Privacy and Medical data– a valid argument or fear of transparency?

The discussion regarding the availability of medical data both for the people who need to see it to treat you correctly and the people who would like to analyse it (anonymously) is not new. In the Netherlands there have been attempts since 2010 to set up a system with a central database but they have all failed at government level because of privacy concerns. The question remains are these concerns valid or are we just adopting a convenient excuse for not investing in healthcare? Certainly, looked at from the viewpoint of business analytics “privacy” is probably the most quoted reason for not implementing an information system, this is of course much wider than medical systems, Human Resources and Fraud Detection are other typical examples where typically the problem is a fear of transparency, of uncovering problems which may reflect badly on management and has absolutely nothing to do with privacy.

Firstly, let me admit I am biased, I have spent my whole career working with information systems, both from the software side as a vendor, later as a consultant and then as an IT analyst specialising in Business Intelligence and Data Integration. All too often I have seen projects cancelled because they didn’t produce the results that the sponsor wanted to see; a fraud detection project was cancelled because we discovered a fraud – apparently the intention was to prove that there wasn’t any fraud. A system to show historical sales trends was cancelled because two years data was “missing” and a hospital information system was cancelled because we discovered that a number of the patients who had been treated successfully were actually dead (the old system assumed that if you left the hospital and you didn’t come back for any more treatment that the treatment had worked) – that system was cancelled because it infringed the patient’s privacy.

So, whilst I understand that there are people out there who seek to misuse our medical data, I believe that it shouldn’t be beyond out capabilities to make it very safe. When we talk to customers about implementing information systems, we don’t just tell them about the advantages, we ask the question “What will you lose if you don’t do it?” If we had implemented a country-wide electronic medical record system (EMR) 10 years ago we would now know how many people were ill with Corona virus, how many had recovered, what the symptoms were and how many people had actually died – information that would be accurate and would help us to defeat this pandemic.