Advances in artificial intelligence have created new threats to the privacy of health data, a new UC Berkeley study shows.
The study, led by professor Anil Aswani of the Industrial Engineering & Operations Research Department (IEOR) in the College of Engineering and his team, suggests current laws and regulations are nowhere near sufficient to keep an individual’s health status private in the face of AI development. The research was released today on JAMA Network Open.
In the work, which was funded in part by UC Berkeley’s Center for Long-Term Cybersecurity, Aswani shows that by using artificial intelligence, it is possible to identify individuals by learning daily patterns in step data (like that collected by activity trackers, smartwatches and smartphones) and correlating it to demographic data. The mining of two years’ worth of data covering more than 15,000 Americans led to the conclusion that the privacy standards associated with 1996’s HIPAA (Health Insurance Portability and Accountability Act) legislation need to be revisited and reworked.
“We wanted to use NHANES (the National Health and Nutrition Examination Survey) to look at privacy questions because this data is representative of the diverse population in the U.S.,” Aswani says. “The results point out a major problem. If you strip all the identifying information, it doesn’t protect you as much as you’d think. Someone else can come back and put it all back together if they have the right kind of information.”
“In principle, you could imagine Facebook gathering step data from the app on your smartphone, then buying health care data from another company and matching the two,” he explains. “Now they would have health care data that’s matched to names, and they could either start selling advertising based on that or they could sell the data to others.”
Aswani makes it clear that the problem isn’t with the devices, but with how the information the devices capture can be misused and potentially sold on the open market.
“I’m not saying we should abandon these devices,” he says. “But we need to be very careful about how we are using this data. We need to protect the information. If we can do that, it’s a net positive.”
Though the study specifically looked at step data, Aswani says the results suggest a broader threat to the privacy of health data. “HIPAA regulations make your health care private, but they don’t cover as much as you think,” he says. “Many groups, like tech companies, are not covered by HIPAA, and only very specific pieces of information are not allowed to be shared by current HIPAA rules. There are companies buying health data. It’s supposed to be anonymous data, but their whole business model is to find a way to attach names to this data and sell it.”
Aswani says he is worried that as advances in AI make it easier for companies to gain access to health data, the temptation for companies to use it in illegal or unethical ways will increase. Employers, mortgage lenders, credit card companies and others could potentially use AI to discriminate based on pregnancy or disability status, for instance.
“Ideally, what I’d like to see from this are new regulations or rules that protect health data,” he says. “But there is actually a big push to even weaken the regulations right now. For instance, the rule-making group for HIPAA has requested comments on increasing data sharing. The risk is that if people are not aware of what’s happening, the rules we have will be weakened. And the fact is the risks of us losing control of our privacy when it comes to health care are actually increasing and not decreasing.”
The Latest on: Health data privacy
via Google News
The Latest on: Health data privacy
- Health officials: Person with measles visited Google headquarters on April 17, 2019 at 5:32 pm
Citing patient privacy laws, health officials said no additional information about the cases could be provided. Ehrhardt said the county health department conducts contact investigations when ... […]
- "Medicare for All" giving health-care industry stocks the chills on April 17, 2019 at 3:17 pm
Health care companies' shares slumped this week after ... after the Cambridge Analytica scandal revealed unprecedented sharing of user data, Facebook still struggles with privacy issues Here's a look ... […]
- National effort urged to overhaul ‘broken’ health data system on April 17, 2019 at 2:06 pm
Our system for protecting health data in the United States is fundamentally broken and we need a national effort to rethink how we safeguard this information, say three experts in data privacy. In a ... […]
- How Bonbouton’s Connected Insoles Track Health And Keep Data Secure on April 17, 2019 at 7:23 am
Though it’s difficult to comply with these regulations, Bonbouton must do so to protect patients’ data and privacy, and to enable IoT expansion in the healthcare space. IoT Healthcare In The Connected ... […]
- Study: Health care industry worst at protecting consumer data, federal government is best on April 17, 2019 at 7:01 am
I'm very fearful of what this portends," said the 60-year-old health-information privacy attorney from Germantown, Maryland. Holtzman has put credit freezes on his accounts, remains vigilant about ... […]
- Five Tech Trends From HIMSS 2019 That Are Transforming Health Care on April 17, 2019 at 4:37 am
The HIMSS (Healthcare Information and Management Systems Society ... the ability of organizations to observe and exchange sensitive data, allowing for greater privacy and critical protection against ... […]
- Can Regulating Wearables Protect Data Privacy? on April 16, 2019 at 1:14 am
However, as IoT continues to proliferate in more industries and use cases, concerns about data privacy have quickly followed ... How Bonbouton’s Connected Insoles Track Health, While Keeping Data ... […]
- Third-Party Vendors Behind 20% of Healthcare Data Breaches in 2018 on April 15, 2019 at 12:54 pm
and privacy are not getting any simpler and are not likely to slow down.” A recent Baker & Hostetler report found the healthcare sector is the most impacted by healthcare data breaches. […]
- Patent filings hint at Apple's potential move into managing healthcare records on April 15, 2019 at 9:31 am
The healthcare sector remains in flux as policy ... be a dig at competitors Facebook and Google as those companies face scrutiny over consumers’ data privacy. Looking at what Apple did for the online ... […]
- Last year healthcare had more cybersecurity breaches than any other industry — and it will likely intensify on April 15, 2019 at 8:46 am
The repercussions are costly: When breaches expose sensitive information, HIPAA privacy rules are violated — and health systems have to pay up. The US government doled out a new high of $26 million in ... […]
via Bing News