Privacy in an age of distrust
Who Do You Trust?
Privacy is the governing framework which controls access to the collection and use of a persons personal information. Many, arguably most Australians are uncomfortable with the thought of their private information, including their health records, falling into the hands of others without their consent.
With the rise of virtual consultations, telemedicine and the digital storage of information by health care providers, there is now far greater scope for a persons medical records to be accidentally disclosed to third parties or stolen by hackers who have been showing an increased interest in the medical sector. Medical records are highly prized by cyber criminals involved in identity theft as they contain all manner of information needed to take out credit and receive services in a victims name. Somewhat ironically, health records are often more valuable for the non-medical information that they contain.
Edelman is an American public relations firm that employs over 5800 people and with that wins the title of the worlds largest independently owned public relations company, It publishes an annual Trust Barometer. This year its Trust Barometer provided some insight into the debate about on line privacy. It’s an issue which came into sharp focus in America when the US Government demanded that a smartphones security features be disabled so as to allow it access to an Apple iphone and the information stored both on it and online. This demand was made in the context of investigating the San Bernadino shootings where 14 people were killed and 22 injured in a terrorist attack.
The Edelman study revealed that in Western liberal democracies around the world, businesses are generally more trusted than governments, and citizens trust governments significantly less when it comes to their personal data.
This trust deficit presents obvious challenges to governments, non more than in Australia where the federal government, with one monumental false start, brought the national census online, and is forging ahead with the creation of a national ehealth recording framework, namely My Health Record.
This distrust in government and its institutions is there for all to see in the polarizing American Presidential race, and to a lesser extent in the recent Australian election where the Opposition almost achieved an unlikely victory on the back of a campaign that the Government could not be trusted to keep Medicare intact.
So many of the services and products we use today are dependent on our data being hosted somewhere in the internet. While people generally are prepared to provide personal information to businesses, including health care providers, this trust advantage will be short lived if this information is inadequately protected or unlawfully used.
The Privacy Act 1988
In Australia a persons personal information is protected by The Privacy Act 1988. The Privacy Act defines “personal information” as
…information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual, or an individual who is reasonably identifiable.
Common examples are an individual’s name, signature, address, telephone number, date of birth, medical records, bank account details and commentary or opinion about a person.
The Privacy Act contains 13 Australian Privacy Principles which apply to some private sector organisations and most Australian Government Agencies.
Health information is regarded as one of the most sensitive types of personal information and is seen to be “sensitive information”. For this reason the Privacy Act provides extra protections around its handling. For example, an organisation generally needs an individual's consent before they can collect their health information. In addition, all organisations that provide health services and hold health information (other than in an employee record) are covered by the Privacy Act, whether or not they are a small business.
Uploading a photo would involve “personal information” if a patient is reasonably identifiable from that information. If the information includes the persons health information or is collected to provide a health service it is “sensitive information” for the purposes of the Act which attracts even stricter requirements around its collection, use and disclosure.
The new (inter)face of health care.
Right now telemedicine is opening up so many new and exciting opportunities in health care that were unimaginable only a few years ago.
Thanks to video conferencing applications that download to a smartphone, tablet, or home computer, people of all ages can experience a “virtual” visit with a qualified doctor at any time, day or night. This virtual experience doesn’t happen in an information vacuum. Patients will have to create an account with a password, enter payment information, their medical history, and current symptoms. They will also need to provide important details such as recent test results or the types and quantities of medications they are taking. A virtual doctor who doesn’t have this information can make the wrong decision.
Capturing clinical images on smart phones and personal devices is becoming more prevalent in everyday practice. Dermatology for example lends itself very well to the use of clinical photographs. “Store and forward” whereby clinical images are forwarded to a specialist who may, from his or her smart phone or personal device, provide a diagnosis and advice on management is increasingly common.
Email correspondence between patients and health care providers is also far more common today than what it was only a few years back. Many practices allow patients to book appointments, order repeat prescriptions, receive pathology results, email their doctor about non urgent issues and even have online consultations by email exchange. Texting is now being introduced and is preferred by many younger patients.
While all of this is innovation in its truest form and is opening up our health care system to people and places where it could not previously go, it will all be stopped in its tracks if a lack of trust arises because of insufficient protection of users health data. In an Age Of Distrust things can turn very quickly.
Which means that for those involved in this new wave of health care practical steps need to be taken to protect against the unintended or unlawful disclosure of a persons medical records and other personal or sensitive information. Such steps should include:
- Sensitive information as defined (which includes health information) can only be collected and disclosed with a persons consent.
- De-identified information is not considered to be personal information” under the Privacy Act. An image may be de-identified by removing information that might allow the person to be identified, such as facial features, a rare visible medical condition, physical marking or tattoo. Many photo-sharing apps have a feature that allows health care providers to conceal a patients face or distinctive markings.
- Even if a patient is not identifiable it is good practice to obtain a persons consent before collecting, using or disclosing an image.
- Where health care providers wish to share information with others that includes a persons sensitive or personal information, the patient must provide informed consent to it being used for that specific purpose eg. sharing with other health professionals or including it in a presentation or journal article.
- Where photos that include sensitive or personal information are stored on a smart phone or tablet, the security settings must be adequate to protect the information. They must have secure logins and passwords should be changed regularly. If left unsupervised users must log out where there is potential for someone else to access a patients personal or sensitive information.
- If personal or sensitive information is to be sent overseas, which may occur simply by a business using cloud computing services and its information being stored by the service provider in an offshore location, then businesses that are subject to the Privacy Act need to take additional security steps to avoid being held in breach of the Privacy Act.
- Providers of virtual health care must have a triage system that allows for the escalation of emergencies.
- Clinical images should be deleted from smart phones and tablets after being saved to a patients health records.
- When videoconferencing is used, the room should be sound proof and access restricted to persons who the patient has consented to receiving his or her information.
- Avoid sending or relying on photos of radiological images taken by a smart phone or tablet. The reduced quality can be misleading and miss a lot of diagnostic information.
- Where you are emailing or receiving by email patient images or personal / sensitive information, then you should clear out ‘deleted items” and “sent items” folders each day.
Where a privacy breach does occur, irrespective of the cause, health care providers should adopt an open disclosure approach and look to remedy the breach immediately. Having said this, prudence would dictate speaking with your insurer or MDO prior to informing the patient of the breach.
Read the full version of HealthFiles | September 2016.