Open Source Research

See the Government Health IT article: NCI to open research grid to cancer patient ‘army’

Women desperate to cure breast cancer are contributing their sensitive personal health information to “an army” of researchers.

But there is no reason that these altruistic women have to risk their futures and their daughters’ futures to find a cure.

It’s possible to do research without risking their futures and their daughters’ and granddaughters’ futures by using privacy-protective technologies and robust informed electronic consent. But this project does NOT protect the privacy of these generous and well-intentioned women.

The women’s data can be downloaded by “thousands of users”–all of whom make copies of their extremely sensitive, IDENTIFIABLE records. The records are identifiable so that the women can be contacted by researchers.

Some of the major things wrong with this picture:
1) The NCI system allows “researchers (to) form and maintain large breast cancer disease databases.” Is there any way to tell if the security is ironclad, state-of-the-art? No.
2) How many copies will researchers make? How many times will the data be replicated and backed-up across the world? No way to know.
3) What countries will copies of the records be kept in? No way to know.
4) How many and which researchers will download and keep their data? No way to know.
5) The researchers must sign agreements to protect and not sell the data, but there are no ‘data police’ to enforce those agreements. If there are no ‘data police’ watching this data, how do the women know it’s safe? No way to know.
6) What if a woman does not approve of a particular study or researcher who has their data? Can a woman prevent any researcher from using her information? No.
7) How will the data be handled after the research study is complete? How will the women know if it is destroyed? No way to know.
8) How safe is research access via a web browser? No way to know

The severe flaws in this plan are obvious. Fearful women desperate for cures are being exploited by the government and the research industry that designed these systems to serve their needs, NOT the women’s rights to privacy. Putting such sensitive data out into cyberspace KNOWING it can never be retrieved or destroyed is grossly irresponsible. Like Paris Hilton’s sex video, this data will live forever in cyberspace, risking future jobs and opportunities of every child of every woman desperate for a cure.

The NCI could do this a better way—we can have research and privacy at the same time. But the privacy protective technologies that can enable both are not being used. Why not?????

See our testimony Sept 18th at the national HIT Policy Committee and the many letters from the Coalition for Patient Privacy to federal agencies and Congress describing how to do research while protecting privacy.

And NO–the Genetic Information Nondiscrimination Act (GINA) DOES NOT protect our genetic data. It allows insurers and employers to have our genetic data and it has no enforcement. Zero. And HIPAA has no protections for genetic data either–it allows others to control and use our data without consent.

The cost of contributing to research should not be that your female descendents are unemployable. Unless data is protected, we will have generations of people who cannot work because employers will not risk hiring anyone at risk of getting a disease.

UK Handing off their health records?

Federal Computer Week: U.K. mulls handing off national health records to Microsoft, Google

It will be interesting to see which one the UK chooses. Microsoft joined the bipartisan Coalition for Patient Privacy to urge Congress to restore consumer control over PHI in 2007. Google has not.

MS signed Coalition letters in 2007 and 2009, and agreed to support the Coalition’s tough privacy principles and health privacy rights in electronic systems. HealthVault was built to adhere to the Coalition’s stringent privacy principles. Open, public promises by major corporations are taken very seriously by federal regulatory agencies and consumer advocates.

The promises by the technology corporations that joined the Coalition are a rebuke to other HIT vendors and the data mining industry that will do anything to get their hands on PHI for all sorts of uses that patients would never agree to.

Today, the clearest sign of serious corporate commitment to health privacy rights is joining the Coalition for Patient Privacy and standing with consumers to build an ethical, legal HIT system—the only kind that will be trusted and succeed.

UK Handing off their health records?

