TY - JOUR
T1 - Generating evidence on privacy outcomes to inform privacy risk management
T2 - A way forward?
AU - Strech, D.
AU - Haven, T.
AU - Madai, V.I.
AU - Meurers, T.
AU - Prasser, F.
PY - 2023
Y1 - 2023
N2 - Effective and efficient privacy risk management (PRM) is a necessary condition to support digitalization in health care and secondary use of patient data in research. To reduce privacy risks, current PRM frameworks are rooted in an approach trying to reduce undesired technical/organizational outcomes such as broken encryption or unintentional data disclosure. Comparing this with risk management in preventive or therapeutic medicine, a key difference becomes apparent: in health-related risk management, medicine focuses on person-specific health outcomes, whereas PRM mostly targets more indirect, technical/organizational outcomes. In this paper, we illustrate and discuss how a PRM approach based on evidence of person-specific privacy outcomes might look using three consecutive steps: i) a specification of undesired person-specific privacy outcomes, ii) empirical assessments of their frequency and severity, and iii) empirical studies on how effectively the available PRM interventions reduce their frequency or severity. After an introduction of these three steps, we cover their status quo and outline open questions and PRM-specific challenges in need of further conceptual clarification and feasibility studies. Specific challenges of an outcome-oriented approach to PRM include the potential delays between concrete threats manifesting and the resulting person/group-specific privacy outcomes. Moreover, new ways of exploiting privacy-sensitive information to harm individuals could be developed in the future. The challenges described are of technical, legal, ethical, financial and resource-oriented nature. In health research, however, there is explicit discussion about how to overcome such challenges to make important outcome-based assessments as feasible as possible. This paper concludes that it might be the time to have this discussion in the PRM field as well.
AB - Effective and efficient privacy risk management (PRM) is a necessary condition to support digitalization in health care and secondary use of patient data in research. To reduce privacy risks, current PRM frameworks are rooted in an approach trying to reduce undesired technical/organizational outcomes such as broken encryption or unintentional data disclosure. Comparing this with risk management in preventive or therapeutic medicine, a key difference becomes apparent: in health-related risk management, medicine focuses on person-specific health outcomes, whereas PRM mostly targets more indirect, technical/organizational outcomes. In this paper, we illustrate and discuss how a PRM approach based on evidence of person-specific privacy outcomes might look using three consecutive steps: i) a specification of undesired person-specific privacy outcomes, ii) empirical assessments of their frequency and severity, and iii) empirical studies on how effectively the available PRM interventions reduce their frequency or severity. After an introduction of these three steps, we cover their status quo and outline open questions and PRM-specific challenges in need of further conceptual clarification and feasibility studies. Specific challenges of an outcome-oriented approach to PRM include the potential delays between concrete threats manifesting and the resulting person/group-specific privacy outcomes. Moreover, new ways of exploiting privacy-sensitive information to harm individuals could be developed in the future. The challenges described are of technical, legal, ethical, financial and resource-oriented nature. In health research, however, there is explicit discussion about how to overcome such challenges to make important outcome-based assessments as feasible as possible. This paper concludes that it might be the time to have this discussion in the PRM field as well.
KW - Data sharing
KW - Evidence
KW - Privacy
KW - Risk management
KW - Confidentiality
KW - Humans
UR - http://www.scopus.com/inward/record.url?scp=85144086355&partnerID=8YFLogxK
U2 - 10.1016/j.jbi.2022.104257
DO - 10.1016/j.jbi.2022.104257
M3 - Article
C2 - 36462598
SN - 1532-0464
VL - 137
JO - Journal of Biomedical Informatics
JF - Journal of Biomedical Informatics
M1 - 104257
ER -