Do You Really Want Full Access to Your Health Data?
Disclaimer: I am not a disinterested party in this debate.
There is a miniature debate going on right now about patient rights to their health data. At least some number of patient rights advocates understandably believe that patients should be given full control over their health records. This sort of information could be used in third party applications to all sorts of good ends.
On the other hand, this sort of information could be used in third-party applications to all sorts of bad ends. People pay surprisingly little attention to the detailed, small-type legal disclaimers that they sign. If an application someone wants to use asks for access to their health data, some large fraction of prospects will simply acquiesce. And with this “consent”, the application can do whatever it wants within the broad boundaries of the agreement they themselves wrote.
This sort of trade-off has come up before. The result has been consumers giving up large amounts of information about their internet usage to corporations without much insight into what they are giving up and with comparatively little to show for their sacrifice.
Health information is different. Such information, if made public, can be truly and permanently damaging to a person in a way their web-browsing patterns are unlikely to.
This, however, is an inevitable consequence of giving patients the rights to get programmatic access to their health records. There will be some tiny number of users who use such information in productive ways like quantitative tracking of their health. There will be millions who share their health data because some start-up figured out a way to monetize the information therein.
The right to access your health information in a programmatic fashion also gives you the right to unwittingly give a random app developer access to your health information. Is this a right we actually want?