Text of presentation on prior research, delivered in INFS 892, 2011.03.03

Health information technology (HIT) research frequently cites privacy as a concern of health care providers and patients. Privacy is recognized internationally as critical factor in HIT adoption (Anderson, Forgner, Johns, & Reinhardt, 2006). Technological, social, organizational, and legal changes since the 1960s have contributed to steadily growing privacy concerns (Westin, 2003). However, the new technology of online social networks as applied to health—health social networks—poses new conditions and benefits that may change previous privacy concerns.

Health Social Networks

The “backbone” of online social networks is the connected collection of user profiles (Boyd & Ellison, 2008). Such profiles usually include user names, photos, and basic demographic information. On health social networks, these profiles may include medical information that would generally be kept private in traditional interactions with health professionals but which HSN users share to help each other find users with information and experience relevant to their specific health concerns. Online social networks generally include information about connections between members. That information may reside in explicitly declared links, like unidirectional “Like” or “Follower” links or bidirectional “Friend” links (Boyd & Ellison, 2008).

A health social network is an online social network formed around shared interest in a specific health condition like obesity or cancer, a specific area of health care like children’s medicine or hospice, or health information in general. The key characteristic of an online health social network is interaction focused on sharing knowledge and providing emotional support for individuals dealing with health-related questions and problems affecting themselves or other people they care about. Swan (2009) defines a health social network as “a website where consumers may be able to find health resources at a number of different levels.” Swan’s definition includes the word consumer, an increasingly inapt term (Adams, 2010a) (Heidelberger, 2009) given that an important characteristic of health social networks and any other type of online social network is that users are not merely consuming content but producing and organizing much of the content available in the form of, for example, posts, comments, discussions, and ratings. While Internet use is often characterized by “lurking,” the act of reading online discussions without making one’s presence known through participation, some evidence shows that health-related online groups show a markedly above-average level of user participation (Nonnecke & Preece, 2000). This increased participation and the blurring of producers and consumers into conducers affects how individuals configure their understandings of health (Adams, 2010b).

The value of any online social network lies in the sharing of information. In health social networks, one of the vital “different levels” (Swan, 2009) at which users seek information is peer information, advice from users just like them that relates specifically to their experience. Lurkers can find certain information relevant to their health situations without ever making their presence known, but to make the information on a health social network fully relevant to one’s specific health situation, a user generally must choose to engage the community in a conversation, share some personal detail, and surrender some level of privacy.


Privacy is subject to different interpretations in different situations (Allen, 1988). Privacy is not simply the desire to withhold information; more comprehensively, privacy refers to the desire to control disclosure of information (Lanier & Saini, 2008). Privacy means controlling what personal information is revealed to others, when that information is revealed, and how it is used (Westin, 1967, 2003). The view of privacy as a matter of control enjoys broad acceptance (Elgesem, 1996; Fried, 1984; Lessig, 2002). However, some scholars argue that, while control plays an important part in managing privacy, having control does not equate with having privacy (Dinev & Hart, 2004; Laufer & Wolfe, 1977; Xu, 2007). Control may merely be a means to the privacy ends of restricted access and protection from intrusion (Tavani & Moor, 2001).

Westin (1967) identifies four states of privacy:

  1. solitude: freedom from observation by others
  2. intimacy: small-group seclusion in which members can achieve close, relaxed, frank relationship
  3. anonymity: freedom from identification and surveillance in public places and for public acts
  4. reserve: desire to limit disclosure to others (as summarized in Margulis, 2003).

