been diagnosed/treated etc... which would skew the results somewhat.
On the other hand, families and friends of those suferrers might also feel the pull, and widen the data pool.
Re: Benefit but balance @Saul We are useless at this stuff in UK!
We know about organ donors but very few of us carry organ donor cards and have certainly not discussed it with our families!
On another front regarding cancer. There has today (yesterday now!) been a survey released that says UK is one of the worst in Europe for seeking medical help! Our awareness of various cancers and their various symptoms is on a par with most other European countries, but we are reluctant to go and talk to the doctor about it!
So, in UK whether opt-in or opt-out there is the issue of apathy or just sheer reluctance to actually do what we know we should do!!
User Rank: Blogger 1/30/2013 | 8:41:47 AM
Re: Benefit but balance @Saul @Anna perhaps we can get some responses in a poll that asks how forthcoming people would be if they were give an opportunity to opt-in to share health data. Also what would be the best way to do it? I don't think those paper forms that doctors and hospitals hand out are the way to go.