Many of the health monitoring activities we used to do in our doctor’s office have moved to the digital world. Smart watches and apps track us sleep, Exercise, Diet, and Tension Level. We use online portals to check test results, refill prescriptions and make doctor appointments.
There is so much personal health information floating around in cyberspace, which raises significant privacy issues. Who has access to our digital health data, and what can they do with it?
Although nearly two-thirds of Americans say they prefer being able to manage their health on their devices, most are concerned about the security of their personal data.
While there is good cause for concern, there are also ways to protect your digital health data.
HIPAA and the privacy of your health data
The Health Insurance Portability and Accountability Act (HIPAA) is a federal law signed in 1996 to protect the security of personal health information. HIPAA doctors, hospitals and . prevents Insurance Preventing companies from releasing your personal health data without your permission
majority of health plan And health care providers that are governed by HIPAA have safeguards in place “to ensure the confidentiality, integrity, and security of individuals’ information,” said Maria Garcia, JD, partner and co-chair of Healthcare Practice Kozik, Tropin, and it is said. Throckmorton, a law firm in Coral Gables, FL.
The problem with HIPAA is that it was written before health apps and other digital health information-sharing tools were common. HIPAA protects the digital information stored in your electronic health record (EHR), including your medical history, diagnoses, medications, and test results. Your EHR is stored in a digital database accessible to you and your doctors and hospitals, but it is ultimately under your control. HIPAA does not cover health information you share on mobile applications or social media websites.
“HIPAA is quite old,” says Brendan Parent, director of transplant ethics and policy research at NYU Grossman School of Medicine, and assistant professor of bioethics and surgery. “Assuming how the data is created and who is using it, the only things that matter in this case are how it needs to be protected.”
How secure is your digital health information?
Health data is “gold”, parents say. With so much health information available online, it was only a matter of time before someone tried to exploit it for profit.
In the second half of 2020, hackers broke records of more than 21 million patients, up 177% from a few months earlier. over 90% Health care Organizations have reported at least one data breach in the past 2 years.
Once hackers gain access, they hold patient information for ransom, vowing to release names, diagnoses and other sensitive information if hospitals don’t meet demands for money.
Health tracking apps are far less frightening but also worrisome where people share all kinds of personal health information. While there is no risk in disclosing the number of steps you take per day, sharing information about yourself Menstrual or mental health There could be a problem. “These are things that a lot of people are, frankly, giving away for free,” says Nicholson Price, JD, PhD, professor of law at Michigan Law.
What type of health information do companies collect?
Many of us quickly click through to the terms and conditions pages that detail how a tech company plans to use our health information. And even if we read the fine print, we may not get the full story.
In one study, 83% Diabetes The apps the researchers tested had privacy policies governing how they collect, store and use their customers’ personal information. But they all shared that data with other companies, often without their customers’ knowledge.
We also disclose personal information on our social media pages. “Even a single tweet or Facebook post that on its surface seems to have nothing to do with our individual health and wellness, like ‘I went to the club and enjoyed this song,’ can be said to be, among other information. There are consequences for your health that can be correlated,” Parents say.
Additional pieces of information may come from your EHR issued by your doctor for medical research purposes. HIPAA requires that your data be stripped of the first 18 key pieces of information that can be used to identify you, such as your name, address and Social Security number.
But using technologies like artificial intelligence and machine learning, computers can now track you even without these data points. “With the advent of big data and artificial intelligence, it’s very easy to take a lot of different pieces of information and put them together into one big picture,” Price says.
In the worst case, a hacker can gain access to important details about your medical history and threaten to expose them if payment is not made. More likely a company will sell your health information. Although your medical history can’t technically be used to discriminate against you, in theory, a life insurance company could buy it and then use it to “inflate your insurance rates.”
How to protect your health data
Some states are getting tough on companies using personal health data. The California Consumer Privacy Act gives consumers the right to know what personal information companies collect on them, and to remove that information or stop selling it.
No matter where you live, ultimately you are the primary guardian of your own digital health information. Price says his phone doesn’t have a health app. “Part of this is because I’m not quite clear on how my data will be used or may be used,” he says.
Use caution if you intend to share health information electronically. Create a strong password — containing letters, numbers and symbols — to protect people from gaining access via your phone or computer.
Finally, think before you post. Don’t post any health information on social media that you wouldn’t want anyone – and everyone – to read.