In Defense of Online Medical Records
Sharing sensitive information online has become commonplace. Having easy access to important info, such as financial information, provides people with unprecedented convenience. Unfortunately, it also introduces the risk of private data falling into the wrong hands. Credit cards and account numbers are strictly protected, but hackers are often successful at finding ways around the safeguards that are in place.
Now, there is an increasing effort for private medical records to be shared in a similar fashion. With significant data hacks in the news day in and day out, is it wise to digitize patients’ private medical information? After all, it’s one thing for a cyber criminal to damage a credit score and quite another for someone to steal info about a person’s every ailment.
First, it is important to consider the benefits of sharing electronic medical records between hospitals and doctors’ offices. Doctors with easier access to records are able to more accurately diagnose symptoms and prescribe the best remedies. Minimizing the use of paper charts can streamline the daily routine of healthcare professionals and provide crucial efficiencies. The collective data can even be used to track the spread of flu and other outbreaks. Patients can even access their own records online at their convenience.
It is clear that the benefits outweigh the risks for the government and the healthcare industry. Healthcare Information Exchange (HIE) networks have already been proposed or developed at various levels. The federal government has initiated the Nationwide Health Information Network, and many states are developing similar networks. The healthcare industry is also exploring solutions. Each new launch faces the same challenges—protecting patients’ privacy while providing access to those who need it, and grappling with tremendous amounts of data.
HIE networks must be secure, but they must also be useful. Existing security solutions fail to deliver an efficient way to deal with the avalanche of data that is involved in healthcare. Professor Yuzhe (Richard) Tang of the College of Engineering and Computer Science has been awarded a Cyber Research Institute (CRI) grant to fund his research project, “Optimizing Privacy-Preserving Analytics in Information Networks.” He is investigating optimization techniques to provide access to valuable data and analytics and put it all to use in a practical and secure manner.
“Facilitating such secure data exchange will open up new big-data applications,” says Tang. “I deeply appreciate the CRI and Syracuse University for their support on this research that helps build practical secure systems to enable cross-institution data exchanges.”
Tang’s work will enable privacy-preserving data analytics in HIE networks and encourage more widespread adoption by streamlining or eliminating the need for time-consuming organizational reviews that are currently required to establish trust between different healthcare organizations. In addition, Tang’s technology will provide big-data computing that makes these large-scale information networks operate effectively.
Once his research is complete, Tang anticipates open-sourcing his technique and collaborating with regional and state-wide health information networks to facilitate the application and adoption of privacy-preserving multi-domain analytics in real-world information networks.
Despite the risks, it is clear that medical records will join sensitive financial information on the web in the near future. Cybersecurity experts like Tang will be key to tapping into this data for the good of patients’ health, and keeping this private information secure.