Privacy Concerns Raised Over E-Patient Reports
By SwissInfo
By Christian Raaflaub
Fitness watches, navigation apps and discount cards are well-known means of tracking and monitoring specific user data. The Swiss government now wants patient information to also be compiled electronically and centralised, but concerns remain about data protection issues.
From the middle of next year, the government would like the first Swiss patients to have the option of opening an e-patient dossier. Fans of such electronic records say patients in Switzerland would then no longer have to hand over their personal data every time they move between different hospitals and health centres. Their e-patient medical records would contain everything that doctors, nurses and healthcare staff need to know in order to make decisions about healthcare and treatments.
“But the challenge will be to build a system that is as secure as possible so that the patient can decide who can access his data, and so unauthorized persons cannot use it,” Beat Rudin, the Data Protection Officer of canton Basel City, told swissinfo.ch. The canton currently runs a pilot project.
“Hackers are no longer just IT experts trying to break into computer systems – they are hacking for commercial reasons. In this respect, hackers are being given instructions to get hold of specific data,” he warned.
Over the past twenty years, transparency has become a buzzword as new technologies push citizens to hand over more and more personal data. But this development can raise unanticipated problems. Here is a brief overview.
Health data
Fitness watches, bracelets and mobile phone apps promise us better health. However, at the same time they are compiling data and sharing it with third parties – that is if you don’t do anything about it in your security settings. In an interesting development last year, Switzerland’s leading health insurance firm CSS announced a discount on annual private health schemes for those willing to hand over personal fitness data. Anyone using an electronic pedometer that sends data to the insurance company receives a discount of up to CHF150 ($150) a year on their premium – if they reach more than 10,000 steps a day.
“We often believe that things will get a little cheaper if we hand over data. The question of whether it really is cheaper if we complete 10,000 steps a day, or whether it becomes much more expensive if we don’t do them, needs to be looked into,” said Rudin, who is also president of Privatim, the Association of Swiss Data Protection Commissioners.
Location data
If you use a navigation device or app, you usually – depending on the settings – send information about your movements automatically to the manufacturer or to a third party. The same applies to mobile phones, cameras and video cameras with a GPS function. Hackers can use this information to recreate an individual’s precise movements.
“There is a danger that people can get hold of data that can be used against you. From your profile, they could find out where you normally go every Thursday evening. For example, perhaps no one might be at home,” said Rudin.
User data
The so-called ‘internet of things’ – connected smart devices – also hoovers up huge amounts of personal data. According to a recent report on Swiss public television, SRF, only one in three car owners realize that new vehicles are connected to the internet and transfer driver data to manufacturers. Many drivers only notice the improved technological security measures to combat theft.
“The main question is: who does this data belong to? To my car, to me, or does it belong to the manufacturer? Can the manufacturer claim responsibility for extracting the data, or even hand it over to the police? I should be able to choose which data I make available. Today, data is often processed without my agreement,” said Rudin.
