Monday, January 28, 2013

Defining Privacy

Privacy is a very important Human Right, yet very hard to define. I am very encouraged by all the efforts in Healthcare on Privacy. These efforts are caused by the interest, yet made complex by the lack of a simple definition for Privacy. The problem with defining Privacy, even in Healthcare, is that there really isn't a single definition of Privacy. The reason is that Privacy has multiple dimensions. Controllership, Confidentiality, Accountability, Accounting, Correctness, Transparency, Disclosure, Consent/Authorization, etc. This is why Privacy is often described in terms of Privacy Principles. As the concept of Privacy is made up of all these various dimensions.

There are some standards that have definitions for Privacy
  • ISO/IEC 2382-8:1998 -- Freedom from intrusion into the private life or affairs of an individual when that intrusion results from undue or illegal gathering and use of data about that individual.
  • ISO 7482-2:1989 -- The right of individuals to control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
  • AHIMA -- The quality or state of being hidden from, or undisturbed by, the observation or activities of other persons, or freedom from unauthorized intrusion; in healthcare-related contexts, the right of a patient to control disclosure of protected health information.
  • Countries like Canada -- (1) The claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others. [Defined by uses this definition from A.F. Westin, Privacy and Freedom (1968). Basis for Privacy Act of 1974 (P.L. 93579; 5 U.S.C. § 552a).] (2) The right of an individual to live free of intrusive monitoring of their personal affairs by third parties not of their choosing.
I find that it is better to understand the Privacy Principles in order to understand what the term Privacy really means. See some of the foundational Privacy Principles. 
The OECD  Privacy Principles are as good as any to review
  1. Collection Limitation Principle --  There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.
  2. Data Quality Principle -- Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.
  3. Purpose Specification Principle -- The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use limited to the fulfilment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.
  4. Use Limitation Principle -- Personal data should not be disclosed, made available or otherwise used for purposes other than those specified in accordance with Paragraph 9 except: a) with the consent of the data subject; or b) by the authority of law.
  5. Security Safeguards Principle -- Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorised access, destruction, use, modification or disclosure of data.
  6. Openness Principle -- There should be a general policy of openness about developments, practices and policies with respect to personal data. Means should be readily available of establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and usual residence of the data controller.
  7. Individual Participation Principle -- An individual should have the right:a) to obtain from a data controller, or otherwise, confirmation of whether or not the data controller has data relating to him; b) to have communicated to him, data relating to him within a reasonable time; at a charge, if any, that is not excessive; in a reasonable manner; and in a form that is readily intelligible to him; c) to be given reasons if a request made under subparagraphs(a) and (b) is denied, and to be able to challenge such denial; and d) to challenge data relating to him and, if the challenge is successful to have the data erased, rectified, completed or amended.
  8. Accountability Principle -- A data controller should be accountable for complying with measures which give effect to the principles stated above.
It isn't even as simple as these 8 Privacy Principles. There are regional nuances, personal decisions, concerns for safety/health, etc. Often times there is complaints that these Privacy Principles get in the way of Medical Ethics  the actual cases of conflict are few and usually well understood by those affected.

So, you can see there isn’t one concept that makes up “Privacy”. Even Wikipedia has trouble simplifying it


  1. Good list and explanation of a topic that is way more complicated than appears at first glance.

    As a point of interest, EU privacy principles also incorporate a "right to be forgotten", i.e., you have rights to erase digital data held by 3rd parties.

  2. Great explanation of privacy John. Working in the biometrics industry, we run up against this issue quite often in how we store our data and questions from end users if we share the data with anyone.

    Although privacy and civil liberties continue to be a sticky wicket with the proliferation of electronic communication, the definition and interpretation of "privacy" varies greatly by demographic and culture. What we may consider a privacy violation in the US may be acceptable in other cultures. It should also be noted that there is some expectation by people that they forfeit some of their privacy when operating in the public domain (e.g. - CCTV cameras, etc.) Would a privacy activist not patronize a store that used security cameras to monitor it's customers? Highly doubtful but in essence, they are forfeiting some of their privacy rights, perhaps unknowingly.

    This topic will continue to be in the limelight for healthcare as we work through the charge to electronic medical records and data sharing across platforms like health information exchanges.

  3. Agree with the comments here - GREAT privacy discussion. Just as a note, ONC and CMS is emphasizing the Fair Information Principles, and they are embodied in a "harmonized security and privacy framework". With the evolution of the Health Insurance Exchange (CMS) wants you to demonstrate that at every point of system interface the principles are applied and policies devloped to enforce protection of consumer information. I think it is far more "multi-dimensional" than historical privacy efforts, that we largely just "safeguards".