Third-Party Data Disclosure
Risk Management for
By April Carlson, MBA, HCISSP, CFE; Daniel Goldman, JD; Burke Milnes, MPA; Kimberly Otte, JD; and Morgan Schacht, JD
HOPING TO BALANCE the competing demands to share information while also protecting it, Mayo Clinic has developed
a process to review disclosures of data that is risk-based, standardized, and cross-disciplinary.
The challenges facing the American healthcare delivery system are glaringly apparent to everyone—costs are too high,
access to healthcare services is too limited, and the quality of
medical care is lacking when compared to other developed nations. While lawmakers continue to debate the public policy solutions to this vast problem, Mayo Clinic has explored its own
solutions for improving these issues by rethinking the traditional means of delivering medical care and trying to improve care
through new, innovative means that utilize the latest technology. Examples include:
Telemedicine technology to reach patients in underserved
areas of the country.
Predictive algorithms that will indicate which patients
are most likely to benefit from individualized care coordination services.
Analysis of aggregate protected health information (PHI)
to determine if a change made to a procedure improved
the hospital’s infection rates.
Encouraging patients to report their own medical information—such as blood pressure, blood sugar levels, weight,
symptoms, etc.—in a manner that will allow the healthcare
provider to remotely monitor the patient’s daily condition.
Use of new technology to accelerate research efforts in developing new life-saving treatments.
Creation of online patient accounts and health information exchanges to increase accessibility of medical re-