Americans least-trust social media companies, Internet search engines, and the Federal government to keep their personal information secure.

Americans most-trust their doctors, their banks, and their hospitals to protect their personal information.

Are people clear-headed about this perception? I pose, prompted by this month’s survey from POLITICO and the Harvard Chan School of Public Health on data privacy and e-cigarettes.

The first table shows that major finding, with a view on the consumer’s political party identification. There are interesting results revealed by party ID:

  • More Democrats trust doctors, hospitals, health plans, and credit card companies with their personal data.
  • More Republicans trust phone companies, online retailers like Amazon or Walmart, and the Federal government.
  • Independents toggle to hospitals, credit card companies, personal and work email, and ecommerce.

Fewer Americans are concerned about their health and prescription drug information getting hacked compared with their Social Security Number, credit card numbers, text and email messages, and GPS check-ins. Only retail purchasing habits were of less concern among people worried about personal data hacking.

Political party ID again shows difference across Americans: More Republicans are very concerned about their retail data security than are Democrats or Independents.

The study also looked into Americans’ views on data privacy for health information seeking. One-third of people were very concerned that a company would use search information to try and sell medical products based on the search parameters. One in four were very concerned that information could be used against them as a barrier to accessing health care or landing a job.

Diving deeper, the survey found that 1 in 4 Americans had set up a patient portal. Most people using a portal do so to review test results. Over one half have scheduled appointments via the portal, 42% have done an online refill for a prescription drug, and 4 in 10 received advice about a health issue via the portal. Among portal users, one in four is very concerned about unauthorized access to the portal’s personal health information.

The poll was conducted among 1,009 U.S. adults 18 and older via phone in July 2019.

Health Populi’s Hot Points:  The big data point in this study for me was the one-fourth of Americans were “very concerned” that an organization would use their online search information against them to prevent them from getting health insurance.

THINK: the mass of Americans across political party identification who favor the assurance that they would be covered for pre-existing conditions. See the Kaiser Family Foundation Health Tracking Poll data from April 2019 in this last chart for that insight.

The question is whether Americans are uninformed regarding the huge opportunity data hackers see in the value of medical data. The IBM Security and Ponemon Institute 2019 Cost of a Data Breach Report found that health care breaches continue to yield hackers the most financial return over all other industries.

The value of health care industry data breaches ranks above those in financial services companies, energy, industrial firms, pharma (as distinct from health care providers – hospitals and doctors), technology, education, and other segments, illustrated in the bar chart from the IBM/Ponemon study.

Yet the POLITICO/Harvard Chan study identified that health care providers and banks were most trusted by Americans to protect personal data.

Health information breaches are driving health care providers in 2019 and ongoing to investment more resources, both financial and labor, to deal with cybersecurity. With trust a key enable of peoples’ health engagement, providers must attend to this challenge, carefully walking the bridge between security patients’ personal health information with state-of-the-art technology and policies, while educating patients on their interest in taking on sound personal DIY approaches to managing privacy.

Ultimately, I look toward an American-style GDPR (General Data Protection Regulation) beyond HIPAA to broaden Americans’ personal privacy protections….one day, and not soon enough. We watch California implementing their state version of GDPR on January 1, 2020 (CCPA), to learn how that larger privacy protective umbrella will cover Californians. In the meantime, people need to better understand and appreciate the value of their personal information and, especially, their health care data as an asset to be protected.

You can learn more about “Privacy and Health Data In-Security” in that chapter of my book, HealthConsuming, addressing the growing challenge of data, data, everywhere that is useful for health — well beyond our health care claims information.