On May 7, 2014, the Federal Trade Commission staff hosted a seminar on Consumer Generated and Controlled Health Data.
The seminar addressed the increasing role consumers are taking in managing and generating their own health data. For example, consumers are researching their health conditions and diagnosing themselves online. Consumers are also uploading their information into personal health records and apps that allow them to manage and analyze their data, and utilizing connected health and fitness devices that regularly collect information about them and transmit this information to other entities.
Speakers discussed the privacy concerns, as well as the potential benefits arising from the movement of health data outside the traditional medical provider context. They talked about the types of websites, products, and services that consumers use to generate and control their health data, and they discussed consumers’ expectations regarding privacy and security protections, as well as the actions that some companies take to protect consumers’ privacy and security.
You can view an archived webcast of the event. A transcript of the proceedings is also available below.
The Commission is accepting written comments on issues related to this workshop until June 9, 2014. Please see below for instructions on how to submit comments.
10 am – 10:05 am
10:05 am – 10:20 am
Presentation: Health Data Flows
Latanya Sweeney, Chief Technologist, FTC
10:20 am – 10:30 am
Presentation: A Snapshot of Data Sharing by Select Health and Fitness Apps
Jah-Juin (“Jared”) Ho, Attorney, Mobile Technology Unit, FTC
10:30 am - 12 pm
- Cora Han & Kristen Anderson, Attorneys
Division of Privacy and Identity Protection, FTC
- Christopher R. Burrow, M.D., EVP Medical Affairs, Humetrix
- Joseph Lorenzo Hall, Chief Technologist, Center for Democracy & Technology
- Sally Okun, RN, MMHS, Vice President for Advocacy, Policy and Patient Safety, PatientsLikeMe
- Heather Patterson, Postdoctoral Research Fellow, New York University
- Joy Pritts, Chief Privacy Officer, Office of the National Coordinator for Health Information Technology, Department of Health & Human Services
- Cora Han & Kristen Anderson, Attorneys
Event Speaker - File
Christopher R. Burrow
Christopher R. Burrow, M.D. joined the Humetrix executive team in 2010 and is the company’s principal data security and privacy officer. He is a physician-scientist and biotechnology executive/entrepreneur in the field of genomics and personalized medicine. As a clinician and health information data specialist, Dr. Burrow has played a key role in the development of Humetrix Blue Button enabled mobile apps, iBlueButton and ICEBlueButton, working closely with the software development team.
Joseph Lorenzo Hall
Joseph Lorenzo Hall is the Chief Technologist at the Center for Democracy & Technology. His work focuses on the nexus between technology, law, and policy, ensuring that technology and technical considerations are appropriately embedded into legal and policy environments.
Sally Okun, RN, MMHS, Vice President for Advocacy, Policy and Patient Safety at PatientsLikeMe is responsible for patient voice and advocacy initiatives, participates in health policy discussions at the national and global level, oversees the company’s patient safety initiatives, and acts as the company’s liaison with government and regulatory agencies.
Heather Patterson is a postdoctoral research fellow at New York University’s Information Law Institute and Department of Media, Culture, & Communication, where she researches changing social norms regarding personal information sharing and expectations of privacy, with an eye toward developing policy solutions that facilitate context-appropriate information flow.
Joy Pritts joined the Office of the National Coordinator for Health Information Technology, Department of Health & Human Services in February 2010 as its first Chief Privacy Officer. Ms. Pritts provides critical advice to the Secretary and the National Coordinator in developing and implementing ONC’s privacy and security programs under HITECH.
Consumer and Business Education
Transcript - Files
Request for Comments
The Commission invites interested persons to submit written comments on issues related to this workshop.
To File Electronically:
To make sure that the Commission considers your online comment, you must file it at https://ftcpublic.commentworks.com/ftc/springprivacyworkshop, by following the instructions on the web-based form.
To File in Paper Form:
Postal mail addressed to the Commission is subject to delay due to heightened security screening. As a result, we encourage you to submit your comments online. If you file your comment on paper, write “Spring Privacy Series: Consumer Generated and Controlled Health Data, Project No. P145401,” on your comment and on the envelope, and mail or deliver it to the following address:
Federal Trade Commission, Office of the Secretary
Room H-113 (Annex J)
600 Pennsylvania Avenue, NW
Washington, DC 20580
If possible, submit your paper comment to the Commission by courier or overnight service.
Comments will be posted on this website:
Your comment—including your name and your state—will be placed on the public record of this proceeding. As a matter of discretion, the Commission tries to remove individuals’ home contact information from comments before placing them on the Commission Website.
Because your comment will be made public, you are solely responsible for making sure that your comment does not include any sensitive personal information, like anyone’s Social Security number, date of birth, driver’s license number or other state identification number or foreign country equivalent, passport number, financial account number, or credit or debit card number. You are also solely responsible for making sure that your comment does not include any sensitive health information, like medical records or other individually identifiable health information. In addition, do not include any “[t]rade secret or any commercial or financial information which is obtained from any person and which is privileged or confidential,” as provided in Section 6(f) of the FTC Act, 15 U.S.C. § 46(f), and FTC Rule 4.10(a)(2), 16 CFR 4.10(a)(2). In particular, do not include competitively sensitive information such as costs, sales statistics, inventories, formulas, patterns, devices, manufacturing processes, or customer names.
To Request Confidential Treatment:
If you want the Commission to give your comment confidential treatment, you must file it in paper form, with a request for confidential treatment, and you have to follow the procedure explained in FTC Rule 4.9(c), 16 CFR 4.9(c). Your comment will be kept confidential only if the FTC General Counsel grants your request in accordance with the law and the public interest.
Comments That Have Been Submitted
You can view comments that have been submitted at: