Health Articles
Few things are as personal as medical data. In fact, from a physical standpoint, your medical data is the definition of who you are. With the development of connected health and electronic records, more and more medical data is stored in remote servers owned and operated by governments or corporations, which raises concerns about the security measures around the storage of the data as well as how this data is used and shared, with or without the patient’s consent.
In the US, personal medical data is regulated by The Health Insurance Portability and Accountability Act of 1996 (HIPAA). The HIPAA sets rule not only for the safety of the data, but also for conditions under which the data may be shared with other systems and guarantees the right of the patient to access his or her own data and file a complaint if he or she believes the data has not been handled appropriately. The HIPAA is enforced by the Office of Civil Rights at the US Department of Health and Human Services.
In the European Union, there is no standard common to every member for the protection of medical data specifically, only general regulations regarding the safety of personal data.
While privacy is a right for citizens, enforcing standards that are too strict may also have unforeseen drawbacks. As Computer World reported in 2009, mining data in electronic health records can have great benefits for public health, such as comparing symptoms to identify patients that might be suffering from diseases that are notoriously hard to diagnose. Privacy protection rules that re too stringent may prevent such data mining and result in severe complications for patients later along the road. The remedy in this case is not to make the rules more lax for patient data storage, but rather to set standards that are widely shared between systems and allow for comparing data from several records without invading the privacy of individuals.
What about Withings and privacy? The Withings IT systems have been audited by the French agency in charge of protecting citizen privacy and found to have adequate security. In addition, we do not share our customers’ data with anyone. Withings users however, as you probably know, may take the initiative to share their readings with other users or with some of Withings partners, such as Lose It! or Runkeeper. Withings privacy statement can be read here.
What’s your opinion on medical data and privacy? Do you feel that your personal information is secure enough? What would you be willing to share to help public health initiative?