Westin (1967) also identifies four main functions of privacy:

  1. personal autonomy
  2. emotional release
  3. self-evaluation
  4. limited and protected communication

Some scholars narrow the concept of privacy to informational privacy to focus on the ability of individuals to limit the access others have to their information (Alpert, 2003). In developing the “Concern for Information Privacy” construct, (Smith, Milberg, & Burke, 1996) identify four main components: collection, errors, unauthorized access, and secondary use. (Stewart & Segars, 2002) validated and extended the CFIP instrument. CFIP focuses on organizational handling and uses of information. However, the Internet creates important changes in how individuals interact with organizations and with each other with respect to personal information. The Internet gives consumers more access to and control over the data they share in the marketplace (Malhotra, Kim, & J. Agarwal, 2004). Grounded in social contract theory, the construct of Internet users’ information privacy concerns (IUIPC) focuses on consumers’ engagement with e-commerce and consists of three main components:

  1. collection: equitable exchange of information according to mutually accepted rules
  2. control: freedom to voice an opinion or exit the contractual agreement
  3. awareness of privacy practices: understanding of the rules and practices established by the firm and its agreement with consumers (Malhotra et al., 2004).

Subsequent research has used social contract theory similarly to understand patient interaction with medical websites (Gaurav Bansal, Zahedi, & Gefen, 2010).

The National Consumer Health Privacy Survey 2005 (Bishop, Holmes, & Kelley, 2005) provides these key findings about user interaction

  1. Consumers are concerned about health information privacy.
  2. Consumers are unaware of their privacy rights.
  3. A small fraction (13%) of consumers engage in specific privacy-protection behavior. Most cited behaviors have to do with keeping insurers from finding out information that might affect payment or premiums.
  4. Consumers are willing to trade privacy for benefits. Note that at this time, more consumers identified paper records as secure than identified electronic records as secure.

Privacy in Health Social Networks

More recent research suggests that privacy concerns are affected by health status: individuals in poor health are less likely to share information with consumer health websites (G. Bansal & Davenport, 2010). Connected research attempts to link privacy concerns with other personal dispositions: emotional instability may work through perceived sensitivity of health information to relate to heightened privacy concerns, but extroversion, agreeableness, conscientiousness, and intellect show little sign of significant connection to privacy concerns (Gaurav Bansal et al., 2010). Notice that the preceding studies, like many discussions of information privacy, address privacy as a consumer issue. Westin (2003) broadens the discussion of privacy to look at individual privacy concerns in the context of their relationships as citizens to government and as employees to employers in addition to the commercial relationship of consumers to business. The IUIPC focuses on the social-contract relationship between individuals and the firm as each entity surrenders different rights and makes different promises for different benefits (Malhotra et al., 2004). These conceptualizations fit with the theme of much literature on health information privacy as it considers the impacts of how health care providers may use (or misuse) electronic health records to process genetic information and other sensitive patient data (e.g., Alpert, 2003).

However, these conceptualizations assume a hierarchy that does not necessarily manifest itself in an online social network. Certainly online social networks may involve citizen–government, employee–employer, and consumer–business interactions. While there may well be consumer–business interactions in health social networks in the form of network members seeking information from staff of the online service (e.g., formal forum moderators or coaches, designated medical experts) or advertisements soliciting business, online social network interactions will generally be dominated by a form of interaction not addressed by most discussions of privacy concerns: non-hierarchical citizen–citizen interactions, users communicating with users as equals seeking the same balance between privacy rights and informational benefits.

One of the above studies acknowledges that health social networks may play by different rules from the typical consumer medical websites. In finding that extroversion shows no significant relationship with health information sensitivity, (Gaurav Bansal et al., 2010) note the the consumer-type website they used in their investigation provides a “leaner” online setting where extroverts “apparently are less forthcoming.” They acknowledge that personality traits may have different influence in different communication settings and recommend further investigation along those lines. Such investigation makes sense for health social networks, as they would provide a richer communication setting where, instead of simply making a commercial transaction for a product, users are engaging directly and often by name with each other. This richer channel can carry more social presence, which could well have more influence over privacy perceptions and behaviors than a “lean” commercial transaction. (Gaurav Bansal et al., 2010) recognize that trust in a website (a factor with a strong positive relationship to intent to disclose health information) could be enhanced for some “customers” by social interaction, the heart and soul of health social networks. Evidence that consumer-oriented research may not capture the full privacy picture in health social networks comes from recent findings that individuals with chronic conditions are more likely to go online to find others with similar health concerns than individuals who do not have chronic conditions (Fox, 2011).

