Big Data Legislative Changes Necessary to Protect Patient Privacy

In December last year, the Health IT Policy Committee’s Privacy and Security Workgroup met twice to discuss potential big data legislative changes. The impact big data is having – and will continue to have – on the healthcare industry has raised a number of issues, of which privacy and security of healthcare data is a major concern.

By the end of this series of workshops the committee hopes to have produced a list of recommendations which it will present to the Office of the National Coordinator for Health IT. These recommendations may end up prompting big data legislative changes that will safeguard data while allowing the benefits to be realized.

While there are many fears about the volume – and detailed nature – of the data now being collected on patients and health plan members, there are also many important benefits to be had. Big data has the potential to vastly improve patient care; although it is important to make sure that a balance is struck between providing access to information and protecting the privacy of patients.

So far the workshops have raised some important issues and now the committee needs to assess the data and information it has collected and produce a new framework that will offer the required privacy and security controls, while allowing the big data benefits to be gained.

Last month’s hearings investigated the current methods being used to protect confidential data including an analysis of whether the current level of protection is actually sufficient, given the highly sensitive nature of the data that is stored on patients. With so much information available there is an increased opportunity for that data to be used to discriminate against individuals. This issue was raised in the meetings.

Another problem area is distrust of the healthcare industry. Patients may be unwilling to allow their data to be used if they distrust the healthcare providers that are collecting that data. There have been a high volume of HIPAA breaches reported over the past 12 months and huge numbers of confidential medical records have been disclosed to unauthorized individuals or obtained by thieves.

The issue of fraudulent use of data was covered. This is a big issue as not only can financial information be used to fraud, Social Security numbers, medical/insurance IDs and healthcare data can be used to commit medical and insurance fraud, identity fraud and a host of other crimes. The preliminary findings of the committee will be given at a HIT Policy meeting scheduled for March 10 this year.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of