|
NishaChandraSecondEssay 4 - 03 Feb 2020 - Main.NishaChandra
|
| |
| META TOPICPARENT | name="SecondEssay" |
|---|
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | |
<
< | Getting Tech Companies Away From Our Medical Data | >
> | Misappropriation of Medical Data | | | -- By NishaChandra - 06 Dec 2019 | |
<
< | Medical data is data that is collected about a person’s state of health. It can include information about hospitalizations, symptoms, allergies, treatment plans, medications, lab reports, and progress notes. This form of data was traditionally collected by clinics, hospitals, and public health authorities and has been stored in recent years as electronic health records (EHRs), which can be uploaded onto a third-party electronic health information exchange (eHIE). EHRs can be accessed by approved users instantly and be updated in real-time, making them a helpful tool for doctors to understand their patients’ history and subsequent medical needs. They can also be shared across providers in different health care systems, ensuring that clinicians have a full picture of a patient’s records. | >
> | Medical data is data that is collected about a person’s state of health. It can include information about hospitalizations, symptoms, treatment plans, and medications. This data, traditionally collected by medical professionals, is now typically stored as electronic health records (EHRs), which can be uploaded onto an electronic health information exchange (eHIE). EHRs can be accessed by approved users instantly and be shared across organizations, which helps doctors understand patients’ histories and medical needs. Unfortunately, as sharing medical data has become easier, entities outside the healthcare system have started collecting this data and using it for their own ends. Absent an overhaul of our healthcare system, the only solution may be updating outdated privacy laws. | | | | |
<
< | Tech's Interest In Health Data | >
> | Tech's Interest in Health Data | | | | |
<
< | But increasingly, technology corporations are collecting this health data. In some cases, people are willingly handing over that data. There exists a multitude of mobile phone applications where users can import information about their health. One such application, the Maya period tracker application, has over 5 million downloads on the Google Play Store. This application can store information about users’ use of contraception, period cycles, and associated symptoms. In other cases, people don’t know that corporations have access to their health data or never consented to it. The Maya period tracker, for instance, was recently found to be sharing its users’ medical data with Facebook. Additionally, Google has accessed health data without patient’s consent through Project Nightingale, a partnership with the health care provider Ascension. Through this project Google has the health records for millions of Ascension patients, and it claims the goal is to use machine-learning algorithms to make better healthcare decisions. | >
> | Increasingly, technology corporations are collecting health data, both with and without people’s knowledge. In some cases, people are willingly handing over their data. For instance, millions have downloaded period-tracker smartphone applications, which can store information about users’ contraception methods, period cycles, and symptoms. Users of these trackers and other similar services are willingly providing their most intimate data in return for reducing anxieties about their health. In other cases, people don’t know that corporations have access to their health data or never consented to it. The Maya period tracker, for instance, was recently found to be sharing its users’ medical data with Facebook. Google has similarly accessed health data without patients’ knowledge through Project Nightingale, a partnership with the health care provider Ascension. Through this project Google has the health records for millions of Ascension patients, and it claims its goal is to use machine-learning to help providers make better healthcare decisions. | | | | |
<
< | While medical providers collect and store medical data to streamline the provision of medical care, technology corporations may have more profit-based motives and may be less concerned with maintaining the privacy of this data. Health information, for example, can be used to suggest purchase options through targeted marketing. A company which knows that you’re struggling to conceive might show you ads for fertility clinics or self-help books. Through this type of marketing companies influences the behavior of users. Health data can also be sold; Facebook is interested in collecting health data in part because of the lucrative practice of selling this data to pharmaceutical and insurance companies. Unfortunately for users, health data in the hands of these companies will inevitably lead to discrimination based on that data. Insurers may start making health insurance coverage decisions based on the data they’re buying from these behavior-collectors. A previous prescription for depression medication noted on a patient’s medical record may lead to them being denied health insurance in the future due to “pre-existing conditions”. One day soon, companies will use this data to make decisions that affect every facet of people's lives – decisions about who to rent to, who to give a loan to, and who to hire. | >
