Patient Privacy At Stake in Health IT Boom

Published Online: Thursday, November 17, 2011

Advocates of technology-enabled, participatory medicine talk about the potential of “data liberation”—a phrase that describes the strategic sharing of data contained in electronic health records—to help patients, providers, and payers make more informed health care decisions. Supporters say unleashing actionable health information can improve quality of care and lower costs.

But as more pharmacies, hospitals, and insurers join the movement, a new survey finds most heath organizations aren’t prepared to deal with breaches of patient privacy that are a side effect of less restricted data. In September 2011, PricewaterhouseCoopers (PwC) interviewed 600 executives from US hospitals and physician organizations, health insurers, and pharmaceutical and life sciences companies and found that:

• 74% plan to expand their use of health data, but less than half have addressed related privacy and security issues.

• 55% have not addressed privacy and security issues related to the use of mobile devices, and less than 25% have addressed privacy implications of social media.

• Only 37% conduct privacy training that incorporates the appropriate use of social media and mobile devices.

• Over the past 2 years, 40% reported an incident of an internal party improperly using protected health information.

PwC’s analysts say health organizations’ efforts to protect patient privacy have not kept pace with rapid advances in technology and consumer behavior, such as the broader use of social networks and smartphones. “Health organizations need to update practices and adopt a more integrated approach to ensure that patient information doesn’t fall into the wrong hands,” they wrote.

In addition to defining policies for mobile devices, electronic health records, and social media, they called on health organizations to create a “culture of confidentiality.” According to the report, most data breaches are caused by internal parties mishandling patient records, not malicious hackers or opportunists seeking to benefit from protected health information.

To keep patients’ trust and protect their brand’s reputation, companies need to adopt “an integrated approach that combines privacy, security, and compliance within a culture where all employees see themselves as champions of confidentiality and where privacy is part of the patient experience,” said Peter Harries, head of health information and security at PwC.

To download a full copy of the report, visit

Latest Articles
A pharmacy robber not only left his fingerprints behind at a pharmacy—he also dropped his wallet containing his identification as he made his escape.
Janssen Research and Development LLC has submitted a new drug application to the FDA for canagliflozin and metformin hydrochloride extended release (Invokamet XR).
Treating chronic pulmonary obstructive disease with both inhaled corticosteroids and long-acting bronchodilators remains controversial, but new evidence suggests that this controller combination could reduce mortality risk.
Beverly Schaefer, RPh, of Katterman's Sand Point Pharmacy in Seattle, Washington, shares some fun tips on how to encourage patients who travel to come to your pharmacy for supplies.
Latest Issues