All the diseases we’ve ever had; the medications we took to treat them; our genetic condition; the results of any test, scan, or swab to which we’ve ever been subjected. Our medical histories are packed with tremendous value.

In the right, thoughtful hands, these records could help researchers better understand the connections between genetics, diet, disease, and health. Pharmaceuticals could vastly improve.

In the wrong hands, these records hold a different type of value. Forbes reported last year that a medical record can be worth more than 100,000 times as much as a stolen social security number on the black market. These records can be misused even if they’re shared with the wrong people. Employers, for example, may want to know which job applicants are more likely to develop Alzheimer’s Disease; targeted advertisements could get a hell of a lot more personal.

Now, the government of Ontario — a hotbed of technological research — announced Project SPARK, an initiative to make healthcare data more accessible to healthcare professionals and the people of Ontario themselves.

Ontario, like all of Canada, provides a single payer healthcare system, meaning doctor visits and other medical expenses are subsidized by the government. That means the government of Ontario has accumulated a vast, central database of its citizens’ electronic health records that in other healthcare systems might be fragmented among various doctor’s offices, health maintenance organizations, and medical labs.

With all of these records in the same place, the government of Ontario claims that it’s easier than ever for people to keep track of their own medical histories and stay better informed of their conditions and risks as they go about their lives. Doctors won’t need to track down elusive records or start piecing together patients’ medical histories from scratch, risking allergic reactions or ordering tests on patients who have been through it all before but weren’t able to bring their paper trail with them.

That’s one of the proposed benefits of Project SPARK — a platform that lets people access and contribute to their own medical record in a way that could democratize medicine and healthcare. “SPARK is a pathway that will allow for safe flow of provincial health information into the hands of patients and health service providers – in compliance with the Personal Health Information Protection Act (PHIPA),” a spokesperson tells Futurism via email.

Its main purpose is to allow health service providers “plug in” to the province’s treasure trove of healthcare data.

“This is an interesting initiative that has potential to improve health outcomes and reduce costs,” Avi Goldfarb, a tech economics researcher at University of Toronto, told Futurism.

The people of Ontario won’t have to contribute additional data to Project SPARK — the government isn’t going to come knocking with cheek swabs for genetic tests. But patients still might be in a position in which the project shares more personal details than they are willing to give.

Right now, Ontario’s health records are stored in secured databases with tight controls over who can access what. And there are laws about what kind of data can be shared with what kinds of organization, and for what purpose. But the organizers of Project SPARK, and any other holder of big data repositories, need to take extra care in advance. Because if any organization fails to properly protect patient privacy, or opens the doors to the wrong companies, citizens whose data falls into the wrong hands could face dire consequences.

Ontario’s Project SPARK isn’t designed to give researchers access to patient health data. But if projects like this one proliferate in the future, there are plenty of ways they can develop a healthy marketplace that promotes medical transparency and biomedical research without sacrificing data privacy.

“Making health data available for academic research is an important step in advancing our understanding of diseases and cures,” Christian Catalini, an associate professor of technological innovation at Massachusetts Institute of Technology and founder of MIT’s cryptoeconomics lab, told Futurism. “At the same time, when multiple entities, including for-profit ones, receive access, it becomes extremely important to ensure that the data cannot be de-anonymized, especially when used in conjunction with other private datasets,” Catalini added.

Any company or research institute that gains access to electronic health records must be barred from ever learning who it is actually studying. For instance, if a team of scientists wants to determine whether or not people with a certain genetic makeup are predisposed to develop certain conditions, the team could be required to request and receive only the pertinent data from each health record — information on the genes in question and whether or not those people developed the condition being studied. No names or identities at all.

“This information has potential to improve healthcare substantially overall. In the process, it is important that any individual-level data is only accessible to those who need it to improve health outcomes,” Goldfarb said. “The key will be to ensure that individuals are protected as the overall benefit accrues.” Goldfarb cited research that suggests mishandling health data, specifically by keeping information hidden when it’s most needed by practitioners, can have serious repercussions on vulnerable populations in particular.

Luckily, there are plenty of ways to make sure that a system gives researchers and private companies only the data relevant to a study (and nothing else) so that they can’t learn who has had what conditions but just that someone has.

“Digital information is easy to copy and reuse outside of its intended purpose, so I hope the initiative takes data security and privacy very seriously,” added Catalini.

Of course, once the data is out there, it’s very difficult to make sure people don’t misuse it. This is why the government of Ontario needs to be particularly careful as it moves forward. To signal to the world that it respects and values its people and their privacy, Ontario needs to very carefully vet who will have access to Project SPARK. As Quartz mentioned, over 100 companies are currently in line (a spokesperson from Project SPARK tells Futurism that the program does not give away or sell access to Ontario residents’ data).

To make sure that data only goes to those who will use it responsibly, like conducting medical research that could benefit those who unwittingly donated their medical records, project organizers ought to vet every single application to access its health data. Not just once per company, but for every study that would analyze them.

If someone wanted to create a program like SPARK, they could set up its system such that relevant data is available, but then automatically deleted once the study or project is completed. That way, if that same data works its way into another study or some marketing company’s database, it would be easy to tell who broke the rules and cut them off down the road. A model for this already exists: journalists can sometimes access academic papers before they’re released to better prepare their articles as long as they agree not to publish their article until the paper actually comes out. Those who publish early risk losing access in the future.

Again, these are proposed solutions to the problem of gleaning valuable insight from data that ought to be kept safe and anonymous. And we don’t yet know how Project SPARK plans to handle these issues.

We live in a world where large troves of data are leaked or stolen on a seemingly daily basis. Whether it’s the latest Facebook privacy scandal, the recent leak of 150 million MyFitnessPal accounts, or the Equifax leak that now feels like ancient history, evidence suggests that just about any data put online could end up stolen. If we want people to trust that their data will be used to help people and not used against them, especially where their personal medical records are concerned, programs like Project SPARK will have to invest in the right kind of digital infrastructure before kicking into high gear.

Editor’s note June 21, 2018 at 4:05 PM: This article previously implied that Project SPARK would turn patient data into a commercial product. Project SPARK did not answer our requests for comment before publication, but comments today from a Project SPARK spokesperson indicated that the project will not sell patient data, and that it will also not feed information to researchers. Parts of the article itself, as well the headline, have been updated to reflect this information.