The Centers of Medicare and Medicaid Services (CMS) want to give you more access to your healthcare data. And they want to help third party companies get at it, too, according to an announcement earlier this month and a recent article from Stat News.
That might sound scary, especially since you’ve been hearing a lot about your data lately, in part thanks to Facebook’s Cambridge Analytica scandal. Especially because it’s your medical data, and what could be more personal than that?
But it’s actually not that bad an idea.
First, a little background. In your lifetime you’ve created a tremendously detailed cache of healthcare data. Checkups, dental procedures, medications, that one ER visit in college… all of this information is about your body and could be used to create a picture of your overall health.
There’s a catch: that data is stored in four different systems. And they don’t automatically share data with one another — your dentist’s office won’t send your records to your doctor’s office unless you ask. Lacking access to complete records increases the risk of unnecessary treatments and medical error.
In CMS’s vision, all that data would be available in a central location patients can access anywhere, anytime. The program, called MyHealthEData, would give care providers all that information so they could offer patients the best possible treatment, especially in emergencies.
The program goes one step further — it wants to hand this history over to third party companies as well. That could include medical researchers, health app creators, and pharmaceutical manufacturers. Sharing it could further medical research by providing scientists with data that is otherwise hard to access, leading to treatments that are more effective and better tailored to individual patients.
There are risks, of course. So much valuable data in one place is basically a bull’s eye for hackers. Government infrastructure has been the target of such attacks before, and they are likely to increase in the future.
One thing you at least don’t need to worry about? CMS intentionally sharing your data without your knowledge. Thanks, HIPAA (the Health Insurance Portability and Accountability Act of 1996 (HIPPA) established a national standard of health data protection and security measures which ensure your records can’t be shared without your consent)!
The ultimate result may be a healthcare ecosystem in which medical professionals, your devices, and patients themselves are better connected. A physician who can see data from a patient’s smartwatch, for example, might be better able to see the signs of a heart attack before it happens.
That kind of system is still a ways off. But to get there, we’ll need to pay close attention to who has access to all our medical records, and especially how those records can be protected. If we do it right, our lives will be the better for it. And if we don’t, well, hackers will auction off our medical data to the highest bidder. The stakes are pretty high.