> | While medical providers ostensibly collect medical data to streamline the provision of medical care, technology corporations may have more profit-based motives and care less about the privacy of this data. Health information, for example, can be used by corporations to suggest purchase options through targeted marketing. A company which learns that you’re struggling to conceive might then show you ads for fertility clinics. Through this type of marketing companies can influence the behavior of users. Health data can also be sold; Facebook is interested in collecting health data in part because of the lucrative practice of selling it to pharmaceutical and insurance companies. Unfortunately for users, health data in the hands of these types of companies will inevitably lead to discrimination based on that data. Insurers may start making health insurance coverage decisions based on the data they’re buying from these behavior-collectors. A previous prescription for depression medication noted on a patient’s medical record may lead to a denial of health insurance in the future due to “pre-existing conditions”. One day soon, companies will use the health data they’ve collected or bought to make decisions that affect every facet of people's lives –: decisions about who to rent to, who to give a loan to, and who to hire. | | | | |
<
< | A Lack of Consent | >
> | Sharing Under HIPAA | | | | |
<
< | Unfortunately, patients’ consent plays a very small role in the dissemination of health data. Health care providers are bound by the Health Insurance Portability and Accountability Act (HIPAA), which regulates the use and disclosure of protected health information by certain entities. While best practices dictate that patients are asked to consent to the sharing of their health data, HIPAA provides a very low baseline of conduct and does not require that providers get patients’ consent before exchanging health information through an eHIE. Some states have laws that are more protective than HIPAA of patients; but these laws are narrow and many only pertain to the disclosure of sensitive diagnoses such as HIV. | >
> | Patients’ consent plays a very small role in the dissemination of health data. Healthcare providers are bound by the Health Insurance Portability and Accountability Act (HIPAA), which regulates the use and disclosure of protected health information by certain entities. While best practices dictate that patients should be asked to consent to the sharing of their health data, HIPAA provides a very low baseline of conduct and does not require this consent before exchanging health information through an eHIE. Some states have laws that are more protective than HIPAA of patients; but many of these laws only pertain to the disclosure of sensitive diagnoses such as HIV. | | | | |
<
< | As a general rule, in the United States healthcare systems can legally share health information with their business partners even without patients’ consent as long as the use is for the system’s healthcare functions. As long as the technology company that is receiving the data isn’t operating as a de-facto health care system in and of itself, its use of data is under a lower level of scrutiny. A hospital could share medical information with Amazon for research, for example, as long as it stripped the data of personally identifying information. And once the medical data has been de-identified it is no longer protected under HIPAA, so Amazon could legally try to link it to existing data on specific users. | >
> | As a general rule, under HIPAA healthcare systems can legally share de-identified health information with their business partners even without patients’ consent as long as the use is for healthcare functions. This provision applies to many of the ways technology companies are collecting health data. As long as the company receiving the data isn’t operating as a de-facto health care system, its use of data is under a lower level of scrutiny. For example, a hospital could share medical information with Amazon for research if it stripped the data of personally identifying information like names and birthdates. Once the medical data has been de-identified, it is no longer protected under HIPAA. This means that Amazon could legally take the data it has received from a healthcare system for “healthcare functions” and try to link it to its existing data on specific users, which in affect undoes the de-identification and allows Amazon to know specific health information about its users | | | | |
<
< | Patients are attempting to push back against this nonconsensual sharing of their medical data. A group of patients has sued the University of Chicago Medical Center for sharing patient data with Google without stripping out dates. In theory, Google could use information it has about users’ locations to match the medical data with specific users and then use this enhanced knowledge about their users for marketing purposes. Unfortunately, since the medical center did remove names, phone numbers, and other patient information from the records, it appears that this type of sharing is legal under the current regime. Ultimately the best way patients can protect themselves against non-consensual sharing of their medical information with technology companies is to push for updates to HIPAA. HIPAA was signed into law in the 90’s, before most could conceive of the ways that technology companies would come to use personal data. Changes to the law to require affirmative, informed consent from patients before their health data is stored or shared may be the only way to stop these companies from misappropriating our data further. | >
> | Patients are attempting to push back against this sharing of their medical data. A group of patients has sued the University of Chicago Medical Center for sharing patient data with Google without stripping out dates. In theory, Google could use information it has about users’ locations to match the medical data with specific users and then use this enhanced knowledge about users for marketing purposes. Unfortunately, since the data didn't contain identifying patient information, it appears that this type of sharing is legal under the current regime.
