Renewed Concerns About Medical Privacy

Farai Chideya recently renewed the issue of data collection and medical privacy in her article “Medical Privacy Under Threat in the Age of Big Data,” for First Look Media’s The Intercept. Chideya’s article raised several issues that have hitherto not been addressed here:

  • The sale of “anonymized” data to private companies
  • The new market of wearables

Medical billing and coding professionals should be aware of all the possible routes of HIPAA violations, as well as the underlying environment that encourages the theft or distribution of personal medical information. By keeping these details in mind those who work with medical billing and coding data can avoid lawsuits, fines, and unethical breeches of privacy.

Legal and Illegal Private Health Data Marketplace

Right now the legal trade in healthcare information is a multi-billion dollar industry. For example, IMS Health Holdings earned approximately $1.44 billion in 2012 by buying anonymous patient data from pharmacies and selling this to companies in the biotech and pharmaceutical industries.

Commerce in this type of anonymous data is legal and does not violate HIPAA rules per se, however there is currently a gray area on this issue when the data does in fact lead to privacy violations. The case in point of this is highlighted in Chideya’s article: a data privacy lab at Harvard that managed to match supposedly anonymous, commercially-available data with actual people by comparing it against public records and local news reports.

This potential for “de-anonymization” of personal information is yet another avenue for HIPAA violations for which medical billing and coding professionals must maintain an awareness.

Another disturbing revelation in Chideya’s piece was the black market for confidential medical information. Items like stolen medical records and personal Medicare numbers can be worth much more than stolen social security numbers or credit cards. This is because medical information can be used to unlock passwords, file fraudulent insurance claims, and order drugs or medical equipment.

Wearables

The new wearables market is also part of the burgeoning health data industry. Much the same as Facebook revolutionized targeted advertising using personal information that people voluntarily provide, the makers of wearables like heart monitors, glucometers, pedometers, and general fitness programs are selling the data they accumulate from these devices to interested parties.

A law professor recently spoke at a 2013 FTC panel discussion on the subject of health data and wearables, testifying that hypothetically using information obtained from the popular Fitbit device, he could construct a person’s detailed and accurate health history, calculate insurance premiums, and even conduct a credit score evaluation.

The wearables market is a good example of the increase in available healthcare data that can be used to create a complete medical profile. Combined with the emphasis on electronic healthcare data that medical billing and coding professionals face every day, the phenomenon of digitized healthcare data is becoming increasingly apparent and significant.

Chideya’s article also touched on many issues that have previously been explored in past Medical Billing Coding World articles: