Healthcare isn’t immune to the need for privacy by design. Further, healthcare engineers and medical professionals are designing new data-collecting healthcare solutions faster than ever before.
How, for example, are you going to provide consent for access to the data being transferred from your swallowable diagnostic tool when you’re unconscious?
Such were the tough questions posed by the panelists on “Managing Emerging Technology in Healthcare,” a half-day workshop here on the first day of Privacy. Security. Risk. in Las Vegas.
Just think of the way, proposed Jazz Pharmaceuticals Head of Global Privacy Debra Bromson, that swallowables have changed. Initially, the devices were swallowed, took some pictures and then excreted out so that pictures could be analyzed. “Now,” said Bromson, “companies (like Proteus) are starting to embed in their pills sensors that tell how the drug is being absorbed, how it’s being used by your body and transmitting it directly to your doctor’s records.”
What happens if a hacker gets in the middle of that transaction?
Similarly, think about the new issues with 3D printing, offered Jim Koenig, CIPP/US, now a partner at Paul Hastings. Artificial shoulders used to be sculpted while the patient was on the operating table. Now, the doctors use imaging to create a model that can be 3D printed ahead of time.
What happens if you have to ship that image across borders to where the printer operates?
K Royal ran into an odd situation back when she was CPO at Align Technologies, maker of the Invisalign braces. “In China, we had to certify that we were not exporting DNA,” said Royal, who now heads up privacy at CellTrust. “Well, if we used a mold to make the braces, I couldn’t guarantee there wasn’t some DNA on there. I had to call up the Chinese and say, ‘I can’t SWEAR to you that there’s no DNA on this.’”
These are the kinds of new real-world issues that healthcare privacy pros are dealing with on a regular basis, and it is perhaps easy to see the need for getting information during the early portion of the product and service development process. Attendees were asked to walk through hypothetical situations posed by product developers to hone their chops in identifying where data might be collected and where consent might need to be collected.
And it’s vital that privacy pros make sure privacy issues don’t get in the way of the truly exciting medical progress these technologies represent, said Cynthia Snyder, CIPP/US, privacy officer at Premier. Things like wearables “represent a lot of capabilities here that could help us. It’s giving us a holistic view of the patient. Preventative healthcare is hugely important.”
That’s why thinking about, and discovering, privacy issues before a regulator sees them could literally be a case of life and death.
If you want to comment on this post, you need to login.