Photo: Al David Sacks/Getty Images
Technologists writing in the journal Nature have created a digital “mask,” dubbed the DM, which they say offers a pragmatic approach to safeguarding patient privacy in electronic health records and during virtual healthcare visits.
There appear to be clinical benefits to the DM as well.
The technology is based on real-time 3D reconstruction and deep learning, and is meant to retain the clinical attributes contained in patient videos, while minimizing access to nonessential biometric information. This is designed for added personal privacy in clinical practice.
Early experimental results show that with the DM, examination videos of patients with ocular disease can be precisely reconstructed from 2D videos containing original faces. A clinical diagnosis comparison showed that ophthalmologists achieved high consistency in reaching the same diagnosis when using the original videos and the corresponding DM-reconstructed videos.
This technology could effectively remove identity attributes, and was met with a positive reaction by patients with ocular diseases. They expressed an increasing willingness to share their personal information and have it stored digitally with this added layer of biometric protection.
WHAT’S THE IMPACT
Patient privacy and data utilization are frequently cited as concerns by patients worried about data breaches. Compared to crude but still widely used options, such as covering identifiable areas with very large bars or cropping these areas out altogether, the DM represents a potentially more sophisticated tool for anonymizing facial images.
The DM selects relevant features for reconstruction, but it’s impossible to reconstruct original data that’s relevant to patient identification. And compared with other face-swapping technologies, the DM can obtain quantitative parameters – such as the degree of eyeball rotation, eyelid shape parameters, blinking rate and rotation frequency – which authors said might prove essential in the future for intelligently diagnosing disease, or studying the relationships between diseases and certain facial characteristics.
The DM can also be applied to telehealth, including online automatic diagnosis and patient triage. The mask can encrypt data before it’s submitted to the cloud, allowing clinicians or AI algorithms to review the reconstructed data and alleviating the concerns of patients whose medical records contain sensitive biometric data.
But protecting privacy does not equate to the absolute removal of identity characteristics. According to the Health Insurance Portability and Accountability Act Privacy Rule, protecting patient privacy refers to reducing the identification risk of health information. One of the most important principles is balancing disclosure risk against data utility.
To that end, the purpose of the DM is to protect health information as much as possible without compromising the need for the clinician to reach a diagnosis.
THE LARGER TREND
Confidence in the security and confidentiality of personal health information is beginning to erode, if the results of a recent survey are any indication. Released by the American Medical Association, the study showed that more than 92% of patients believe privacy is a right and their health data should not be available for purchase.
Nearly 75% of the 1,000 patients surveyed by Savvy Cooperative expressed concern about protecting the privacy of personal health data, and only 20% of patients said they knew the scope of companies and individuals with access to their data.
The survey found that an overwhelming percentage of patients demand accountability, transparency and control as it relates to health data privacy. About 94% of patients want companies to be held legally accountable for uses of their health data, while 93% want health app developers to be transparent about how their products use and share personal health data.
Industries are increasingly being sued by consumers for data breaches, but the sector with the biggest litigation increase is healthcare, according to findings published in April by the law firm BakerHostetler.
In fact, healthcare comprises 23% of lawsuits due to data breaches, according to BakerHostetler. The next highest after that is business and professional services at 17%, followed by finance and insurance (15%), education (12%) and manufacturing (10%).