Congress must enact new laws and take action, along with players in the healthcare industry, regarding third-party health data brokers that are selling data sets without the consent or knowledge of consumers, Deborah Peel, a privacy advocate and founder and chair of Patient Privacy Rights, said in an interview at HealthcareInfoSecurity.com.
"There is no longer a question the public wants to control their personal information," said Peel, but "at the same time business is violating our rights to control our personal information."
Peel said emerging technologies are bringing a new wave of patient privacy concerns as technologies aren't giving consumers copies of the health data collected or control over use and sale of the data.
"It's very hard to know what can be trusted in healthcare," she said. She added that even if one part of the healthcare system, such as a platform manufacturer, promises not to share or sell data that doesn't mean an app developer working in that platform isn't selling or using the data.
Healthcare data security and privacy have both long been major concerns, with lawmakers seeking to regulate the sharing of healthcare data and consumers noting it as a prime reason they're reticent about adopting new mHealth tools and technologies.
A recent Federal Trade Commission study revealed mobile health and fitness applications are sharing user data with third-party vendors. The data includes device use information, as well as personal health and fitness insight.
Mobile healthcare application privacy policies are hard to find, and those in place are not providing transparency on privacy practices, FierceMobileHealthcare previously reported. Of the 600 most common apps, just 183 had a privacy policy, and of those policies, about two thirds did not address the software and sharing practices.
Consumers must be given complete and autonomous control over healthcare data to ensure privacy and data protection, Peel said in the interview.
"The problem is we have an entire ecosystem where even if one app or system or electronic health record or one healthcare exchange, even if just one doesn't sell your information and puts you in control there are literally close to a million others who are selling and who may very well get your data," she said. "The laws are massively outpace."
To learn more:
- listen to the interview
Related Articles:
Senator wants FTC rules on data selling by wearable device companies
Little privacy protection for personal health data culled from fitness-tracking apps
Outdated federal regs may pose threat to mHealth innovation
Lawmakers lobby feds to update regulatory guidance for mHealth apps
FTC chief urges bigger focus on mHealth data collection