Healthcare Privacy: Good or Bad? Discuss.


If you happened to be on the Internet, particularly Twitter, a couple weeks ago, you likely noticed the deluge of tweets about SXSW and requests from people to get you to vote for their session. Today, I wanted to share my session and spark a little debate. My session is all about why healthcare privacy will soon disappear and why we’ll all be healthier for it. More on that in a minute.

But first, in case you aren’t aware, SXSW is (now) a huge conference held each year in Austin that features interactive, music, and film portions. The sessions for this conference are in part selected by the votes and comments that the public leaves about them (they count for 30% of the selection criteria). So, you have a chance to dictate what goes on at this conference. Why should you care? Regardless of what industry you are in, I’d strongly recommend considering this conference next year. Last year was the first year that there was a strong contingent of healthcare related sessions and this year there will likely be even more. So, you can go and hear some great healthcare related talks. However, I’d recommend that you go to listen to everything else (assuming you work in healthcare everyday). Why? Well our healthcare industry could use a little outside influence from time to time just to see what’s possible and where we might be headed. If you only look at healthcare all day, you’ll never see “what’s next” until it’s too late.

Last year, your votes and comments were enough to get me a spot at the conference. Thank you once again for your support. In case you weren’t there or missed the video of my presentation, here it is:

I wanted to share what I’m planning for the SXSW 2012 and invite you (if you are so moved) to vote for it and leave a comment on the SXSW site about why you think the topic (or I) might be interesting. It’ll only take a second (I promise). The name of my talk this for 2012? Saving Some Lives: The End of Healthcare Privacy. You can follow that link to vote or comment on my session and to read a bit more about it. I’ll post the brief description here for your convenience too:

Today there is nothing we keep more private than our healthcare information. We don’t share it with anyone except for our family and closest friends. But we haven’t considered that this just might actually be making us sicker.

There was a time not too long ago when the thought of sharing our locations, intimate family pictures, or what we ate for dinner was taboo. It was private. Today, we don’t think twice about sharing these things and much more. And we share it with not only our friends and family, but willingly broadcast it all over the world to perfect strangers. It’s the new normal.

But there’s still a stigma around sharing our healthcare information with the world when sharing it could be the key to preventing, curing, and treating the diseases that kill us. It could help us avoid the next pandemic and uncover hidden cancer clusters. It could detect a genetic abnormality before you know it’s there or tell you where the healthiest place to live might be.

There’s a simple reason why people are willing to share some things, but not their health related information. When we share other information, we typically get something back in return. Sharing our location might get us a discount. Displaying our wedding pictures might elicit some well wishes from friends. But what value do you get when you share your healthcare information? Today, you don’t get much, so there isn’t an incentive to share. That’s about to change thanks to innovations in digital technology.

I’m also planning a couple of experiments to demonstrate the value of sharing your healthcare information publicly. I can’t share what they are right now, as that might confound the results, but I guarantee the results will surprise you.

When I share this premise with most people, they scoff and say that no one will ever be willing to simply share their personal health information. Fair enough. We all used to say that about a lot of things that we readily share with the world today. It’s a little bit before its time, but I think it’s time to get the message out.

I’ve actually talked about this concept before in a couple of talks. I mentioned this concept in my SXSW talk (embedded above) and discussed it some more in a talk I recently did on the the future of healthcare. You can jump to 16:45 mark of the talk to hear some of my thoughts on healthcare privacy and how it is already saving lives.

Still, many still think that we’ve got a long way to go until we’re ready to share our health information more broadly. I don’t think that it’s quite as far off as what many people believe. It’s already happening today and I included a couple of examples in my talk. There are countless other places where people are already sharing a lot of detail about their health. They share this personal information because they get a lot back in return. They get support from others with the same disease. They find out what treatments might work even better for them. They learn what might happen to them in the future and what they can do to change those outcomes. And most people do this while readily sharing their real name and identity. Take a site like TuDiabetes (one of my favorite examples of how a healthcare community should work). You’ll find a ton of detailed discussions about people’s intimate health details and it’s all shared in the spirit of improving care. And it works. Patients Like Me works similarly and adds a layer of analytics, which allows you to compare your results with others like you to see if there is anything you can do to improve your outcomes. CureTogether is a bit more anonymous, but people are sharing everything about their health to better understand what diseases they may have or be at risk for. In many cases, they find connections between diseases that they or their doctors might never have made on their own (and the findings from their user submitted data matches that of large, randomized trials).

