scholarly journals A Policy and Practice Review of Consumer Protections and Their Application to Hospital-Sourced Data Aggregation and Analytics by Third-Party Companies

2021 ◽  
Vol 3 ◽  
Author(s):  
Vasiliki Rahimzadeh
Keyword(s):  
Health Information ◽  
Data Aggregation ◽  
Information Exchange ◽  
Data Privacy ◽  
Third Party ◽  
Hospital Data ◽  
Policy And Practice ◽  
Aggregated Data ◽  
Consumer Privacy ◽  
Privacy Act

The Office of the National Coordinator for Health Information Technology estimates that 96% of all U.S. hospitals use a basic electronic health record, but only 62% are able to exchange health information with outside providers. Barriers to information exchange across EHR systems challenge data aggregation and analysis that hospitals need to evaluate healthcare quality and safety. A growing number of hospital systems are partnering with third-party companies to provide these services. In exchange, companies reserve the rights to sell the aggregated data and analyses produced therefrom, often without the knowledge of patients from whom the data were sourced. Such partnerships fall in a regulatory grey area and raise new ethical questions about whether health, consumer, or health and consumer privacy protections apply. The current opinion probes this question in the context of consumer privacy reform in California. It analyzes protections for health information recently expanded under the California Consumer Privacy Act (“CA Privacy Act”) in 2020 and compares them to protections outlined in the Health Information Portability and Accountability Act (“Federal Privacy Rule”). Four perspectives are considered in this ethical analysis: 1) standards of data deidentification; 2) rights of patients and consumers in relation to their health information; 3) entities covered by the CA Privacy Act; 4) scope and complementarity of federal and state regulations. The opinion concludes that the CCPA is limited in its application when health information is processed by a third-party data aggregation company that is contractually designated as a business associate; when health information is deidentified; and when hospital data are sourced from publicly owned and operated hospitals. Lastly, the opinion offers practical recommendations for facilitating parity between state and federal health data privacy laws and for how a more equitable distribution of informational risks and benefits from the sale of aggregated hospital data could be fostered and presents ways both for-profit and nonprofit hospitals can sustain patient trust when negotiating partnerships with third-party data aggregation companies.

scholarly journals Privacy-Enhanced and Multifunctional Health Data Aggregation under Differential Privacy Guarantees

2021 ◽  
Author(s):  
Hao Ren ◽  
Hongwei Li ◽  
Xiaohui Liang ◽  
Shibo He ◽  
Yuanshun Dai ◽  
...  
Keyword(s):  
Data Aggregation ◽  
Data Privacy ◽  
Differential Privacy ◽  
Weighted Average ◽  
Health Data ◽  
Communication Overhead ◽  
Aggregated Data ◽  
Body Area Sensor Networks ◽  
Aggregation Scheme ◽  
Cloud Servers

With the rapid growth of the health data scale, the limited storage and computation resources of wireless body area sensor networks (WBANs) is becoming a barrier to their development. Therefore, outsourcing the encrypted health data to the cloud has been an appealing strategy. However, date aggregation will become difficult. Some recently-proposed schemes try to address this problem. However, there are still some functions and privacy issues that are not discussed. In this paper, we propose a privacy-enhanced and multifunctional health data aggregation scheme (PMHA-DP) under differential privacy. Specifically, we achieve a new aggregation function, weighted average (WAAS), and design a privacy-enhanced aggregation scheme (PAAS) to protect the aggregated data from cloud servers. Besides, a histogram aggregation scheme with high accuracy is proposed. PMHA-DP supports fault tolerance while preserving data privacy. The performance evaluation shows that the proposal leads to less communication overhead than the existing one.

scholarly journals Health Information Exchange Organizations and Their Support for Research: Current State and Future Outlook

2017 ◽  
Vol 54 ◽  
pp. 004695801771370 ◽  
Author(s):  
Carol Parker ◽  
Mathew Reeves ◽  
Michael Weiner ◽  
Julia Adler-Milstein
Keyword(s):  
Health Information ◽  
Information Exchange ◽  
Health Information Exchange ◽  
Preliminary Evidence ◽  
Third Party ◽  
Multiple Sources ◽  
Electronic Health ◽  
Using Data ◽  
Electronic Health Information ◽  
Support Research

Federal investment spurred health information exchange organization (HIO) development and maturation to provide third-party approaches to electronic health information exchange across disparate electronic health record (EHR) systems. By creating opportunities for data aggregation across multiple medical institutions, HIOs also spur research. Using data from a 2015 national web-based survey of HIOs (N = 64), we identified HIOs supporting or not supporting research, and compared characteristics of the 2 groups. We found that 15 (23%) of the 64 HIOs reported supporting research, 30 (47%) reported planning to support research, and 19 (30%) did not support research. Research-supporting HIOs were more likely than nonresearch supporting HIOs to offer advanced functionality, such as allowing users to query and retrieve data from multiple sources. Our study offers encouraging preliminary evidence that HIOs are supporting research, which could offer a solution to current challenges in creating comprehensive longitudinal clinical data sources for research.

