What if it had been healthcare data?
September 1, 2014 | By Judy Mottl
Celebrity photo hack begs big question: what if it had been healthcare data?
As news reports continue to filter out, it has not been confirmed that the photos were stored in Apple’s iCloud and the only indication that Apple’s cloud may have been involved is a ZDNet report that Apple confirmed fixing a vulnerability in its Find My iPhone online service. A Wall Street Journal report Monday stated Apple is actively investigating vulnerabilities in its iCloud service.
It’s going to take at least a few days for what happened to shake out. But in the meantime we don’t need verification to talk about the “what if.” Scandalous private photos being published are nothing compared to publicizing health issues that no one else has a right to know about and which could cause a great deal more humiliation and hurt a professional’s personal and career life than a nude shot.
It’s a critical time to talk about “what if” given Apple’s impending official product event next week where the tech titan is reportedly going to announce its first big mHealth wearable, dubbed the iWatch, and possibly provide deeper detail about its data sharing.
Privacy and data protection are crucial issues that impact everyone, from consumers to patients, to providers to payers. While smartphone tools and apps are increasingly being used for mHealth tech, the question of where the patient’s data will be housed, how will be shared and how will be protected should be front-and-center for everyone.
To that end, Apple–in its revised iOS developer license agreement–has told developers who want to use HealthKit’s application programming interface that they will not be allowed to sell “end-user health information to advertising platforms, data brokers or resellers,” according to the Wall Street Journal.
Meanwhile, just a few weeks ago Sen. Chuck Schumer (D-N.Y.) called on the Federal Trade Commission to put a policy in place regarding data sharing among mHealth device and app makers and third parties. The FTC has gone on record stating more regulations are needed but it clearly doesn’t want to be the one formulating new rules. That’s despite an FTC study that found at least one app vendor sharing personal health data and information with a third-party ad company and users were not aware of the activity.
The celebrity photo cloud hack is truly a big wake-up call that data security must be priority No. 1 as mHealth continues to expand. Just who will be in the forefront in ensuring such a critical element has yet to be determined, but it must be determined soon as it’s just inevitable healthcare data will be a hacker’s target at some point in the future.