Skip directly to search

Skip directly to content

 

Data Privacy in Healthcare - A Q&A with Dan Pelos

 
 

Next Gen Insights | Dan Pelos |
02 March 2020

The information and data within any business is a valuable asset. It is now considered a key driver to business growth and success. Data is collected every second of every day, and so it is important for businesses to capture, process, and manage data correctly. The security of data must be a priority within a business. It needs to be protected from unauthorised access to prevent it from being tampered with, destroyed, or disclosed to others.

With increasing urgency, organisations across all industries are focused on protecting the privacy of their users and their valuable corporate data. The increasing trend in cyberattacks means it is no longer a case of ‘if’ but rather ‘when’ your business will end up on a target list. We sat down with Dan Pelos, Lead Data Consultant, to discuss all things data, including privacy, security, and how you can make use of data without risking either of those things, especially in extremely sensitive industries such as healthcare.

What questions do you get asked a lot?

There are a lot of industry buzzwords out there at the moment, and these tend to lead someone to focus on a narrow solution rather than trying to respond to the broader business requirements. So, quite often I'm being asked by clients, "Do I need Data Science?" or "Can Artificial Intelligence and Machine Learning solve all my problems?". The answer to these questions is quite often “No”, because the data they would need to support a machine learning project is not rich enough, if it even exists at all. When there is workable data available, a quick win is to apply a simple analytical dashboard using the right data. It's a case of working to get your business on the right path so you can reach your ‘nirvana state’. This, of course, starts at the beginning with data preparation which includes data privacy.

How can we be better prepared for the privacy of data?

There are many ways to protect data, including having strong user authentication, encryption, data deletion, backups, etc. However, businesses should be thinking long-term strategy and asking themselves questions such as:

  • How do we process and store personal information? Is this done securely, and so that only the right people have permission to access this information?

  • Do we have the right level of consent? Make sure you have the correct permissions to hold or share personal information.

  • Is our data up to date, and how long should we keep it? Only keep data you need, and make sure personal information is regularly checked and updated.

  • What is our data removal process? You might get asked to remove all personal data for an individual, so make sure this is done correctly and completely.

  • Do we know where all data resides, who has access, and is it being audited? Ensure you can trace where data exists at any time. Running data audits and tracking should be standard processes.

  • Are we able to measure and demonstrate data compliance globally? Data should be managed properly across an entire organisation.

  • How do we monitor data security, incident management, and breach detection? Teams should be in place to manage the protection of data and be able to identify the risks.

  • Have we calculated the financial impact if there is a data breach? This can devastate companies of all sizes especially small and mid-sized businesses. A recent study found that organisations with fewer than 500 employees were hit by losses of more than £2 million on average.

Can you give an example of how we can take advantage of data without exposing it?

Not all data is considered sensitive. Data can also be tagged or anonymised which allows business users to analyse their data without seeing any sensitive information. For example, let’s say someone in healthcare wants to explore 'Age Vulnerability' to identify if elderly people with a high proportion of healthcare services are receiving the right level of care. Analysts will still be able to answer this without accessing the individual’s personal information.

How do you feel about the security of data in healthcare?

Data capture is increasing rapidly in healthcare through new technologies, including augmented and virtual reality, robotics, and the Internet of Medical Things (IoMT). It is important the right systems are put in place, and data is captured and shared securely so patients can feel confident that only relevant information is being shared at the right time to the right place. If patients are being ‘remotely monitored’ through wearable technology to check if they are taking their medication, or AI is monitoring patterns in data to predict, prevent, or treat diseases, only the necessary information is being transferred securely.

There are so many lifesaving benefits on the horizon using new technologies in healthcare, but can we trust hospitals and doctors with our data and ensure it doesn’t fall into the wrong hands? Personal information is extremely valuable and profitable, and with the amount of personally identifiable information (PII) stored in healthcare systems, this could be a hot target for cyberattacks.

What could help improve data privacy in healthcare?

Blockchain could help solve some of these challenges, putting a patient in the middle of the healthcare ecosystem. This could help patients gain more control of their overall medical data. For example, with a patient’s Electronic Health Record (EHR), blockchain could prevent that data from being changed or stolen.

Artificial Intelligence could also be used to support data privacy. Using AI to identify areas of personal information and then only providing that information to people with the right access and permissions could help improve privacy.

How can organisations get started?

When you are starting or refining your data journey, you will probably need someone with the right expertise to support your business. Depending on the size and longevity of your project, it may make sense to recruit your own expert (a Data Protection Officer, for example), but they are in very high demand right now, so it may be a challenge to find someone with the right level of experience that works for your budget. The other option is, of course, to work with an external partner who can help you understand where you are on your data journey and build you a roadmap for the future.

Having good data strategy, privacy, and compliance can help give businesses a competitive edge. Identify areas of weakness or risk and highlight improvements and/or opportunities based on your existing data and processes. My advice is to make sure that the person who comes up with the strategy is either going to be there to implement it or is working alongside those who will be responsible for making it a reality.