BlockMed: Blockchain-based Electronic Consent Management for Secure and Privacy-Protected Healthcare Interoperability (Preprint)

2020 ◽  
Author(s):  
Arghya Kusum Das ◽  
Ajanta Das
Keyword(s):  
Data Analysis ◽  
Health Information ◽  
Information Exchange ◽  
Management System ◽  
Capital Investment ◽  
Service Providers ◽  
Care Service ◽  
Third Party ◽  
Smart Contracts ◽  
Report Generation

BACKGROUND An electronic consent management system can improve the care service significantly by balancing the risks to patient privacy with the benefits of health information exchange and interoperability. Patients leave their health information on multiple providers’ silo. A holistic report and privacy-preserved analysis can help to expedite several medical services including both personal- and community-care. Furthermore, access to consent-based, anonymous health records can accelerate innovation in health services and researches. OBJECTIVE We propose BlockMed, a proof-of-concept (POC) for a novel, cost-effective e-consent management system. Given proper consent, BlockMed can query the patient’s information fractured over multiple healthcare-providers’ silo make it available to the patient. At the same time, BlockMed also enables privacy-preserved data analysis by third-party service providers in the same system. Leveraging the unique and anonymous Ethereum id, BlockMed masks out the patient’s original identification in the provider’s secured local silo and abstract away any complication caused by changes in the identification information on multiple silos. METHODS The core functionalities of BlockMed are developed with a set of smart contracts on Ethereum blockchain. To develop those smart contracts, we have divided the potential users into three different groups such as, patient, provider, and third-party analyzer. Users are identified by their anonymous Ethereum id and need to sign the consent to access healthcare data. After signing, BlockMed can automatically initiate the queries to fetch data from providers’ data warehouse, enables analysis on any third-party service provider’s infrastructure if required, and finally, presents a report to the intended users including the patient. The signed consents stay on Ethereum forever leaving a permanent audit trail to uphold the integrity of the system. RESULTS We evaluated our system in terms of its functionality and cost. Our decentralized application (DApp) can not only query the data from multiple providers' silo but also enable third-party report generation with proper consent and privacy. Masking out the actual patient identification information under anonymous Ethereum ID our DApp can operate irrespective of geographical boundaries. Our cost analysis shows that the adoption of decentralized blockchain-based technology can avoid huge amount of capital investment required for similar services using centralized infrastructure such as AWS cloud. CONCLUSIONS Many prior studies have already confirmed that blockchain can improve and expedite data sharing among different providers. Our POC, BlockMed takes it to one step ahead where the data analysis is also integrated. We prove the efficacy of BlockMed by evaluating its functionalities qualitatively as well as its comparing its cost with an alternative cloud-based architecture.

scholarly journals Privacy-Enhanced and Multifunctional Health Data Aggregation under Differential Privacy Guarantees

2021 ◽  
Author(s):  
Hao Ren ◽  
Hongwei Li ◽  
Xiaohui Liang ◽  
Shibo He ◽  
Yuanshun Dai ◽  
...  
Keyword(s):  
Data Aggregation ◽  
Data Privacy ◽  
Differential Privacy ◽  
Weighted Average ◽  
Health Data ◽  
Communication Overhead ◽  
Aggregated Data ◽  
Body Area Sensor Networks ◽  
Aggregation Scheme ◽  
Cloud Servers

With the rapid growth of the health data scale, the limited storage and computation resources of wireless body area sensor networks (WBANs) is becoming a barrier to their development. Therefore, outsourcing the encrypted health data to the cloud has been an appealing strategy. However, date aggregation will become difficult. Some recently-proposed schemes try to address this problem. However, there are still some functions and privacy issues that are not discussed. In this paper, we propose a privacy-enhanced and multifunctional health data aggregation scheme (PMHA-DP) under differential privacy. Specifically, we achieve a new aggregation function, weighted average (WAAS), and design a privacy-enhanced aggregation scheme (PAAS) to protect the aggregated data from cloud servers. Besides, a histogram aggregation scheme with high accuracy is proposed. PMHA-DP supports fault tolerance while preserving data privacy. The performance evaluation shows that the proposal leads to less communication overhead than the existing one.