While patients can try to protect their medical data by only using healthcare providers who do not store data in EHRs or who pledge not to share data with outside corporations, many do not have this level of autonomy over their healthcare. Patients on Medicare, for instance, only have access to a limited number of providers. Consent requirements are not the answer either; no patient can truly consent to the ways corporations might use their health data. Ultimately, patients may only be able to fully protect themselves against sharing of their medical information by demanding updates to HIPAA. HIPAA was signed into law in 1996, before most could conceive of how companies would come to use personal data. Changes to the law to require affirmative, informed consent from patients before their health data is stored and to prohibit data sharing may be the only way to stop these companies from misappropriating medical data further. | | |
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. |
|
|
NishaChandraSecondEssay 3 - 16 Jan 2020 - Main.NishaChandra
|
| |
| META TOPICPARENT | name="SecondEssay" |
|---|
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | |
<
< | Preventing the Misappropriation of Women's Health Data | >
> | Getting Tech Companies Away From Our Medical Data | | | -- By NishaChandra - 06 Dec 2019 | |
<
< | Violations of data privacy affect nearly everyone who ventures online. But because of how women understand and use the internet, their health data is more vulnerable to collection. According to research from Pew, women value the internet as a way to strengthen relationships and build social connections, whereas men value the internet for its ability to cultivate experiences. Because of this difference, women are more likely to use the internet to get support for health or personal problems | >
> | Medical data is data that is collected about a person’s state of health. It can include information about hospitalizations, symptoms, allergies, treatment plans, medications, lab reports, and progress notes. This form of data was traditionally collected by clinics, hospitals, and public health authorities and has been stored in recent years as electronic health records (EHRs), which can be uploaded onto a third-party electronic health information exchange (eHIE). EHRs can be accessed by approved users instantly and be updated in real-time, making them a helpful tool for doctors to understand their patients’ history and subsequent medical needs. They can also be shared across providers in different health care systems, ensuring that clinicians have a full picture of a patient’s records. | | | | |
<
< |
This sort of essentialist arithmetic is rhetoric, not social science. The underlying data no doubt shows that there is more variation within the categories of "men" and "women" than between them. Divining a personality difference attributable to sex from the reported fact that 94% of women and 88% of men reported using email on a daily basis is imprudent, to say the least. Making this reported difference a "cause" of other phenomena perches unsound inferences on stilts.
| | | | |
<
< | Women may seek out this support online in different ways. For example, women might share personal details or ask for advice on internet groups. Some forums, message boards, and social media groups have subject matters which are stereotypically more interesting to women, and these groups by design encourage the dissemination of a certain type of personal information. Forums about wedding planning or miscarriage lend themselves to discussion about personal health and family information more than forums about video games or skiing. Additionally, there are smartphone applications designed for women that encourage users to upload their health information. There are a multitude of applications centered around reproductive health, for instance, where users can record their menstrual cycle, birth control methods, and health symptoms. | >
> | Tech's Interest In Health Data | | | | |
<
< | The Issue With Sharing Health Data | >
> | But increasingly, technology corporations are collecting this health data. In some cases, people are willingly handing over that data. There exists a multitude of mobile phone applications where users can import information about their health. One such application, the Maya period tracker application, has over 5 million downloads on the Google Play Store. This application can store information about users’ use of contraception, period cycles, and associated symptoms. In other cases, people don’t know that corporations have access to their health data or never consented to it. The Maya period tracker, for instance, was recently found to be sharing its users’ medical data with Facebook. Additionally, Google has accessed health data without patient’s consent through Project Nightingale, a partnership with the health care provider Ascension. Through this project Google has the health records for millions of Ascension patients, and it claims the goal is to use machine-learning algorithms to make better healthcare decisions. | | | | |
<
< | The problem is that the corporations which host these online groups are gathering and saving the data that users provide. And the data that users are uploading onto applications on their personal smartphones isn’t safe either. The Maya period tracker application, which has over 5 million downloads on the Google Play Store, was recently found to be sharing its users’ data with Facebook. | >
> | While medical providers collect and store medical data to streamline the provision of medical care, technology corporations may have more profit-based motives and may be less concerned with maintaining the privacy of this data. Health information, for example, can be used to suggest purchase options through targeted marketing. A company which knows that you’re struggling to conceive might show you ads for fertility clinics or self-help books. Through this type of marketing companies influences the behavior of users. Health data can also be sold; Facebook is interested in collecting health data in part because of the lucrative practice of selling this data to pharmaceutical and insurance companies. Unfortunately for users, health data in the hands of these companies will inevitably lead to discrimination based on that data. Insurers may start making health insurance coverage decisions based on the data they’re buying from these behavior-collectors. A previous prescription for depression medication noted on a patient’s medical record may lead to them being denied health insurance in the future due to “pre-existing conditions”. One day soon, companies will use this data to make decisions that affect every facet of people's lives – decisions about who to rent to, who to give a loan to, and who to hire. | | | | |
<
< |
Why, then, does any of this depend on distinguishing between "women's health data" and "human health data"? What is the actual significance of the division to any issue of data policy?
