Survey: Healthcare Organizations Lack Confidence in Secure Data Sharing

Dec. 7, 2015
According to a new survey, the demand for access to health data is outpacing the ability of organizations to ensure patient privacy. A survey conducted by Privacy Analytics found that more than two out of three healthcare organizations lack complete confidence in their ability to share data without putting patients’ privacy at risk.

According to a new survey, the demand for access to health data is outpacing the ability of organizations to ensure patient privacy. A survey conducted by Privacy Analytics, a de-identification technology vendor, found that more than two out of three healthcare organizations lack complete confidence in their ability to share data without putting patients’ privacy at risk.

The survey, conducted in collaboration with the Electronic Health Information Laboratory, a group that conducts theoretical and applied research on the de-identification of health information, also indicated that despite organizations’ lack of confidence, data sharing activities continue to grow.

The survey, called The State of Data Sharing for Healthcare Analytics 2015-2016, polled 271 professionals with various levels of seniority in their organizations, from the C-suite level to managers and employees. One in three individuals surveyed identified as being responsible for privacy and compliance in their healthcare organization, and another 23 percent work in the IT department. Others surveyed identified themselves as researchers, clinicians, project managers, analyst and consultants.

More than half of the respondents of the survey said they plan to increase the volume of data stored or shared within 12 months and two-thirds currently release data for secondary use. And, secondary use of health data applies to protected health information (PHI) that is used for reasons other than direct patient care, such as data analysis, research, safety measurement, public health, payment or provider certification.

Health records are the leading type of data being stored or shared, followed by medical claims data, trial data, survey responses, membership/enrollment and device data.

The survey findings indicated that individuals lack familiarity with advanced methods of de-identifying data, and, as a result, these individuals release information that has been stripped of its usefulness or share data in a way that puts them at an unacceptably high risk of a breach, the survey authors reported.

And, most organizations use data sharing approaches that can result in unknown data privacy compliance and increased risk, as 75 percent of respondents reported that their organizations use approaches such as data-sharing agreements, data masking or Safe Harbor methodology.

According to the survey authors, these approaches do not adhere to globally accepted data sharing guidelines, including those from Health Information Trust Alliance (HITRUST), the Institute of Medicine (IOM), and the Council of Canadian Academies. Although Safe Harbor is recommended by regulators, it represents a minimum standard for de-identification that can leave data vulnerable to a breach.

While there is currently no universal standard for the de-identification of protected health information (PHI), efforts to create a framework are underway. HITRUST recently released a de-identification framework, which organizations can use when creating, accessing, storing or exchanging personal information.

The survey found that nearly half (48 percent) of respondents cited patient re-identification as a key challenge. Additional challenges include low staff knowledge on managing data safely, low staff knowledge of data sharing practices and tools, cost concerns and lack of organizational policies.

Sponsored Recommendations

Ask the Expert: Is Your Patients' Understanding Putting You at Risk?

Effective health literacy in healthcare is essential for ensuring informed consent, reducing medical malpractice risks, and enhancing patient-provider communication. Unfortunately...

Beyond the Silos: Transforming Coordinated Care Across Healthcare Systems

Coordinated healthcare is vital to delivering a high-quality patient experience, yet it has been difficult to systematize across all healthcare settings. Although it has largely...

The Healthcare Provider's Guide to Accelerating Clinician Onboarding

Improve clinician satisfaction and productivity to enhance patient care

ASK THE EXPERT: ServiceNow’s Erin Smithouser on what C-suite healthcare executives need to know about artificial intelligence

Generative artificial intelligence, also known as GenAI, learns from vast amounts of existing data and large language models to help healthcare organizations improve hospital ...