Beruflich Dokumente
Kultur Dokumente
@frankbaitman
Talking Points
A Conversation:
Risks vs. Rewards in the Sharing of Personal Information
Incentives
It is in the publics interest, and for their benefit, that the government makes available its
large collections of data to individuals and
organizations. Opening up data to external
users exposes it to new systems and cultures
that are well-suited to interpret the data and
make it useful to more people and for multiple
new purposes.
A distinct part of the due diligence in information sharing is to engage stakeholders within and outside of your organization. Although
Once data is made available to a wider audithe overall public health and welfare may be
ence, it can be combined with other data sets the goal of a big data project, it is important
and de-anonymize the individuals involved.
that the individual has a say in the use of their
Government agencies are best positioned as a Allowing more access to information decreases information and an understanding of any risks
major source of information and data and pri- the ability to control its use and when data
involved in the secondary uses of their information.
access relies on large communities of particivate sector actors are well equipped to anapants, there is a greater chance of competing If an individual understands the outcome and
lyze, develop, and adapt information to add
risks, they are better engaged in his/her health,
value. However, government agencies are not interests (economic and social). With an exand perhaps as important are engaged in the
panded
audience
there
are
more
possibilities
always the best equipped to make the most of
privacy and security of their data.
for
malicious
actors
to
access
and
exploit
the
the data they acquire, due to fixed resources
open
data/shared
data
platform.
Such
large
and finances, so allowing private sector access
Likewise, there are stakeholders that may not
can improve innovation and increase the value data sets inherently make themselves targets work within the healthcare field, but may have
for those who exploit PII/PHI.
of combined public and private data sets.
solutions on how to best mitigate risks in a big
data or information sharing program. Although
Due Diligence/Documentation
Private sector actors can interpret and reuse
the rules and sensitivities may differ for varying
data, republishing it in a more profitable/useful The size and nature of the federal government
sectors of information, it doesnt mean that
form, making it more available and consuma- gives it the ability to reach a wide audience
potential solutions should be siloed among
ble than it would have been without the inand, given its vast responsibilities to provide
those sectors.
volvement of the private sector. The availability various services to the community, it needs to
of a centralized source of information also
have the resources to develop tools in a com- Overall Context of Risk Models
provides a substantial benefit to the private
mercially reasonable way.
In order for the government to derive value
sector. The government has already done
from opening up their data sets to the public,
Partnering with private sector organizations
most of the work: gathering, categorizing, and
they need to insure that the data they provide
gives the federal government the potential to
modeling the datasets. All that is required is for
meet communities needs and to foster innova- is meaningful/useful, i.e., the data would proindividuals, organizations, and companies to
vide some sort of quality that would incentivize
tion at the same time. However, in order for
access the data and use it to develop new
this partnership to operate effectively, the gov- the private sector to use the governmentproducts, services, etc.
ernment needs to ensure that some set of best provided data set over others. However, the
government does not want to compromise the
practices are followed so the identification of
Uncertainty
privacy and civil liberties of those about whom
high-valued
data
sets
are
well
protected.
Taking publicly available datasets, reanalyzing
it has gathered data. Creating valuable data,
and remodeling them in a way that makes
The business model behind these partnerships that has structure, meaning, context, etc., crethem more valuable for public and private sec- should ensure that the data be made available,
ates a value for the private sector, but a risk for
tor participants, has benefits as well as risks.
but that the rules protecting the quality of that the public sector. Once data is taken out of the
The government may take steps to reduce the data are stringent and effectively implemented.
secure environment and made available for
exposure of PII and PHI; however, it is impos- Developing roadmaps, rules, and processes
public consumption there is a greater potential
sible to anticipate all potential, future uses of
will help guide the selection of participants. In for exploitation, but there is also a greater
government datasets (malicious or otherwise). order to avoid any potentially adverse impacts
chance that it will be made accessible to those
And with uncertainty, comes risk.
from its private sector partnerships, it is imwho, under normal circumstances, may be
Aggregating information creates data sets that portant that the federal agencies exercise
limited in their ability to access such information.
some control over data access, implement
reveal a composite much greater than the
Creating an open environment has the potential to augment the quality and quantity of services the federal government may provide, with
the added benefit of possibly decreasing the
costs of development. While it is impossible to
protect against all possible future threats to the
use and exploitation of data, structuring partnerships and controlling the context of data
usage, is the best, though not infallible, way
that the government can avoid compromising
the security of the PII it is charged with protecting while also promoting an open data forum.
ing the best possible methods to keep information secure. Rather than looking to regulate,
encouraging collaboration among the public
and private sectors may enhance the sharing
of cyber threat and vulnerability information.
National Cancer Institutes Cancer Genomics Cloud pilot program is perhaps the
best example of a facilitator of big data sharing. This initiative investigates the possibility
of public cancer knowledge clouds or repositories that are co-located wand have
advanced computing resources; this enables
researchers to bring their analytic tools/
methods to data. In this way, the cloud program presents large amounts of collected
data to any interested researchers and innovators which is a much more effective method of disseminating information and reaching the appropriate audiences in the most
efficient way.
FDAs OpenFDA provides an open-source
application programming interface for FDAs
drug, device, and food data that creates
easy access to public data. It seeks to ensure the privacy/security of public FDA data,
but also to establish a new level of openness/accountability that could be used to
educate the public and spur innovation. FDA
sees this as a platform for the public to interact
with one another and with the FDA experts.
CDC BioSense 2.0 is a collaborative data
exchange system where users, who have
agreed to share health-related data, can
track health issues as they develop, allowing
this information to be shared with other public health agencies and jurisdictions. This
system collects and shares information with
a multitude of public and private sector entities and also has extensive privacy protections and confidentiality conditions that it
enforces with these authorized users. CDC
sees this initiative as a direct response to
the challenges some resource-strapped
state/local health departments face. This
system aims to contribute information for
public health situational awareness, improve
the ability for emergency services to detect
health threats, etc.
Network and Information Technology
Research and Development Programs
Big Data Senior Steering Group (BDSSG)
was formed to identify big data research and
development activities across the federal
government. Similar to many of the HHS big
data initiatives, it focuses on a coordinating
research and development efforts to increase the overall effectiveness and productivity of federal research and development
investments. By making information readily
available, researchers can avoid duplication,
leverage their strengths among a larger
audience, and increase the interoperability
of their systems by gaining access to other
researchers and developers.