Legislative Changes Covering Big Data Proposed by Federal Advisers

The Health IT Policy Committee’s Privacy and Security Workgroup has been reviewing a number of Big Data issues affecting the privacy and security of patients after two public hearings conducted by the organization in December 2014.

The focus the working group to make a number of proposals on policy to the Office of the National Coordinator for Health IT, and ultimately to have these incorporated into updated federal DHHS policies.

The public hearings allowed stakeholders to make their concerns about the use of big data in healthcare known publicly, as well as to emphasize the advantages it can bring such as improving patient care and treatment results, while reducing operational costs. There is naturally a balance to be reached to ensure the benefits can be gained while privacy risks to individuals are lessened.

Having gained valuable date for future use at the hearings, the working group now has the task of assessing current policies and deciding whether the right framework is in place to gain the all important benefits while securing patient privacy.

A number of worries were raised last month including whether the current tools being used to secure patient data are in fact sufficient, given the complexity of data use cases and the potential for damage. The procedures which can be employed include obtaining patient consent forms and employing various methods of data de-identification to split valuable data from personal identifiers – which could pose a danger to patients should data be exposed.

Concern was raised about potential gaps in HIPAA regulations relating to the use of big data and whether legislation in its current guise is adequate and provides all of the necessary protections.

The discussions are set to continue when the group meets on January 26, with one major area of focus being the potential damage that could be caused should big data not be kept private. The dangers of discrimination against people, identity and medical fraud are due to be talked about, along with the inevitable distrust of the healthcare industry that has developed after a number of high profile security violations.

A number of the group’s preliminary findings will be presented on 10th March at the HIT Policy talks. Then, next month, the group will be changin its focus to the 10-year interoperability roadmap which is due to be realeased by the ONC later this month.