talkhealth Blog

Danny

Can I trust you to keep a secret?

3 May 2012

Posted in ,


In this article, Danny Lieberman talks about the importance of trust and privacy in our healthcare interactions.

pri·va·cy/ˈprīvəsē/

The state or condition of being free from being observed or disturbed by other people.

The state of being free from public attention

When it comes to healthcare information, there have always been two circles of trust – the trust relationship with your physician and the trust that you place in your healthcare provider/insurance company/government health service.

With social networks like Facebook, a third circle of trust has been created: the circle of trust between you and your friends in the social network.

Patient-doctor privacy

When we share our medical situation with our doctor, we assume we can trust her to keep it private in order to help us get well. Otherwise – we might never share information regarding thoses pains in in the right side over our abdomen, and discover after an ultrasound has been done, that our fatty liver is closely related to imbibing too many pints of beer and vodka chasers with the mates after work – when you have been telling the missus that you are working late at the office.

Healthcare provider – patient privacy

When we share medical information with our healthcare provider, we trust their information security as being strong enough to protect our medical information from a data breach. Certainly – as consumers of healthcare services, it’s impossible for us to audit the effectiveness of their security portfolio.

With our healthcare provider, revealing personal information depends on how much we trust them and that trust depends on how good a job they do on information security, and how effectively they implemented the right management, technical and physical safeguards.

If you’re not sure about the privacy, trust and security triangle, just consider Swiss banks.

Privacy among friends

Millions of people and their friends have online healthcare interactions – asking doctors questions onlines, sharing experiences in forums, interacting with doctors using social media tools like blogs and groups and of course – asking Dr. Google.

When we share medical information with our friends on Facebook/Google+ or Twitter we trust them to keep it private.

Trust between 2 people interacting (whether its face-to-face or on Facebook) is key to sharing sensitive information, since it mitigates or eliminates the damage of unexpected disclosure.

Let’s illustrate this principle at work with a  short story.  Perhaps something like has happened to you!

Larry interacts with his lawyer Sarah regularly, once a week or more. It’s a professional relationship, and over time, Larry and Sarah gain each others trust, and in addition to contracts and commercial terms and conditions, the conversations encompass children, career and life. Larry knows Sarah is divorced and is empathetic to the challenges of being a full-time mother and corporate lawyer. Come end of year, Larry sends Sarah a box of chocolate wishing her a successful and prosperous New Year. Sarah’s 14 year old daughter, who is pushing her to start dating again, sees the gift package and draws conclusions that Mom has a new beau. Sarah now has to go into damage control mode with a teenage daughter. It may take Larry a long time to regain the trust of his colleague after his little faux pas. This is literally the damage of unexpected disclosure of private information.

Unlike a healthcare provider, on Facebook we only interact with our friends.

In our interactions with our healthcare provider, we can get discharge reports, access a Web portal for medical history, schedule visits and order lab tests etc. These are interactions unrelated to the personal relationship with our physician. The data in these interactions is regulated by governments and secured by healthcare provider information security organizations.

Your healthcare provider’s business model requires them to protect your health information from disclosure.

In our digital interactions on Facebook or Twitter,  there is no organizational element to the security, trust and privacy equation only the personal element. This is because your Gmail, tweets and Facebook conversations are the content that drives Google, Twitter and Facebook advertising revenues.

Social media business models require them to distribute as much of your content as possible.

So, is there a reasonable solution to ensure private healthcare interactions on social networks?

The answer,  I believe, lies in getting back to the dictionary definition of privacy, and creating a private social network for healthcare that enables you, your doctor and family to “be free from being observed or disturbed by other people”.

And that is a topic for another article.

In the meantime – love your friends and trust them!

 

  

Danny

Danny Lieberman is the authority in applying threat analysis to Governance, Risk, and Compliance (GRC) in healthcare. He is a sought-after speaker, prolific blogger on healthcare technology, and advisor on software security and privacy compliance issues to healthcare and medical device vendors. He is passionate about Pathcare: the private social network for a doctor and her patients. Danny is a solid-state physicist by training, professional programmer by vocation and avid amateur saxophonist and biker.

Tags , ,

Posted in healthcare, parkinson's disease

0 Comments — add yours

Add a comment

Your email address will not be published. Required fields are marked *