In the third of a three-part series on how technology is transforming healthcare, Greg McStravick, GM and Global Head, SAP Platform GTM, takes a look at the very real issue of medical data privacy and the risks of stockpiling high-value and highly personal data. While personalized medicine holds great promise, the hazards associated with extensive medical data stores are real. Find out more about technology and healthcare challenges and opportunities in parts one and two.
- Part 1: Personalized Medicine – Real Opportunities – And Real Challenges For Doctors
- Part 2: Personalized Medicine and Big Data: Opportunities And Pitfalls Of IT Innovation
Personalized medicine and the privacy risk
The use of genomic data to personalize healthcare takes many forms, involves multiple types of genetic information, and introduces varying levels of privacy risk. Most people agree that the goals of personalized medicine are noble: to customize healthcare such that all medical decisions, practices, and products can be tailored to the individual patient. To reap such benefits, however, researchers and medical providers must collect and analyze a patient’s genome along with other extensive molecular or cellular analysis. This necessitates gathering and storing personalized information including clinical, research, personal medical, social, and genomic data. The challenge with large stores of personalized medical data: the stores themselves become a target, for the same reason that retailers and banks – organizations holding a wealth of financial and personal data – often find their names in the headlines after their data has been hacked.
The inherent risk of stockpiling high-value data
Centralized databases of high-value information are ideal targets for hackers – and the concentrated, in-depth medical records required for personalized medicine are no exception. Personalized medicine, with its abundance of genomic profiles, biomedical measurements, and associated social and cultural factors, is an ideal candidate for data manipulation – and exploitation. So, yes, data privacy and security are real concerns. But does that imply that we shouldn’t move forward with personalized medicine? We must – but we need to do so in a thoughtful manner, one that applies best practices from other industries and uses safeguards to help minimize risk, while allowing the medical benefits to flourish.
The perception of privacy
Some argue that today personal privacy is just an illusion. Think about the apps on your phone that continually track your location, shopping habits, and communications. Every electronic transition is recorded. Every online keystroke, recorded. Highway FastPasses track your car’s movements. Millennials, having grown up with such technologies, see privacy as more theoretical than actual and tend to more easily accept tradeoffs between privacy and convenience. Therefore, it’s no surprise that they’re more likely than older generations to approve of sharing general health data. However, many in older generations still hold personal privacy as a core value, making them, as a group, less comfortable with sharing personal records beyond the primary care physician.
While most people feel comfortable with primary care doctors reviewing their medical history and information, they’re likely to react less positively to the idea of others – from employers to insurance companies to malicious hackers – accessing the same information. One safeguard that could help control access levels by user and situation is tiered privacy. A patient’s local medical clinic might be able to access his or her entire medical record, while a prospective insurer or national health information exchange would receive only generic, anonymized data.
One of the biggest challenges to data privacy is the lack of absolutes. Each individual perceives privacy differently, and our perceptions change with time and circumstance. No data is inherently private just because it discloses genetic information. Our laws, practices, and privacy technology must catch up to our needs, and the decisions they embody must be both sensitive and practical.
A thoughtful approach
Personalized medicine holds great promise, but the risk associated with extensive medical data stores is real. We need to develop deeply considered, pragmatic guidelines and robust technologies that determine how personal medical information is stored, accessed, and processed. We should make the most of established data privacy best practices and knowledge from other industries – such as governmental bodies and financial institutions. Ideally, a clear set of privacy guidelines and security rules will adequately safeguard and protect all personally identifiable medical data, while still allowing the flow of information needed for high-quality population-based testing, diagnosis, and treatment. The SAP Foundation for Health, for example, offers a secure technology platform that can scale to handle massive amounts of data – and a partner with experience in secure handling of sensitive data.
Balancing data privacy and healthcare advancements
The big question here is: how do we protect our genetic privacy and avoid any form of genetic discrimination, while still supporting critical health research and advancements?
Learn More About SAP Foundation for Health and Personalized Medicine
SAP is passionate about creating transformative technology that can advance healthcare. The SAP Foundation for Health includes a sophisticated platform and advanced analytic solutions that can help unlock the value of biomedical data – from genomes to electronic medical records to clinical trials. Supporting deeper insights and enabling collaboration, SAP Foundation for Health helps connect data silos and bring together mission-critical biomedical data, advancing personalized medicine to new levels.