Privacy, security and transparency of data in healthcare
I felt a certain emotion participating in this conference organized in the hall where 73 years before the Italian Republic was proclaimed following the 2 June 1946 referendum: the Lupa hall in Montecitorio.
The conference was organized by the AIDR association (Italian Digital Revolution Association), chaired by Mario Nicastri and moderated by Tg5 journalist Luciano Onder.
Andrea Bisciglia, cardiologist, is the head of the Aidr Observatory on digital health which aims to promote and disseminate new initiatives that increasingly develop this aspect to ensure improvements in services to citizens and new health management techniques.
The Deputy Minister of Economy Laura Castelli participated with an introductory speech, then other authoritative participants followed one another, illustrating their presentations and experiences, the names are given in the article http://www.aidr.it/convegno-privacy-sicurezza-e-trasparenza-dei-dati-in-sanita/
The World Health Organization has issued guidelines on the use of digital technology. The health sector is one of those most exposed to the risk of cyber attacks. An analysis showed that these attacks occur at a much greater frequency than other sectors (banking, etc.)
It is therefore necessary to find the right balance between service logic and the logic of treatment of health data that must be carried out in compliance with the privacy rules.
A medical record, it has been said, is valid on the black market 500 €. Knowledge of certain health data may allow terrorism to take place. It is therefore important to make sure that i data center that treat health data are always managed in an adequately safe way.
New technologies such as artificial intelligence represent the new challenges for privacy. These are not just an analysis algorithm, but they can also give guidance on how to proceed in making patient care decisions. Obviously they must be considered an aid for the clinical decision and not an automatic step.
The dott. Colella of the Office of the Privacy Guarantor told about how you can acquire confidential health information starting from a few known data.
In the USA it was found that in 53% of cases it is enough to know the zip code (postal code) and the date of birth to identify the person if I then add one more data, the sex, I come to identify the person with an accuracy of the 88% of cases.
The alteration of health data is a terrorist act that can lead to the death of the subject, it is therefore necessary to manage this data in compliance with the provisions of the European Regulation GDPR (General Data Protection Regulation) which provide for the confidentiality of personal data, integrity and availability by implementing, by the Data Controller and the Data Processor, technical and organizational measures appropriate to the level of risk for the data subject.
Giuseppe Pazzano, DPO