Risk
11/16/2011
01:49 PM
Connect Directly
RSS
E-Mail
50%
50%

Patients Have Security Concerns On Data Sharing

New report by PwC reveals what consumers think about data sharing, privacy and security, online consultations, social media in healthcare, and more.

Health IT Boosts Patient Care, Safety
(click image for larger view)
Slideshow: Health IT Boosts Patient Care, Safety
Consumers are concerned about the privacy and security of their health data, but most are comfortable having their health information shared among healthcare providers if doing so would improve their care, according to a new report.

In a recent PwC Health Research Institute online survey of 1,000 consumers, when asked to select the purposes for which they would be comfortable having their health data shared among healthcare organizations, 60% said for improving coordination of their care; 54% said for supporting real-time decisions in their care; 36% said to support analysis of doctors' performance; and 29% said to provide data to identify groups or patients at risk for health issues.

While consumers are warming up to the idea of having their medical data shared among healthcare providers, that doesn't mean consumers aren't concerned about the privacy and security of that data.

In fact, 30% of consumers said that if cost, quality, and access were equal among choices, they'd be swayed to select one hospital over another if one had clearer privacy and security policies.

[A data security issue that healthcare organizations often overlook is employees accidentally granting access to the network. See P2P Networks Expose Healthcare Data to Identify Theft.]

Besides security and privacy, among the other considerations some consumers said they'd weigh in choosing a healthcare provider included the ability to consult online with doctors (28%) and if a facility used e-health records (17%). Only 5% said they'd pick a hospital because it had a social media presence, such as having a blog, or using Twitter, FaceBook, or YouTube to engage patients.

Other health IT-related matters are woven into many of what likely will be next year's top health industry issues, according to the report by PwC Health Research Institute, a research and advisory unit of PriceWaterhouseCoopers LLC.

For instance, IT will play an integral role in the various new alliances emerging between healthcare providers and payers that are focused on population-health-oriented reimbursement plans, such as accountable care organizations, shared savings models, and bundled payment models. Data integration and the ability to share data will be crucial for these efforts, said the PwC report.

Also, the report suggests that "organizations, regardless of plans for integration or partnering, should evaluate a href="http://www.informationweek.com/news/healthcare/security-privacy/231903007">data mining, informatics, and data-sharing capabilities as the need for effective population health continues to grow."

Finally, drug shortages likely will worsen in 2012, affecting patients, providers, pharmaceutical manufacturers, and researchers alike, predicts PwC. The FDA reported 178 separate incidents of drug shortages in 2010, and the shortages are expected to increase into 2012.

"Real-time drug inventory systems can help manufacturers anticipate patient demand and minimize reliance on gray market vendors," said the report. "Drug manufacturers with strong governance and communication policies will be able to respond quickly and aggressively when shortages do occur."

The new InformationWeek Healthcare supplement explains how the most astute healthcare providers are putting those billions of dollars in federal stimulus funds to productive use. Download the supplement now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Lisa Henderson
50%
50%
Lisa Henderson,
User Rank: Apprentice
11/17/2011 | 8:24:07 PM
re: Patients Have Security Concerns On Data Sharing
I didn't realize that pharmaceutical companies or drug manufacturers didn't have real-time drug inventory systems. If Wal-Mart can have it, why not for the drug supply? So interesting.

But definitely, patient education and reassurance for healthcare data and their records is only going to increase. A huge public education effort must be in the future.

Lisa Henderson, InformationWeek Healthcare, contributing editor
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4973
Published: 2014-09-23
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call.

CVE-2014-5392
Published: 2014-09-23
XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference.

CVE-2014-6646
Published: 2014-09-23
The bellyhoodcom (aka com.tapatalk.bellyhoodcom) application 3.4.23 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6647
Published: 2014-09-23
The ElForro.com (aka com.tapatalk.elforrocom) application 2.4.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6648
Published: 2014-09-23
The iPhone4.TW (aka com.tapatalk.iPhone4TWforums) application 3.3.20 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Best of the Web
Dark Reading Radio