Camcorders in Hospital Hallways

1
Camcorders in Hospital Hallways Rooftops
Ontarios New Privacy Law

• Health Privacy Event
• Ottawa, Sept 17 2004
• Michael Yeo, PhD
• Associate Professor, Philosophy
• Laurentian University
• myeo_at_laurentian.ca

2
An Ancient Promise

• Whatever, in connection with my professional
  practice or not, in connection with it, I see or
  hear, in the life of men, which ought not to be
  spoken of abroad, I will not divulge, as
  reckoning that all such should be kept secret.
• Hippocrates 400 BC

3
A New Reality?

• Medical confidentiality, as it has been
  traditionally understood by patients and doctors,
  no longer exists . . . . This ancient medical
  principle . . . has become old, worn-out and
  useless.
• Physician- Ethicist Mark Siegler, 1982

4
The End of Privacy?

• You have no privacy anyway . . . Get over it.
  Scott McNealy, Sun Microsystems
  
• The Unwanted Gaze The Destruction of Privacy in
  America (Rosen, 2000)
• Database Nation The Death of Privacy in the 21st
  Century (Garfinkel Russel, 2000)
• The End of Privacy (Sykes 1999)
• The End of Privacy How Total Surveillance is
  Becoming a Reality (Whitaker 1999)

5
Checking the Pulse of Privacy

• Is Bill 31
• An advance or step forward for privacy?
• Or
• A step backward or setback for privacy?

6
Focus PHIPA Research AccessBut much also to
be queried re

• Implied Consent (fund raising?)
• Knowledgeable (vs. informed?) Consent
• Other non-consensual access
• (must) Data Institutes (government access?)
• Registries
• Planning, Management, Evaluation, Etc.

7
Research Access vs. Privacy The Accounting
Ledger
8
Depends . . . What is Privacy?

• claim to determine when, how, to what extent
  information about you is communicated to others
  -- (Alan Westin)
• personal control over collection, use
  disclosure of recorded information about an
  identifiable individual -- (IPCO)
• right of control regarding collection, use
  disclosure -- (PCC)

9
Informational Privacy

• There must be a way for an individual to
  prevent information about him obtained for one
  purpose being used or available for other
  purposes without his consent.
• Code of Fair Information Practice, 1973, U.S.A.

10
It Follows, by Definition . . .

• research without consent (no control, no right of
  control) is a privacy loss or violation
  (regardless of subsequent safeguards to protect
  the information).

11
PHIPA PURPOSE

• The purposes of this Act are,
• a) To establish rules for the collection, use and
  disclosure of personal health information about
  individuals that protect the confidentiality of
  that information and the privacy of individuals
  with respect to that information, while
  facilitating the effective provision of health
  care

12
PIPEDA Purpose

• 3. The purpose . . . is to establish . . . rules
  to govern the collection, use and disclosure of
  personal information in a manner that recognizes
  the right of privacy of individuals with respect
  to their personal information and the need of
  organizations to collect, use or disclose
  personal information for purposes that a
  reasonable person would consider appropriate in
  the circumstances

13
PHIPA Access Rules Re Research Without Consent I

• 36 (1) custodian may collect indirectly if
• d) from non-custodian, for research, research
  plan approved by research ethics board
• f) (or if) commissioner authorizes

14
PHIPA Access Rules Re Research Without Consent II

• 44(1) custodian may disclose to reseacher if
• Application in writing research plan approved by
  research ethics board

15
Consideration by board

• 44(3) REB consideration considers,
• If research can be reasonably accomplished
  without info
• Whether adequate safeguards in place to protect
  the privacy of the individuals
• public interest in conducting the research and
  public interest in protecting the privacy of the
  individuals
• Whether consent would be impractical

16
PHIPA Privacy Not Control or Right Based

• The very act of research access without consent
  does not appear or count as a failure to protect
  the confidentiality of that information and the
  privacy of individuals.
• Privacy protection equals adequate safeguards
• data protection or security, not privacy

17
The Political Lens(From the Committee Hearings)

• Mrs. Witmer It sounds to me that youre prepared
  to make sure that at the end of the day the
  stakeholders can continue to move forward.
• Hon. Mr. Smitherman Absolutely, and we have lots
  of subsequent dialogue with the stakeholders to
  improve this as we move forward.

18
Stakeholders (ICES)

• Dr. Laupacis Our concern is to make sure that
  the legislation is written in such a way that we
  are able to do the kind of research that we do.

19
Other Stakeholders Access Interest
Hippocrates MD IPCO
Government/ CIHI/CHI Inc./ Hospitals
Researchers Joe Q. Patient

From PC Annual Report
20
Access Stakeholders Put Privacy First!

• Pam Slaughter (ICES privacy officer) We make
  privacy and have made privacy the most important
  part of our culture, quite frankly, since
  inception in 1992. We have cameras in our halls
  and cameras on our roofs.

21
Two Competing Orientations

• Self-Determination
• Moral claim or right to choose (privacy)
• Autonomy, respect for persons
• Deontological
• Free and democratic society
• Consent Central

• Benign Steward
• Protect data subject from harm (security)
• Non-maleficence
• Consequentialist
• Public good purposes (claimed)
• No harm, no worry

22
No Worry The Research Has Been Approved or
Authorized

• by a research ethics board
• by the privacy commissioner
• BUT Irrelevant if the Pope approves
  authorization not in control of individuals

23
No Worry Only Authorized Users Will Have Access

• If only authorized users access, no loss or
  violation of privacy
• BUT Who does the authorizing? If not the
  patient, the access is a violation of privacy

24
No Worry Your Data is Safe!

• Q What if X (insurer, police, boss) gets the
  info?
• A X wont get it (access controls anonymized)
• Q What about hackers thieves?
• A Encryption, locks, oaths
• Q Good you protect my info, but how did you get
  it?
• A No harm, consent waived, exemption,
  exception, etc.

• Lingering Harm Concerns
• - Are harms / risks broadly
• enough defined?
• - What about social harms,
• group harms?
• - What if protections fail?
• - What if not anonymous?
• - What if rules change?
• Why trust you?
• Anyway, assurance is
• beside the privacy point!

25
Safeguards Beside the Point

• It is not just a matter of fear to be allayed
  by reassurances but of a resentment that anyone
  even a thoroughly trustworthy official should
  be able at will to satisfy any curiosity, without
  the knowledge let alone the consent of the
  subject
• To treat the collation of personal information
  about him as if it raised purely technical
  problems of safeguards against abuse is to
  disregard his claim to consideration and respect
  as a person. (Benn, 1971)

26
Harms Wrongs

• The Peeping Tom offends privacy even if the
  person viewed through a bedroom window is unaware
  of being seen and suffers no other consequential
  harms from the viewing. Similarly, privacy is
  invaded when an unauthorized person looks at
  anothers medical records
•  
• At the same time, it is worse if the secret
  voyeur also takes photos and discloses them to
  others who then inform the person photographed,
  or if the person with unauthorized access to
  private information uses it to deny a person a
  job or life insurance. Privacy is violated in
  either case, but in the latter situation, the
  violation also harms the person consequentially.
  (Robertson, 1999)

27
Let Us Not Deceive Ourselves
Alex Colville, Horse and Train, 1954

Access Juggernaut (Stakeholder Train ) and
Privacy? Ontario Bill 31 2004?
28
Research Access vs. Privacy The Accounting
Ledger
29
Its for the Public Good!

• Isnt Privacy?

• Public Good Test?
• Who assesses?
• With what biases?
• On what evidence?