Unique characteristics of online social networks pose challenges to normal privacy expectations and behaviors. The social Web is inherently leaky: they increase the chances for individuals to lose control of information they share (Solove, 2007). Online social networks constitute a “mediated public” where information becomes persistent, searchable, replicable, and open to invisible audiences (boyd, 2007). Information that would be transient in a private face-to-face conversation persists online in entries in the Google cache and copies stored on other computers. Information that would be lost in noise and fallible memory can be retraced and recalled almost instantly by search engines. Information shared online can be replicated in numerous other contexts that may have no direct relation to the original intent that motivated the sharing (such as a discussion on a weight-loss surgery forum about constipation finding its way into a doctoral dissertation on the use of narrative on health social networks). And information directed at one specific person or group in an online forum may be viewed by and provoke reactions from numerous individuals whom the original speaker does not and may not ever know. All of these factors can make social interactions online “eternal,” transcending the moment and context in which they happen and escaping the control of the people originating them (Albrechtslund, 2008). This “eternal” nature is seen in health social network profiles whose stories and data continue to inform their communities even after the originators of those profiles die (Goetz, 2008).

However, concerns about privacy in online social networks often operate from an assumption of vertical hierarchy underpinning the traditional view of surveillance (Albrechtslund, 2008). Concerns about surveillance from some “Big Brother” lead to assumptions that sacrifices of privacy in online social networks stem either from cost-benefit analysis or from ignorance of the dangers. Albrechtslund posits that online social networks support “participatory surveillance” in which individuals empower themselves and each other by sharing information rather than trading it. This participatory paradigm improves our understanding of privacy dynamics online as we witness a shift from the anonymity and pseudonymity that dominated Internet discourse in the first decade of the Web to the increased voluntary posting of personal information on social networks and integration of online and offline activities (Adams, 2010b), a shift enhanced by the increasing availability and popularity of Web 2.0 technology like blogs, Facebook, and Twitter.

Privacy is generally seen as a positive construct, and research focuses on how to protect or preserve it (Angst & R. Agarwal, 2009). One study views sharing health information online as a “disutility” (G. Bansal & Davenport, 2010). Arguably, though, from a health perspective, privacy could be seen as a negative factor standing in the way of building and sharing knowledge and support. In a discussion of blogging in a health social network context, (Adams, 2010b) suggests there is a need for further investigation of whether engaging in online documentation and communication about personal health may motivate individuals to stick with routines in pursuit of their health goals. This suggestion hearkens to the concept of participatory surveillance: health social network users may benefit from being able to “keep an eye on” each other and know that others are similarly keeping an eye on them. Increased information sharing also creates a richer database of disease treatment and patient experience, an advantage that PatientsLikeMe explicitly embraces in an “Openness Philosophy” that challenges the primacy of privacy:

“Currently, most health-care data is inaccessible due to privacy regulations or proprietary tactics,” it declares. “As a result, research is slowed, and the development of breakthrough treatments takes decades. . . . When you and thousands like you share your data, you open up the health-care system. . . . We believe that the Internet can democratize patient data and accelerate research like never before” (Goetz, 2008).

Some users of health social networks report finding informational support among peers that they may not find among their regular physicians:

Thank you for the replies. Of course I will talk to my doctor about this but wanted to come on here because it is more beneficial to me to find out how it affects a person that has had WLS [weight loss surgery]. Doctors are not always familiar with how our new systems work (ObesityHelp.com user, 2009).

User behavior in health social networks suggests different attitudes toward privacy than we might expect in public face-to-face interactions. In ObesityHelp.com, for instance, plenty of interaction takes place privately, in member-only chat rooms and via other protected channels. However, thousands of users post medical information in publicly accessible profiles, blogs, and forum posts. Users identifiable by username, location, and photo openly discuss personal details like weight loss and gain, prescriptions, constipation, sexual dysfunction, and surgical complications that would be considered impolite if not imprudent to share in the physical company of strangers and which would certainly violate HIPAA if released by those users’ health care providers.

