Question special

There is a notable tension between capitalizing on the full promise of big data and protecting patient privacy in health care. For example, actions taken in compliance with HIPAA, have in some instances limited my ability to link insurance claims with electronic health records, which would enable more complete longitudinal follow-up of patients for pharmacoepidemiological studies. I am curious to know what limitations you have you encountered (across the world), and whether you think we generally strike the right balance between protecting privacy and facilitating big data use to enable scientific advancement?