If there has been one thing I have been consistent about both during the thirty-five years I was a healthcare system CEO and continuing on to my tenure now on the beach, it has been my view that the information collected during the patient care process belongs to the patient and no one else. As a provider of care we maintain custody of that information but it is not ours to give away or sell.
That was the focus of a blog I published in November (Unholy Alliance) which discussed the arrangement which Ascension Health had with Google to share patient data (“Project Nightingale”). The Wall Street Journal ran an article exposing this arrangement and raised questions about it appropriateness, particularly since it was a secret endeavor done without patients’ knowledge.
The Wall Street Journal in a more recent article again explored this subject. WSJ related how some prominent healthcare organizations like Intermountain Health and the Mayo Clinic were considering or have struck deals to provide patient data, some of which might with a little effort allow individual patients to be identify. Kaiser apparently also did some consideration of a similar data sharing arrangement.
It is not just healthcare providers who see patient data as a desirable asset. Health plans think such information belongs to them to use as they see fit. There are no uniform safeguards to protect patient confidentiality.
Its gets more dismaying. Cerner, a major provider of electronic medical records to providers, seems to think that the information which flows through its servers is its data to use or exploit as it deems appropriate. Apparently they had second and third thoughts about such data monetization and decided–for now–not to allow access to their data trove to outside organizations. Cerner would better serve its clients by providing a more efficient and less expensive suite of software. That would be a major achievement to crow about.
Google and Amazon seem to be the most active in attempting to entice healthcare providers to allow them to aggregate such data and in the process provide addtional revenue to the providers. The sale of this patient data is always couched in language which suggest that the common good will be enhanced. Disease processes will be better defined and the efficacy of treatment modalities better understood. I have no doubt that is true but do not believe Google, Amazon or any of the nerd herd are trustworthy recipients of this data. Nothing in their past history is a confidence builder in this regard.
Google, whose self proclaimed mission is “to organize the world’s information and make it universally accessible and useful”, has a dismaying tendency to take action and then beg for forgiveness later. I get the impression sometimes that they would like to be the “University of Google” with the prestige that would give them. If so, hopefully they will have a football team which will be smart enough to keep their helmets on at all times.
All of this is beside the point if you accept the thesis that your personal health record belongs to you and no one else. It is not for sale to others. We in healthcare forfeit our patients’ trust if we enter into such arrangements with the likes of Google or Amazon or Apple or Microsoft—make your own list. Healthcare organizations need to be more forthright about this matter and assure those it serves that their data will not be sold to others.
This is an area which continues to attract the attention of politicians which can be a mixed blessing. Bottom line though is that my healthcare record is my business and it is not for sale without my permission. Take my information off the market.