1 / 18

Privacy and the Public Good? Health information in the digital age Katrine Evans

Privacy and the Public Good? Health information in the digital age Katrine Evans Assistant Privacy Commissioner 6 November 2009. Privacy is dead – get over it?. Some issues for discussion . Sharing information within the health service – and outside?

shana
Download Presentation

Privacy and the Public Good? Health information in the digital age Katrine Evans

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy and the Public Good? Health information in the digital age Katrine Evans Assistant Privacy Commissioner 6 November 2009

  2. Privacy is dead – get over it?

  3. Some issues for discussion • Sharing information within the health service – and outside? • Storing information securely – can you use the cloud? • Scientific advances • Shifts in patient expectations • Ministerial Review Group Report

  4. Shared electronic health records

  5. Features of electronic health records (EHR) • Information is more fluid – can be harder to know all the ways in which it will be used once in the system • Organised by NHI – protect integrity of the number – also makes merging of datasets much easier (not necessarily a good thing…) • Every interaction with system creates new data • Wider range of people using data who are divorced from the consumer • Pressure on first-contact clinician to explain all the uses of information etc • Strong temptation to hold, store and use expanding range of information to monitor/improve services • Devastating loss of trust if anything goes wrong.

  6. Maintaining patient control – benefits of EHR • Increased accuracy (though still need to be wary of the GIGO principle…) • Increased ability to audit – unauthorised access is trackable • Increased transparency for user eg through patient-level web portal • A major non-privacy but public good benefit • Cost efficiency – more money for treating longer-lived population with increasingly expensive services.

  7. Maintaining patient control – risks from EHR (manageable) • Security – ensuring that only authorised people can see but ensuring system can work in practice • The larger the database, the more valuable it is to target. Also risks of accidental loss eg portable media • Easier to silently collect information. Patient should still know what is going on – plus what are his or her rights to opt-out? (or, even better, to opt in). • Interface with other systems eg insurers • Ability of patient to access – but in some cases may be able to withhold certain information from them • Forcing health providers to use the system? Strong requirements of trust, communication, practitioner-level input

  8. Wider security challenges – moving into the cloud?

  9. Who’s got what… • Offshore storage eg with cloud provider … • who has it? • what can they do with it? • whom do they share it with? • what are their security controls and who is responsible if something goes wrong? (what country’s law applies?)

  10. Scientific advances – the move from this …

  11. … to this

  12. The “purpose” check • Be clear about why you need information. • Only get what you need. • Be careful of expanding purposes beyond the original – stop, think, consult. • Beware of vague claims of collecting more and more information for “the public good”. Make sure you take account of privacy and trust-based care – these are public goods too. Balance everything. • Create good system of checks and reporting on what’s happening - enhance trust and participation.

  13. Patient expectations are changing too …

  14. Patients know they have rights • (though they sometimes get their rights wrong…) • you do have to have a good system for allowing patient access to health information • a good, workable system of dealing with representatives • the confidence to buy yourself time to think (and get advice, if necessary) – rather than just fulfilling demands for instant gratification • Patients’ belief that they can veto information use/sharing is not always correct.

  15. The Ministerial Review Group Report – generally positive, some need for care

  16. The “Horn” Report • Greater involvement of clinicians is widely supported. • Centralised EHR database discarded in favour of an “interoperable and connected distributed approach” – also popular (systems talking to other systems rather than building a single Fort Knox…). • However, proposals to centralise DHB information in national agencies create need for very strong protection against security breaches (harm much higher if they occur). • Unclear what will happen to national collections of health info – mustn’t lose sight of them. Need for proper governance – avoid risk that they’ll just be used as administrative resources.

  17. Privacy is a major public good • There are other public goods too, but balance required. • Ensure it is factored in from the start of decision-making – privacy by design (you can’t afford to retro-fit it at a later stage).

  18. Contact details www.privacy.org.nz enquiries@privacy.org.nz Katrine Evans +64 4 494 7081 Katrine.Evans@privacy.org.nz

More Related