Many of us have read article after article pro-claiming the virtues of big data analytics for medical research. However, it seems that there might be too much hype, too little realized benefit to collecting all that data, and some real problems are being overlooked.
Maciej Ceglowski (previously) spoke to a O’Reilly’s Strata Big Data conference about Big Data privacy risks.
Ceglowski also raises a critical point: Big Data has not lived up to its promises, especially in life sciences, where we were promised that deep analysis of data would yield up new science that has spectacularly failed to materialise. What’s more, the factors that confound Big Data in life science are also at play in other domains, including the business domains where so much energy has been expended. ~ Boing Boing
And I would also say that electronic health records (EHR) have for the most part turned out to be a disaster. The biggest impact so far from EHR is that the vast majority of us have had our private health information stolen.
The biggest impact so far from EHR is that the vast majority of us have had our private health information stolen.
And yet, it seems health insurers and hospitals don’t hire information security professional from outside the industry. They prefer to “promote” from within, meaning tech savvy nurses and doctors are leading IT security departments. Oy vey!
I really like the electronic health records system, it has been a good tool for someone like me that has mutable chronic conditions with 30 Doctors, but you are correct about the security as soon as UT Southwestern Connected MyChart® to the outside world I received a letter saying you have free credit watch for two years because we have compromised your health records including credit information…ops!
I’m not that concerned about the security of my diabetes data as there’s too much of it to have a lot of meaning for anyone looking at it. Even the reams of data my CGM and meter pile up don’t include many elements of the story and is pretty much meaningless without talking to me. And taking notes. A lot of notes. Or, alternatively, since I know more about taking care of me than you do, perhaps if we do a couple of sessions, you’d realize that it would be cheaper for you to simply let me write my own prescriptions? LOL…
@acidrock23 But there are potential implications that aren’t good— say some politician bureaucrat decides that diabetics having hypoglycemia wrecking cars is a big problem and the public needs to be protected from us… Your “meaningless” cgm data, when viewed with no relevant or appropriate context might fit some bureaucrats definition of someone prone to some arbitrary textbook definition of “hypoglycemic events” because your cgm ocassionally drifts slightly below 70… And maybe therefore you’re not fit to drive based on that ridiculous definition…
Just a made up example but it’s an important concept I think. Your medical data needs to be filtered through an informed person, like your doctor, to provide the relevant context or else i think it truly is dangerous in the wrong hands.
It’s not that the data itself is meaningless, its that there is so much data that it is not cost-effective to litigate questions that might arise. If I have say $2.5M in coverage and run over someone with my car and they want to question my blood sugar, my deposition would take weeks! “Oh yes, that number, well, let me tell you, that number was because…” Then the other side would have to have an expert chat about each number for say $500/ hour then maybe my side would want an expert too? More $$$. So then, all they’d be able to say is either “acidrock23 has risky tendencies that made him run over this person…” vs. “acidrock23 was smote by a random BG fluctuation that, in turn, smote the pedestrian…” for which acidrock23 would not be liable, at all, under Illinois law. I think that in practice, insurers may be a bit spooked by the suggestion that PWD might not be liable at all for their actions. I had one case that had some potential to explore these sort of issues and the defense attorney (perhaps suspecting a lot of labor…) was interested but it didn’t work out for some interesting tactical reasons and the case settled. If the chips were down, I would totally look to drag a health insurance company into a tort claim, griping about their lack of support, constitutional rights, challenges dealing with phone menus and anything else I could think of to get out of something like that.
@acidrock23. Your EHR info that is valuable is the identifying information (name, birthdate, SSN, etc.) not the device data. Medical data on a specific individual is in fact quite meaningful and is the number 1 source for identity theft. There is a reason hackers are attacking healthcare databases. Healthcare data is being sold at ten times the normal rate as a stolen credit card.
