Industry

Preventing the Next Cambridge Analytica from using your Medical Records

Posted April 12, 2018
By Niko Skievaski

Most healthcare pundits can agree that patients should be in control of their data. There’s actually enough momentum behind that statement that the ONC has been pushing legislation in that direction over the past few years. By 2019, EHR vendors will be required to open up an API such that a patient using any application can authorize that application to use her data. This is similar to the OAuth 2 functionality Facebook supports for third party application developers–the same that led to the Cambridge Analytica scandal and Mark Zuckerberg’s subsequent congressional testimony earlier this week.

Two of Redox developers most familiar with the regulatory environment and authentication frameworks collaborated on an article that was picked up as an op-ed last night in HealthData Management Magazine. The piece dives into the lessons to be learned from Facebook/Cambridge Analytica and how we need to think about that as developers and stewards of patient data in healthcare. I’m excited to share the article with our audience here. Congrat’s Clark and Nick!

Why Facebook privacy concerns should impact HIT’s future