| | | | |
>
> | A Lack of Consent | | | | |
<
< | This health data can be used in a multitude of ways by corporations. Health information, for example, can be used to suggest purchase options through targeted marketing. A company which knows that you’re struggling to conceive might show you ads for fertility clinics or self-help books. Through this type of marketing companies influences the behavior of users. Health data can also be sold; Facebook is interested in collecting health data in part because of the lucrative practice of selling this data to pharmaceutical and insurance companies. Unfortunately for users, health data in the hands of these companies will inevitably lead to discrimination based on that data. Insurers may start making health insurance coverage decisions based on the data they’re buying from these behavior-collectors. A post about depression made on a forum may lead to a woman being denied health insurance due to “pre-existing conditions”. One day soon, companies will use this data to make decisions that affect every facet of women’s lives – decisions about who to rent to, who to give a loan to, and who to hire. | >
> | Unfortunately, patients’ consent plays a very small role in the dissemination of health data. Health care providers are bound by the Health Insurance Portability and Accountability Act (HIPAA), which regulates the use and disclosure of protected health information by certain entities. While best practices dictate that patients are asked to consent to the sharing of their health data, HIPAA provides a very low baseline of conduct and does not require that providers get patients’ consent before exchanging health information through an eHIE. Some states have laws that are more protective than HIPAA of patients; but these laws are narrow and many only pertain to the disclosure of sensitive diagnoses such as HIV. | | | | |
<
< |
Why will these things happen to women and not to men, children, and others?
Imperfect Solutions
The solution to this problem is for women to stop giving their health and personal data to companies. One option, perhaps an unsatisfying one, is to move many of these personal conversations off-line and into real life. Women might be turning to the internet to discuss their health and personal issues because of feelings of social isolation. If women feel like they can discuss issues with friends, families, or professionals they may not look for support online. Instead of using a smartphone application to track their health, women could write that information down and share it with their healthcare provider. Women looking for support in dealing with a health issue could find other similarly situated people in their community to talk to. Governments can aid in the increase of social supports by increasing funding for in-person support groups and community programs.
Another option is for women to continue sharing online but cut out the middle-man who is collecting data. Women could instead host their own web server on which forums can reside. Users could also use a federated peer-to-peer system to share information which would then be stored on individual drives rather than a tech company’s server. Companies like Facebook offer a centralized system for users to share information, but a federated system would work equally as well. The end result is the same – an online space where women can discuss their personal or health issues and get support from a community of like-minded individuals. But this system doesn’t have any spying and data harvesting built into it. One challenge may be getting users to actually use these systems. Studies have shown that although women are at least as concerned with data privacy as men, they are less likely to use data protection methods due to a lower level of technical privacy literacy. Increased education about potential methods of data protection would allow women to make more informed decisions about how and where they’re sharing their information online.
