Trust and ethical data handling in the healthcare context
Current practices for regulating the processing of personal data are oriented principally towards notions of governance, risk management, and regulatory compliance - based on data protection laws that have, in some jurisdictions, been in place for decades. Despite this framework, individuals are likely to encounter uses of their personal data which, while legal, may appear to lack fairness or legitimacy. Such uses may lead us to conclude that third parties are failing to take due account of our wishes and preferences. An organisation’s handling of personal data might fall short of our expectations in a number of ways, such as through over collection, insufficient care, unexpected or unwelcome use, or excessive sharing. For data controllers, greater focus on ethics (beyond legal compliance), might align them more closely with the expectations of their users and customers. Ethics has been core to the practice of medicine at least since the formulation of the Hippocratic oath , but the digital era introduces new risks which require ethical responses. Guidance for data controllers should be based on a clear understanding of digital privacy and its complexities, so that abstract notions of trust and ethics can be transformed into applicable principles and practical measures, while reflecting the diverse stakeholder motivations and interests. This article explores the trust-related factors and challenges that arise from the digital and online processing of personal data, particularly in the context of healthcare. The article proposes ethical principles, and approaches and resources for putting those principles into practice.
KeywordsTrust Ethics Personal data Healthcare data Ethical data handling
Compliance with ethical standards
Conflict of interest
The author declares no conflict of interest.
There is no funding source for this article.
This article does not contain any data, or other information from studies or experimentation, with the involvement of human or animal subjects.
- 1.North M. On nlm.nih.gov "Greek Medicine - The Hippocratic Oath" U.S. National Library of Medicine, 02 July 2012. 2012. http://www.nlm.nih.gov/hmd/greek/greek_oath.html. Accessed 19 June 2017.
- 2.Albanesius C. On ukpcmag.com. 2013. http://uk.pcmag.com/tv-home-theaters/11794/news/lg-to-fix-unwanted-smart-tv-data-collection. Accessed 16 Dec 2016.
- 3.Komando K. On usatoday.com. 2014. http://www.usatoday.com/story/tech/columnist/komando/2014/11/14/free-apps-privacy/18759109/. Accessed 16 Dec 2016.
- 4.Raiche R. On wptv.com. 2015. http://www.wptv.com/news/science-tech/angry-birds-2-camscanner-apps-stealing-personal-data-raises-questions-about-iphone-security. Accessed 16 Dec 2016.
- 5.Hope C. On telegraph.co.uk. 2007. http://www.telegraph.co.uk/news/uknews/1570258/5000-would-have-made-HMRC-discs-safe.html. Accessed 16 Dec 2016.
- 6.Kende M. Global internet report. 2016. https://www.internetsociety.org/globalinternetreport/2016/. Accessed 16 Dec 2016.
- 7.Hill K. On forbes.com. 2012. http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/#2f7c6a3934c6. Accessed 16 Dec 2016.
- 8.Singer S. In nytimes.com. 2012. http://www.nytimes.com/2012/06/17/technology/acxiom-the-quiet-giant-of-consumer-database-marketing.html. Accessed 16 Dec 2016.
- 9.McCullagh M. In cnet.com. 2013. https://www.cnet.com/news/how-web-mail-providers-leave-door-open-for-nsa-surveillance/. Accessed 16 Dec 2016.
- 10.Nissenbaum H. Privacy as contextual integrity. Wash Law Rev 2004.Google Scholar
- 11.Author. Four Ethical Issues In Online Trust. Internet Society. 2014. https://www.internetsociety.org/sites/default/files/Ethical%20Data-handling%20-%20v2.0.pdf.
- 12.Christl W, Spiekermann S. Networks of control. 2016. http://crackedlabs.org/en/networksofcontrol.
- 13.Lee R, Carlisle A. Detection of falls using accelerometers and mobile phone technology. 2011. https://oup.silverchair-cdn.com/oup/backfile/Content_public/Journal/ageing/40/6/10.1093/ageing/afr050/2/afr050.pdf.
- 14.Yoshida T et al. Gait analysis for detecting a leg accident with an accelerometer. 2006. https://www.researchgate.net/publication/4238356.
- 15.Rumsfeld D. US Department of defense news briefing transcript. 2002. http://archive.defense.gov/Transcripts/Transcript.aspx?TranscriptID=2636. Accessed 19 June 2017.
- 16.Hasselbalch G, Tranberg P. Data ethics, the new competitive advantage. Libris, Copenhagen; 2016.Google Scholar
- 17.Ramesh R. NHS disregards patient requests to opt out of sharing medical records. 2015. https://www.theguardian.com/society/2015/jan/22/nhs-disregards-patients-requests-sharing-medical-records. Accessed 20 Dec 2016.
- 18.Cavoukian A. Privacy by design - applying the 7 foundational principles. 2011. https://www.iab.org/wp-content/IAB-uploads/2011/03/fred_carter.pdf. Accessed 19 Dec 2016.
- 19.CNBC. 2016. Hackers blackmail US Police Departments http://www.cnbc.com/2016/04/26/ransomware-hackers-blackmail-us-police-departments.html. Accessed 1 Oct 2016.
- 20.Ontario Star. Hospital privacy violations go unreported. 2015. https://www.thestar.com/life/health_wellness/2015/01/13/hundreds_of_hospital_privacy_violations_go_unreported.html. Accessed 1 Oct 2016.
- 21.Helsinki Declaration. World medical association. 1964. http://www.wma.net/en/30publications/10policies/b3. Accessed 1 Oct 2016.
- 22.Mitscherlich, A., & Mielke, F. Doctors of infamy: The story of the Nazi medical crimes. New York: Henry Schuman; 1949.Google Scholar
- 23.Belmont. US Dept of Health and Human Services, The Belmont Report. 1978. https://www.hhs.gov/ohrp/regulations-and-policy/belmont-report/index.html.
- 24.Menlo. US Dept of Homeland Security, The Menlo Report - Ethical Principles Guiding Information and Communication Technology Research. 2012.Google Scholar
- 25.Narayanan A, Shmatikov V. Robust de-anonymization of large sparse datasets. 2006. https://www.cs.utexas.edu/~shmat/shmat_oak08netflix.pdf. Accessed 1 Oct 2016.
- 27.Spiekermann S. Ethical IT. Innovation: Auerbach; 2016.Google Scholar
- 28.Dennedy M. The privacy Engineer's manifesto. Springer; 2014.Google Scholar
- 29.Cavoukian A. Twitter. 2016. https://twitter.com/anncavoukian/status/803566281190424577.
- 30.Warren S, Brandeis L. Harvard Law Review. 1890. http://faculty.uml.edu/sgallagher/Brandeisprivacy.htm. Accessed 1 Oct 2016.
- 31.Cooley T. A treatise on the law of torts. Chicago: Callahan & Co.; 1888.Google Scholar
- 32.European Commission. Directive 95/46 Article 1, and Preamble para. 2. 1995.Google Scholar
- 33.Internet Society. Why privacy matters. 2017. http://www.internetsociety.org/what-we-do/internet-technology-matters/privacy-identity.
- 34.Kobie N. Why the cookies law wasn't fully baked. 2015. https://www.theguardian.com/technology/2015/mar/19/cookies-how-to-avoid-being-tracked-online. Accessed 20 Dec 2016.
- 35.Doliner M. Safari invalid certificate handling sucks. 2016. https://kingant.net/2016/08/safari-invalid-certificate-handling-sucks/. Accessed 20 Dec 2016.