AthenaHealth Paying Dearly to Take on Larger Rivals

Athenahealth is a high-flier in the Boston business community, led by the outspoken and forceful Jonathan Bush. Bush, however, openly admits that his Watertown, MA-based company (NASDAQ:ATHN) is relatively unknown outside of local business and technology circles—including among most U.S. physicians. Athena has been ramping up efforts to raise its profile among doctors, the target audience for its Internet-enabled billing and electronic health records services. Yet the company has been criticized for the relatively high price of the push…

…To compete with larger firms in the EHR game, Athena has been trying to allay the concerns of many physicians that they will ultimately end up losing money by deploying the records systems. Bush says that Athena might be able to halve the amount that physicians pay to use its EHR if they participate in what is now a nascent effort at the company called “AthenaCommunity.” Athena’s EHR customers who opt to share their patients’ data with other providers would pay a discounted rate to use Athena’s health record software. Athena would be able to make money with the patient data by charging, say, a hospital a small fee to access a patient’s insurance and medical information from Athena’s network. For a hospital’s part, this might be cheaper than paying its own staff to gather a patient’s information through standard intake procedures. Hallock, Athena’s spokesman, says the community is in development and is slated to launch later this year.

Nominate PPR & Keep Privacy Powerful

Each year Modern Healthcare Magazine encourages the public to nominate and vote for the top 100 “Most Powerful People in Healthcare.” Help keep PRIVACY at the top of the list by nominating Patient Privacy Rights’ founder, Dr. Deborah Peel.

Dr. Peel first appeared on the list in 2007 as #4 of the most powerful people in health care for her work to keep medical records private. The last two years she remained on the list as one of the only consumer advocates. Keep privacy at the forefront by nominating Dr. Peel again this year.

Nominating is easy and fast. Simply go to, and use the information below:

  1. Last name: Peel
  2. First name: Deborah
  3. Title: Founder & Chair
  4. Name of Organization: Patient Privacy Rights
  5. Location of Organization: Austin, TX

Click ‘submit’ and you are done.

Please NOMINATE NOW; the deadline is May 7th. Help us keep privacy front and center in health care.

Thank you, and keep an eye out for when it’s time to vote!

Latanya Sweeney Briefs Congress

See Latanya Sweeney’s Written Testimony

Latanya Sweeney’s riveting testimony April 22nd at a roundtable discussion on the “Implementation of Health Information Technologies in a Healthcare Environment” was highly praised by Representative Patrick Kennedy, a co-host of the event.  The briefing hosted by Representatives Patrick Kennedy and Tim Murphy was sponsored by the Capitol Hill “Steering Committee on Tele-health and Healthcare Informatics” and the Institute for e-Health Policy.

From Professor Sweeney’s testimony:

  • Secondary use of protected health information (PHI) by Business Associates is “unbounded, widespread, hidden, and difficult to trace.”
  • Implementing EHRs that meet ‘Meaningful Use’ criteria will “increase data sharing, but adding the NHIN will massively increase data sharing.”
  • There are significant defects in the two National Health Information Network models which are supposed to link all Americans’ health information online that HHS plans to implement.
  • The proposed NHIN models aren’t capable of exchanging enough needed health data (i.e., do not have enough “utility”) nor do they permit patients to have any control access sensitive health data by the millions of “Covered entities” and their employees who will use the NHIN (i.e., do not offer enough “privacy”).

In other words, the NHIN solutions currently on the table give Americans the worst of both worlds: no privacy at all (patient control over personal health information) and the inability to exchange all the health information we need for clinical and other uses.

After she spoke, Representative Kennedy commented:

  • “Your role is very, very significant.”
  • “If the issues you just raised aren’t addressed, then everything else is meaningless. Without trust we will have the most difficult implementation with consumers.”
  • “You went into specific examples and anecdotes that [show how the NHIN models] could blow the whole thing up. It doesn’t take political sensitivity to understand what the reaction from the public will be.”

We applaud Professor Sweeney for pointing out the serious technical problems with the NHIN proposals AND proposing the solution: risk analysis of all technical systems for exchanging health data. We applaud Congressman Kennedy’s wisdom in seeking Professor Sweeney’s response to plans for the NHIN.

Dr. Sweeney recommended that ALL proposals for exchanging health information be subjected to risk analysis, so HHS and the public can compare the proposals ‘apples-to-apples’ and so the specific flaws/defects of each approach can be addressed in advance.

We agree with her. We need to know what we’re getting into before we build poor systems that will exponentially increase the theft, misuse, and exposure of Americans’ sensitive health information, from prescription records to DNA, to millions more strangers across the globe.

Professor Sweeney has been trying to get the national HIT Policy and Standards Committees to face the consequences of choosing from the various technology strategies for health information exchange, always making the obvious point that different systems pose different threats to privacy. The threats and strategies to mitigate them should be dealt with before anything is built.

Patient Privacy Rights fully supports Professor Sweeney’s recommendations. The Administration and Congress should make sure that we build the right NHIN and the right HIT systems. We have only one chance to build a trusted health system. Once public trust is lost, it is very difficult to restore.

See Latanya Sweeney’s Written Testimony

Indian Tribe Wins Fight to Limit Research of Its DNA

This article from the New York Times, Indian Tribe Wins Fight to Limit Research of Its DNA, shows how patients are willing to opt in to certain research, but are outraged when their information is used for research and other purposes they are unaware of.

“SUPAI, Ariz. — Seven years ago, the Havasupai Indians, who live amid the turquoise waterfalls and red cliffs miles deep in the Grand Canyon, issued a “banishment order” to keep Arizona State University employees from setting foot on their reservation — an ancient punishment for what they regarded as a genetic-era betrayal.

