going to do with the data?’” Faulkner said. “Are you going to sell it? Are you going to advertise? We will then try to give those answers back to the patient. If the third party doesn’t answer, we’ll tell that to the patient.”
Critics of Epic have previously called the company’s software a “closed platform” and argued the software was limited in its ability to easily exchange data with third-party applications and hospitals that use EHR software developed by other vendors.
Epic has muffled some of those critiques by configuring its record-keeping tools to be able to share information with Apple’s HealthKit software, to name one example. But with so many costly data breaches in the headlines, Epic seems to be walking a fine line between openness and security.
“Social norms have changed, and if patients want to share their data, they should be able to,” said Epic senior vice president Sumit Rana.
However, Rana said that a typical medical record not only contains identifying information about patients, but also genomic data and information on their family and family history, for example. Above all, people should keep in mind the long-term consequences of clicking “I agree” on a computer or smartphone app’s terms and conditions screen, Rana said.
“Consider the implications of uploading [the] protected health information of a minor,” he said. “As an adult, they would be very upset to find that mom opted in to share their personal data with an app 20 years ago in exchange for bonus points on their favorite game.”
