Google has a history of walking into different sectors and acquiring mass amounts of data, but its most recent acquisition of the Ascension hospital network meant they had just bought the health records of millions of Americans. But should Google legally be allowed the buy health details without the patient’s consent?
Although some people may think this is an issue faced only by the US, the reality is there are multiple NHS and private agencies that have access to and utilise people’s data on a daily basis. A lot of the time this is done without informing front-line healthcare professionals or the patients themselves. Without a patient’s awareness of who is using their data, it becomes exceptionally difficult to track companies’ actions and ensure they are using the data appropriately.
All of this raises some serious privacy concerns, especially due to the personal and sensitive nature of the data. One of the major problems when tackling privacy issues is the uncertainty around who actually owns the data. It’s often owned by doctors or hospitals, but it can also be large organisations, it’s rarely the patient themselves. So, when a data-holding organisation is acquired, patient data can be part of the deal meaning a new entity has control over health records without the patient ever having known.
The only reason the Google case gained so much media attention is because it was a global multinational whose actions are always tracked. However, this is happening all the time, it’s just not always considered newsworthy. In this new, digital era, it’s time authorities have stronger and clearer digital rights to protect people’s data from abuse.
Take the Wheel
Surely the patient should be the owner of their own data? They should have the right to control who has access and restrict access to companies or people that they trust. At the very least, people should know how their data is being used.
Blockchain technology has the potential to bring greater security to data and protect patient’s sensitive data. It is an immutable form of data storage where granted access needs to be given. For example, a London based company, Medicalchain has begun creating a health passport that is held in a secure app called ‘MyClinic’. The platform utilises Medicalchains blockchain technology. This allows patients to immediately retrieve their health records and communicate directly with customers.
Dovetail is another company that develops software utilising blockchain technology that restricts patient healthcare records to only be shared once consent is given. This provides patients with visibility and control over their data using explicit consent to drive data sharing.
Both of these revolutionary technologies gives data ownership back to the patients and allows them to have full control and visibility into who has access to their data. Patients can track every time their information is being utilised and by who and companies will only be able to access data once the patient has granted them access.
Clearly, data is a very valuable asset and highly sought after by many businesses. Recent developments in Artificial Intelligence (AI) require mass amounts of data to provide valuable insights. So, should data be up for sale? Could patients have the potential to sell their own data if they wish to? If anyone was to benefit from the sale of people’s data, surely it should be the individuals whose data it is, rather than large organisations. It may be a while until this comes into fruition, but as soon as companies are seeing restricted access to data via mergers and acquisitions then they will have to come to the source.
The digital landscape is adapting so quickly, and data is becoming highly sought after. To respond to these changes we need to implement stricter regulations that will protect people from data buyouts. Alongside this, people need to take an authoritative role when it comes to their data.