Katherine’s recent post on using EMR data to Market to patients got a lot of really interesting discussion about how this data should be used and if it’s ok to use the EMR data for marketing. The majority of comments were quite scared of the idea of EMR data being used for marketing. Most saw that their could be benefits, but saw it as a slippery slope and we should be careful going down that path. Most wanted an opportunity to opt out from such a policy.
Mark H. Davis offered a little different view in his comment about the need for privacy in this and other healthcare situations. Here’s what Mark said:
And now for a slightly different take…
I have no issues with my hospital using its knowledge of my health situation to provide me with targeted opportunities that might be beneficial. I see it as potentially a positive and proactive outreach. They will need to be sensitive in doing this, however, but in my region, the hospital system is pretty tightly woven into the community, anyhow, and would be rather affected by any backlash. And honestly, sometimes I feel like we make an overblown fuss about health data privacy just because everybody else is making a fuss about it, without stepping back and examining the actual impacts. For example, my mailman, with only slight observation, could easily deduce the health issues my wife, children and I have been treated for. The folks behind me in line at the drug store could do the same. Even most doctor’s offices I visit do a poor job of protecting privacy within the office itself. Just last week, I had to forcibly ignore the conversation taking place in an adjacent examination room. It was easily audible. Anyone who signs in at their PCP can see who has checked in earlier, for what doctor, for what time. Anyone who signs the pharmacist waiver form at the CVS can see who has signed in front of them. The prevalence of OTC meds makes it easier to tell what your fellow shoppers’ ailments are just by looking at their shopping cart. And somehow, we still co-exist. I’m not saying we shouldn’t protect ourselves against a massive data breach that could have dire consequences in the form of identity theft and other fallout. I’m just asking everyone to be honest about how serious they really are about privacy. It’s easy to pick on a hospital system without recognizing other areas where we turn a blind eye.
Mark does a great job articulating how many healthcare situations expose our healthcare data without any major issues. Yet, people tend to get far more worked up over the potential idea of an EMR data breach.
Certainly I’m not advocating for reckless behavior when it comes to healthcare data and securing it properly. We need to make a thoughtful effort to ensure that patient data is kept secure and private. However, let’s be reasonable in our expectations about what’s possible and reasonable.