The more technology evolves, the more careful we have to be. On the one hand, technology makes us safer. On the other hand, it can make us more vulnerable. The opportunities for abuse can escalate. Nowhere is this truer than with electronic medical records. Jim Pyles is a principal with the legal firm, Powers Pyles Sutter & Verville. He summarizes the magnitude of the situation (Jordan Robertson, “Your Not-So-Secret Medical History” Bloomberg Businessweek 8/12/13–8/25/13, pp. 41–42):
“Electronic health information is like nuclear energy . . . If it’s harnessed and kept under tight control, it has potential for good. But if it gets out of control, the damage is incalculable.” (p. 42)
This is where the problem can occur. Currently, hospitals share their electronic medical records with state health agencies, which in turn strip out personal-identifications and sell the composite data to various marketing companies and data miners. A determined investigator could conceivably reconstruct some aspects of the data coupled with other available information to reattach records to names. As Robertson reports, the opportunity for this to happen only grows with the data being exchanged and how state agencies choose to format the data:
“Twelve of the most populous U.S. states generated $1.91 million from 1,698 data sales in 2011, the latest year for which figures are available. . . . Washington State’s health agency sold its database 95 times that year, collecting a mere $15,950. Donn Moyer, a spokesman for the state’s health department, says it chose to release extra identifying information such as patients’ Zip Codes to make its data more useful.” (p. 42)
Could this data be misused? Could insurance rates be hiked unfairly? Could unfair job discrimination occur? Could private medical histories become public? We must never ignore these questions.
The challenge before us is to continue to facilitate technological growth in service to the medical community while simultaneously preserving individual privacy. I believe this is doable, but it will demand a constant commitment to an ethical approach. We must not allow “private data” to become an oxymoron.