A View from the CLOUD: Are Privacy and Transparency on a Collision Course or Two Sides of the Same Coin?

“Privacy, security, and transparency are not separate issues but three axes of the same core dilemma.”

Gary L. Thompson

Can privacy kill? Although we can likely scour recent news to find cases where leaked information at Facebook has led to some unfortunate outcomes, this question is particularly vital in the realm of health information.  The paper-based paradigm discussed in my first guest post at Health Standards has implications far beyond the efficiency of information in the healthcare system. It cuts right to the heart of how and why we use health information in the first place.  We use it to make current and future patients better.

In a presentation at the TEDxAustin conference in February, I described one such current patient, Maureen, my wife, and her fight with breast cancer. My wife and I drove to Houston in early 2009 after her cancer reoccurred, and we were carrying her health identity on a DVD. Since we were driving this information on a flimsy disk in our car, there is no doubt about it, it was private. But, in our case, we needed to get this vital health information into the hands of M.D. Anderson (Cancer Center).

In our case, privacy meant that Maureen’s health information was not visible (or transparent) to the team of oncologists and pathologists at M.D. Anderson as quickly as we needed it to be, so that a diagnosis could be rendered swiftly and a course of treatment commenced immediately.  Privacy, without necessary (and user-controlled) transparency, can indeed be the difference between life and death. Her information was made private not just because of HIPAA and the privacy rule but because the information was trapped in analog form in the physical media of the DVD.  The PET/CT scan on the DVD was digital, but the DVD may as well as have been an old form mammogram on film.

Such managed transparency is not only vital to current patients but to future ones as well.  Researchers around the globe are busy in the labs right now working on cures to cancer and many other diseases. Future patients will be made better by these cures, thus it is vital to move this research to completion as quickly as possible.  Unfortunately, our current approach to privacy on the Internet leads to obstacles as these researchers attempt to find participants for these vital clinical trials.  Because of the physical geography of healthcare and our current approaches to privacy, critical health information is just not transparent enough.

It appears privacy and transparency are on a collision course.  Based on the limitations of a health IT trapped in the physical geography of healthcare, this is indeed true, however, a CLOUD-enabled Internet looks at things differently. CLOUD takes a data-centric view rather than a document-centric one. EHRs are not just confined by paper-based thinking, but they are equally challenged by painting our health information on a whole canvas, a canvas that includes not only our personally identifiable information but large palettes of our data, too.  If we atomize data down to its smallest parts (WHAT I Am) and then separate it from our PII (WHO I Am), then suddenly privacy and security are architected into the guts of the Internet, and the current collision course can be averted.

By expanding our frame of reference beyond the 2 dimensions of paper (analog or digital), privacy, security and transparency are no longer on the same plane. Our canvas expands, and what was once intractable now becomes straightforward. Data in the CLOUD is not only more accessible, but it is simultaneously more private, secure, and transparent. When my oncologist needs my information, I can let them know it’s mine (without anymore of those silly HIPAA forms to sign on the clipboard), and when a researcher needs to target a promising cutting-edge therapy to as wide a population as possible, they can do that, too.

As our investments in the digitization of electronic health records continues and accelerates, we must get the privacy and security model right so that we don’t perpetuate the problem we had with the health data on Maureen’s DVD, a situation that not only affects her as a current patient but harms future patients as well.

Gary Thompson is Co-Founder and CEO of CLOUD, Inc. (www.cloudinc.org), a non-profit technology standard consortia founded in March 2009 and based in Austin, Texas.

Prior to CLOUD, Gary has been involved with numerous startups, all of which push the leading-edge of their industries, including his most recent role as founding VP of Sales and Marketing of Kimbia, Inc., a Web 2.0 online fundraising company for Giving Power™.  Gary also served in several sales management capacities at Apple, Inc. over two decades during the John Sculley and Steve Jobs’ eras. His responsibilities covered corporate accounts, education and Apple’s reseller channels from the first color Macintosh to the iPhone.

Former Governor Bush appointed Gary to the eGovernment Task Force for the State of Texas in 1999 and was reappointed by Governor Perry to the Texas Online Authority until 2004.  Gary’s education includes a BA from Northwestern University, an MBA from the Kellogg School of Management and a JD, University of Texas School of Law.  Gary is deeply involved in the Austin community, having participated in the Leadership Austin Essential Class of 2004-2005 and currently serving as Board President for the local chapter of the Leukemia and Lymphoma Society.

Gary has been blessed by 21 years of marriage to Maureen, his wife, and is father to Taylor (12), Kyla (9.5) and Katelyn (7). They live west of Austin, TX.