Oregon may give individuals control over health data
Proposed legislation in Oregon would ban the unauthorized sale of de-identified healthcare data and enable individuals to have control over their information.
Passage of The Health Information Property Act in Oregon would be a fundamental shift in intellectual property law, says Michael DePalma, founder, president and chief operating officer at Hu-manity.co, a data privacy firm that markets an app to enable individuals to claim their data as their property.
“Your healthcare data is property, and it’s your property,” he contends. This is a human issue. This is a shift in the value we create every day. This is about quality, fairness and transparency.”
Today, most physicians and patients don’t know health information is being bought and sold daily, and the bill if enacted would let individuals know that their information has value, according to DePalma. “You could own your health data and have a level of control.”
The legislation would require that if someone wants to sell someone else’s health data, they must get consent from that individual, who can assign property rights to the seller and set the rules for how the health data can be used. In general, entities buying healthcare data include researchers, medical device manufacturers and insurers.
Businesses that could include providers, insurers, vendors and other entities would be required to get explicit permission from patients if they wish to use a patient's data for commercial purposes.
DePalma says he has had conversations with industry stakeholders in multiple states who tell him they want their constituents at the table when the idea of patients having the right to control their health data is being considered.
“This is a re-thinking of the balance of power in the data economy,” DePalma explains. “Right now, the data faucet is on, and we are creating the value.”