International Law impacting big data analytics in healthcare

Big data analysis on health care data promises improved care for patients, even improved outcomes for patients and lower the cost of health care delivery (HIPAA Journal, 2019). However, it also poses serious concerns on the fronts of patient privacy and security. Personal identifiable data from patient can result in discrimination while providing health care. For instance, insurance providers can set the premium high or even deny service based on the risk associated with patient’s historical medical data (2019). Although de-identification of patient’s data is mandated by HIPAA law, but non-HIPAA entities are not required to follow the law which means no accountability of re-identification using advanced computing techniques from other sources like social media and so on (Pond, 2018).

In order to comply by HIPAA laws, Trinidad (2018) suggested to appoint confidentiality and security officers to enforce HIPAA laws and regulations in the given health care organization, conduct regular risk assessment to fix loopholes, strict rules on the use of smartphones and laptops to restrict storing and imaging of patient’s data, rigorous employee training plans, protocol in the event of breach and HIPAA violation for swift action and remedy, and arrange valid agreements of protection in the event of breach and violation. There are also some state laws which preempt the HIPAA regulations to protect their residents from discrimination due to certain medical conditions like mental illness, HIV/aids etc. (Savage, 2018). On the other hand, veterans are required to release their medical records which has lead to cases with high rates of discrimination owing to certain medical conditions (2018).

The European Union’s mandated General Data Protection Regulation (GDPR) encompass not only hleath care industry but all venues such as social media, small businesses etc., thus empowers end-user to get their copies of data directly from companies (Savage, 2018). HIPAA is supposed to offer the same service since 2000 to have a uniform and reliable set of rules and regulations, which currently are not (2018). GDPR empowers EU residents to request deletion of all their personal data without specifying any reason while HIPAA does not offer this (Mooney, 2018).

References:

Mooney, G. (2018). Is HIPAA compliant with the GDPR. Retrieved from https://blog.ipswitch.com/is-hipaa-compliant-with-the-gdpr

Savage, L. (2018). To bring health information privacy into the 21st century look beyond HIPAA. Retrieved from https://www.healthaffairs.org/do/10.1377/hblog20180702.168974/full/

Trinidad, A. (2018). Healthcare and Big Data: HIPAA Violations and how to prevent it. Retrieved from https://datafloq.com/read/healthcare-big-data-hipaa-violations-protect-it/3634

Pond, E. (2018). The fight for patient privacy under big data analytics. Retrieved from https://www.hipaajournal.com/healthcare-big-data-privacy-and-security-workgroup-gives-preliminary-report-8029/

HIPAA Journal (2019). Healthcare Big Data: Privacy and Security Workgroup gives preliminary report. Retrieved from https://www.hipaajournal.com/healthcare-big-data-privacy-and-security-workgroup-gives-preliminary-report-8029/