Health data aggregation poses privacy concerns

Aggregation of consumer health data holds the potential to improve healthcare, but raises worrying issues about patient privacy, according to a report from the California HealthCare Foundation.

"[M]ost people are not aware of the amount of information they are leaving behind that is not covered by HIPAA or any privacy rules. Without such protection, different kinds of data are being combined and used by third parties in ways that consumers might not anticipate, and some would not want," it states.

The report points to information people share on social networks such as Facebook, Twitter and YouTube about their health experiences, such as drug side effects. People also wear fitness trackers and other monitoring devices. And information about their grocery-buying habits and other data can be combined in ways to improve care and access to care.

Data mining can be used to improve clinical trials, manage chronic disease, forecast and track epidemics, and more.

In one example, a hospital learned from retail data that the reason many patients were cancelling appointments was because they lived far away. In response, it opened a clinic in that neighborhood. An Ohio State University study found that including neighborhood data in electronic health records, such as access to grocery stores, could help fight obesity.

However, consumers lack awareness about the data on them being collected, and that they have any recourse. A recent White House report found that new privacy protections may be needed in this electronic age.

The Federal Trade Commission recently called for Congress to require data brokers to offer consumers more transparency into the data being collected and how it is used.

Among the solutions offered in the California HealthCare Foundation report:

  • Help people gain control – That's the notion behind a new disease registry, Reg4All, that hopes to line up more people for clinical trials by giving patients ultimate control over the use of their information
  • Simplify the fragmented regulatory environment – With no overall national privacy law, regulation falls under a patchwork of state and federal rules
  • Consider personal health data lockers and clouds – This concept allows consumers to collect and consolidate data from different online sources and have ultimate control over it

To learn more:
- read the report