In this first part of a series devoted to demystifying patient privacy, Danny Lieberman, founder of Pathcare, the private social network for doctors and patients, challenges our assumptions about the actual damage of patient data loss.
Patient data loss is a lot like planes disappearing in the Bermuda Triangle – no one really knows where the planes disappeared to, since the people on the planes never came back to tell the story. The same way we talk about patient data loss and never really consider how you can “lose” patient data and whether it can be “returned”.
The Bermuda Triangle, also known as the Devil’s Triangle, is a region in the western part of the North Atlantic Ocean where a number of aircraft and surface vessels are said to have disappeared under mysterious circumstances. Popular culture has attributed these disappearances to the paranormal or activity by extraterrestrial beings. See http://en.wikipedia.org/wiki/Bermuda_Triangle
One of the more interesting oxymorons in the information security industry is the term “Data loss”.
Oxymora appear in a variety of contexts, including literary oxymorons crafted to reveal a paradox. http://en.wikipedia.org/wiki/Oxymoron
The paradox of data loss is that you can’t really lose data. You can have an unauthorized network transfer of data or lose a copy – but the data itself is never lost.
You can copy patient data sets from one host machine to another host machine. You can copy data from network storage to a flash drive and lose the flash drive when it falls out of your pocket walking on the street, or you can lose a hard copy paper report of patient data while traveling on the train to work. This is more of a case of preventing employee stupidity than preventing data loss.
There is only one case where data is really lost and that is a hard disk crash with no backup. In this day and age of highly reliable disk drives, disk controllers and cloud backups, it’s a rare event; I challenge you to remember the last time you had data totally lost due to a hardware crash with no backup at all. If you have professional information security support in your hospital or medical practice – you won’t be losing data due to hard drive crashes.
I can see 4 scenarios where there is a paradox with patient data loss – that is to say, patient data that was copied from Point A to Point B and no detectable damage was incurred. If no damage was incurred then why are we concerned?
For the sake of discussion, we’ll continue to use the impossible term of “data loss” instead of “data copied somewhere” which seems to be confusing.
We challenge the widely held notion that a patient data loss event is damaging to patient privacy and will show with concrete examples that data loss is not always an event with real damage to patient privacy.
Patient data that was really lost
A hospital employee carries paper records with PHI and forgets his briefcase with the papers on the train. If no one can find the data, it follows that there was no breach of privacy, is there? The HHS is concerned for sure – but it is a security event with zero impact.
Patient data that was probably lost
A healthcare provider discovers during their yearly security audit that 9 months previously, patient data records were file transferred on a high numbered back port to an unidentified server in cyberspace which didn’t exist at the time of the security audit. If no one knows what was done with the data, it is impossible to calculate the impact of the data breach after the fact. (Note that the HIPAA Security rule opens with item §164.308(a)(1)
Security Management Process §164.308(a)(1)(ii)(a) – Conduct an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information.
Read about the Tao of risk management and you will understand that an accurate and thorough assessment of threats and potential damage will lead you to cost-effective patient data security countermeasures.
Patient data disclosed to a unauthorized person for the right reason
A nurse gives a caregiver patient data (the patient is the girl friend of the caregiver) in order to help the caregiver monitor medication and compliance with the treatment plan. Legally – this is a patient data privacy breach – but practically, it’s good medicine and good medical ethics since the data is in good hands and for a good cause.
Crowdsourcing patient data for a cure
A patient has a cancer and doctors are pessimistic about a cure. The patient open-sources all of his medical records on the Internet. This is the approach that Italian engineer Salvatore Iaconesi took when he was told that the only option was high risk brain surgery with limited chances of success.
Iaconesi took all of his private medical records, reformatted them, and published them online, asking for the opinions of as many experts as he could possibly find.His website – Open Source Cure– attracted 200,000 visits in it’s first month (September 2012). Open Source Cure enabled Salvatore to discuss his options with more than 40 doctors and medical experts from around the world, and consulting with his doctors, use several different techniques that should give him a better shot at a recovery.
“I’m happy that a situation that was unlucky for me has turned into an opportunity to understand how to use technology, science and human goodwill in a collaborative way,” says Salvatore. “I would like to see it ending with me coming out of hospital with my cancer cured, but I don’t expect anything. It is just good that a large amount of people are taking into account the possibility that there are other ways to do things.”
You can lose a digital or hard printed copy of data but you don’t lose the data. It’s still there.
As a matter of fact – one of the biggest challenges in data governance is storing too much data – and we’ll talk about the dangers of storing too much data in the next installment of this series of articles on the oxymora of patient data loss.
Cross-posted from Pathcare