Healthcare organizations and hospitals in the United States all sit on treasure troves: a stockpile of patient health data stored as electronic medical records. Those files show what people are sick with, how they were treated, and what happened next. Taken together, they’re hugely valuable resources for medical discovery.
Because of certain provisions of the Health Insurance Portability and Accountability Act (HIPAA), healthcare organizations are able to put that treasure trove to work. As long as they de-identify the records — removing information like patient names, locations, and phone numbers — they can give or sell the data to partners for research. They don’t need to get consent from patients to do it or even tell them about it.