Atlanta center of health privacy issue

As our everyday lives become more connected – via smartphones, tablets and other devices – so will information about our health care. This will provide enormous benefits to patients and to the health care system, allowing innumerable breakthroughs on the way we track health and medical information and enhancing our well-being. Many of these breakthroughs will take place here in Georgia, where the state – and in particular, Atlanta – is often considered the nation’s “Health IT Capital.”

But there is a dark side to our increased connectivity. As data breaches over the last year have shown — including one at Community Health Systems, in which data for 4.5 million patients was lost — patients’ privacy and security can become more vulnerable.

With the possibility of such incidents becoming more frequent, and given that more than 200 health information technology companies employing 15,000 workers are based in Georgia — generating more than $4 billion a year, the highest health IT revenues in the country — it is no accident Atlanta will take center stage Wednesday, International Data Privacy Day, at Georgia Tech. That’s when the National Cyber Security Alliance will bring together industry leaders and experts to discuss the challenges and promises of new health care technologies.

The emerging generation of medical devices and electronic records will generate unprecedented volumes of personal medical data, much of it transmitted to the cloud, where researchers can potentially aggregate information, identify health risks and discover vital correlations and possible treatments.

Researchers have learned more detailed electronic health records are especially useful for treating chronic diseases, which drive a large portion of rising health care costs. For instance, wearable computers will enable a wider range of activities for autistic people, and they also will help those struggling with smoking cessation. These wearables gather detailed information about the wearer and sometimes those nearby.

Content analysis of social media is also beginning to show promise for spotting postpartum and other depression, often before the patient or health care provider is aware of the extent of the problem.

While it is easy to see the public health benefits of such analysis, possible privacy concerns are glaring. Medical advances will be at serious risk if we don’t create privacy and security safeguards that build trust in the devices and companies that operate them.

Since 2009, new federal financial incentives for “meaningful use” of health IT have shifted the majority of clinical records into electronic form to improve health care quality and cost efficiency. However, some of the savings must be spent on data security, as more records are now subject to attacks from hackers.

At a minimum, health care providers must comply with the federal Health Insurance Portability and Accountability Act (HIPAA) privacy rule, in effect for over a decade but strengthened in the 2009 law.

Beyond that, health care professionals will need to make ethical, practical and business decisions about what additional rules are needed for carefully handling personal health information. Patient privacy has been required ever since the Hippocratic Oath, when ancient doctors promised to keep patient information “sacred and secret within my own breast.” Though HIPAA covers traditional health care providers, many of the new data flows come from non-traditional and often unregulated sources.

Those wishing to use new forms of health data should consider the possible backlash and loss of trust if patients or the press decides a new practice is too “creepy,” or that patient data is used in unexpected ways. More generally, breaches of patient data or lack of patient trust could greatly inhibit widespread adoption of new and life-saving technologies. Few of us would trust our psychiatrist or other therapist if we thought a transcript of the session was going to be broadcast widely. The new users of health care data must thoughtfully predict what practices will succeed in gaining and retaining patient trust.

Encouraging life-saving technologies, while protecting privacy and security, are important to the nation, which devotes almost one-fifth of its economy to the health care sector. Finding best practices for this topic is especially important to our region, so Atlanta can continue to grow its leadership in the information technology of health care.

Annie Antón has written about software compliance with HIPAA and is chair of the School of Interactive Computing at Georgia Tech. Peter Swire is a privacy expert at the Georgia Tech Scheller College of Business and senior counsel at Alston & Bird LLP. Information about International Data Privacy Day in Atlanta is available at

Information about International Data Privacy Day in Atlanta is available at

Reader Comments ...

Next Up in Opinion

Opinion: Educational fraud continues

Earlier this month, the 2017 National Assessment of Educational Progress, aka The Nation’s Report Card, was released. It’s not a pretty story. Only 37 percent of 12th-graders tested proficient or better in reading, and only 25 percent did so in math. Among black students, only 17 percent tested proficient or better in reading, and just...

Facebook users’ privacy expectations are naive and disingenuous The object of Facebook is to connect members to their “friends,” to provide a format to share and expose the most intimate details of their lives. Facebook members post their photos and videos. They lament about romances. They post recipes and tout products they use and...
Opinion: Paul Ryan is the ultimate party man

The mistake about Paul Ryan, the one that both friends and foes made over the years between his Obama-era ascent and his just-announced departure from the House speakership, was to imagine him as a potential protagonist for our politics, a lead actor in the drama of conservatism, a visionary or a villain poised to put his stamp upon the era. This Ryan-of-the-imagination...
Opinion: Remembering Barbara Bush, grieving mother

My mother and Barbara Bush were contemporaries. Despite coming from very different backgrounds — daughter of a Kansas farmer and daughter of a New York City businessman — they had a common experience, a very human link. It’s a sad connection that I suspect also has many a woman feeling fondly toward Bush, who died Tuesday at 92. Both...
Opinion: Foes of renewable energy increase risk of climate catastrophe

Peter Thiel, Facebook investor and Donald Trump supporter, is by all accounts a terrible person. He did, however, come up with one classic line about the disappointments of modern technology: “We wanted flying cars, instead we got 140 characters.” OK, now it’s 280, but who’s counting? The point of his quip was that while we&rsquo...
More Stories