It is possible, of course, that many users do not grasp the privacy implications of using health social networks. A study of health social networks for diabetics found varying capabilities for users to control privacy settings and share information; only eight of the ten studied networks offer accessible privacy policies, and most of them are hard to read (Weitzman, Cole, Kaci, & Mandl, 2011). Providing users with more control over publication may actually “induce them to reveal more sensitive information,” a result which raises concerns that users may conflate increased control over publication with increased control over access and usage of their personal information  (Brandimarte, Acquisti, & Loewenstein, 2010). Access and usage pose the real risk of intrusion and harm, but as potential actions of others, they are less salient than the satisfaction users may derive from the immediate exercise of control over their own information publication.

Concern for information privacy has been shown to correlate negatively with likelihood of adopting electronic health records (Angst & R. Agarwal, 2009). However, our own research at DSU on adoption of electronic health records in South Dakota suggests that privacy concerns are not nearly as prominent in the minds of practitioners as other barriers to ER adoption. And whatever privacy concerns may keep some people from engaging with health information technology, there are thousands of users who are willing to share personal stories and health information on health social networks like PatientsLikeMe (Goetz, 2008).

Privacy concerns in health social networks may be mitigated by the sense of community. Consider this observation from multiple sclerosis patient and PatientsLikeMe user Laurie Fournier:

Pretty much everybody I know over 45 has some kind of medical condition. Some people have had cataracts surgery, or they have high blood pressure, or high cholesterol or diabetes. Everyone has something. And if everyone has something, that really levels the playing field (Goetz, 2008).

The sense of community in health social networks may be even stronger among users with rare diseases. Individuals with rare diseases—i.e., diseases affecting no more than 20,000 people—are “power users” of Internet health resources (Shute, 2011). The observation that such users are “ready and willing to share with each other so that other people can benefit from their experiences” (Shute, 2011) suggests the need to look beyond a purely selfish privacy calculus: users may surrender privacy not to gain emotional or informational support for themselves but to provide such support to other members of their online community.

Privacy remains a valid concern for all individuals. Privacy sets boundaries, and people need physical and psychological boundaries to define their sense of identity. The increasing integration of online social networks into daily activities, especially in the area of patient use of health social networks, will not end the value of privacy. However, health social networks emphasize the difference in privacy concerns with hierarchical institutions and with peers who share health interests and goals.

Works Cited

Adams, S. A. (2010a). Revisiting the online health information reliability debate in the wake of “web 2.0”: An inter-disciplinary literature and website review. International journal of medical informatics, 79(6), 391–400.

Adams, S. A. (2010b). Blog-based applications and health information: Two case studies that illustrate important questions for Consumer Health Informatics (CHI) research. International Journal of Medical Informatics, 79(6), e89-e96. doi:10.1016/j.ijmedinf.2008.06.009

Albrechtslund, A. (2008). Online social networking as participatory surveillance. First Monday (Chicago), 13(3).

Allen, A. L. (1988). Uneasy access: Privacy for women in a free society. Rowman & Littlefield Pub Inc.

Alpert, S. A. (2003). Protecting medical privacy: challenges in the age of genetic information. Journal of Social Issues, 59(2), 301–322.

Anderson, G. F., Forgner, B. K., Johns, R. A., & Reinhardt, U. E. (2006). Health Care Spending and Use of Information Technology in OECD Countries. Health Affairs, 25(3), 819-831. Retrieved from http://www.ezproxy.dsu.edu:2108/pqdweb?index=17&did=1038492821&SrchMode=3&sid=1&Fmt=4&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=1249163046&clientId=18865&aid=1

Angst, C. M., & Agarwal, R. (2009). Adoption of Electronic Health Records in the Presence of Privacy Concerns: The Elaboration Likelihood Model and Individual Persuasion. MIS Quarterly, 33(2), 339-370. doi:Article

Bansal, G., & Davenport, R. (2010). Moderating Role of Perceived Health Status on Privacy Concern Factors and Intentions to Transact with High versus Low Trustworthy Health Websites. MWAIS 2010 Proceedings, 7.

