Health Data Privacy Vulnerabilities Cause Patient Anxiety


According to the findings of a recent survey, trust in the anonymity and protection of personal health information is trending downwards. As per research published by the American Medical Association, more than 92% agree that privacy is a right and that their health information shouldn’t be sold.

Only 20% of the 1,000 patients polled by Savvy Cooperative were aware of the extent to which businesses and people have access to their data, and nearly 75% of patients expressed concern about maintaining the privacy of their personal health information.

This worry is made more pressing by the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, as it could put patients and doctors in legal danger in states that restrict access to reproductive treatments due to a lack of data privacy. The Roe v. Wade decision, which had secured the right to an abortion for many years, was overturned by that judgement.

According to the survey, patients are least satisfied with social media sites, employers, and technology businesses having access to their personal health information, while they are most comfortable with doctors’ offices and hospitals.

Describing The Impact

According to the survey, a resounding majority of patients desire responsibility, openness, and authority in relation to the privacy of their health information. While 93% want health app developers to be open about how their products use and disclose personal health data, approximately 94% want companies to be held legally responsible for the use of their health data.

Patients desire control over the information that businesses gather about them and how it is used in order to prevent unauthorised access and use of such data. For instance, approximately 80% of patients desire the option to choose not to share some or all of their health data with businesses. More than 75% of people want to give their consent before a firm uses any of their health information, and a comparable percentage want to be notified before a company uses their health information for a greater purpose.

Patients are concerned about the effects of having little to no control over how their data is used and shared. Nearly three out of five patients (59%) voiced concern about their personal health information being used against them or their loved ones. The majority of patients said they are “very” or “highly” concerned about unfair uses of personal health data to deny them access to insurance coverage (64%), employment (56%), or healthcare opportunities (59%).

Additionally, 66% of transgender people expressed “severe” concern about the biased uses of personal health information, as did more than half of Hispanic, American Indian, and Alaskan Native people.

Patients also want hospitals and doctors to have the tools and capacity to examine apps for security and privacy features. Approximately 88% think that before health apps get access to personal health information, their doctor or hospital should be able to examine and confirm the security of those apps. However, at the moment, providers and even electronic health record platforms are prohibited by federal legislation from evaluating the privacy and security of applications.

Individual rights, equity, entity responsibility, applicability, and enforcement are the five main components of a national privacy framework that are outlined in the Privacy Principles, which were released by the AMA in response to its claim that stronger regulations are required to protect private information.

The AMA is also campaigning for near-term app transparency regulations, including app privacy attestations gathered by EHRs, and has created a guide to assist app developers in creating privacy-forward technology.

The Bigger Trend

Consumers are suing businesses more frequently for data breaches, but healthcare has seen the biggest rise in lawsuits by far, according to research from the law firm BakerHostetler released in April. In fact, 23% of data breach claims involve the healthcare industry. Business and professional activities come in second with 17%, then banking and insurance (15%), education (12%), and manufacturing (10%).

Healthcare was the sector with the greatest initial ransom demand from cybercriminals and hackers, at over $8.3 million. Although the actual average ransom paid was far smaller, at around $876,000, it was still the greatest average sum paid across all businesses.

The number of days to tolerable recovery, or how long it took for things to get back to normal, was one of the industry’s few shining points. Healthcare had the second-fastest turnaround time, at 6.1 days, behind the energy and technology sectors, which had 4.6 days.