As more and more medical information is shared on mobile devices and cloud-based services, a research team from Dartmouth is researching ways to safeguard that personal data.
A decade ago, medical records were just beginning to be stored electronically instead of filed in cabinets. Nowadays, doctors and patients routinely exchange emails with photos or lab results. It’s even possible for a smart phone to monitor your heart rate and send that information directly to your doctor’s phone. But how private is all this new cyber-information?
Not very, worries Dartmouth computer scientist David Kotz.
“Now with these mobile technologies people can use these computing devices pretty much anywhere so that means that we are collecting information from more parts of your life, from more places in your life than you might have been comfortable having collected. So it raises a whole lot of privacy issues that we would certainly like to ameliorate,” Kotz said.
Kotz’s research team has been awarded 10 million dollars from the National Science Foundation to find ways to safeguard the confidentiality of personal health information in cyberspace.
For example, he says, they hope to come up with ways for IT professionals to manage the flow of information between doctors and patients so that the patient doesn’t have to be highly trained to access it
The five-year project will pilot secure information systems in several hospitals in New Hampshire, Maryland, Illinois, and Michigan. Paul Harrington, Executive Director of the Vermont Medical Society, applauds its objectives. But he also wonders if rapidly changing technology will outpace the time frame for the research.
“Hopefully what they’ll do is release their recommendations on an ongoing basis so that we can benefit from their initial findings and can take advantage of that as we develop new policies both within the physicians office and hospitals but also help inform the debate in various state houses and Washington,” Harrington said.
Currently, Harrington notes, there are some privacy protections written into law for patients, so that, for example, their medical records cannot be scanned by potential employers or even spouses.
But when that information migrates from desktops and laptops to the wider distribution network known as the “cloud,” it’s not so easy for a hospital or doctor’s office to keep it confidential, away from prying eyes or hackers.
The Dartmouth research team says it will share its suggestions in scholarly journals as the project proceeds, and also try to interest vendors in the systems it develops.