Healthcare Data Security: A Q&A with Karl Hightower
In an era where data influences everything from medical decisions to insurance rates, understanding healthcare data security has never been more critical. We spoke with Karl Hightower, Executive in Residence for Data at Catalyst by Wellstar and incoming Chief Data & Analytics Officer at Stanford Healthcare and School of Medicine. With over 20 years of expertise spanning healthcare, retail, energy, and telecom, Karl offers insights into the evolving challenges and opportunities in healthcare data security.
Why should people be concerned about healthcare data security?
“Healthcare data is powerful—it can be used to enhance medical treatment, but it also has the potential for misuse. If we look at other industries like retail and banking, data has been leveraged to manipulate pricing, target consumers, and even influence decisions in ways that aren’t always transparent. In healthcare, the goal is to improve patient outcomes, but there’s also the concern of how data could be exploited. Could it be used to discriminate in insurance coverage? Could it impact job opportunities? Securing this data is essential to ensuring trust in the healthcare system.”
How could healthcare data be used against someone?
“A chronic condition today could mean higher insurance rates or outright denial of coverage. Employers, if given access, could make hiring and promotion decisions based on health status. With AI and large-scale data analytics, companies are finding new ways to utilize this information—some for good, such as advancing patient care, and others for maximizing profits at the expense of individuals. This is why data security isn’t just a technical issue; it’s a societal one.”
Who should we trust with our healthcare data?
“This is a complex question. While individuals should have control over their data, managing and tracking it isn’t easy. Legally, health systems own patient records, and while regulations like HIPAA provide some protection, they don’t necessarily make it simple for patients to understand how their data is used. Transparency is key. Ideally, people should know if their data is fueling medical research, improving treatment protocols, or simply being used for marketing. We need better tools to provide that visibility.”
Should there be a universal health ID system?
“I tend to be skeptical of government-led initiatives, but having a universal health ID could significantly improve healthcare. If you’re unconscious in an emergency, wouldn’t you want doctors to instantly access your allergies, medical history, and past treatments? That information can be life-saving. Right now, our healthcare data is fragmented. Standardizing access while maintaining security would be a major advancement.”
Should we keep all our historical health data?
“Health isn’t just about today—it’s a lifelong record. Past conditions, treatments, and genetic markers all contribute to a fuller understanding of a person’s well-being. Storage is inexpensive, and machines can analyze vast amounts of data efficiently. Instead of discarding old records, we should be leveraging them to improve diagnostics and treatment strategies.”
What’s your vision for the future of healthcare data?
“Imagine a future where you can ask an AI assistant about your health in real-time. Doctors could access a comprehensive medical record instantly, integrating imaging, lab results, and history to make informed decisions. AI-driven healthcare isn’t about replacing physicians—it’s about augmenting their ability to deliver precision medicine. With the right infrastructure, both doctors and patients could have access to the best insights at the right time.”
What about data security in this future vision?
“Security is paramount. Ideally, healthcare data should be encrypted at every level, and quantum encryption may play a role in the future. Other industries, like banking, have prioritized data security in ways that healthcare has yet to fully embrace. Beyond encryption, ethical considerations will be crucial. AI and neural interfaces—like those being developed by companies such as Neuralink—offer fascinating possibilities but also raise serious concerns about privacy and consent. The key is to strike a balance between accessibility and protection, ensuring that data empowers patients rather than putting them at risk.”
Karl Hightower’s insights emphasize both the promise and the risks associated with healthcare data security. As AI and data analytics continue to advance, the challenge lies in protecting patient privacy while leveraging technology to improve healthcare outcomes. The future of medical data is a powerful tool—one that must be handled with responsibility and foresight.