For data privacy, look to explore:

How do you COLLECT your data? Are you gathering data sources both internally and from 3rd parties? Connecting to these different data sources securely and the preparation of automating the ingestion processes is important.

How do you STORE your data? Either on-premise or in the cloud, are you storing the data securely and running regular backups and deletion processes?

How do you GOVERN your data? Ensure you follow the latest regulations (such as GDPR) and make use of Master Data Management (MDM), automation, privacy, and security.

How do you SHARE your data? Are you tracking where the data is going and encrypting it at all times? Make sure only the right people have access to the data and manage their security permissions according to their roles and responsibilities.

What do you USE your data for? For example, when looking at patient predictions, EHR, real-time alerting, patient engagement, etc., make sure only the relevant data required is being captured, processed, or shared.

Alongside security, privacy is just one element of a much bigger picture when it comes to data, and together these ensure that you can keep the trust of your clients. Without that trust, it won’t matter how well you are processing the data to gain insights and streamline customer experience or tailor products to their needs, because clients will not want to use your products or services.

Dan Pelos

Lead Data Consultant

As lead data consultant, Dan has spent over 15 years working on data-related projects and building solutions across a whole array of different industries’ future-proofing processes, technologies, and ways of working using insights through data with a passion for problem solving. When Dan isn’t being a renowned 'Data Rockstar', he also sings and plays guitar in his own band, The Smarties, and works as a session musician for various celebrities by performing at corporate and private events, festivals, and venues across the UK.

 

Related Articles

  • 17 December 2019

    Demystifying omnichannel and making it a reality

  • 08 October 2019

    How do you rate as a Business Sponsor?

  • 02 July 2019

    Is your payments provider 3DS2 ready?

  • 07 May 2019

    Failure to launch - Why contactless in the US is behind the rest of the world

  • 23 April 2019

    Placing the customer at the centre of your business transformation

  • 08 April 2019

    Get Emotional - How Feelings Dominate Decision Making

  • 04 February 2019

    Can a business thrive in the age of continuous innovation?

  • 07 January 2019

    Delivering Business Value at Speed: A Recipe in Three Steps

Most Popular Articles

The Four Pillars of Truly Digitised Organisations – Part 1
 

Next Gen Insights | Graeme Fordyce | 03 April 2020

The Four Pillars of Truly Digitised Organisations – Part 1

The Cultural Adoption of Healthtech
 

Next Gen Insights | Les Jordan | 25 March 2020

The Cultural Adoption of Healthtech

Understanding authentication and open banking as a soft POS reality approaches
 

Next Gen Insights | Nick Telford-Reed | 10 March 2020

Understanding authentication and open banking as a soft POS reality approaches

Data Privacy in Healthcare - A Q&A with Dan Pelos
 

Next Gen Insights | Dan Pelos | 02 March 2020

Data Privacy in Healthcare - A Q&A with Dan Pelos

Celebrating Twenty Years of Reimagining the Relationship Between People and Technology
 

Innovation | John Cotterell | 07 February 2020

Celebrating Twenty Years of Reimagining the Relationship Between People and Technology

Nick Telford-Reed Shares His Predictions On Three Topics Ahead Of MPE
 

Next Gen Insights | Nick Telford-Reed | 28 January 2020

Nick Telford-Reed Shares His Predictions On Three Topics Ahead Of MPE

Platforms and Partnerships: Will MWC reveal the new ecosystems needed to exploit 5G?
 

Next Gen Insights | Andrew Brown | 23 January 2020

Platforms and Partnerships: Will MWC reveal the new ecosystems needed to exploit 5G?

How to Create a Company Culture that Encourages and Withstands Failure
 

Innovation | Teodora Chetan | 14 January 2020

How to Create a Company Culture that Encourages and Withstands Failure

MaaS technology – multiple extensions or a complete overhaul?
 

Next Gen Insights | Tony Whitehorn | 19 December 2019

MaaS technology – multiple extensions or a complete overhaul?

 

Archive

  • 03 April 2020

    The Four Pillars of Truly Digitised Organisations – Part 1

  • 25 March 2020

    The Cultural Adoption of Healthtech

  • 10 March 2020

    Understanding authentication and open banking as a soft POS reality approaches

  • 02 March 2020

    Data Privacy in Healthcare - A Q&A with Dan Pelos

  • 07 February 2020

    Celebrating Twenty Years of Reimagining the Relationship Between People and Technology

  • 28 January 2020

    Nick Telford-Reed Shares His Predictions On Three Topics Ahead Of MPE

  • 23 January 2020

    Platforms and Partnerships: Will MWC reveal the new ecosystems needed to exploit 5G?

  • 14 January 2020

    How to Create a Company Culture that Encourages and Withstands Failure

We are listening

How would you rate your experience with Endava so far?

We would appreciate talking to you about your feedback. Could you share with us your contact details?

 

By using this site you agree to the use of cookies for analytics, personalized content and ads. Learn More