Members of the tiny, isolated tribe had given DNA samples to university researchers starting in 1990, in the hope that they might provide genetic clues to the tribe’s devastating rate of diabetes. But they learned that their blood samples had been used to study many other things, including mental illness and theories of the tribe’s geographical origins that contradict their traditional stories.

The geneticist responsible for the research has said that she had obtained permission for wider-ranging genetic studies.

Acknowledging a desire to “remedy the wrong that was done,” the university’s Board of Regents on Tuesday agreed to pay $700,000 to 41 of the tribe’s members, return the blood samples and provide other forms of assistance to the impoverished Havasupai — a settlement that legal experts said was significant because it implied that the rights of research subjects can be violated when they are not fully informed about how their DNA might be used…”

Controversial medical records database suspended

A controversial scheme to upload confidential medical records to a national database has been suspended following public outcry.

The project triggered anger when it was revealed that information could have been logged on the system without patients’ knowledge.

The British Medical Association (BMA) warned that many people were not even aware of the scheme, let alone the fact that they could ‘opt out’.

PPR on article: What ‘Patient-Centered’ Should Mean…

It is extremely helpful that the nominee to head of one of the largest federal agencies, the Centers for Medicare and Medicaid (CMS), stated he believes medical records should belong to patients.

You will be intrigued by Don Berwick’s terrific and very personal article titled “What ‘Patient-Centered’ Should Mean: Confessions Of An Extremist, A seasoned clinician and expert fears the loss of his humanity if he should become a patient.” He is a highly respected physician and scholar. Key quotes:

  • “Medical records would belong to patients. Clinicians, rather than patients, would need to have permission to gain access to them.”
  • “My proposed definition of “patient-centered care” is this: The experience (to the extent the informed, individual patient desires it) of transparency, individualization, recognition, respect, dignity, and choice in all matters, without exception, related to one’s person, circumstances, and relationships in health care . . .”

Discussion on Targeting in the UK using the National Health Service

UK patients are outraged over whether the government NHS (National Health Service) data base was used to find individual cancer patients and pressure them to vote for the Labour party.  See article here.

Even if NHS data was not used, CLEARLY there is enough commercial data for sale in both Britain and the US for cancer victims’ addresses to be found and re-identified.

Allowing the secret US data mining industries that steal, collect, aggregate, and sell all Americans’ sensitive personal health information, health-related searches, health-related posts on social websites, email about health, and health-related purchases to continue doing business-as-usual is a prescription for disaster.

It’s a key reason we are seeking 500,000 people to sign the Do Not Disclose list. If Congress gets 500,000 signatures, they will pass a law to restore our control over our digital health records and set up the list.

Don Berwick MD, President Obama’s nominee to lead the Centers for Medicare and Medicaid, agrees that health information should belong to patients—and doctors should have to ask us to see it. See his article on patient empowerment: What ‘Patient-Centered’ Should Mean.

Yes, it’s illegal for employers and banks to use health information—but if they have it, they can use it—and there is no way to stop them.

We should be able to stop anyone from getting our health information. A national Do Not Disclose list would ensure we decide who sees our health information and who doesn’t.

It’s time to prevent corporations and government from being able to get our sensitive health information without consent. Sign the Do Not Disclose list!


  • “The Conservatives and the Liberal Democrats have attacked the Labour Party for sending “alarmist” literature to cancer patients, and called for an inquiry into whether NHS databases had been used to identify recipients. The row erupted after Labour sent cancer patients mailshots saying that their lives may be at risk under a Conservative government.”
  • “Experian, the data management company, confirmed that both Labour and the Conservatives use its Mosaic database, which divides voters into 67 groups. The databases can use anonymised hospital statistics, including postcodes and the diagnoses of patients, to identify the likely addresses of those with particular illnesses.”

UK: Labour [Party] attacked over mailshot to cancer patients

The Conservatives and the Liberal Democrats have attacked the Labour Party for sending “alarmist” literature to cancer patients, and called for an inquiry into whether NHS databases had been used to identify recipients.

The row erupted after Labour sent cancer patients mailshots saying that their lives may be at risk under a Conservative government.

Andrew Lansley, the Shadow Health Secretary, said: “It is shameful that the Labour Party, knowing that we are the only party that is going to increase investment in the NHS, have decided to deliberately scare patients and misrepresent what we have said.

PPR responds to NHS sending patient information to India

In response to article: NHS sends confidential patients’ records to India despite pledges it would not

In the US, the use of “cloud computing” for sensitive electronic health information creates EXACTLY the same dangers that British health records are exposed to in India: hundreds or thousands of staff can access and sell health records.

  • “Indian data entry staff will have access to the names, addresses and NHS numbers of patients – along with private information about medical appointments.”
  • “The risks of transferring data overseas were highlighted last year when undercover reporters for a TV programme were able to buy health records from a private London hospital, which had been processed in India. The sellers said they had access to thousands of British medical records.”

It is impossible to ensure ironclad security for health data in far-away nations –actually we don’t yet have a way to be sure that health data in America has ironclad security protections in place either. And it’s impossible to hold cloud servers in other countries liable for the theft, sale, or breach of privacy of your health data—which they probably NOT report to us anyway. Which nation’s cloud servers would you trust with your sensitive health records?

NHS sends confidential patients’ records to India despite pledges it would not

The NHS is sending millions of patient records to India for processing, it emerged yesterday.

In the latest privacy scandal to hit the Health Service, Indian data entry staff will have access to the names, addresses and NHS numbers of patients – along with private information about medical appointments.

Managers have given the green light to the scheme despite concerns over poor security at some Indian companies.