Case Study

Carolinas HealthCare System, operator of more than 900 care centers, began to purchase data to
allow them to identify high-risk patients. Why? So they could intervene in an attempt to prevent
potential health problems developing. The alarm bells are already going off!

The data is collected from credit card purchases, store loyalty programs, and other public records. In
theory, medical practitioners can learn more about their patients—and their patients’ lifestyles—from
their shopping habits than from brief, or sometimes non-existent, consultations. Although the data
doesn’t yet identify individual purchases, it does provide a risk score doctors can use to highlight
potential problems. Remember the story from a couple of years ago about the dad who discovered his
teen daughter was pregnant because Target mined her purchase data and sent her ads for baby
products? This stuff, and the capabilities that brands have when it comes to data mining, isn’t new
news.

While some patients might welcome such a pro-active approach like the Carolinas HealthCare
example cited above, there will be many who will see it as an invasion of their privacy. Some health
advocates also fear an erosion of the patient-doctor relationship, if medical professionals begin to
interrogate apparently healthy patients about the consequences of their perceived lifestyle choices.
Then, when you extrapolate from that and factor in insurance companies having access to this kind of
data—that adds a whole different level of creepiness factor into the equation. Because, of course,
insurance companies always have our best interests at heart, right? It’s not a giant leap to envision a
future where people are turned away from health insurers based solely on risk scores developed from
this type of data mining. It’s definitely a slippery slope.

The above highlights some of the ethical and privacy issues organizations leveraging big data are
facing. A Forrester report suggests that, as well as tackling the technological aspects of handling big
data, there is a real need to build competency in data governance into systems, and that’s something
you want your IT team or managed service provider to be paying close attention to. In essence, what
you want is to have “data stewards” working alongside the “data engineers” who will build the big data
practices for the organization as a whole. Human error could make for a massive lawsuit.

This, is where the role of a recent addition to the C-Suite, the Chief Data Officer (CDO), needs to
come to the fore. This emerging executive position is something that Daniel Newman has recently
been writing about at Forbes. Dan sees the CDO playing an increasingly pivotal role, bridging the gap
between the sometimes conflicting responsibilities of the CMO and the CIO.A key responsibility of the
CDO will also be to make sure data collection practices stay on the right side of the ethical and
legislative line.

That way the potential for financial loss, as well as the loss of reputation and trust, can be mitigated
as data collection strategies are developed.

For those of us in the IT and big data space, it’s easy to see both sides of this coin: The potential
benefits from the collection and analysis of data, as well as the potential privacy and security issues.

Question:

Give your thoughts on ethical and privacy issues involving data collection from secondary sources
and analysis of the same. If you were the CDO of Carolinas HealthCare System would you have
approved of this data purchase and analysis.