By Cheryl Lubbert of Health Perspectives Group

As we look back over the past year for lessons learned that we will take into the New Year, there are many we could choose: from celebrities on social media to controversial pricing. But based on our work with thousands of patients, helping to connect them with biopharma companies large and small, one of the top areas of concern right now is protecting their personal information.

This is not a concern that has impacted Direct-to-Consumer marketing historically, but the world is changing, and DTC is evolving. We are in the middle of an unprecedented shift in the way companies communicate with consumers, from a mass-media, one-way approach, delivering product information from the top down to drive demand, to a “me-media,” two-way model focused on the exchange of information for mutual benefit, powered by new technologies and evolving consumer expectations.

Research shows that consumers expect and want more two-way communications, especially as it relates to support. For example, a Manhattan Research study showed that 59% of online consumers expect the healthcare system to offer the same level of customer service they receive at a service-oriented company like Amazon.com. Yet only 8% of online consumers say that pharma companies are providing a better customer experience than two years ago.

This new way of communicating poses many challenges for biopharma companies, including explaining complex medical data, navigating technology, and regulatory and legal oversight. But it also brings to the forefront a new challenge unique to this approach: consumer concerns about privacy, security, and transparency where their personal health information is concerned.

As a result, privacy and security are the top concerns we see moving into 2016. Though they both relate to how private information is handled, these two concepts are different, as defined by the Healthcare Information and Management Systems Society (HIMSS):

• Privacy is the right of an individual to make choices with respect to the collection, use and disclosure of their data.
• Security refers to the safeguards – physical, administrative and technological – used to protect the confidentiality, integrity and availability of the data.

You’ve all heard the scary news about security breaches that send us frantically to our credit card statements and credit reports. First, it was data stolen from Target and Home Depot, and other incidents followed. Just a few weeks ago, we learned that hackers targeted JPMorgan Chase and 14 other companies, including The Wall Street Journal, pulling off the “largest theft of customer data from a U.S. financial institution in history,” stealing personal information of more than 100 million people, in a data breach described as “breathtaking in its scope and its size.”

Unfortunately, news like this has almost become routine. But consumers are taking the ease with which data can be stolen or misused to heart where their health information is concerned. This year we have heard time and again from patients that they want to share their health experiences and even their data and information, but they are worried about their privacy.

And who can blame them for being concerned? In a study in Harvard Business Review, the authors reported: “Though some companies are open about their data practices, most prefer to keep consumers in the dark, choose control over sharing, and ask for forgiveness rather than permission. It’s also not unusual for companies to quietly collect personal data they have no immediate use for, reasoning that it might be valuable someday.”

Even with the financial breaches mentioned above, according to the Identity Theft Resource Center, health care has been the most common area for data breaches in the past three years, and medical identity theft was up about 20% between 2013 and 2014.

Data concerns are impacting every corner of the healthcare, from electronic health records to health trackers. This year we conducted a survey through our online platform Health Stories Project, and we found that less than half of respondents are confident that the information in their Electronic Health Record is secure, and less than a third even know who has access to information in their EHR.

And in the Altimeter Study on Consumer Concerns About Data Privacy, consumers were asked about the data implications of fitness trackers, connected cars or connected home appliances, and how they could be used for a company to collect health data and sell it to someone else – and most did not give a positive review, expressing concerns about:

• 78% if/where companies sell their data
• 73% where companies keep their data
• 68% how companies identify them as an individual
• 67% who sees and analyses their data

So consumers have concerns about their data privacy, ranging from data selling, storage, and access to the ability to be identified individually. What can we as an industry do to address privacy and security concerns?

In addition to addressing the technical factors that keep data secure, biopharma companies can help their customers feel comfortable and confident sharing their health information by being transparent about how they will (and won’t) use it and how they will keep it private and safe.

The authors of the Harvard Business Review study I mentioned earlier summarized the role transparency will play: “In a future in which customer data will be a growing source of competitive advantage, gaining consumers’ confidence will be key. Companies that are transparent about the information they gather, give customers control of their personal data, and offer fair value in return for it will be trusted and will earn ongoing and even expanded access. Those that conceal how they use personal data and fail to provide value for it stand to lose customers’ goodwill – and their business.”

With growing concerns about privacy and security, the key is to plan all of your initiatives with the understanding that patients are sharing the most personal data they have when they share details about their health. As an industry, as we shift to a two-way model of communication with our consumers, it’s our responsibility to honor and protect that, and to communicate clearly how we are making that a priority and a reality.