Bansal, G., Zahedi, F. “., & Gefen, D. (2010). The impact of personal dispositions on information sensitivity, privacy concern and trust in disclosing health information online. Decision Support Systems, 49(2), 138-150. doi:10.1016/j.dss.2010.01.010

Bishop, L., Holmes, B. J., & Kelley, C. M. (2005). National consumer health privacy survey 2005. Oakland: California Healthcare Foundation, 1–5.

Boyd, D. M., & Ellison, N. B. (2008). Social network sites: Definition, history, and scholarship. Journal of Computer-Mediated Communication, 13(1), 210–230.

boyd, D. (2007, May). Social Network Sites: Public, Private, or What? The Knowledge Tree.

Brandimarte, L., Acquisti, A., & Loewenstein, G. (2010). Misplaced Confidences: Privacy and the Control Paradox. Presented at the Ninth Workshop on the Economics of Information Security (WEIS 2010), Cambridge, MA.

Dinev, T., & Hart, P. (2004). Internet privacy concerns and their antecedents-measurement validity and a regression model. Behaviour & Information Technology, 23(6), 413–422.

Elgesem, D. (1996). Privacy, respect for persons, and risk. Philosophical perspectives on computer-mediated communication, 45–66.

Fox, S. (2011). Peer-to-peer Healthcare. Pew Internet & American Life Project. Pew Research Center’s Internet & American Life Project. Retrieved from http://www.pewinternet.org/Reports/2011/P2PHealthcare.aspx

Fried, C. (1984). Privacy. In F. D. Schoeman (Ed.), Philosophical dimensions of privacy: An anthology. Cambridge Univ Pr.

Goetz, T. (2008, March 23). Practicing Patients. The New York Times. Retrieved from http://www.nytimes.com/2008/03/23/magazine/23patients-t.html

Heidelberger, C. A. (2009). Citizens, Not Consumers. In V. Weerakkody, M. Janssen, & Y. K. Dwivedi (Eds.), Handbook of Research on ICT-Enabled Transformational Government: A Global Perspective (pp. 51-71). Hershey, PA: IGI Global.

Lanier, C. D., & Saini, A. (2008). Understanding consumer privacy: A review and future directions. Academy of Marketing Science Review, 12(2), 1–48.

Laufer, R. S., & Wolfe, M. (1977). Privacy as a concept and a social issue: A multidimensional developmental theory. Journal of Social Issues, 33(3), 22–42.

Lessig, L. (2002). Privacy as property. Social Research: An International Quarterly, 69(1), 247–269.

Malhotra, N. K., Kim, S. S., & Agarwal, J. (2004). Internet Users’ Information Privacy Concerns(IUIPC): The Construct, the Scale, and a Causal Model. Information Systems Research, 15(4), 336–355.

Margulis, S. T. (2003). On the Status and Contribution of Westin’s and Altman’s Theories of Privacy. Journal of Social Issues, 59(2), 411–429.

Nonnecke, B., & Preece, J. (2000). Lurker demographics: counting the silent. In Proceedings of the SIGCHI conference on Human factors in computing systems (pp. 73-80). The Hague, The Netherlands: ACM. doi:10.1145/332040.332409

Shute, N. (2011, March 1). People Coping With Rare Disease Are Internet Power Users. NPR: Shots. Retrieved March 3, 2011, from http://www.npr.org/blogs/health/2011/02/28/134140813/people-coping-with-rare-disease-are-internet-power-users?ps=sh_sthdl

Smith, H. J., Milberg, S. J., & Burke, S. J. (1996). Information privacy: measuring individuals’ concerns about organizational practices. MIS quarterly, 20(2), 167–196.

Solove, D. J. (2007). The future of reputation: gossip, rumor, and privacy on the Internet. Yale Univ Pr.

Stewart, K. A., & Segars, A. H. (2002). An empirical examination of the concern for information privacy instrument. Information Systems Research, 13(1), 36–49.