There are, of course, many more examples, and these sites are just the beginning. My SXSW talk will take it even further and show you what a world with complete healthcare transparency looks like. I’ll give you a hint: you’ll be a lot healthier.

Thanks in advance for your support. And, again, if you’re interested in voting for or commenting on my proposal, you can find it here: Saving Some Lives: The End of Healthcare Privacy.

I did say “Discuss” in the title of this post and I meant it. Feel free to also leave your comments below and let’s discuss. I know I can always count on my readers for a lively debate. I’ll be responding to every comment, so I welcome the discussion.

Related posts

11 thoughts on “Healthcare Privacy: Good or Bad? Discuss.

  1. Hi Jon,

    Thought provoking stuff – thanks for sharing.

    With regards to your question around privacy, I see two potential barriers to overcome here from the patient perspective:

    1) Concerns over implications for health insurance, e.g. costs rising through being more open about the patient’s true state of health. This is, in reality, of course a false concern as not being open with such information with insurers is going to lead to problems down the line, but I an still see it being an issue for many.

    2) Concerns over prejudice at work or in public due to full disclosure of health information. This clearly has implications in some areas more than others, e.g. HIV infection, but can see this being a major concern for patients in case it has an impact on their careers and social life.

    Neither of these are insurmountable but need to be addressed by all parties (patients, governments, disease organisations,medical insurers) to ensure they do not stifle more health information sharing, which I agree would be beneficial longer term.

    Just my thoughts!


    1. Good points, Paul and I hope that I’ll be sharing more provocative stuff in the coming months and at SXSW.

      Regarding your first point, there is already some legislation in the US preventing insurers from discriminating based on preexisting conditions. Each year, there seems to be more protection added in this area. It’s not perfect yet, but it’s headed in a good direction. Further, in the US (and I think some other countries), there is already a specific law preventing discrimination based on a genetic test result. That is, you can have your genome sequenced and potential issues revealed and that information can’t be used to prevent you from being insured. That’s a big step forward.

      As for the second point, there’s definitely some of this that still exists. However, again, this has changed dramatically over time. 25 years ago no one talked about breast cancer or ever mentioned that they had/have it. Today, there are walks and fundraisers and survivors proudly share their history. The same goes for HIV. Prior to the early 90s it was something no one talked about and you certainly didn’t share the fact that you were HIV positive. Today, it’s much more accepted and people are less likely to be discriminated based on this. 

      Lots more progress to make, but there are definitely stumbling blocks. But it does seem like we’re headed in the right direction.

      1. Thanks Jon – appreciate the clarification and good to hear the the legal system is laying down the right groundwork to help prevent such discrimination.

        We are definitely heading in the right direction.

  2. Anonymous

    I tend to agree that privacy of health care information is on the way out.  This is based on two observations: (1) Controlled sharing using real names or aliases, via sites like Patients Like Me, or through longstanding mechanisms like tumor registries, carry the potential for improving health both for the individual and for the public at large. (2) The issue we face in this country is the tension between private good and public good, and thus far the “rugged individualism” wing wins out, insisting on the privacy of health data, because too many negative consequences can flow from the sharing of data.   

    Paul noted two key issues — adverse selection or pricing for health insurance, and employment or other discrimination — effects that may flow from “TMI” (too much information).  The health insurance pricing issue is supposed to be controlled by federal health reform mandated community rating of health insurance rates (so individual risk profiles shouldn’t be an issue).  The discrimination concern is more of a live issue, to my mind.  GINA and other laws prohibit discrimination, but it hasn’t been eliminated as a matter of fact.

    Another point worth observing is that, in the near future, it will likely be impossible to share “de-identified” data, because we are all so interconnected, wired and digitized that it will be possible to re-identify more and more of what we have previously thought to be de-identified data.