Patients' Perceptions of Different Information Exchange Mechanisms: An Exploratory Study in the United States

2020 ◽  
Vol 59 (04/05) ◽  
pp. 162-178
Author(s):  
Pouyan Esmaeilzadeh
Keyword(s):  
United States ◽  
Health Care ◽  
Health Information ◽  
Health Care Providers ◽  
Information Exchange ◽  
The United States ◽  
Exchange Mechanism ◽  
Care Providers ◽  
Security Risks ◽  
Direct Exchange

Abstract Background Patients may seek health care services from various providers during treatment. These providers could serve in a network (affiliated) or practice separately (unaffiliated). Thus, using secure and reliable health information exchange (HIE) mechanisms would be critical to transfer sensitive personal health information (PHI) across distances. Studying patients' perceptions and opinions about exchange mechanisms could help health care providers build more complete HIEs' databases and develop robust privacy policies, consent processes, and patient education programs. Objectives Due to the exploratory nature of this study, we aim to shed more light on public perspectives (benefits, concerns, and risks) associated with the four data exchange practices in the health care sector. Methods In this study, we compared public perceptions and expectations regarding four common types of exchange mechanisms used in the United States (i.e., traditional, direct, query-based, patient-mediated exchange mechanisms). Traditional is an exchange through fax, paper mailing, or phone calls, direct is a provider-to-provider exchange, query-based is sharing patient data with a central repository, and patient-mediated is an exchange mechanism in which patients can access data and monitor sharing. Data were collected from 1,624 subjects using an online survey to examine the benefits, risks, and concerns associated with the four exchange mechanisms from patients' perspectives. Results Findings indicate that several concerns and risks such as privacy concerns, security risks, trust issues, and psychological risks are raised. Besides, multiple benefits such as access to complete information, communication improvement, timely and convenient information sharing, cost-saving, and medical error reduction are highlighted by respondents. Through consideration of all risks and benefits associated with the four exchange mechanisms, the direct HIE mechanism was selected by respondents as the most preferred mechanism of information exchange among providers. More than half of the respondents (56.18%) stated that overall they favored direct exchange over the other mechanisms. 42.70% of respondents expected to be more likely to share their PHI with health care providers who implemented and utilized a direct exchange mechanism. 43.26% of respondents believed that they would support health care providers to leverage a direct HIE mechanism for sharing their PHI with other providers. The results exhibit that individuals expect greater benefits and fewer adverse effects from direct HIE among health care providers. Overall, the general public sentiment is more in favor of direct data transfer. Our results highlight that greater public trust in exchange mechanisms is required, and information privacy and security risks must be addressed before the widespread implementation of such mechanisms. Conclusion This exploratory study's findings could be interesting for health care providers and HIE policymakers to analyze how consumers perceive the current exchange mechanisms, what concerns should be addressed, and how the exchange mechanisms could be modified to meet consumers' needs.

scholarly journals Maturity assessment of Kenya’s health information system interoperability readiness

2021 ◽  
Vol 28 (1) ◽  
pp. e100241
Author(s):  
Job Nyangena ◽  
Rohini Rajgopal ◽  
Elizabeth Adhiambo Ombech ◽  
Enock Oloo ◽  
Humphrey Luchetu ◽  
...  
Keyword(s):  
Health Information ◽  
Information Exchange ◽  
Working Group ◽  
Data Exchange ◽  
Enterprise Architecture ◽  
Health Information Exchange ◽  
Digital Health ◽  
Health Information System ◽  
Maturity Level ◽  
Technical Standards

BackgroundThe use of digital technology in healthcare promises to improve quality of care and reduce costs over time. This promise will be difficult to attain without interoperability: facilitating seamless health information exchange between the deployed digital health information systems (HIS).ObjectiveTo determine the maturity readiness of the interoperability capacity of Kenya’s HIS.MethodsWe used the HIS Interoperability Maturity Toolkit, developed by MEASURE Evaluation and the Health Data Collaborative’s Digital Health and Interoperability Working Group. The assessment was undertaken by eHealth stakeholder representatives primarily from the Ministry of Health’s Digital Health Technical Working Group. The toolkit focused on three major domains: leadership and governance, human resources and technology.ResultsMost domains are at the lowest two levels of maturity: nascent or emerging. At the nascent level, HIS activities happen by chance or represent isolated, ad hoc efforts. An emerging maturity level characterises a system with defined HIS processes and structures. However, such processes are not systematically documented and lack ongoing monitoring mechanisms.ConclusionNone of the domains had a maturity level greater than level 2 (emerging). The subdomains of governance structures for HIS, defined national enterprise architecture for HIS, defined technical standards for data exchange, nationwide communication network infrastructure, and capacity for operations and maintenance of hardware attained higher maturity levels. These findings are similar to those from interoperability maturity assessments done in Ghana and Uganda.

Sign in / Sign up

Export Citation Format

Share Document