September 20, 2019
Corporate Responsibility and Transparency in Handling Patient Data
The healthcare industry is well aware of the many barriers to interoperability, from incompatible technologies to business practices that deliberately block data. The Office of the National Coordinator’s (ONC) proposed rules (PDF) on improving data access focus on these essential issues.
But as interoperability improves, issues of data ownership, availability and access will inevitably come to the fore as they have in the consumer technology world. There is no question that consumer technology companies have provided innovations that we now wonder how we could ever have lived without, but society has also learned of the risks and dangers that result from a lack of clear rules and regulatory framework on data management.
Everyone in the healthcare industry—regulators, vendors, providers and patients—must tackle the thorny issue of corporate responsibility and transparency in managing the ever-growing volume of healthcare patient data. The dialogue must be advanced now.
The security and privacy of patient data have long been a concern and HIPAA has done a great deal to ensure it is not released or used inappropriately. However, HIPAA has also served as an easy pretext for refusing access to data that should be accessible by patients, clinicians and researchers for care coordination or to advance innovation. Remember the “P” in HIPAA stands for “portability,” an important but, it seems, neglected issue. Access to appropriately managed, de-identified, or anonymized healthcare data is essential for research, innovation and treatment.