AMA Survey Cites Patient Concerns With Data Security

By Scott Mace

Patients are increasingly concerned about eroding security and the confidentiality of personal health information in digital form, according to a survey recently authorized by the American Medical Association (AMA).

More than 92% of patients say privacy is a right and their health data should not be available for purchase, the survey finds.

Savvy Cooperative surveyed 1,000 patients at the start of 2022 for the AMA, and found that they are worried about data privacy protections and confused about who can access personal health information.

Almost 75% of those surveyed are concerned about protecting the privacy of personal health data. Only 20% of patients said they know how many companies and individuals have access to their data. The recent U.S. Supreme Court ruling over abortion rights is heightening these concerns, the AMA says, since a lack of data privacy may put patients and physicians in legal jeopardy where states are restricting reproductive health services.

In the survey, patients indicated they are most comfortable with physicians and hospitals having access to personal health data and least comfortable with social media sites, employers and technology companies having access to this data.

“Patients trust that physicians are committed to protecting patient privacy – a crucial element for honest health discussions,” AMA President Jack Resneck Jr., MD said in a press release “Many digital health technologies, however, lack even basic privacy safeguards.”

“More must be done by policymakers and developers to protect patients’ health information,” he added. “Most health apps are either unregulated or underregulated, requiring near and long-term policy initiatives and robust enforcement by federal and state regulators. Patient confidence in data privacy is undermined as technology companies and data brokers gain access to indelible health data without patient knowledge or consent and share this information with third parties, including law enforcement.”

Accord to the survey 94% of respondents say companies should be held legally accountable for uses of their health data. A similar majority of patients (93%) want app developers to be transparent about how their products use and share personal health data.

In addition, nearly 80% of patients want to be able to opt out of sharing some or all their health data with companies.

Approximately three out of five patients (59%) expressed concern with personal health data being used against them or loved ones. Patients surveyed say they are “very” or “extremely” concerned about discriminatory uses of personal health data to exclude them from insurance coverage (64%), employment (56%), or healthcare opportunities (59%).

Physicians and their hospitals should have the technology and capability to review apps for privacy and security protections, say patients responding to the survey. Almost nine out of 10 (88%) patients believe that their doctor or hospital should be able to review and verify the security of health apps before those apps gain access to their health data.

According to the AMA, federal regulations prevent providers and even electronic health record (EHR) systems from conducting necessary privacy and security reviews of apps.

The AMA has published its Privacy Principles, describing five key aspects of a national privacy framework—individual rights, equity, entity responsibility, applicability, and enforcement. The AMA also says it has developed a guide to help app developers build privacy-forward technologies.

Scott Mace is a contributing writer for HealthLeaders.