Risk
11/16/2011
01:49 PM
Connect Directly
RSS
E-Mail
50%
50%

Patients Have Security Concerns On Data Sharing

New report by PwC reveals what consumers think about data sharing, privacy and security, online consultations, social media in healthcare, and more.

Health IT Boosts Patient Care, Safety
(click image for larger view)
Slideshow: Health IT Boosts Patient Care, Safety
Consumers are concerned about the privacy and security of their health data, but most are comfortable having their health information shared among healthcare providers if doing so would improve their care, according to a new report.

In a recent PwC Health Research Institute online survey of 1,000 consumers, when asked to select the purposes for which they would be comfortable having their health data shared among healthcare organizations, 60% said for improving coordination of their care; 54% said for supporting real-time decisions in their care; 36% said to support analysis of doctors' performance; and 29% said to provide data to identify groups or patients at risk for health issues.

While consumers are warming up to the idea of having their medical data shared among healthcare providers, that doesn't mean consumers aren't concerned about the privacy and security of that data.

In fact, 30% of consumers said that if cost, quality, and access were equal among choices, they'd be swayed to select one hospital over another if one had clearer privacy and security policies.

[A data security issue that healthcare organizations often overlook is employees accidentally granting access to the network. See P2P Networks Expose Healthcare Data to Identify Theft.]

Besides security and privacy, among the other considerations some consumers said they'd weigh in choosing a healthcare provider included the ability to consult online with doctors (28%) and if a facility used e-health records (17%). Only 5% said they'd pick a hospital because it had a social media presence, such as having a blog, or using Twitter, FaceBook, or YouTube to engage patients.

Other health IT-related matters are woven into many of what likely will be next year's top health industry issues, according to the report by PwC Health Research Institute, a research and advisory unit of PriceWaterhouseCoopers LLC.

For instance, IT will play an integral role in the various new alliances emerging between healthcare providers and payers that are focused on population-health-oriented reimbursement plans, such as accountable care organizations, shared savings models, and bundled payment models. Data integration and the ability to share data will be crucial for these efforts, said the PwC report.

Also, the report suggests that "organizations, regardless of plans for integration or partnering, should evaluate a href="http://www.informationweek.com/news/healthcare/security-privacy/231903007">data mining, informatics, and data-sharing capabilities as the need for effective population health continues to grow."

Finally, drug shortages likely will worsen in 2012, affecting patients, providers, pharmaceutical manufacturers, and researchers alike, predicts PwC. The FDA reported 178 separate incidents of drug shortages in 2010, and the shortages are expected to increase into 2012.

"Real-time drug inventory systems can help manufacturers anticipate patient demand and minimize reliance on gray market vendors," said the report. "Drug manufacturers with strong governance and communication policies will be able to respond quickly and aggressively when shortages do occur."

The new InformationWeek Healthcare supplement explains how the most astute healthcare providers are putting those billions of dollars in federal stimulus funds to productive use. Download the supplement now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Lisa Henderson
50%
50%
Lisa Henderson,
User Rank: Apprentice
11/17/2011 | 8:24:07 PM
re: Patients Have Security Concerns On Data Sharing
I didn't realize that pharmaceutical companies or drug manufacturers didn't have real-time drug inventory systems. If Wal-Mart can have it, why not for the drug supply? So interesting.

But definitely, patient education and reassurance for healthcare data and their records is only going to increase. A huge public education effort must be in the future.

Lisa Henderson, InformationWeek Healthcare, contributing editor
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5619
Published: 2014-09-29
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame.

CVE-2012-5621
Published: 2014-09-29
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.

CVE-2012-6107
Published: 2014-09-29
Apache Axis2/C does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVE-2012-6110
Published: 2014-09-29
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

CVE-2013-1874
Published: 2014-09-29
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.