The standard approach to protecting privacy in healthcare aims to control access to personal information. We cannot regain control of information after it has been shared, so we must restrict access from the start. This ‘control’ conception of privacy conflicts with data-intensive initiatives like precision medicine and learning health systems, as they require patients to give up significant control of their information. Without adequate alternatives to the control-based approach, such data-intensive programmes appear to require a loss of privacy. This paper argues that the control view of privacy is shortsighted and overlooks important ways to protect health information even when widely shared. To prepare for a world where we no longer control our data, we must pursue three alternative strategies: obfuscate health data, penalise the misuse of health data and improve transparency around who shares our data and for what purposes. Prioritising these strategies is necessary when health data are widely shared both within and outside of the health system.
- information technology
Statistics from Altmetric.com
Contributors TJK has contributed to all aspects of this research and is the sole contributor.
Funding The authors have not declared a specific grant for this research from any funding agency in the public, commercial or not-for-profit sectors.
Competing interests None declared.
Patient consent for publication Not required.
Provenance and peer review Not commissioned; externally peer reviewed.
If you wish to reuse any or all of this article please use the link below which will take you to the Copyright Clearance Center’s RightsLink service. You will be able to get a quick price and instant permission to reuse the content in many different ways.