The Precision Medicine Initiative is still in its infancy, and so are the privacy rules that will govern it. While the initiative’s form and functions are a work in progress, the HHS Office for Civil Rights has crafted some overarching principles to govern how it will oversee the privacy challenges posed by PMI, said Deven McGraw, OCR’s deputy director for health information privacy.

OCR has developed 29 principles “grounded in 10 fundamental assumptions of how PMI will operate,” said McGraw, speaking Wednesday at the 2015 Policy Conference sponsored by HL7 in Washington, D.C. “A robust data security framework will be built in from the start. This is a new model for scientific research, but it is not widespread.” OCR is developing its first set of “frequently asked questions” regarding privacy and the PMI, and expects to release it soon, she added.

One of the goals of the PMI is to build a cohort of one million Americans who will agree to contribute their genomic information. “They’re called participants, not patients, and are considered to be partners in the research, with a seat at the table,” McGraw said. The model will be transparent, with the goal that participants will continue to stay involved in the project.

Also See: NIH Releases Precision Medicine Initiative Funding Opportunities

Key to gaining buy-in from one million participants is ensuring that the data will be secure, that they’ll have access to their information and the findings of the research, and that results could be directed to researchers chosen by the participants, McGraw said.

New questions arise when genetic data is involved, particularly when it is part of large data sets. “We’re going to solicit input on whether genetic data is protected health information when it’s present in a data set,” McGraw said. OCR needs to address concerns that participants be fully informed about rights to their data when they sign up to participate.

Public concerns about the extent to which their data will be protected looms large, says Deborah Peel, MD, founder and board chairman of Patient Privacy Rights, an Austin, Texas-based organization that advocates for patient control of personal health information. “The public is very concerned about how their health information is being used,” Peel told attendees at the HL7 meeting.

Peel pointed to recent Senate hearings on data brokers that provide personal information as a business, suggesting that the longitudinal health records of 500 million people is available for purchase. “We don’t know where our data goes, or who’s using it and how. It’s not possible to weigh risks and benefits when you don’t know who’s using it and what they’re doing with it.”

Data protection worries could have a chilling effect on citizen participation in the PMI, Peel contends. “You can’t treat human data the same way that you treat other data,” she said. “The best way to get public benefits of this is to put patient information back under the control of the patients. There is a way to have privacy and the common good.”

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access