    Social sharing of data will mean that it’s out there for all to see, while clinical sharing will still be behind some sort of screen – particularly as more entities adopt encryption policies which gives them greater egg-on-face protection (losses of encrypted data do not have to be announced to patients, the press, and the federales).

    As health care providers go further down the path of meaningful use of electronic health records, though, there will be greater access to EHR information on PHRs (personal health records) and a concomitant increase in the ease of sharing detailed data, electronically, by patients.  The e-patient movement will likely grow over time (especially since there are now federal financial incentives in place to make it go mainstream), and so, bottom line, I agree with your fearless prediction that in the not too distant future privacy of health care information will be a thing of the past.  Before it’s gone entirely, we need to beef up relevant laws and their enforcement — to ensure that share d information is not misused — so that we’re not stuck playing catch-up (which is, unfortunately, usually the case).

    1. Well said. I agree that Paul identified some potential roadblocks and I addressed his in my response to his comment (see above). In addition, as you noted, adding some stronger controls over the data might be required, but that’ll be a big challenge. If people think that their records are really private now, they’re likely mistaken. Think about all the paper records spread out in offices all around the world with information about your past health issues. If people thought there was value in having that data or they really wanted to know your past medical history, getting that information (while illegal) wouldn’t be much of a challenge. HIPAA really doesn’t secure medical information as well as advertised. So, if you look at this way, you may as well accept that keeping this information secure is a major challenge. 

      One dramatic solution is to simply stop trying to keep it secure (and stop all the spending to do so) and make it all public. The value of “stealing” the data goes to zero since it is readily available to everyone. The data is only valuable then when you figure out something to do with it that no one else has yet figured out. That could be using the information to determine individual risk (and personalized treatments to go with it) or something else. Radical, yes, but likely a future solution will look pretty close to this. We’re not quite ready for this yet in the US or anywhere else, but stay tuned.

  3. My sense is that privacy has been near-obliterated for a while now but we have yet to come up with a way of articulating what has emerged. Like the words “freedom” and “civil rights,” “privacy” is so highly charged that people rush to defend it for reasons that remain to be clearly articulated.


    1. Those definitely are hot button words for sure. If you claim that what we have today is healthcare “privacy” then people aren’t likely to respond well to something that eliminates or reduces their “privacy.” 

      However, if you frame what they have now differently, then losing that might not be such a big issue. For example, if it weren’t healthcare “privacy” and your information was either classified as “optimized” or “dormant” you might see people react differently. Dormant data is information that simply sits there and has never been analyzed to look for improvements in your care or potential explanations for diseases. Optimized data is data that’s been analyzed to find correlations and maximize your treatment. If you further could show that people who have their data optimized have better outcomes, you’ll see everyone requesting their data be optimized almost overnight even if this means their traditional sense of “privacy” no longer exists.

      1. Exactly and to what you wrote I’d add that all reframing must be happen in language and learning systems that all — providers, patients, caregivers — can easily grasp.  This means getting ride of biz buzzwords, marketing mush, and healthcare jargon. Get out the defibrillators! 

  4. Healthcare IT manager

    Some valid points, however as an IT Security manager in the healthcare field, you missed one very valid and applicable issue. We don’t just take “health information” as the only data to protect, we take very seriously personally identifiable information just as, if not more than the patients health info. The biggest crime out there isn’t have health info stolen, it’s  stealing identities.  If that issue was completely resolved, I’d be right on the bandwagon issue, but by not addressing that, you’re not exactly covering the debate.

    1. I agree that identity theft is certainly part of the discussion. However, whenever I see EMR or PHR data security discussed, people always express concern about their health information falling into the wrong hands and not about getting their identity stolen. If we can’t fix people’s concerns about having their health information stolen and why it might be better to share more of it publicly, then there’s no need to move onto the second part of the debate, protecting from identity theft. Most people are better able to understand the risk and how to manage it when it comes to identity theft versus the risk of exposing their health information. Both issues are certainly important, but the identity theft piece, I think, is easier to explain and manage with people. They are used to discussing this based on their experiences with financial information, shredding documents, etc. But most have no idea what to do with their health information to protect it (or if they even should).

  5. […] private and secure, and could have some beneficial effects, as well. Finally, consider the radical proposal to reverse the presumption of privacy […]

Comments are closed.