Federal Computer Week:U.K. mulls handing off national health records to Microsoft, Google

It will be interesting to see which one the UK chooses. Microsoft joined the bipartisan Coalition for Patient Privacy to urge Congress to restore consumer control over PHI in 2007. Google has not.
MS signed Coalition letters in 2007 and 2009, and agreed to support the Coalition’s tough privacy principles and health privacy rights in electronic systems. HealthVault was built to adhere to the Coalition’s stringent privacy principles. Open, public promises by major corporations are taken very seriously by federal regulatory agencies and consumer advocates.

The promises by the technology corporations that joined the Coalition are a rebuke to other HIT vendors and the data mining industry that will do anything to get their hands on PHI for all sorts of uses that patients would never agree to.

Today, the clearest sign of serious corporate commitment to health privacy rights is joining the Coalition for Patient Privacy and standing with consumers to build an ethical, legal HIT system—the only kind that will be trusted and succeed.

But privacy is ALREADY gone!

Refer to Wall Street Journal article: Is Government Health Care Constitutional?

The authors fear that Americans’ health privacy rights will be eliminated by health reform if a proposed “public plan” evolves into “single payer”.

They are too late, there is no privacy (the right to control personal information) in the US electronic health system —EXCEPT for the strong new rights Congress added to the stimulus bill: the ban on sales of PHI, the right to segment sensitive records, and the right to limit disclosure of PHI to health plans for payment or HCO if treatment is paid for out-of-pocket.

Our strong existing ethical and legal privacy rights (a powerful national consensus arrived at over 200+ years) are being totally ignored by federal and state government and industry.

The authors clearly don’t know that we have no health privacy today or that privacy advocates in the bipartisan Coalition for Patient Privacy (representing 10 million Americans) work to restore those rights.

In 2002, amendments to the HIPAA regulations granted new rights to corporations and government to use ALL health data without informed consent for purposes no one would ever agree to AND eliminated Americans’ rights to give consent before our data is used. See:HIPAA_Intent_Vs_Reality . In 1999, the HIPAA statute granted law enforcement unfettered access to all electronic health records without informed consent or any judicial process.

Both Democratic and Republican Administrations and Congress have contributed to eliminating patients’ rights to control personal health information. The ONC-Coordinated Federal Health IT Strategic Plan: 2008-2012, requires all EHRs to be “wired” for data mining and requires every citizen to have an EHR by 2014.
See:HITStrategicPlan08.pdf

The Federal Strategic Plan grants “back door” access to the nation’s electronic records to government agencies; to the for-profit research industry for P4P, QI, population health, genetic research (personalized medicine), etc; and to the insurance industry to detect fraud (this is one of the most offensive and discriminatory measures planned–the last people patients want to have MORE access to sensitive health records are insurers and employers).

Key Quotes:

• The Supreme Court created the right to privacy in the 1960s

• the justices posited a constitutionally mandated zone of personal privacy that must remain free of government regulation, except in the most exceptional circumstances.

• Taking key decisions away from patient and physician, or otherwise limiting their available choices, will render any new system constitutionally vulnerable.

• if over time, as many critics fear, a “public option” health insurance plan turns into what amounts to a single-payer system, the constitutional issues regarding treatment and reimbursement decisions will be manifold. The same will be true of a quasi-private system where the government claims a large role in defining acceptable health-insurance coverage and treatments. There will be all sorts of “undue burdens” on the rights of patients to receive the care they may want. Then the litigation will begin.

• In crafting the law, however, its White House and congressional sponsors must keep privacy — that near absolute right to personal autonomy they have so often praised and promoted — squarely before them. The only thing that is certain today is that the courts, and not Congress, will have the last word.

The authors tilt at the wrong windmill –not realizing they are too late: the privacy for health data in electronic systems is already GONE. We hope they will join us and work to RESTORE Americans’ longstanding ethical and legal rights to health privacy–regardless of a “public plan” or whether it turns into “single payer”.

The Machinery Behind Health-Care Reform

Robert O’Harrow tells the story of how Harvard, Harvard Partners HealthCare, Blackford Middleton, and the Health Information and Management Systems Society (HIMSS), the health IT industry’s lobby, got $27B for HIT into the stimulus bill.

