Risk
11/16/2011
01:49 PM
50%
50%

Patients Have Security Concerns On Data Sharing

New report by PwC reveals what consumers think about data sharing, privacy and security, online consultations, social media in healthcare, and more.

Health IT Boosts Patient Care, Safety
(click image for larger view)
Slideshow: Health IT Boosts Patient Care, Safety
Consumers are concerned about the privacy and security of their health data, but most are comfortable having their health information shared among healthcare providers if doing so would improve their care, according to a new report.

In a recent PwC Health Research Institute online survey of 1,000 consumers, when asked to select the purposes for which they would be comfortable having their health data shared among healthcare organizations, 60% said for improving coordination of their care; 54% said for supporting real-time decisions in their care; 36% said to support analysis of doctors' performance; and 29% said to provide data to identify groups or patients at risk for health issues.

While consumers are warming up to the idea of having their medical data shared among healthcare providers, that doesn't mean consumers aren't concerned about the privacy and security of that data.

In fact, 30% of consumers said that if cost, quality, and access were equal among choices, they'd be swayed to select one hospital over another if one had clearer privacy and security policies.

[A data security issue that healthcare organizations often overlook is employees accidentally granting access to the network. See P2P Networks Expose Healthcare Data to Identify Theft.]

Besides security and privacy, among the other considerations some consumers said they'd weigh in choosing a healthcare provider included the ability to consult online with doctors (28%) and if a facility used e-health records (17%). Only 5% said they'd pick a hospital because it had a social media presence, such as having a blog, or using Twitter, FaceBook, or YouTube to engage patients.

Other health IT-related matters are woven into many of what likely will be next year's top health industry issues, according to the report by PwC Health Research Institute, a research and advisory unit of PriceWaterhouseCoopers LLC.

For instance, IT will play an integral role in the various new alliances emerging between healthcare providers and payers that are focused on population-health-oriented reimbursement plans, such as accountable care organizations, shared savings models, and bundled payment models. Data integration and the ability to share data will be crucial for these efforts, said the PwC report.

Also, the report suggests that "organizations, regardless of plans for integration or partnering, should evaluate a href="http://www.informationweek.com/news/healthcare/security-privacy/231903007">data mining, informatics, and data-sharing capabilities as the need for effective population health continues to grow."

Finally, drug shortages likely will worsen in 2012, affecting patients, providers, pharmaceutical manufacturers, and researchers alike, predicts PwC. The FDA reported 178 separate incidents of drug shortages in 2010, and the shortages are expected to increase into 2012.

"Real-time drug inventory systems can help manufacturers anticipate patient demand and minimize reliance on gray market vendors," said the report. "Drug manufacturers with strong governance and communication policies will be able to respond quickly and aggressively when shortages do occur."

The new InformationWeek Healthcare supplement explains how the most astute healthcare providers are putting those billions of dollars in federal stimulus funds to productive use. Download the supplement now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Lisa Henderson
50%
50%
Lisa Henderson,
User Rank: Apprentice
11/17/2011 | 8:24:07 PM
re: Patients Have Security Concerns On Data Sharing
I didn't realize that pharmaceutical companies or drug manufacturers didn't have real-time drug inventory systems. If Wal-Mart can have it, why not for the drug supply? So interesting.

But definitely, patient education and reassurance for healthcare data and their records is only going to increase. A huge public education effort must be in the future.

Lisa Henderson, InformationWeek Healthcare, contributing editor
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.