Jump to content

Hospitals Give Tech Giants Access to Detailed Medical Records


aum

Recommended Posts

Deals with Microsoft, IBM and Google reveal the power medical providers have in deciding how patients’ sensitive health data is shared

 

Hospitals have granted Microsoft Corp., MSFT 0.25% International Business Machines IBM -0.41% Corp. and Amazon.com Inc. AMZN 0.20% the ability to access identifiable patient information under deals to crunch millions of health records, the latest examples of hospitals’ growing influence in the data economy.

 

The breadth of access wasn’t always spelled out by hospitals and tech giants when the deals were struck.

 

The scope of data sharing in these and other recently reported agreements reveals a powerful new role that hospitals play—as brokers to technology companies racing into the $3 trillion health-care sector. Rapid digitization of health records and privacy laws enabling companies to swap patient data have positioned hospitals as a primary arbiter of how such sensitive data is shared.

 

“Hospitals are massive containers of patient data,” said Lisa Bari, a consultant and former lead for health information technology for the Centers for Medicare and Medicaid Services Innovation Center.

 

Hospitals can share patient data as long as they follow federal privacy laws, which contain limited consumer protections, she said. “The data belongs to whoever has it.”

 

Microsoft and Providence, a hospital system with data for about 20 million patient visits a year, are developing cancer algorithms by using doctor’s notes in patient medical records. The notes haven’t been stripped of personally identifiable information, according to Providence, which is based in Renton, Wash.

 

An agreement between IBM and Brigham and Women’s Hospital to jointly develop artificial intelligence allows the Boston-based hospital to share personally identifiable data for specific requests, people involved in the agreement said. So far the hospital hasn’t shared data on that basis and has no current plans to do so, according to hospital and IBM officials.

 

Microsoft executive Peter Lee in July described how his company would use Providence patient data without identifying information for algorithm development. In a December statement, he said patients’ personal health data remains in Providence’s control and declined to comment further. B.J. Moore, Providence’s chief information officer, said executives involved in the agreement at first planned to use data without information identifying patients; later they found they couldn’t remove it all from doctors’ notes. “It was not intended to mislead,” he said.

 

Brigham and Women’s announced a 10-year agreement with IBM in February 2019. David Westfall Bates, the hospital’s chief of general internal medicine and primary care, said last year that initial work would use data stripped of names and other identifying details. In December, Dr. Bates said he hasn’t publicly commented on IBM’s ability to access identifiable data but Brigham and Women’s would follow federal privacy rules should it do so.

 

“Responsible data stewardship is core to our mission,” an IBM spokeswoman said.

 

The Fred Hutchinson Cancer Research Center, in Seattle, granted certain Amazon Web Services employees access to health information that identifies individual patients, a Fred Hutchinson spokesman said. The research institution, which has ties to hospitals, trained and tested Amazon Web Services software designed to read medical notes.

 

An AWS spokeswoman said it doesn’t use personally identifiable data protected under federal privacy laws to develop or improve its services.

 

Digitizing patients’ medical histories, laboratory results and diagnoses has created a booming market in which tech giants are looking to store and crunch data, with potential for groundbreaking discoveries and lucrative products.

 

There is no indication of wrongdoing in the deals. Officials at the companies and hospitals say they have safeguards to protect patients. Hospitals control data, with privacy training and close tracking of tech employees with access, they said. Health data can’t be combined independently with other data by tech companies.

 

But recent revelations that Alphabet Inc.’s GOOG -0.27% Google is able to tap personally identifiable medical data about patients, reported by The Wall Street Journal, has raised concerns among lawmakers, patients and doctors about privacy.

 

The Journal also recently reported that Google has access to more records than first disclosed in a deal with the Mayo Clinic. Mayo officials say the deal allows the Rochester, Minn., hospital system to share personal information, though it has no current plans to do so. “It was not our intention to mislead the public,” said Cris Ross, Mayo’s chief information officer.

 

Dr. David Feinberg, head of Google Health, said Google is one of many companies with hospital agreements that allow the sharing of personally identifiable medical data to test products used in treatment and operations. The companies typically don’t disclose their use of such data, Dr. Feinberg said. “We didn’t hide it.”

 

Amazon, Google, IBM and Microsoft are vying for hospitals’ business in the cloud storage market in part by offering algorithms and technology features. To create and launch algorithms, tech companies are striking separate deals for access to medical-record data for research, development and product pilots.

 

The Health Insurance Portability and Accountability Act, or HIPAA, lets hospitals confidentially send data to business partners related to health insurance, medical devices and other services. The law requires hospitals to notify patients about health-data uses, but they don’t have to ask for permission.

