Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and Security Workgroup: Summary of Big Data Public Hearings February 9, 2015 Deven McGraw, chair Stan Crosley, co-chair.

Similar presentations


Presentation on theme: "Privacy and Security Workgroup: Summary of Big Data Public Hearings February 9, 2015 Deven McGraw, chair Stan Crosley, co-chair."— Presentation transcript:

1 Privacy and Security Workgroup: Summary of Big Data Public Hearings February 9, 2015 Deven McGraw, chair Stan Crosley, co-chair

2 Agenda 2 PSWG Workplan Scope Key Themes Topics to Discuss Data Security in Health Big Data Review: Consent Discussion Backup Slides Topics Previously Discussed Summary of Hearing Testimony Key Themes and Topics in Depth Future Topics

3 Privacy and Security Draft Workplan MeetingsTask December 5, 2015 Virtual hearing – big data and privacy December 8, 2014 Virtual hearing – big data and privacy January 12, 2015 Big data and privacy in health care January 26, 2015 Big data and privacy in health care February 9, 2015 Big data and privacy in health care February 10, 2015 Joint HITPC/HITSC Meeting; review draft Interoperability Roadmap; PSWG tasking February 23, 2015 Begin discussion of relevant sections of draft interoperability roadmap HITPC Meeting March 10, 2015 Tentative Date to Present Initial Health Big Data Findings to the HITPC PSWG WorkplanScopeKey ThemesSecurityTransparency

4 Scope 4 In scope: Privacy and security issues – concerns and potential barriers to progress/innovation Potential harmful uses (related to privacy) Out of scope: Data quality/data standards Non representativeness of data? Shouldn’t try to resolve this from the standpoint of increasing “representativeness” of data but should be considered in discussion of harmful uses PSWG WorkplanScopeKey ThemesSecurityTransparency

5 Key Themes 5 1.Concerns about tools commonly used to protect privacy A.De-identification B.Data Security in Health Big Data C.Patient consent v. norms of use D.Transparency E.Collection/use/purpose limitations 2.Preventing/Limiting/Redressing Harms 3.Legal Landscape A.Gaps or “under” regulation B.“Over-” or “mis-” regulation PSWG WorkplanScopeKey ThemesSecurityTransparency

6 Topic: Data Security in Health Big Data 6 Panel Testimony and Discussion Panelists: Andrei Stoica – IMS Health, VP of Global Systems Development and Security Denise Anthony – Dartmouth College, Vice Provost for Academic Initiatives, Professor of Sociology Ryan Andersen – Milliman, Director of SaaS Format: 5 min each for testimony Question and answer period – 45 minutes PSWG WorkplanScopeKey ThemesSecurityTransparency

7 Review: Consent Overview Consent issues within the HIPAA Framework To date discussions have focused on research uses and whether HIPAA and Common Rule requirements appropriately advance innovation and the learning health system while building trust/protecting individuals (patients, consumers) – Low risk research – should this be acceptable without consent and without an IRB waiver? How does this get determined (see subsequent slides) – Consider role of transparency in place of consent when coupled with “appropriate use” definitions, particularly for observational research or health care operations Are there other use cases within HIPAA that need further discussion? (How much of this universe do we need to take on?) 7 PSWG WorkplanScopeKey ThemesSecurityConsent

8 Review: Consent Overview Consent issues outside of the HIPAA Framework (but how much can we borrow from HIPAA for policies in this environment?) Should consent requirements attach to those uses and disclosures that are outside of what should reasonably be expected given the context? – Do people understand enough of this context? Is there a risk-based framework for policies in this context as well? Data that relates to health is an ever-expanding list – poses challenges to placing more stringent requirements on sharing of “health” data 8 PSWG WorkplanScopeKey ThemesSecurityConsent

9 Review: Consent Overview Overarching issues for both environments: Concerns about all in or all out – doesn’t give people much in the way of choice – Policy environment and technological capabilities may not be mature enough to enable granularity How can consents be persisted across environments? (for example, HIPAA to non-HIPAA and back again…) Related question: when/how does it get collected? Consent puts burden on individual, so it can’t be the sole or primary protection in either environment; at the same time, it should enable individuals to do what they want to with data – including broad data sharing, if that is their preference 9 PSWG WorkplanScopeKey ThemesSecurityConsent

10 Review: Consent Recommendations Research uses in the HIPAA environment: Re-iterate/refine initial recommendation for ANPRM: for re-use of clinical or claims data to “contribute to generalizable knowledge,” no need to obtain consent, as long as entity in control of data uses and fair information practices are implemented (for example, security, minimum necessary, etc.). – Any caveats to this? (what are higher risk vs. lower risk use cases? Personal v. non-personal impact?) – How to implement – through guidance on waivers or change to regulation? [Placeholder for other HIPAA use cases] 10 PSWG WorkplanScopeKey ThemesSecurityConsent

