In many ways, technology has been a godsend for healthcare and medicine. There are long lists of the ways that technology has helped to advance medicine and healthcare, improving practices from record keeping to surgery. It is not, however, without its drawbacks—especially where patient privacy is concerned.
It was only a few years ago that we all thought that some simple encryption codes put on a Mac were all that were needed. Encryption would stump the hackers. Macs couldn’t get viruses. Done!
Unfortunately, this isn’t the case anymore and not just because hackers invented viruses that can get into Macs (if you haven’t set up any basic security, look into an antivirus for Mac download).
The Convenience Factor
The primary problem isn’t worrying about viruses or ransom ware, it’s privacy. Apps like MyChart and their competitors are great in terms of patient convenience but they can pose a serious threat to HIPAA and the laws that surround it (and there are many).
Patients aren’t the only ones who are clamoring for easier access to their medical records and histories. In March, we published an article that talked about how a “universal” medical record community or cloud could help reduce hospital admissions exponentially. The system would also help doctors and other rapid responders (like EMTs) in emergency situations. New York doctors are putting the idea into practice with many doctors and clinics opting in to the system (with patient permission, of course).
Casual Privacy Issues
Complicating matters further are wearable fitness and health technology devices. More and more people are hopping on to the Fitbit (and its knockoffs’) bandwagon. This matters because the Fitbit doesn’t just store information about how many steps you take each day. It stores information like sleeping patterns, pulse records, etc.
Earlier this year, Apple made waves when it announced that their new mobile OS will include a health monitoring and data sharing platform. The new platform would be able to store information like blood sugar and cholesterol levels, heart rate, etc. That information could then be accessed by health professionals who could use it to help with diagnoses or the development of treatment plans.
If it stopped there, it might be okay—patients being able to record their vitals during their daily routines would be incredibly helpful for doctors. The problem is that these platforms and devices can also share information with other apps and platforms and not all of those are going to be as heavily regulated as the medical and medical technology industries.
The FDA Stepping Back
The most problematic development is not with medical and health related tech and it is not with the different devices or the software that run them. It is with their regulation or, rather, the lack thereof.
According to iHealthBeat, the FDA has no plans to regulate medical device data systems—they think those devices are perfectly safe and secure. What’s more, they seem to think that imposing restrictions or regulations on these devices will hinder their ability to share information with other devices—the very issues that the patient privacy advocates have been worried about.
The FDA ruling does not negate any of the HIPAA regulations that are in place. It does, however, put the burden of compliance on to the doctor or clinic instead of on the device manufacturer. We can only hope that after going a little bit crazy with all of their new freedoms that most manufacturers and health tech developers will realize that it is better to work within HIPAA and other privacy regulations during device development. After all, if they don’t, how can they expect to sell any of their devices?