After a recent visit to her pediatrician, I had a conversation with my 14-year-old daughter about her health. As is true for much of America’s youth, her BMI (body mass index) was getting high. I said, “Look, you can either take my advice about eating and exercise — which doesn’t seem to have been working all that well — or you might want to think about doing it another way using your phone.”

That other way is called Kurbo, which took a very successful pediatric behavior modification approach that I had heard about through my work on the board of the Lucile Packard Children’s Hospital and created an online health and weight management application. Kurbo was designed specifically to be a safe way to help kids learn to manage their weight. She said, “You mean, like an app?” I said, “Yes, you use it on your phone.” That was pretty much all I needed to say. She started using the app, which involves recording food intake every day using red, yellow, and green categories. The kids can immediately see how they’re doing.

Then, this week, CHCF released a compelling report by health economist Jane Sarasohn-Kahn titled Here’s Looking at You: How Personal Health Information Is Being Tracked and Used. It documents some of the extraordinary gains to be made in individual and public health due to the information explosion commonly referred to as “big data.” One benefit is the opening of opportunities to integrate care and perform vital public health functions such as tracking disease outbreaks. Another benefit is the proliferation of wellness tools and apps, which present great possibilities for people in rural areas or with rare or chronic diseases, not to mention those who just want to take off a few pounds.

The report also discusses the privacy implications for our personal health information — particularly the data we leave behind as we use search engines, smartphones, credit cards, digital medical devices, and of course apps. This so-called “data exhaust” has great value for marketers and others.

After reading this report, I took a closer look at the privacy information on the app my daughter is using. I admit that in my enthusiasm for a tool that was fun, safe, and engaging for her, I did not learn much about how her or our family data might be used, but I can be pretty sure that “third parties” will be involved somewhere along the line.

I am not worried. In introducing my daughter to the Kurbo app, I made a calculated decision. As a mom I am primarily interested in whether it will work. Countless tools and apps have been developed in the area of weight management for good reason. We have an epidemic of overweight everybody, but particularly children and teens, and they’re all on their phones (in fact, that’s part of the problem). So if you’re trying to do an intervention, you go to where the kids are and what they’re comfortable with. Giving away access to some personal data is part of the “free app” deal.

What disturbs me more is the widely held belief that personal health data are protected by HIPAA (the federal Health Insurance Portability and Accountability Act of 1996), which is rapidly becoming obsolete in the world of big data and the Affordable Care Act. I see three main problems with what was a landmark law:

• It is outdated. HIPAA has not begun to keep up with technology. As Sarasohn-Kahn has posted on her website: “Who knew in 1996, when HIPAA was codified, that cloud computing, smartphones, sensors, and online patient communities would become ubiquitous in the American health care landscape?”
• It is less relevant. HIPAA was designed to protect patients with health conditions from being denied insurance coverage. But the Affordable Care Act eliminated this threat when it banned the practice of “preexisting condition” coverage denials.
• It creates obstacles. Even health care providers, like me, who are charged with carrying out HIPAA requirements, have difficulty navigating the integration of mental health and physical health care, and the coordinated care of people with comorbidities. Sometimes HIPAA’s complex rules actually undermine effective case management.

Today, only a portion of our health data is kept by organizations that fall under HIPAA rules, and much of the information rolled up into our digital profiles is not directly related to health. As Sarasohn-Kahn points out, it is our eating, shopping, exercise, and buying habits, and more.

Big data is a powerful engine with enormous utility. In fact, I believe it would be better for government to embrace it rather than to be too cautious. At the same time, we need to ensure that a new form of redlining does not occur using personal data gathered outside the purview of HIPAA. It was hard enough for me to understand the trade-offs of letting my daughter use Kurbo. Others with less language proficiency and low health literacy could be at risk of giving away more information than they want to.

I don’t think the genie of big data will be put back into the privacy bottle. Cultural standards around privacy are generational, and they’re changing as fast as big data is growing. What I would consider personal and private, my daughter’s generation does not. The notion of the supremacy of privacy that I grew up with is quickly giving way to a culture of disinhibition.

So I caution my daughter: “There is no privacy. Anything that’s swiped or entered is in the airwaves. Whatever you want to keep truly private, you will have to be proactive in protecting from view.”

This is true for all of us. Sarasohn-Kahn clearly lays out some of the benefits and downsides of the changing data environment in her new report.

Sandra R. Hernández

Sandra R. Hernández, MD, is president and CEO of the California Health Care Foundation. Prior to joining CHCF, Sandra was CEO of The San Francisco Foundation. She previously served as director of public health for the City and County of San Francisco. Read More

More by this Author:

Celebrating a New Era in Health Coverage, Celebrating the Expansion of Medi-Cal, In Shadow of Devastating Abortion Ruling, California Will Stand Tall