Medical privacy and security in developing countries and emergency situations
This report is the result of research conducted by researchers at Privacy International, coordinated by the London School of Economics and Political Science. The report was commissioned by the International Development Research Centre.
New technologies such as mobile phones and electronic medical record (EMR) systems promise to transform the provision and management of medicine all over the world. In the U.S. alone, billions are being spent on information technologies for healthcare.
This eHealth revolution could be a boon for patient privacy if the right protections are built into new health information systems; however there are growing worries that privacy and security are being overlooked by designers rushing to deploy eHealth systems. In the UK, for example, there has been ongoing controversy surrounding the National Health Service's pursuit of a 'summary care record'. Or take the case of Germany, where the government recently suspended the national e-health card due to criticisms from doctors and experts about the security of data.
Our fear is that in many parts of the world already vulnerable patients might be inadvertently exposed to new risks through the introduction of inappropriate and insecure information technology. In the cases above, American, British and German societies are rife with patient groups, professional groups, regulators, interested politicians, and journalists who can hold government to account to ensure that the right decisions are made, and adequate protections are considered. But not every country has such rich deliberative processes.
In early 2010 we teamed up with the International Development Research Centre (IDRC) to identify the main privacy and security risks in the eHealth systems that are being deployed across different developing countries and in humanitarian operations (such as after a natural disaster). We focused on these environments because they are places where the legal rights and responsibilities for the protection of patient privacy are often lacking or hastily suspended, in spite of the many laudable privacy principles enshrined in international agreements and even national constitutions.
In these resource-constrained contexts privacy is often mistakenly viewed as a luxury – as a potential impediment to helping sick people get better. These regulatory and governance failures therefore demand that we develop a comprehensive strategy for ensuring that the privacy of patients is protected and that their medical data is adequately secured, no matter the jurisdiction or context. Providing effective healthcare and upholding patient privacy should not be seen as mutually exclusive objectives. With the right systems both goals can be achieved.
Organizations such as the IDRC recognize that strong privacy and security measures are absolutely essential to ensure that patients trust new eHealth systems. Without this trust, patients will forgo consultation and treatment – an outcome that benefits no one. Our final report on these issues captures the main findings from our research and engagement activities.
We recommend that those organizations sponsoring or building eHealth systems include innovative privacy-preserving technological measures into their designs, develop new modes of organizational governance for securing medical data, and seize opportunities to educate practitioners of the security risks inherent in new digital and network technologies. The report calls for implementing partners, members of the international development community, and funding agencies to take proactive stances on these issues so that the right policies and technologies can be developed and new vulnerabilities avoided. Privacy and security must be understood as processes, not products or plug-ins.
Most importantly, the 'development' agenda for deploying information and communication technologies in developing countries must be more ethically aware. Just as we are recognising it is wrong to sell surveillance technologies to authoritarian regimes, we must ensure that even our more noble intents do not result in developing infrastructures that can enable miscarriages of justice. Identity systems in some countries have enabled atrocities, while more recently we hear of U.S. State Department initiatives to capture medical and genetic information on political and business leaders around the world. eHealth systems could very well enable both of these forms of surveillance with greater ease. This is not the purpose of 'development'.