Swan, M. (2009). Emerging Patient-Driven Health Care Models: An Examination of Health Social Networks, Consumer Personalized Medicine and Quantified Self-Tracking. International Journal of Environmental Research and Public Health, 6(2), 492-525. doi:10.3390/ijerph6020492

Tavani, H. T., & Moor, J. H. (2001). Privacy protection, control of information, and privacy-enhancing technologies. ACM SIGCAS Computers and Society, 31(1), 6–11.

Weitzman, E. R., Cole, E., Kaci, L., & Mandl, K. D. (2011). Social but safe? Quality and safety of diabetes-related online social networks. Journal of the American Medical Informatics Association. Retrieved from http://jamia.bmj.com/content/early/2011/01/24/jamia.2010.009712.abstract

Westin, A. F. (1967). Privacy and freedom (Vol. 97). London.

Westin, A. F. (2003). Social and political dimensions of privacy. Journal of Social Issues, 59(2), 431–453.

Xu, H. (2007). The effects of self-construal and perceived control on privacy concerns. In Proceedings of the 28th Annual International Conference on Information Systems (ICIS 2007). Montréal, Québec, Canada.



Emory econ prof Paul H. Rubin takes to the Wall Street Journal to challenge ten fallacies about Web privacy. The basic idea: Privacy trades off with information. Information greases the market. Privacy adds friction to the economy, preventing producers and consumers from getting what they want as cheaply and efficiently as possible.

Rubin’s best example: Google. Think of all the “free” stuff Google does for you: Blogger, Calendar, YouTube… oh yeah, and that search thingy. Google wouldn’t be able to pay people to design and manage those wonderful services if it weren’t able to glean oodles of info about who and where we are and what we are searching for. That info helps Google make better products and charge more money for its for-pay services. If we all surfed the Web in complete anonymity, Google would need an entirely different business model.

Rubin also makes the argument that less privacy means less risk of fraud and identity theft. If all an online shop knows about you is your password and your credit card number, stealing your info and buying a fur coat and two tickets to Geneva is easy. If an online shop knows you don’t usually spend more than a couple hundred bucks online a month, never buy fur, and place almost all of your online orders from an IP located in Colman, South Dakota, those fur and flight purchases logged from a server in Boca Raton may well send up red flags that save your credit rating.

Give Rubin’s article a read, see if you find any fallacies in his fallacy-busting.

Facebook has been getting lots of press and pie in the face over its shifting privacy policies. Social media expert danah boyd has led criticism of Facebook’s effort to devalue privacy for its own gain. She’s even suggested that we might regulate Facebook as a utility just like electricity or water works.

A new Pew report suggests we might not need to rush to regulate Facebook or other social media to protect privacy. Young users appear to be leading the way in figuring out how to control their own privacy online:

The Pew study found, for instance, that social networkers ages 18 to 29 were the most likely to change the privacy settings on their profiles to limit what they share with others online. The percentage who did so was 71 percent, compared with just 55 percent of the 50- to 64-year-old bracket. Meanwhile, about two-thirds of all social networkers who were surveyed said they’ve tightened security settings.

The survey also determined that:

  • about half of young people in that 18-29 bracket have deleted comments that others have made on their profile, compared with just 29 percent of those ages 30 to 49 and 26 percent of 50- to 64-year-olds. The numbers were similar when it came to social networkers who removed their names from photos that were tagged to identify them.
  • When asked how much they can trust social networking sites, 28 percent of the youngest adults surveyed said “never.” A fifth in the 30-49 bracket said that and just 14 percent of those ages 50 to 64 agreed.

[Martha Irvine, “Image-Conscious Youth Rein in Social Networking,” AP via Yahoo News, 2010.05.27]

I don’t advocate a completely unregulated, Wild-West Internet. We need rules, sometimes customs and mores, sometimes laws, to make any social undertaking work.

The social Web has been widely accessible for only a few years. Our Web customs and mores are still evolving. We’re only just realizing that the Web isn’t some exotic foreign land or desert island where we can indulge our inner streaker without consequence. The more we use it, the more we’ll get a sense of how it’s all connected and how we need to behave ourselves to maintain our reputations and privacy as we see fit.