Privacy in the Coronavirus Era.

Abstract

Genetic Testing and Molecular BiomarkersVol. 24, No. 9 PerspectiveFree AccessPrivacy in the Coronavirus EraJennifer Labs and Sharon TerryJennifer LabsBrown University, Providence, Rhode Island, USA.Genetic Alliance, Washington, District of Columbia, USA.Search for more papers by this author and Sharon TerryAddress correspondence to: Sharon Terry, MA, Genetic Alliance, 4301 Connecticut Avenue NW, Suite 404, Washington, DC 20008-2304, USA E-mail Address: sterry@geneticalliance.orgGenetic Alliance, Washington, District of Columbia, USA.Search for more papers by this authorPublished Online:8 Sep 2020https://doi.org/10.1089/gtmb.2020.29055.sjtAboutSectionsPDF/EPUB Permissions & CitationsPermissionsDownload CitationsTrack CitationsAdd to favorites Back To Publication ShareShare onFacebookTwitterLinked InRedditEmail Concerns over the protection of patient privacy have been rapidly growing as technology continues to be integrated into the health care system. The well-known Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule has governed the protection of health information since the bill's passage in 1996; however, the novel coronavirus has challenged the way that public health officials and governments worldwide have thought about medical privacy and the exchange of health data (HHS Press Office, 2006). Questions about the kinds of information that should be shared with the general public and the extent to which public officials can use things such as health data or cell phone data without an individual's permission have already been tackled in many different ways. Government officials in China did not seek out the authorization of their citizens before using tracking data from mobile phones to identify suspected COVID-19 patients (Lin and Martin, 2020). The government of Taiwan merged its airport immigration database with its medical database so that people who had traveled out of the country could be immediately identified (Fuller, 2020). Although these solutions are likely not politically feasible in the United States, they raise an important question: how far should the U.S. government go in monitoring data and sharing information surrounding the virus with the public?According to a poll conducted by the Kaiser Family Foundation, 68% of the public said they would be willing to use an app that shared coronavirus testing results with public health officials (Kirzinger et al., 2020). However, only 50% said they were willing to download an app that alerts them if they have come in contact with someone who tested positive, and 45% said they were willing to provide this kind of information to public health officials (Kirzinger et al., 2020). The idea behind this application, using the method of “contact tracing” to track the spread of the disease, has been proposed by Apple and Google, and this method has been used successfully to control the spread of measles and sexually transmitted diseases (Fraser, 2020). Even now, before the widespread use of any contact tracing technology, Apple, Facebook, and Google are sharing mobility data with public health authorities to show whether people have been staying home to understand the effectiveness of social distancing. These data, pulled from cell phone location data, have been aggregated and deidentified, but groups such as the Electronic Privacy Information Center have still questioned the ethics of using it without peoples' permission (Tahir and Ravindranath, 2020). Although versions of contact-tracing applications and data sharing have been used in other countries, the United States' focus on privacy has slowed the adoption of these methods (Richtel, 2020).The privacy protections provided by the HIPAA Privacy Rule have not been cast aside during the pandemic, but there are stipulations in the law that provide for the sharing of information in an emergency situation without a patient's explicit permission. The law allows covered entities to share a patient's protected health information (PHI) without a patient's authorization with “anyone as necessary to prevent or lessen a serious and imminent threat to the health and safety of a person or the public” (Office for Civil Rights, 2020). When invoking this provision, a covered organization has to follow applicable laws and standards of ethical conduct, but it still allows for a broad interpretation of the sharing of health information, particularly data such as COVID-19 test results. Although this seems like it could easily be interpreted to include the sharing of information that should remain private, covered entities are required by the law to only provide the “minimum necessary” information to accomplish their purpose when disclosing the PHI of their patients (Office for Civil Rights, 2020). In addition to the stipulations already provided in the law for emergency situations, the Secretary of Health and Human Services (HHS), Alex Azar, declared a temporary waiver of certain provisions of the Privacy Rule, including the requirement to get a patient's permission to speak with family members or friends involved in the patient's care and the patient's right to request confidential communications (Delgado and Seng, 2020). This waiver only applies in very specific scenarios, but it clearly demonstrates a need for a more fluid exchange of information in this very unique time in American medical history. HIPAA protected information is also generally only shared