Skip to main content

Keeping Patient Data Safe

Perspectives and resources on how to protect patient data.

Illustration of data network and a man holding a cell phone

Last year, a rare disease advocacy group in Europe released a report that reflected how patients feel about sharing their data. Many said they were willing to share their info, but wanted to know it was being handled properly and not shared beyond what they approved.

Half of the respondents worried about unauthorized third parties getting their data. About 1,000 patients surveyed (47%) said they are concerned that an organization could use their data in a context different from the purpose for which it was originally collected. About a third worried their collected data could lead to discrimination, for instance, with a prospective employer. Patients also want to be kept informed about the projects they’ve given their data to, the study found.

Read the report from EURORDIS

Similarly, in 2019, the Kaiser Family Foundation found patients in the United States were also concerned about their medical data, especially with wide usage of electronic health records. Just more than half said they were worried about this electronic information falling into the wrong hands.

In the U.S., patient data is protected by HIPAA (Health Insurance Portability and Accountability Act). spells out these rules that patients encounter every time they visit a doctor’s office or hospital.

HIPAA for Consumers

Established systems, processes and organizational structure protect data privacy at CSL, the company’s Chief Risk Officer Karen Neave said.

“At CSL, the protection of data is of paramount importance, and we have a dedicated Privacy and Data Protection function within our broader Business Integrity and Risk function, that is focused on ensuring the organization has the governance, systems and processes in place to protect patient data, along with all other personal data held at CSL,” she said.

“By protecting patient data, CSL delivers on one of its core values – integrity,” said Sarah McHenry, CSL’s Privacy and Data Protection Global Lead.

CSL Behring’s Deirdre BeVard sees data privacy as an important element when building trusting, respectful relationships with patients, viewing patients as partners. We recently asked BeVard, who is Senior Vice President of R&D Strategic Operations, about trends in data privacy. Here’s what she said.

Senior Vice President for R&D Strategic Operations Deirdre BeVard

How do you see this conversation evolving to balance the need for patient privacy with the need for data to spur innovation?

I think the conversation around data sharing will only grow stronger and the balance of protecting one’s privacy and sharing for a greater purpose will continue to be a challenge. With that said, you see from the work done by EURORDIS, and many other surveys, that there is a strong willingness on the part of patients to share their data, especially if it could lead to better treatments for them and patients like them. 

I read an interview with Dr. David Fajgenbaum from a live session held during the J.P. Morgan Healthcare Conference. His story of being diagnosed with Castleman Disease and making it his mission to search for a treatment is inspiring. He talks about how the patients were integral to his research. Their samples and data were “kind of held hostage” by their treating physician. Having the patients allow researchers to access the data and samples was key to advancing the work they were doing. Had that not happened, their efforts would have stalled. 

He also speaks about collaboration among physicians and healthcare providers to share their experiences and ideas for how to treat these rare diseases and how to advance new research ideas. Patient groups may do this on their own, with the health care community, with industry or all of the above. It’s exciting and empowering to consider how responsible and respectful data sharing can advance medical research. It is how collaboration can turn hope for a treatment into action to find one.