Hospitals Give Tech Giants Access To Detailed Medical Records (wsj.com) 21
An anonymous reader quotes a report from The Wall Street Journal: Hospitals have granted Microsoft, IBM and Amazon the ability to access identifiable patient information under deals to crunch millions of health records, the latest examples of hospitals' growing influence in the data economy. This breadth of access wasn't always spelled out by hospitals and tech giants when the deals were struck. The scope of data sharing in these and other recently reported agreements reveals a powerful new role that hospitals play -- as brokers to technology companies racing into the $3 trillion health-care sector. Rapid digitization of health records in recent years and privacy laws enabling companies to swap patient data have positioned hospitals as a primary arbiter of how such sensitive data is shared.
Microsoft and Providence, a Renton, Wash., hospital system with data for about 20 million patient visits a year, are developing cancer algorithms by using doctor's notes in patient medical records. The notes haven't been stripped of personally identifiable information, according to Providence. And an agreement between IBM and Brigham and Women's Hospital, in Boston, to jointly develop artificial intelligence allows the hospital to share personally identifiable data for specific requests, people involved in the agreement said -- though so far the hospital hasn't done so and has no current plans to do so, according to hospital and IBM officials. Microsoft executive Peter Lee in July described how his company would use Providence patient data without identifying information for algorithm development. In a December statement, he said patients' personal health data remains in Providence's control and declined to comment further. As for Amazon, the Fred Hutchinson Cancer Research Center, in Seattle, granted certain AWS employees access to health information that identifies individual patients. "The Hutch, a research institution with ties to hospitals, trained and tested Amazon Web Services software designed to read medical notes," the report says. "An AWS spokeswoman said it doesn't use personally identifiable data protected under federal privacy laws to develop or improve its services."
Microsoft and Providence, a Renton, Wash., hospital system with data for about 20 million patient visits a year, are developing cancer algorithms by using doctor's notes in patient medical records. The notes haven't been stripped of personally identifiable information, according to Providence. And an agreement between IBM and Brigham and Women's Hospital, in Boston, to jointly develop artificial intelligence allows the hospital to share personally identifiable data for specific requests, people involved in the agreement said -- though so far the hospital hasn't done so and has no current plans to do so, according to hospital and IBM officials. Microsoft executive Peter Lee in July described how his company would use Providence patient data without identifying information for algorithm development. In a December statement, he said patients' personal health data remains in Providence's control and declined to comment further. As for Amazon, the Fred Hutchinson Cancer Research Center, in Seattle, granted certain AWS employees access to health information that identifies individual patients. "The Hutch, a research institution with ties to hospitals, trained and tested Amazon Web Services software designed to read medical notes," the report says. "An AWS spokeswoman said it doesn't use personally identifiable data protected under federal privacy laws to develop or improve its services."
Damn commies! (Score:1)
Re: Damn commies! (Score:1)
Re: (Score:1)
The slide, stain, image of "cancer"
Count the pixel changes per image and get the "AI" to be as smart as any expert... rent the US educated AI back to the world..
A count of how many people per area size in the USA have a rare cancer going back years... clusters near a factory, base, port, farm...
Lots of ways the vast data sets can be used with no names but with the full "notes"
How is this even possible? (Score:5, Interesting)
Re:How is this even possible? (Score:4)
HIPAA does, and consent can't be buried on page 32 of a billing statement, either. This sounds like a good time for a lawuit.
Re:How is this even possible? (Score:5, Informative)
Re:How is this even possible? (Score:4, Funny)
I totally trust Google, Microsoft, Amazon, Facebook, Alibaba, etc with information. They're companies that hire qualified professionals that respect my privacy.
Re: (Score:3)
You need to put a bit more flair into satire for it to really bite.
All that needs to happen is medical records companies, need to be nothing else but medical records and be banned from selling any data, except compilation of results, as well as providing data to a medical practitioner only relating to the patient they are treating. Allowing marketing companies to have access to that data is corrupt as fuck.
