In honor of the occasion of the Fifth Anniversary of Bill of Health, this post reflects on the past five years of what’s generally known as “privacy” with respect to health information. The topic is really a giant topic area, covering a vast array of questions about the security and confidentiality of health information, the collection and use of health information for public health and research, commercialization and monetization of information, whether and why we care about health privacy, and much more. Interestingly, Bill of Health has no categorizations for core concepts in this area: privacy, confidentiality, security, health data, HIPAA, health information technology—the closest is a symposium on the re-identification of information, held in 2013. Yet arguably these issues may have a significant impact on patients’ willingness to access care, risks they may face from data theft or misuse, assessment of the quality of care they receive, and the ability of public health to detect emergencies.
Over the past five years, Bill of Health has kept up a steady stream of commentary on privacy and privacy-related topics. Here, I note just a few of the highlights (with apologies to those I might have missed—there were a lot!) There have been important symposia: a 2016 set of critical commentaries on the proposed revisions of the Common Rule governing research ethics and a 2013 symposium on re-identification attacks. There have been reports on the privacy implications of recent or proposed legislation: the 21st Century Cures Act, the 2015 proposal for a Consumer Privacy Bill of Rights, and the proposed Workplace Wellness Bill’s implications for genetic information privacy. Many comments have addressed big data in health care and the possible implications for privacy. Other comments have been highly speculative, such as scoping out the territory of what it might mean for Amazon to get into the health care business. There have also been reports of research about privacy attitudes, such as the survey of participants in instruments for sharing genomic data online. But there have been major gaps, too, such as a dearth of writing about the potential privacy implications of the precision medicine and million lives initiative and only a couple of short pieces about the problem of data security.
Here are a few quick sketches of the major current themes in health privacy and data use, that I hope writers and readers and researchers and most importantly policy makers will continue to monitor over the next five years (spoiler alert: I plan to keep writing about lots of them, and I hope others will too): Read More