 

Data that can identify patients—including name and Social Security number—can’t be shared unless such records are needed for treatment, payment or hospital operations. Deals with tech companies to develop apps and algorithms can fall under these broad umbrellas. Hospitals aren’t required to notify patients of specific deals.

 

“The patient doesn’t have absolute control. They don’t have much control,” said Ellen Wright Clayton, a Vanderbilt University biomedical ethics professor.

 

Under HIPAA, hospitals must divulge as little as possible about patients under agreements. But in some cases, the minimum amount needed by tech companies can be everything in patients’ records.

 

Ascension, a Catholic chain with 150 hospitals across 20 states and the District of Columbia, is testing whether Google’s technology can accurately search and retrieve all information for a single patient—a widely known challenge that frustrates doctors and patients.

 

“By definition this means that the ’minimum’ necessary dataset for the creation of this capability is the entire longitudinal health-care record” for each patient, said Eduardo Conrado, Ascension’s chief strategy and innovations officer.

 

Hospitals involved in the deals say data use is reviewed by research-ethics review boards or data-use committees, which can include compliance, law, tech, medicine and other experts.

 

Mayo’s data team will vet future data requests for projects with Google, probing how much data to share, said Mayo’s Lois Krahn, a data-team member. “We are a tremendously cautious and conservative organization,” she said.

 

Hospitals also stand to gain financially from some deals. Tech companies’ agreements with Providence, Mayo, and Brigham and Women’s include intellectual property rights for hospital contributions to new products.

 

Some hospitals are saying no to tech agreements.

 

“We’re not giving anyone data,” said Jim Beinlich, chief data information officer for Penn Medicine, the University of Pennsylvania health system. Penn Medicine halted a possible research pilot with Microsoft in response to public concern over Ascension’s Google deal.

 

Hospital executives are drafting policies, such as how to tell patients about data sharing.

 

“We don’t have all the rules of the road written down,” he said.

 

Source

 
Edited by aum
Link to comment
Share on other sites


Moved from General News.

 

(About patients' "confidential" health data, so better here)

  • Like 1
Link to comment
Share on other sites


  • 2 years later...
9 hours ago, fraziermiyahara said:

Don't you see anything suspicious about this news? I mean, healthcare data should be the most valuable data. Sharing it could be really dangerous.

I'd go further...it's not only suspicious....it stinks.:thumbsdown::thumbsdown::thumbsdown:

Link to comment
Share on other sites


BIG Brother wants as much as Data he can find...

The more, the better...

Total Loss of Privacy and Individual Liberties on the way...

Link to comment
Share on other sites


Nuclear Fallout

There IS MUCH more to it.  The way how CFO's handle anything as long as they make money!!!   DO NOT THINK, YOUR HOSPITAL UPPER LEVEL STAFF IS SMART!!! I knew a bi..... who was a CFO, she fu..... up big time.   I MEAN BIG TIME!!!

Link to comment
Share on other sites


  • 2 months later...
fraziermiyahara

It has never been a secret that corporations share information. In the 21st century, information is power. Based on the information, medical companies can develop a product that consumers like us. Facebook or Google collects user data, the number, and the frequency of clicks.  Unfortunately, it has become impossible for ordinary people to fight this. Society is gradually moving into the ""panopticon"" phase when behavior is constantly monitored. The most important thing at the moment is finding strategies and solutions that will ensure stability and security. That's why I bought health insurance.

Edited by fraziermiyahara
Link to comment
Share on other sites


Even the Secretaries of

Dentists, Ophthalmologists, and other Private Medical Practitioners,

who are working alone (i.e. away from Hospitals),

are selling their Clientele Data (i.e. Name, Address, Phone Numbers etc.)

to Phone Advertising Companies. 

 

Sometimes, Doctors do Not know what their Secretaries are doing...

Other times, Doctors are fully aware of it...

 

Link to comment
Share on other sites


Nuclear Fallout

@pc71520

 

Much worse, I know a case where a file clerk sent the social security numbers of MANY patients, of all the patients in the Hospital System to someone for very dark purposes.  The person who caught her was and is however not a strong moral person.  So this was put under the carpet.  I am talking about a different CFO.  From my own experience, CFO's are mostly wicked, extremely wicked.  I still have a voice recording I made about something in a HIGH LEVEL meeting and I asked about it, I knew it happened but no one spoke about, I CLASSIFY THIS AS MEGA DEATH, THAT BIG.  Out of 15 people, only one said something about it, very little.  The others got white in their face!!!!

 

during my time there were two mega deaths, extraordinary events.  One involving a high likelihood of a cancer cluster, which was put under the carpet.  And the other from above.  NOT ONE OF THEM MADE THE NEWS.  THOSE WERE ABSOLUTE NIGHTMARES!!!!

Edited by Nuclear Fallout
more detail
Link to comment
Share on other sites


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...