Even if women do move toward federated services, if the forum or online group is accessible to the outside public in any way, the data users are sharing could still be vulnerable. There are firms that specialize in “data scraping”, which is a practice of harvesting personal data and details from online sources such as blogs, websites, and forums. Firms can easily and cheaply use software to scrape data from websites and then sell the data to corporations. Scraping isn’t limited to publicly available data either; one firm made accounts on a forum so that it could scrap data from a private message board where users discussed emotional disorders. The only way to truly keep data private in online groups seems to be a heavy vetting process to determine which users can access the group. Unfortunately, this may result in the filtering out of some women who would have been beneficial members of the community.
I don't understand this analysis. Scraping requires access. If people are communicating using wikis, fora, or other web objects which limit access to those who belong, what is there to scrape?
This doesn't seem to have anything to do with "health data," let alone "women's health data." The issues of privacy in chat don't depend on whether people are discussing sex, religion, money, real estate, their children, their health, their sports teams, music, theater, books or paleontology. It's hard at this point to tell what the actual subject of the draft is.
Medical data is not mostly conversation. Patient records, medical histories, test results, images, coding and billing data---all are far more valuable, sought after, significant, important, dangerous than the Q&A on disease websites or advice mills. Why would we focus analysis on the least of the material, rather than making an effort to understand the ecology at large?
Conclusion
There is no perfect solution that allows women to continue to use the internet to get support for personal and health problems from a broad community while also protecting the privacy of their health data. But with an increased understanding of the options available to them, women will be able to decide how to best mitigate the risks.
In order to have a "perfect" solution one needs at least an adequate definition of the problem, which this draft doesn't provide. One could address the problem of privacy in chat with a TOR browser and a pseudonym. But chat is so little the issue that the effort to discuss this detail out of the context of the whole is misinformative even if accurately conducted. The best route to the improvement of the draft is to deal with the health data ecology more broadly: what is medical data, where does it come from, where does it go, how much do patients know about or control any of it?
| >
> | As a general rule, in the United States healthcare systems can legally share health information with their business partners even without patients’ consent as long as the use is for the system’s healthcare functions. As long as the technology company that is receiving the data isn’t operating as a de-facto health care system in and of itself, its use of data is under a lower level of scrutiny. A hospital could share medical information with Amazon for research, for example, as long as it stripped the data of personally identifying information. And once the medical data has been de-identified it is no longer protected under HIPAA, so Amazon could legally try to link it to existing data on specific users. | | | | |
>
> | Patients are attempting to push back against this nonconsensual sharing of their medical data. A group of patients has sued the University of Chicago Medical Center for sharing patient data with Google without stripping out dates. In theory, Google could use information it has about users’ locations to match the medical data with specific users and then use this enhanced knowledge about their users for marketing purposes. Unfortunately, since the medical center did remove names, phone numbers, and other patient information from the records, it appears that this type of sharing is legal under the current regime. Ultimately the best way patients can protect themselves against non-consensual sharing of their medical information with technology companies is to push for updates to HIPAA. HIPAA was signed into law in the 90’s, before most could conceive of the ways that technology companies would come to use personal data. Changes to the law to require affirmative, informed consent from patients before their health data is stored or shared may be the only way to stop these companies from misappropriating our data further. | | |
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. |
|
|
NishaChandraSecondEssay 2 - 11 Jan 2020 - Main.EbenMoglen
|
| |
| META TOPICPARENT | name="SecondEssay" |
|---|
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted. | | | Violations of data privacy affect nearly everyone who ventures online. But because of how women understand and use the internet, their health data is more vulnerable to collection. According to research from Pew, women value the internet as a way to strengthen relationships and build social connections, whereas men value the internet for its ability to cultivate experiences. Because of this difference, women are more likely to use the internet to get support for health or personal problems | |
>
> |
This sort of essentialist arithmetic is rhetoric, not social science. The underlying data no doubt shows that there is more variation within the categories of "men" and "women" than between them. Divining a personality difference attributable to sex from the reported fact that 94% of women and 88% of men reported using email on a daily basis is imprudent, to say the least. Making this reported difference a "cause" of other phenomena perches unsound inferences on stilts.
| | | Women may seek out this support online in different ways. For example, women might share personal details or ask for advice on internet groups. Some forums, message boards, and social media groups have subject matters which are stereotypically more interesting to women, and these groups by design encourage the dissemination of a certain type of personal information. Forums about wedding planning or miscarriage lend themselves to discussion about personal health and family information more than forums about video games or skiing. Additionally, there are smartphone applications designed for women that encourage users to upload their health information. There are a multitude of applications centered around reproductive health, for instance, where users can record their menstrual cycle, birth control methods, and health symptoms.
