Deborah Peel: Few protections exist to protect health data from being shared

Mouse hovering over word "privacy"

Tuesday marks the start of the 2016 Health Privacy Summit, a two-day summit in the District of Columbia that brings together top national and international experts to discuss global health privacy issues and real solutions. 

FierceMobileHealthcare reached out to Deborah Peel, M.D., who formed Patient Privacy Rights in 2004, to speak with her about the event and the status of patient privacy rights today. Currently, she says, healthcare data on devices is "open to more people, corporations and government agencies than we think," and not necessarily in a good way.

"It isn't just our doctors, or even just our insurance companies. Employers, researchers, data analytics companies and [others] also use and sell our health data," she says. "There are few protections to keep them from sharing our health data without consent."

Peel also discusses the safety of data from hackers, and what must be done to educate patients on such issues.

FierceMobileHealthcare: Your organization believes mobile data, as part of overall healthcare data, presents a global data security/protection/privacy concern. Why global?

Deborah Peel: Our world is increasingly connected. Companies and technologies are crossing borders--and so is our health data. And that data is not only being hacked--worse, it's being sold and used commercially by thousands of hidden health data brokers. Mobile data use is opaque. People are not given the tools to understand how health data is used, or who uses it.

FMH: During this week's summit, a keynote session aims to examine Apple's impact on privacy in healthcare. Is Apple doing what it should when it comes to mHealth data and security?

Peel: Apple is not the first major player to take a stand in the name giving individuals control over personal data, so they can determine what stays private and what is shared. Other companies, like Microsoft, have tried to promote privacy-protective products before.

But Apple's stance on individual control over personal data on cellphones captured the public's and the world's imagination in a far greater way than its predecessors. Apple is a beloved and iconic tech giant. Its defense of individual rights to control personal information enabled the public to learn about privacy rights and think about what rights they want to have, such as control over sensitive information on personal devices like iPhones. Apple's stance was a major signal to other companies that privacy is deeply valued by users.

FMH: Does the average mHealth consumer understand the need for strong data security initiatives? If not, what could help to foster that understanding?

Peel: The average mHealth device user/consumer does not know their data is so exposed. As workplaces move toward wellness models, the data collected from an employer-provided fitness tracker can have financial repercussions for the wearer.

Transparent, easy-to-read-and-understand privacy policies would help users understand whether their rights and expectations are being honored or not, and what information is being taken from them. Companies whose privacy policies put individuals in control of the use of personal data would differentiate themselves as trustworthy, as Apple did when it took a public stand against unlocking the iPhone.

FMH: What are your goals going forward for mHealth data security?

Peel: To maximize the good of health data sharing while minimizing the bad. Health data can be used to make significant gains in medical science. The issue is the lack of informed consent that exists with our current model.

Sustainable change can only come through global collaboration and partnerships to create a worldwide movement to restore control over personal health information. If patients and customers demand that mHealth apps and devices become more transparent and trustworthy, new brands will emerge to compete in the market based on which have the strongest privacy protections. 

Editor's Note: This interview has been edited for clarity and length.