HIMSS used classic industry lobbying strategy:
1. Never let a crisis go to waste (in this case the economic crisis) to drive funding for industry.
  1. a. They were very clever because

  • i. The HIT industry was NOT failing (unlike the auto industry) and did not need a stimulus

2. Fund a ‘think tank’ to produce ‘research’ promoting HIT as a way to lower costs, improve healthcare, etc., etc.—in this case headed by Blackford Middleton MD of Harvard.
3. Use the ‘research’ to promote HIT and lobby for stimulus funds.
-Harvard-branded  ‘research’ is very powerful:
  1. b. Non-profit organizations were funded “
  2. to press for electronic health records”

  3. c. Blumenthal, Daschle, and the Obama Administration were ‘sold’ on the ‘research’.
  4. d. The ‘research’ gave Blumenthal, Daschle, and the Obama Administration a way to justify dismissing the problems OMB and other sceptics raised about the ‘research’
  • iii. Mark Frisse and Joseph Antos are sceptics quoted about the ‘research’.
  1. e. Congress was ‘sold’ on the ‘research’ which claims that HIT will reduce costs, etc.
4. HIMSS and the Harvard ‘think tank’ draft much of HITECH’s plan to purchase flawed HIT systems.
5. Congress passed the stimulus bill with $2B more for HIT than the $25B HIMSS recommended
6. Industry wins.
7. Public loses.
  1. f. The public’s expectations and rights of control over health information are eliminated by funding flawed HIT/EHRs and data exchanges.

The result almost 4 years later is we have no idea where our health data is held, who is using it or why—no health data map, no ‘chain of custody’ for where our data flows, no way to control health data in electronic systems or data exchanges, and no way to stop data sales (a recent example is Medtronics selling records from patients’ wireless heart monitors).

Soon, we will finally be able to download electronic copies of our health data, a crucial first step to restoring control over our own information. Once we have all our health information, then we can press to restore control over whi can see, use or sell it.
To view the full article, please visit: The Machinery Behind Health-Care Reform

Treasury Moves to Restrict Lobbyists From Influencing Bailout Program

Will we see the same kind of problems the Treasury Dept has had when HHS allocates the 20 Billion in funds for HIT? Will HHS limit the massive health industry’s lobbyists influence over how HIT funds are spent? Will HHS turn to real consumer coalitions like the Coalition for Patient Privacy for guidance instead of faux consumer, industry-funded trade organizations?

The dominant HIT industry lobby wants to ensure that Americans get primitive, legacy HIT products and systems, instead of innovative privacy-protective technologies.

If the stimulus dollars are used to purchase existing health IT products that don’t restore consumers’ rights to control the use and sale of personal health information, corporations will continue to “lock down” and own our personal health information. See Peter Neupert’s comments:

• Peter Neupert of Microsoft recently wrote in a TechNet blog about the health IT industry: “The thing is, nobody can make good decisions without good data,” Neupert wrote. “Unfortunately, too many in our industry use data ‘lock-in’ as a tactic to keep their customers captive. Policy makers’ myopic focus on standards and certification does little but provide good air cover for this status quo. Our fundamental first step has to be to ensure data liquidity—making it easy for the data to move around and do some good for us all.”

• The health IT industry’s ‘customers’ are the large hospital chains, health plans, labs, pharmacies, PBMs, and other health-related corporations that collect, store, handle and sell Americans’ personal health information from prescription records to DNA. They do not serve the public or have much regard for our legal and ethical rights to control personal health information.

The people who can’t make good decisions without the data are patients and doctors! We have almost no access to our own electronic health information. That’s our personal health data Neupert and Kibbe wrote about—and they make it clear that industry believes it owns our data.