The Issue With Sharing Health Data
The problem is that the corporations which host these online groups are gathering and saving the data that users provide. And the data that users are uploading onto applications on their personal smartphones isn’t safe either. The Maya period tracker application, which has over 5 million downloads on the Google Play Store, was recently found to be sharing its users’ data with Facebook. | |
>
> |
Why, then, does any of this depend on distinguishing between "women's health data" and "human health data"? What is the actual significance of the division to any issue of data policy?
| | | This health data can be used in a multitude of ways by corporations. Health information, for example, can be used to suggest purchase options through targeted marketing. A company which knows that you’re struggling to conceive might show you ads for fertility clinics or self-help books. Through this type of marketing companies influences the behavior of users. Health data can also be sold; Facebook is interested in collecting health data in part because of the lucrative practice of selling this data to pharmaceutical and insurance companies. Unfortunately for users, health data in the hands of these companies will inevitably lead to discrimination based on that data. Insurers may start making health insurance coverage decisions based on the data they’re buying from these behavior-collectors. A post about depression made on a forum may lead to a woman being denied health insurance due to “pre-existing conditions”. One day soon, companies will use this data to make decisions that affect every facet of women’s lives – decisions about who to rent to, who to give a loan to, and who to hire. | |
>
> |
Why will these things happen to women and not to men, children, and others?
| | | Imperfect Solutions | | | Even if women do move toward federated services, if the forum or online group is accessible to the outside public in any way, the data users are sharing could still be vulnerable. There are firms that specialize in “data scraping”, which is a practice of harvesting personal data and details from online sources such as blogs, websites, and forums. Firms can easily and cheaply use software to scrape data from websites and then sell the data to corporations. Scraping isn’t limited to publicly available data either; one firm made accounts on a forum so that it could scrap data from a private message board where users discussed emotional disorders. The only way to truly keep data private in online groups seems to be a heavy vetting process to determine which users can access the group. Unfortunately, this may result in the filtering out of some women who would have been beneficial members of the community. | |
>
> |
I don't understand this analysis. Scraping requires access. If people are communicating using wikis, fora, or other web objects which limit access to those who belong, what is there to scrape?
This doesn't seem to have anything to do with "health data," let alone "women's health data." The issues of privacy in chat don't depend on whether people are discussing sex, religion, money, real estate, their children, their health, their sports teams, music, theater, books or paleontology. It's hard at this point to tell what the actual subject of the draft is.
Medical data is not mostly conversation. Patient records, medical histories, test results, images, coding and billing data---all are far more valuable, sought after, significant, important, dangerous than the Q&A on disease websites or advice mills. Why would we focus analysis on the least of the material, rather than making an effort to understand the ecology at large?
| | | Conclusion
There is no perfect solution that allows women to continue to use the internet to get support for personal and health problems from a broad community while also protecting the privacy of their health data. But with an increased understanding of the options available to them, women will be able to decide how to best mitigate the risks. | |
>
> |
In order to have a "perfect" solution one needs at least an adequate definition of the problem, which this draft doesn't provide. One could address the problem of privacy in chat with a TOR browser and a pseudonym. But chat is so little the issue that the effort to discuss this detail out of the context of the whole is misinformative even if accurately conducted. The best route to the improvement of the draft is to deal with the health data ecology more broadly: what is medical data, where does it come from, where does it go, how much do patients know about or control any of it?
| | |
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable.
To restrict access to your paper simply delete the "#" character on the next two lines: |
|
|
NishaChandraSecondEssay 1 - 06 Dec 2019 - Main.NishaChandra
|
|
>
> |
| META TOPICPARENT | name="SecondEssay" |
|---|
It is strongly recommended that you include your outline in the body of your essay by using the outline as section titles. The headings below are there to remind you how section and subsection titles are formatted.