Medical records should be a specialist only industry and those records locked down tight except for re
Re: (Score:2)
Medical records should be a specialist only industry and those records locked down tight except for regulated access.
This is not something that is universally understood. People say they have a "right to privacy" and that exposing personal medical information is a problem or even dangerous. But I've had difficulty getting a cogent reason why it is so important.
Ultimately most people accept capitalism as the system we operate under. What has changed is we've labeled a bunch of new things as commodities that can be bought and sold. Do we allow this or do we need to stop it. Is capitalism a system that must be applied to eve
Re: (Score:3)
This is not something that is universally understood. People say they have a "right to privacy" and that exposing personal medical information is a problem or even dangerous. But I've had difficulty getting a cogent reason why it is so important.
I don't think most people struggle with the concept of why they have a right to privacy to their medical information - discrimination. I don't even think I need to expound on that. But it's a double-edged sword, too, I think. If AI magically figures out that a person is at high-risk for a disease based on a sampling of meta-data and this leads to early prevention, that's great! But if my insurance goes way up because an AI says I'm high-risk for a disease based on statistic use of metadata with no proof of
Re: (Score:2)
Try buying medical insurance or life insurance outside of a corporate group plan. You'll find that you'll be required to have a medical exam, often all adults in your household will. There is already plenty of discrimination for preexisting conditions that we're apparently willing to accept in order to kill ObamaCare.
No AI required when we have just ordinary Human Intelligence consisting of insurance company staff writing policy terms and doctors performing the required exams. It's how insurance works, it's
Re: How is this even possible? (Score:3)
Specialist companies are worse at protecting your data. Typically they're not bound by many laws (on account of them being too small to qualify under tight regulation) and they can't afford the expertise.
Look at most small outfits, even in the healthcare world, dentists, phlebotomists, they're running outdated systems, don't have a tech person anywhere near and they regularly violate HIPAA but are simply too small for the OCR to pursue.
Re: (Score:2)
The caveat is they are only supposed to use the data for the business purpose laid out in the BAA, but there's not really any enforcement of that regulation, so it comes back to how much you trust those companies.
The lawsuits accusing them otherwise will indeed be the enforcement mechanism.
Re: (Score:2)
The caveat is they are only supposed to use the data for the business purpose laid out in the BAA, but there's not really any enforcement of that regulation, so it comes back to how much you trust those companies.
It comes back to how much you trust those companies not to be unbelievably stupid and self-destructive.
If it were to come out that one of the tech giants got medical data and sold it, or used it for advertising, or any other non-BAA purpose, not only would it generate piles of expensive lawsuits, it would generate a true shitstorm of bad PR leading to Congressional hearings that would motivate all sorts of legislation to crack down. Also, as I recall, there are some criminal penalties for misusing HIPAA
Re: (Score:3)
Didn't you read the summary? Microsoft and Amazon say they'll protect your data so HIPAA doesn't matter.
We have access to individual patient medical data but we won't monetize/abuse it. Super-secret pinky swear!
We further certify that we currently don't employ anyone that will access this data for personal reasons. We promise not to hire anyone that will!
And... the only other copy of this data is on Bob's laptop.
BTW: Your HIV test came back positive.
Wut? Public forum? Oops, sorry.
Re: (Score:1)
I thought HIPPA required the patient to sign off on ANY sharing of medical records.
Agreed.
Try to get treatment from any Dr, hospital, urgent care, ect. without granting them the right to share with "third parties" that assist them in a whole slew of things.
My wife without an explicit signoff, or medical POA can't get any info, but companies like these? Yep, here's all the things about this person.
Re: (Score:1)
Re: (Score:2)
HIPAA doesn't require you to sign to apply, it only requires that the provider make a best effort to get your signature. The paperwork they want you to sign is just a notice, not a contract.
Of course, your provider can't freely share your records, though it can use a subcontractor (business associate) to do some useful work for them. What's up in the air right now is whether or not using the records as training data for AI systems that then provide useful results back to the provider is acceptable.
Also up i
Fun Fun so how long will it (Score:2)
Just my 2 cents
Oath of Hippocrates (Score:2)