The last thing Americans need is for the HIT stimulus funds be used to buy outdated, primitive technologies without meaningful or comprehensive privacy protections. That’s a prescription for waste and failure. Will the initial consumer privacy protections in the stimulus be nullified by purchases of inferior, privacy-destructive technologies?

View the Washington Post Article: Treasury Moves to Restrict Lobbyists From Influencing Bailout Program

Bipartisan Coalition Sends Letter To Congress Urging Privacy Protections With Health IT

At today’s news conference, the Coalition for Patient Privacy is releasing a letter sent to Congress advocating for the inclusion of privacy safeguards with any funding given to implement health IT systems in the proposed economic stimulus package.

In the letter, the bipartisan coalition, representing over 30 organizations, individual experts and the Microsoft Corporation, welcomes the renewed commitment in Congress to protecting consumers over special interests, but makes clear that trust is essential to health IT adoption and participation, and only attainable with privacy protections.

The coalition is calling on Congress to “A.C.T.”, by providing: accountability for access to health records, control of personal information, and transparency to protect medical consumers from abuse. Consumer trust is essential to health IT adoption and participation, and only attainable with privacy safeguards. Through these three tenets, implementation of health IT is not only attainable, but would protect the right to privacy for consumers, employees, and providers.

Coalition wants privacy included with healthcare IT funding in stimulus package

WASHINGTON The Coalition for Patient Privacy urged Congress Wednesday to include privacy safeguards with any funding earmarked for healthcare IT in an economic stimulus package expected to hit President-elect Barack Obama’s desk shortly after inauguration.

The bipartisan coalition, representing more than 30 organizations, individual experts and the Microsoft Corporation, said trust is essential to public adoption of healthcare IT…

…Ashley Katz, executive director of Patient Privacy Rights, said the coalition is asking for “very basic, common sense protections.”

“We all want to innovate and improve healthcare. But without privacy, our system will crash as any system with a persistent and chronic virus will,” she said. “Americans will avoid participation or, worse, avoid care altogether and undoubtedly misrepresent the truth about their medical history.”

Bipartisan Coalition Sends Letter To Congress Urging Privacy Protections With Health IT

At today’s news conference, the Coalition for Patient Privacy is releasing a letter sent to Congress advocating for the inclusion of privacy safeguards with any funding given to implement health IT systems in the proposed economic stimulus package.

In the letter, the bipartisan coalition, representing over 30 organizations, individual experts and the Microsoft Corporation, welcomes the renewed commitment in Congress to protecting consumers over special interests, but makes clear that trust is essential to health IT adoption and participation, and only attainable with privacy protections.

The coalition is calling on Congress to “A.C.T.”, by providing: accountability for access to health records, control of personal information, and transparency to protect medical consumers from abuse. Consumer trust is essential to health IT adoption and participation, and only attainable with privacy safeguards. Through these three tenets, implementation of health IT is not only attainable, but would protect the right to privacy for consumers, employees, and providers.

Opposing privacy views aired in letters to Congress

“No privacy, no peace” could be a slogan we’ll hear a lot during the 111th Congress when it convenes next year.

Members of both houses of Congress have already received a letter from a healthcare coalition warning legislators who are considering information technology booster bills against deviating from the status quo of current privacy rules and laws. Meanwhile, a privacy rights organization sent an opposing letter to House and Senate leaders asking them to insist on the restoration of privacy protections they say were eroded under the Bush administration.

Mary Grealy, president of the Washington-based Healthcare Leadership Council and the Confidentiality Coalition it organized, sent her letter warning that “we are extremely worried that some privacy provisions that have been proposed would have a negative impact on the quality and safety of our healthcare system and counteract the positive benefits of HIT and any economic stimulus effect.” The letter was addressed to House Speaker Nancy Pelosi (D-Calif.) and Senate President Harry Reid (D-Nev.) and copied to all members of Congress. Healthcare Leadership Council members include leaders of many of the major pharmaceutical manufacturers, as well as pharmacy benefits management companies, payers and a few providers.