Preventing the Misappropriation of Women's Health Data
-- By NishaChandra - 06 Dec 2019
Violations of data privacy affect nearly everyone who ventures online. But because of how women understand and use the internet, their health data is more vulnerable to collection. According to research from Pew, women value the internet as a way to strengthen relationships and build social connections, whereas men value the internet for its ability to cultivate experiences. Because of this difference, women are more likely to use the internet to get support for health or personal problems
Women may seek out this support online in different ways. For example, women might share personal details or ask for advice on internet groups. Some forums, message boards, and social media groups have subject matters which are stereotypically more interesting to women, and these groups by design encourage the dissemination of a certain type of personal information. Forums about wedding planning or miscarriage lend themselves to discussion about personal health and family information more than forums about video games or skiing. Additionally, there are smartphone applications designed for women that encourage users to upload their health information. There are a multitude of applications centered around reproductive health, for instance, where users can record their menstrual cycle, birth control methods, and health symptoms.
The Issue With Sharing Health Data
The problem is that the corporations which host these online groups are gathering and saving the data that users provide. And the data that users are uploading onto applications on their personal smartphones isn’t safe either. The Maya period tracker application, which has over 5 million downloads on the Google Play Store, was recently found to be sharing its users’ data with Facebook.
This health data can be used in a multitude of ways by corporations. Health information, for example, can be used to suggest purchase options through targeted marketing. A company which knows that you’re struggling to conceive might show you ads for fertility clinics or self-help books. Through this type of marketing companies influences the behavior of users. Health data can also be sold; Facebook is interested in collecting health data in part because of the lucrative practice of selling this data to pharmaceutical and insurance companies. Unfortunately for users, health data in the hands of these companies will inevitably lead to discrimination based on that data. Insurers may start making health insurance coverage decisions based on the data they’re buying from these behavior-collectors. A post about depression made on a forum may lead to a woman being denied health insurance due to “pre-existing conditions”. One day soon, companies will use this data to make decisions that affect every facet of women’s lives – decisions about who to rent to, who to give a loan to, and who to hire.
Imperfect Solutions
The solution to this problem is for women to stop giving their health and personal data to companies. One option, perhaps an unsatisfying one, is to move many of these personal conversations off-line and into real life. Women might be turning to the internet to discuss their health and personal issues because of feelings of social isolation. If women feel like they can discuss issues with friends, families, or professionals they may not look for support online. Instead of using a smartphone application to track their health, women could write that information down and share it with their healthcare provider. Women looking for support in dealing with a health issue could find other similarly situated people in their community to talk to. Governments can aid in the increase of social supports by increasing funding for in-person support groups and community programs.
Another option is for women to continue sharing online but cut out the middle-man who is collecting data. Women could instead host their own web server on which forums can reside. Users could also use a federated peer-to-peer system to share information which would then be stored on individual drives rather than a tech company’s server. Companies like Facebook offer a centralized system for users to share information, but a federated system would work equally as well. The end result is the same – an online space where women can discuss their personal or health issues and get support from a community of like-minded individuals. But this system doesn’t have any spying and data harvesting built into it. One challenge may be getting users to actually use these systems. Studies have shown that although women are at least as concerned with data privacy as men, they are less likely to use data protection methods due to a lower level of technical privacy literacy. Increased education about potential methods of data protection would allow women to make more informed decisions about how and where they’re sharing their information online.
Even if women do move toward federated services, if the forum or online group is accessible to the outside public in any way, the data users are sharing could still be vulnerable. There are firms that specialize in “data scraping”, which is a practice of harvesting personal data and details from online sources such as blogs, websites, and forums. Firms can easily and cheaply use software to scrape data from websites and then sell the data to corporations. Scraping isn’t limited to publicly available data either; one firm made accounts on a forum so that it could scrap data from a private message board where users discussed emotional disorders. The only way to truly keep data private in online groups seems to be a heavy vetting process to determine which users can access the group. Unfortunately, this may result in the filtering out of some women who would have been beneficial members of the community.
Conclusion
There is no perfect solution that allows women to continue to use the internet to get support for personal and health problems from a broad community while also protecting the privacy of their health data. But with an increased understanding of the options available to them, women will be able to decide how to best mitigate the risks.
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable.
To restrict access to your paper simply delete the "#" character on the next two lines:
Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list. |
|
|