White House Issues Cyber Framework for Protecting ‘Precision Medicine’ Patient Data

everything possible/Shutterstock.com

Personalized treatment means gathering lots of PII.

Medical treatment tailored to a patient’s exact genetics, lifestyle and history might be more effective than a one-size-fits-all approach. But it also requires health systems to gather vast amounts of personal information about large numbers of patients.

Personalized treatment for patients is the end-goal of the White House’s Precision Medicine Initiative, a $215 million program launched last year. The program aims to create a “research cohort” of at least a million people’s data, in collaboration with outside groups and volunteers.

But that data, which might include details about insurance claims, demographics, genomic and biological characteristics, and information transmitted from smartphones or implantable devices, needs to be highly secured, according to a new White House security framework.  

The new framework recommends several steps for ensuring that sensitive data is impenetrable by outsiders. The steps include encrypting data, continuous monitoring, rapidly responding to breaches, inviting third parties to check security, and writing clear access policies.  

More specifically, contributing groups should think of a way to verify the identity of users and contributors -- which include medical patients and health care providers -- before giving them access credentials. They should also use multifactor authentication and a modular authorization protocol that only grants access to those groups that need it to fulfill a specific function, among other recommendations.