International health care data laws

Governing the way that health is dealt with internationally since 1969 is the International Health Regulations (IHR) and it had been updated in 2005 (Georgetown Law, n.d.; World Health Organization [WHO], 2005). Under Article 45 of the IHR deals with the treatment of personal data (WHO, 2005):

  • Personal identifiable data and information that has been collected or received shall be confidential and processed anonymously.
  • Data can be disclosed for purposes that are vital for public health. However, the data that is transferred must be adequate, accurate, relevant, up-to-date, and not excessive data that has to be processed fairly and lawfully.
  • Bad or incompatible data is either corrected or deleted.
  • Personal data is not kept any longer than what is necessary.
  • WHO will provide data of the patient to the patient upon request in a timely fashion and allow for data correction from the patients

The European Union has the Directive on Data Protection of 1998 (DDP), and Canada has Personal Information Protection and Electronic Documents Act of 2000 (PIPEDA) that is similar to the U.S. HIPAA regulations set forth by the U.S. Department of Health and Human Services (Guiliano, 2014). Eventually, the EU in 2012 proposed the addition of the Data Protection Regulation (DPR) of 2016 (Hordern, 2015, Justice, n.d.).

EU’s DDP allows (Guiliano, 2014):

  • It is outlawed to transfer data to any non-EU entity that doesn’t meet EU data protection standards.
  • The government must give consent before gathering sensitive data for certain situations only
  • Only data that is needed at the time that has an explicit and reasonPable purpose.
  • Patients should be allowed to correct errors in personal data, and if the data is outdated or useless, they must be discarded.
  • People with access to this data must have been properly trained.

EU’s DPR allows (Hordern, 2015; Justice, n.d.):

  • People can allow for data to be used for future scientific research where the purpose is still unknown as long as the research is conducted by “recognized ethical ”
  • Processing data for scientific studies based on the data that has already been collected is legal without the need to get additional consent
  • Health data may be used without the consent of the individual for public health
  • Health data cannot be used by employers, insurance, and banking companies
  • If data is being or will be used for future research, data can be retained further than current regulations

Canadian’s PIPEDA allows (Guiliano, 2014):

  • Patients should know the business justification for using their personal and medical data.
  • Patients can review their data and have errors corrected
  • Organizations must request from their patients the right to use their data for each situation except in criminal cases or emergencies
  • Organizations cannot collect patient and medical data that is not needed for the current situation unless they ask for permission from their patients and telling them how it will be used and who will use it.

Other Internal laws or regulations regard big data from Australia, Brazil, China, France, Germany, India, Israel, Japan, South Africa and the United Kingdom are summarized in the International and Comparative Study on Big Data (der Sloot & van Schendel, 2016).  When it comes to transferring U.S. collected and processed data internationally, the U.S. holds all U.S. regulated entities liable to all U.S. data regulations (Jolly, 2016).  Some states in the U.S. further restrict the export of personal data to international entities (Jolly, 2016).  Thus, any data exported or imported from other countries must deal with the regulations of the country (or state) of origin and those of the country (or state) to which it is exported in.

In the United Kingdom, a legal case on health care data was presented and was ruled upon.  This case dealt with the rate of de-identifiable primary care physician prescription habits data breached confidentiality laws because of the lack of consent (Knoppers, 2000).  The consent had to cover both commercial and public issues purposes.  This lack of both types of consent meant that there was a misuse of data. In the Supreme Court of Canada, consent was not collected properly and violated the expectation of privacy between the patients and private healthcare provider (Knoppers, 2000).  All of these laws and regulations amongst international and domestic views of data usage, consent, and expectation of privacy with healthcare data all are trying to protect people from the misuse of data.

References

Advertisements

Business Intelligence: OLAP

Within a Business Intelligence (BI) program online analytical processing (OLAP) and customer relationship management (CRMs) are both applications have strategic uses for the company and are dependent on the data warehouse to help analyze multidimensional datasets stored in them to provide data-driven solutions to queries. They are both systems that require data analytics to turn all the multidimensional data into insightful information. OLAP’s multidimensional view of the data warehouse data sets can occur because it is mapped onto n-dimensional data cubes, where data can then be easily rolled up, drilled down, slice and dice, and pivot (Conolly & Begg, 2014). OLAP can have many applications outside of customer relationships.  Thus, OLAP is more versatile compared to CRMS, because CRMs are more targeted/focused with their approach, analysis of the customer relationship to the company/product.  CRMs main goal is to analyze internal and external data stored in the data warehouse, to come up with insights like “predicted affinity to buy” of a customer, the “cost or profit” of a customer, “prediction of future customer behavior”, etc. (Ahlemeyer-Stubbe & Shirley, 2014).  The information gained from the CRM can empower employees at the company on a customer’s affinity towards a product to either sell similar items or items of the result in a market basket analysis.

OLAP is the online analytical processing application, which allows people to examine data in real time from different points of view in aid to driving more data-driven decisions (McNurlin et al., 2008).  With OLAP, computers can now make what-if analysis and goal-based decisions using data. The key ability of OLAPs systems are to help answer the “Why?” question, as well as the typical “Who?” and “What?” questions (Conolly & Begg, 2014).  Connolly and Begg (2014) further explain that OLAP is a specialized implementation of SQL. Unfortunately, data queried is assumed to be static and unchanging.  Hence, the low volatile aspect of a data warehouse, with multidimensional databases is ideal for OLAP apps.  They value of the data warehouse does not come from just storing the right kind of data, but through making and conducting analysis, to solve queries that will in the end help make data driven decisions that are the best for the company.  According to Conolly & Begg (2014), OLAP tools have been used in studying the effectiveness of marking campaigns, product sales forecasting, and capacity planning.  However, it is of the opinion of Conolly & Begg (2014) that data mining tools can surpass the capabilities of OLAP tools.

CRMs, on the other hand, focuses a wide range of concepts revolving how companies store, capture and analyze customer, vendor, and partner relationship data. Information stored in CRMs could be interactions with customers, vendors or partners, which allow the company to gain insights based on previous interactions and could even be grouped/associated into different customer segments, market basket analysis, etc. (Ahlemeyer-Stubbe & Shirley, 2014). CRMs can assist in real time with making data-driven decisions with respects to a company’s customers (Mcnurlin, Sprague, & Bui, 2008).  The goal is to use the current data, to help the company build more optimal communications and relationships with it customers, vendors or partners.  Both internal and external data of the company is usually added to the data warehouse for the CRM. Through the use of the internet, companies can study more about their customers and their noncustomers, to aid a company to become more customer centric (McNurlin et al., 2008).  McNurlin et al. (2008) stated a case study with Wachovia Bank purchasing a pay-by-use CRM system from salesforce.com.  After the system was set up within six weeks, sales reps had 30 more hours to use on selling more bank services, and managers can use the data that was collected by the CRM to tell the sales reps which customers would have the highest yield.

References: