Risk
11/16/2011
01:49 PM
50%
50%

Patients Have Security Concerns On Data Sharing

New report by PwC reveals what consumers think about data sharing, privacy and security, online consultations, social media in healthcare, and more.

Health IT Boosts Patient Care, Safety
(click image for larger view)
Slideshow: Health IT Boosts Patient Care, Safety
Consumers are concerned about the privacy and security of their health data, but most are comfortable having their health information shared among healthcare providers if doing so would improve their care, according to a new report.

In a recent PwC Health Research Institute online survey of 1,000 consumers, when asked to select the purposes for which they would be comfortable having their health data shared among healthcare organizations, 60% said for improving coordination of their care; 54% said for supporting real-time decisions in their care; 36% said to support analysis of doctors' performance; and 29% said to provide data to identify groups or patients at risk for health issues.

While consumers are warming up to the idea of having their medical data shared among healthcare providers, that doesn't mean consumers aren't concerned about the privacy and security of that data.

In fact, 30% of consumers said that if cost, quality, and access were equal among choices, they'd be swayed to select one hospital over another if one had clearer privacy and security policies.

[A data security issue that healthcare organizations often overlook is employees accidentally granting access to the network. See P2P Networks Expose Healthcare Data to Identify Theft.]

Besides security and privacy, among the other considerations some consumers said they'd weigh in choosing a healthcare provider included the ability to consult online with doctors (28%) and if a facility used e-health records (17%). Only 5% said they'd pick a hospital because it had a social media presence, such as having a blog, or using Twitter, FaceBook, or YouTube to engage patients.

Other health IT-related matters are woven into many of what likely will be next year's top health industry issues, according to the report by PwC Health Research Institute, a research and advisory unit of PriceWaterhouseCoopers LLC.

For instance, IT will play an integral role in the various new alliances emerging between healthcare providers and payers that are focused on population-health-oriented reimbursement plans, such as accountable care organizations, shared savings models, and bundled payment models. Data integration and the ability to share data will be crucial for these efforts, said the PwC report.

Also, the report suggests that "organizations, regardless of plans for integration or partnering, should evaluate a href="http://www.informationweek.com/news/healthcare/security-privacy/231903007">data mining, informatics, and data-sharing capabilities as the need for effective population health continues to grow."

Finally, drug shortages likely will worsen in 2012, affecting patients, providers, pharmaceutical manufacturers, and researchers alike, predicts PwC. The FDA reported 178 separate incidents of drug shortages in 2010, and the shortages are expected to increase into 2012.

"Real-time drug inventory systems can help manufacturers anticipate patient demand and minimize reliance on gray market vendors," said the report. "Drug manufacturers with strong governance and communication policies will be able to respond quickly and aggressively when shortages do occur."

The new InformationWeek Healthcare supplement explains how the most astute healthcare providers are putting those billions of dollars in federal stimulus funds to productive use. Download the supplement now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Lisa Henderson
50%
50%
Lisa Henderson,
User Rank: Apprentice
11/17/2011 | 8:24:07 PM
re: Patients Have Security Concerns On Data Sharing
I didn't realize that pharmaceutical companies or drug manufacturers didn't have real-time drug inventory systems. If Wal-Mart can have it, why not for the drug supply? So interesting.

But definitely, patient education and reassurance for healthcare data and their records is only going to increase. A huge public education effort must be in the future.

Lisa Henderson, InformationWeek Healthcare, contributing editor
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.