Patients data protection is a high priority for governments and IT vendors. Many projects were delayed or banned because of the security issues. Electronic Health Record (EHR) project in Germany discussed for years eventually was reduced to the modest health insurance cards data set not accessible for patients.

Patients data protection is crucial: Accenture estimates that one in 13 patients – roughly 25 million people – will have personal information, such as social security or financial records, stolen from technology systems over the next five years.

Healthcare apparently is going through the cycle that industries such as finance, retail or manufacturing went through decades ago. Nevertheless, almost everybody nowadays has at least once or twice tried online transactions ordering goods or services over Amazon, eBay or other internet platforms. For many, it is the only purchasing option.

What makes Healthcare so special and what can stand behind the security concerns?

 Once I happened to attend a patient in the Intensive Care Unit (ICU) in one of the respectable hospitals in Munich, Germany. A person was initially treated in neurological department and delivered to ICU after cardio surgery. Noticing a computer in the room I have asked the attending nurse if it was possible to see this patient’s data. “Sure “, she said clicking on the screen. The SAP system showed me the standard data set: name, gender, age, etc., plus everything that was performed and captured in ICU. Knowing that SAP system scales all over the hospital I have assumed that doctors in ICU may be curious to see what initially had happened to the patient before he was brought to them. “Is it possible to see the patient’s history from here? “, I have politely asked the nurse. “Theoretically yes, but practically not. Our doctors do not like to share patient’s data, they prefer to owe them all.” Seeing my bewildered expression, she added: “if something goes wrong, who would like to flag it?”

It seems that physicians in the hospital I have visited are not unique. Still we see silos of isolated IT systems in many hospitals. And this is not just the technical interoperability issue. This problem can be solved. Fears of being blamed if something goes wrong are still deeply rooted in the medical culture. According to the National Centre of Biotechnology Information (NCBI) resources evidence suggests that actual disclosure rates of errors in hospitals were as low as 6%. Physician’s concerns over disclosing medical errors due to ensuing litigations was also confirmed by NCBI study of 276 randomly selected doctors.

The conclusion was the following: “Most doctors in this study would not disclose medical errors although they perceived that the errors were serious and felt responsible for it. Poor disclosure could be due to fear of litigations and improper mechanisms/procedures available for disclosure”.

Security concerns are often disguising purely pragmatic and commercial interests. Thus, according to Pew Internet & American Life Project study “nearly one in three doctors said they withheld medical treatment from patients if the services weren’t covered by health insurance”. So, for example, if there is a new medication coming out that potentially can cure a patient better, your doctor is at risk of prescribing it because the health insurance does not have this medication on the list of the drugs it is bound to finance.

The reluctance to share data especially with patients can have purely phycological reasons deeply rooted in paternalistic medical culture: patients are considered simply not worthy to be informed about procedures related to their own health. Thus according to Forbes two-thirds of doctors, members of SERMO, the leading ‒ if not the largest ‒ social network exclusively for physicians, were reluctant to share health data with patients, because “Full access also means generating questions for which there is no time to lecture the patient”.

One of the comments, supported by several physicians, went even further:” The records remain private property of the physician who generated it for the care of the patient. If the patient doesn’t like that fact then they can go elsewhere”

What patients think about sharing their data?

There is always a trade-off between security and comfort, between safety and ability to help. Patients are apparently prioritising care and willingness to help others over security and data protection. They are willing to share their feedbacks on treatment outcomes, the way the disease is progressing, their own personal data, because they believe such assistance can improve care and support innovations.

Thus, according to the Rock Health study “80 percent of respondents would share their health data if it meant getting improved care, while more than half said they’d share it for medical research purposes”.

A survey of 2,125 PatientsLikeMe members showed that 94% would be willing to share their data to help doctors improve care; 94% would be willing to help other patients like them; and 92% would be willing to share to help researchers learn more about their disease.

Desire to learn from each other is another incentive for patients to share their health data especially with those who successfully coped with the same disease. The study published by Annals of Internal Medicine analysed the blood glucose control of 120 Afro-American diabetic patients, the latter being randomly divided into three groups. The first group has received the usual care from their doctor; those from the second one was offered up to $200 if they could improve their glucose control over time; patients from the third group were assigned as mentors to fellow patients who managed to control their diabetes.

After six months, the only group of patients who had significantly improved their blood sugar control was the group with peer mentors.

The altruistic yarning to help their peers inspires patients to create their own communities. Platforms, e.g., PatientsLikeMe or Webicina not only are giving people a soothing feeling that they are not alone in their sufferings but provide invaluable life experience of those millions who, when properly analysed, can suggest new and efficient ways of therapy.

The demand for patients facing IT as user-friendly patients’ portals, personal health records and mHealth applications is high. Thus, Kaiser Permanente,  an institution that has used portals for over a decade, reports that as of the third quarter of 2015, about 70% (5.2 million patients) of eligible adult members registered to use its My Health Manager patient portal.

Conclusion

When you suffer from anxiety and pain your first priority is to get help. Patients know this and thus are willing to share their data hoping to improve care, support research and  promote innovations. Security concerns should not be underestimated, but after all it is a technical and policy issues that can and should be solved. However, there are many psychological and behaviour problems deeply rooted in medical culture and structure that are disguised under the security umbrella. Fears of litigations, career damages, financial restrictions still dominate over the desire to capitalize on mistakes, promote new treatments and improve  patients care. Until these barriers exist the flow of information across  care, detrimental for diagnostics and innovations, will be hindered under all sorts of pretexts, with numerous data protection acts being the main of those.