11 Review: Consent Recommendations Non-HIPAA Environment: When should consent be required? (note that edge cases may be easier to define; middle ground may be more difficult) – Based on type of use/disclosure Can “research” uses be prioritized, assuming research is being done “for generalizable knowledge” (e.g., same definition used in HIPAA and in the Common Rule) – Based on higher “privacy” risk – for example, personal v. non-personal impact; level of sensitivity of the data?) – Based on identifiability of the data? Should HIPAA standards apply here? – Based on commercial/profit use? (can we rely on HIPAA sale of data definitions? – Disclosure outside of initial environment vs. internal uses – is this a worthwhile distinction for consent purposes? 11 PSWG WorkplanScopeKey ThemesSecurityConsent

12 Review: Consent Recommendations Non-HIPAA Environment: Follow Fair Information Practices – not just rely on consent. Conditional consents – should at least be clear to individual so they understand the “terms of the deal” – Should these be disallowed under any circumstances, and if so, what? 12 PSWG WorkplanScopeKey ThemesSecurityConsent

13 Review: Consent Recommendations Considerations for both HIPAA and non-HIPAA environments: Granular consents: – Desirable but are policies and technical capabilities mature enough to accomplish? Persisting consent across environments 13 PSWG WorkplanScopeKey ThemesSecurityConsent

14 Background 14

15 Topic: Consent - Concerns 15 Valued tool for protecting privacy and individual autonomy but: Difficult to obtain informed consent up front for future, valuable big data uses and re- uses Some secondary uses may be unexpected (for example, in data analytics models where the data surface the hypotheses) May be impossible for large scale studies Even allowing opt-out may skew results Lays burden for privacy on individual May work best when not over-utilized (for example, not requiring for “expected” uses) Policy tension with the tech landscape (technologies to enable are evolving but policies may not reflect technical capabilities). See TSSWG meeting slides on consent. standards-workgroup standards-workgroup When is transparency a better strategy for engaging individuals than seeking their individual consent, or even allowing opt-outs? PSWG WorkplanScopeKey ThemesSecurityConsent

16 Topic: Consent - Recommendations 16 Regulators should evaluate policies governing research uses of health data to determine when/under what circumstances such research uses can be pursued under individual engagement models not confined to opt-in specific authorization of a particular research use. Presume research is defined as is currently done in HIPAA and the Common Rule: “systematic investigation….intended to produce generalizable knowledge” [check wording] Consider whether secondary (with TPO not considered a secondary use) use of information introduces additional risk for individual, depending on context: Is research being done in a controlled environment? Internal vs. external? Are there limitations on who is permitted to see the information, and how much information is exposed (identifiability)? Is research intended for public benefit? (Is the research definition itself sufficient to impose this limitation?) Are there reasonable security protections for the data? Could be accomplished through changes in regulation or guidance under existing regulations But could still have problem of varying interpretations by individual institutions, IRBs PSWG WorkplanScopeKey ThemesSecurityConsent

17 Topic: Consent - Recommendations 17 Regulators and industry should explore/pursue/implement technology options that enable choice when it is required to be obtained. Downstream restrictions coupled with consent provenance. Transparency to individuals about actual data uses – whether for identifiable or de- identified data – is key, particularly in circumstances where choice is not provided or is more limited. [what action/what actors?] PSWG WorkplanScopeKey ThemesSecurityConsent

18 Health Big Data Opportunities & the Learning Health System Testimony 18 Must embed learning into care delivery; we still do not have answers for a large majority of health questions Key points: 1.Sometimes there is a need to use fully identifiable data 2.It is not possible to get informed consent for all uses 3.Impossible to notify individuals personally about all uses 4.Can’t do universal opt-out because answers could be unreliable 5.There is likely a standard that could be developed that determines “clearly good/appropriate uses” and “clearly bad/inappropriate uses” Focus on: 1.Minimum necessary amount of identifiable data (but offset by future use needs) 2.Good processes for approval and oversight 3.Uses of data stated publicly (transparency) 4.Number of individuals who have accessed to data minimized (distributed systems help accomplish this) When we use identifiable data, we must store it in highly protected locations – “data enclaves”


Download ppt "Privacy and Security Workgroup: Summary of Big Data Public Hearings February 9, 2015 Deven McGraw, chair Stan Crosley, co-chair."

Similar presentations


Ads by Google