among health agencies and other HIPAA covered organizations, not to the general public (Fraser, 2020).The question of how much information should be shared with the public has been widely debated among public officials across the country. In Los Angeles County, the local government provides an approximate age distribution of patients and a breakdown of the number of cases into >140 cities and communities; however, in Florida, residents are provided with much more information, such as the cities affected, the number of people tested, the age brackets of patients, the number of cases in nursing homes, and whether positive cases are Florida residents or not (Fraser, 2020).Regardless of the choices that officials have made with regard to sharing information with the public, researchers in the United States have demonstrated a need for specific data about testing and symptoms, and widespread testing will be necessary to successfully use contact tracing technologies. This need for data must be balanced with the concerns of discrimination and isolation if the identity of positive COVID-19 patients is revealed. If people are concerned about others discovering that they are infected, they may be less likely to come forward for testing if they suspect they are infected (Fraser, 2020).All of these concerns must be considered when ultimately making a decision about how much information will be shared. By working together and observing the different approaches of state and local governments across the country, we can learn from each other about the best options for combating this global pandemic.Genetic Alliance, with our partner LunaPBC, has a community-based solution, in which each individual keeps control of his or her data. The data never leave the system, and instead, questions come to the data. This takes place in a cloud compute environment to which researchers can bring their queries and questions. By enabling communities of all kinds, including faith communities, sports teams, schools, and other affinity groups, to be the stewards for individuals invitation to share data about coronavirus, and giving the individuals tools to control access to these data, we have effectively solved the privacy issues inherent in this time of a public health emergency. Join us in the FightToEndCOVID.com.ReferencesDelgado HF, Seng LD; The National Law Review (2020) Relaxing of HIPAA laws during COVID-19 pandemic. Available at: https://www.natlawreview.com/article/relaxing-hipaa-laws-during-covid-19-pandemic (Last accessed June 12, 2020). Google ScholarFraser D; Government Technology (2020) Experts: coronavirus pandemic tests limits of privacy laws. Available at: https://www.govtech.com/health/Experts-Coronavirus-Pandemic-Tests-Limits-of-Privacy-Laws.html (Last accessed June 11, 2020). Google ScholarFuller T; The New York Times (2020) How much should the public know about who has the coronavirus? Available at: https://www.nytimes.com/2020/03/28/us/coronavirus-data-privacy.html (Last accessed June 9, 2020). Google ScholarHHS Press Office (2006) HHS announces new HIPAA privacy decision tool for emergency preparedness planning. Available at: http://wayback.archive-it.org/org-745/20131029134807/http://archive.hhs.gov/news/press/2006pres/20060705a.html (Last accessed June 9, 2020). Google ScholarKirzinger A, Hamel L, Muñana C, et al. (2020) KFF Health Tracking Poll—Late April 2020: coronavirus, social distancing, and contact tracking. Available at: https://www.kff.org/global-health-policy/issue-brief/kff-health-tracking-poll-late-april-2020/ (Last accessed June 10, 2020). Google ScholarLin L, Martin TW; The Wall Street Journal (2020) How coronavirus is eroding privacy. Available at: https://www.wsj.com/articles/coronavirus-paves-way-for-new-age-of-digital-surveillance-11586963028 (Last accessed June 9, 2020). Google ScholarOffice for Civil Rights, U.S. Department of Health and Human Services (2020) HIPAA Privacy and Novel Coronavirus. Available at https://www.hhs.gov/sites/default/files/february-2020-hipaa-and-novel-coronavirus.pdf (Last accessed June 11, 2020). Google ScholarRichtel M; The New York Times (2020) Contact tracing with your phone: it's easier but there are tradeoffs. Available at https://www.nytimes.com/2020/06/03/health/coronavirus-contact-tracing-apps.html (Last accessed June 11, 2020). Google ScholarTahir D, Ravindranath M; Politico (2020) How the coronavirus is upending medical privacy. Available at: https://www.politico.com/news/2020/04/28/coronavirus-medical-privacy-217671 (Last accessed June 11, 2020). Google ScholarFiguresReferencesRelatedDetailsCited byGroup Privacy: An Underrated but Worth Studying Research Problem in the Era of Artificial Intelligence and Big Data30 April 2022 | Electronics, Vol. 11, No. 9Data privacy during pandemics: a systematic literature review of COVID-19 smartphone applications4 January 2022 | PeerJ Computer Science, Vol. 7Security, Trust and Privacy: Challenges for Community-Oriented ICT Support19 May 2021A Comprehensive Analysis of Privacy Protection Techniques Developed for COVID-19 PandemicIEEE Access, Vol. 9 Volume 24Issue 9Sep 2020 InformationCopyright 2020, Mary Ann Liebert, Inc., publishersTo cite this article:Jennifer Labs and Sharon Terry.Privacy in the Coronavirus Era.Genetic Testing and Molecular Biomarkers.Sep 2020.535-536.http://doi.org/10.1089/gtmb.2020.29055.sjtPublished in Volume: 24 Issue 9: September 8, 2020Online Ahead of Print:July 14, 2020PDF download