By all accounts, the great majority of individuals who toil in medical offices, hospitals and pharmacies understand they traffic in exceedingly sensitive information. To a person, physicians, support staff, pharmacists and the technologists who coordinate electronic systems in their midst are eager to detail the steps they have taken — and continue to take on an ongoing basis — to ensure the sanctity of this information. They aim to treat it with as much respect as they do their patients themselves.
They have largely succeeded in these goals, as witnessed by the absence of anything resembling a Cambridge Analytica moment around the point of care (POC). Surging investment by pharma marketers also speaks to the steps stewards of the space have taken to secure it; were there even faint concerns about privacy or data security, marketers would likely flee en masse.
That said, for all the techno-diligence and good intentions of these individuals, point of care ranks among the most unsecurable channels in health. And with the increase in sophistication of facial-recognition and other potentially privacy-compromising technologies, it’s incumbent for POC networks to remain as focused on security as they currently are on transparency and campaign audits.
“At the point of care, you have all these different forms of digital health and digital media converging,” explains John Vaughan, general counsel and chief compliance officer at Outcome Health. “People have their Apple watches and other wearables. They do Google searches while waiting for the doctor. When you have these technologies in a place where there’s an expectation of privacy, you’re going to raise some concerns in the minds of the consumer.”
Craig Mait, president and chief revenue officer of Mesmerize, an out-of-home media network with a host of health clients, acknowledges that consumers are more attuned to those concerns than ever before. “It’s a very sensitive environment, and we’re very mindful of that,” he says. “Everybody needs to focus on running campaigns that are unintrusive and keep in mind people’s overall attitude toward the environment.”
One could even argue it’s unfair to drag POC networks into the debate: For instance, media companies with a sizable screen/signage presence in waiting and exam rooms, such as Outcome Health and Mesmerize, don’t compile personal information. Not to mention that the healthcare industry has long been a more zealous guardian of protected personal information than most others, both by regulation and choice.
“We have a general lack of privacy regulation in this country — there’s nothing like the GDPR [General Data Protection Regulation] in the EU — but healthcare is one of the exceptions. There are strong provisions built into HIPAA, which I think carry over into the way privacy is handled in physicians’ offices at least,” says David Linetsky, SVP, life sciences at Phreesia, which helps automate workflow at the point of care.
Linetsky acknowledges that Phreesia, which is embedded in physicians’ electronic health records (EHRs) and workflows, has a different sensitivity to privacy-related issues than many of the POC network companies. He notes these organizations are first and foremost media entities. “By and large, they haven’t really had to worry about privacy,” he says.
Still, Linetsky concedes the environments most closely associated with POC — doctors’ offices and hospitals — are only so securable. “If you’ve got a phone, you’re generating geospatial data,” he explains. “If you’ve just visited a virologist or an oncologist, or if you’re dealing with something around a sensitive condition, just the fact that somebody knows you were there can have privacy implications.”
Lee Tien, senior staff attorney and Adams Chair for Internet Rights at the Electronic Frontier Foundation, agrees. “It’s all about the location data,” he says. “We use our cell phones all the time and our cell phones are tracking devices. The ability to overlay raw location data with almost anything else is ridiculously powerful these days.”
That data can be used to tie together digital threads in a manner that makes accurate identifications emerge with minimal effort. “A person’s location trajectory is like an ID number, because everyone’s path is unique,” Tien explains. “Nobody goes to the exact same doctors I do, right? And that’s just one of the many highly individuating factors in the health world. You can pick up clues around people’s identities that you wouldn’t get in other sectors.”
Tien also brings up the possibility that increasingly accurate facial-recognition technology could infiltrate points of care in a manner not anticipated by patients and caregivers. “We have to take seriously that more and more of this [technology] will be deployed. When I hear, ‘Yeah, we’re not doing that,’ I always think that it’s going to be appended with a ‘yet.’”
When such tactics are brought up in conversations with individuals who work for POC networks, the general response is usually incredulity. These companies are almost certainly not going to risk their reputations — and, basically, their continued existence — on the benefits that can come from tracking individuals in such a surreptitious manner. These are good actors who have little inclination to proactively insert themselves into scenarios fit for an episode of Black Mirror.
We have to take seriously that more and more of this [facial-recognition technology] will be deployed.Lee Tien, Electronic Frontier Foundation
“Obviously we’ve seen a lot in POC over the last few years, but I just don’t see anybody opening themselves up to charges that they violated trust like this,” Mait says. “There’s no way the benefits could ever come close to outweighing the risks.”
So how can POC players address the current (and future) state of affairs? First and foremost, they can convey their privacy and information-security policies early and often, displaying them prominently in all POC settings and articulating them in simple, easy-to-parse language.
Specifically, companies should detail the steps they’re taking to stem any potential information leakage. In its Ethical Guidelines document, the Point of Care Communication Council (PoC3) specifies that member organizations must “handle confidential and protected health information professionally and comply (when applicable) to all relevant state and federal privacy laws including but not limited to HIPAA and HITECH [the Health Information Technology for Economic and Clinical Health Act].”
The industry must also be mindful that privacy is something of a moving target. After all, the information revealed during the Cambridge Analytica/Facebook contretemps was willingly shared by consumers in exchange for access to a host of Facebook services. It was only later the people who shared the information decided they weren’t happy about it; opinions changed as sensitivities around privacy of personal information intensified.
“The healthcare industry as a whole should always be engaging on this,” Vaughan says. “What does ‘right’ look like in the context of health in general and POC? We don’t have an answer to that and, honestly, we might not have one anytime soon.”