Governance of Health Data in Cyberspace

In the 21st century, successful healthcare delivery and medical research are increasingly dependent on the collection and distribution of information in cyberspace, with potentially enormous benefits for society; however the risks associated with misuse of data are significant. Iceland, Sweden, Norway and the UK provide case studies of where initiatives have raised public outcry because of a failure to fully comprehend social expectations about the use of health data online.

Our theory is that when data collected for health reasons is used in other contexts, or data collected for other purposes is used in the context of healthcare, a boundary is breached. This challenges the data's contextual integrity (that is, considering the specific values and expectations linked to data collected for a particular reason and how they change if the reason or situation for collecting data changes), and thus may threaten public trust.

The central aim of this project is to develop recommendations for resilient governance mechanisms for health cyberspace that can meet social expectations regarding the security and privacy of health data, while enabling broad use of health data to benefit society. We will apply the theoretical lens of contextual integrity, and review current approaches to governance across other sectors, along with the ethical issues that arise with online data. This will enable us to analyse whether certain data usage contravenes the norms of a particular context, and therefore whether current governance mechanisms are appropriate, or if new forms of public engagement and governance are needed.

This inter-disciplinary project will use a variety of ways to understand the issues of risk and resilience in the governance of health cyberspace in Northern Europe. These will include using focus groups with experts and citizens and a discrete choice experiment in which we ask participants to choose between set responses. From the results of these we will obtain an understanding of what citizens perceive their risk to be when data is used in health cyberspace. Using these findings we will develop recommendations for governance in cyberspace, for the benefit of healthcare and other sectors.