The Office Nurse Now Treats Diabetes, Not Headaches

In response to the escalating costs of healthcare many employers are adding on-site medical clinics to help their employees become healthier—and don’t use employees’ personal health data to penalize them or discriminate against them.

But other large employers, such as CVS, use high costs to justify replacing employees’ health insurance with health savings accounts, imposing involuntary health screenings and wellness programs, and penalizing workers who don’t respond to these simplistic solutions.

Two studies in Health Affairs show that wellness programs don’t work:

  • -“Wellness Incentives In The Workplace: Cost Savings Through Cost Shifting To Unhealthy Workers” See: http://content.healthaffairs.org/content/32/3/468.abstract
  • -“A Hospital System’s Wellness Program Linked To Health Plan Enrollment Cut Hospitalizations But Not Overall Costs”  See: http://content.healthaffairs.org/content/32/3/477.abstract
  • -Rising US healthcare costs are NOT caused by sick people who seek treatment, but by industries that decide what to charge for treatment—including the health insurance industry, the hospital industry, the drug industry, the outpatient surgical center industry, and the lobbying industry.  Industry charges have no real constraints because healthcare is not optional, sick people, employers, and/or government must pay.

Learn about why the US pays sky-high healthcare costs in Time magazine’s March 2013 issue, “Bitter Pill: Why Medical Bills Are Killing Us”

To view the full article, please visit The Office Nurse Now Treats Diabetes, Not Headaches.

Jonah Goldberg: Civil Libertarians’ Hypocrisy

This insightful piece highlights the drastic violations of our current healthcare system in relation to the recent NSA breach.

Key quote from the article:

“What I have a hard time understanding, however, is how one can get worked up into a near panic about an overreaching national security apparatus while also celebrating other government expansions into our lives, chief among them the hydrahead leviathan of the Affordable Care Act (aka ObamaCare). The 2009 stimulus created a health database that will store all your health records. The Federal Data Services Hub will record everything bureaucrats deem useful, from your incarceration record and immigration status to whether or not you had an abortion or were treated for depression or erectile dysfunction.”

What is Snowden’s Impact on Health IT?

To view the full article, please visit What is Snowden’s Impact on Health IT?

This is a highly interesting article about the effect of Edward Snowden’s actions on health IT. In the interview with PPR’s own Dr. Deborah Peel, the issues of privacy that our government is currently facing can also be applied to the healthcare industry. As Dr. Peel aptly states, “The Department of Health and Human Services claims its actions are justified to lower healthcare costs. These are obviously very different agencies collecting different kinds of very sensitive personal information, but both set up hidden, extremely intrusive surveillance systems that violate privacy rights and destroy trust in government.”

A key argument that Dr. Peel makes is “The benefits of technology can be reaped in all sectors of our economy without the harms if we restore/update our laws to assure privacy of personally identifiable information in electronic systems. Our ethics, principles, and fundamental rights should be applied to the uses of technology.”

What is Snowden’s Impact on Health IT?

This article expounds upon the implications of Edward Snowden’s actions for the Health IT industry.

Key quotes:

Deborah Peel, MD, founder of Patient Privacy Rights, says there are many parallels between the Snowden controversy and the U.S. healthcare system.

According to Peel, the NSA has one million people with top security clearance to 300 million people’s data. The U.S. healthcare system has hundreds of millions of people — none with top security clearances, and the majority with inadequate basic training in security or privacy — who can access millions of patients’ most sensitive health records. Further, we don’t know how many millions of employees of BAs, subcontractors, vendors and government agencies have access to the nation’s health data, she added.

“Corporations and their employees that steal or sell Americans’ health data for ‘research’ or ‘public health’ uses or for ‘data analytics’ without patients’ consent or knowledge are rewarded with millions in profits; they don’t have to flee the country to avoid jail or charges of espionage,” she said.

“The NSA justifies its actions using the war on terror,” Peel added. “The Department of Health and Human Services claims its actions are justified to lower healthcare costs. These are obviously very different agencies collecting different kinds of very sensitive personal information, but both set up hidden, extremely intrusive surveillance systems that violate privacy rights and destroy trust in government.”

“The benefits of technology can be reaped in all sectors of our economy without the harms if we restore/update our laws to assure privacy of personally identifiable information in electronic systems. Our ethics, principles, and fundamental rights should be applied to the uses of technology,” Peel says.

Experts tout Blue Button as enabling information exchange between medical provider and patient

Blue Button Plus (BB+) and direct secure email technologies could put patients in control of all use and disclosure of their electronic health records. BB+ lets us ‘view, download, and transmit’ our own health data to physicians, researchers, or anyone we choose.

But state Health Information Exchanges (HIEs) don’t allow patients to control the disclosure of personal health data. Some state HIEs don’t even ask consent; the HIE collects and shares everyone’s health records and no one can opt-out. Most state HIEs ask patients to grant thousands of strangers—employees of hospitals, doctors, pharmacies, labs, data clearinghouses, and health insurers—complete access to their electronic health records.

When corporations, government, and HIEs prevent patients from controlling who sees personal health data– from prescriptions, to DNA, to diagnoses– millions of people every year avoid or delay treatment, or hide information.

HIEs that open the door to even more hidden uses of health data will drive even more patients to avoid treatment, rather than share information that won’t be private.

Health IT systems that harm millions/year must be fixed. Technology can put us in control of our data, achieve the benefits and innovations we expect, and prevent harms.  We have to change US law to require technologies that put patients in control of their electronic health records.

Privacy Hawk: Put Patients at Center of Health Information Exchange (Quotes Dr. Peel)

“If healthcare organizations truly want to protect patient privacy and earn public trust regarding electronic health records (EHRs), they need to let go of the notion that institutions control individual data and look for technology that lets patients take charge of information flow…”

Key quotes from the article:

  • -”Many commercial EHRs started as systems to improve the operational side of healthcare and increase reimbursement, not to improve clinical care”
  • -”‘We’re stuck with these frankly primitive and privacy-disruptive systems that need to be fixed,’ Peel said at WTN Media’s 11th annual Digital Health Conference.”
  • -To Peel, last week’s revelations that the National Security Agency has been tracking phone calls and e-mails of virtually every American for at least six years shined a light on an issue that long has been prevalent in the healthcare industry.
  • -”‘In healthcare we actually have a total surveillance economy, too,’ said Peel, an Austin, Texas, psychiatrist.”
  • “‘We don’t actually know where our health data goes. We have no chain of custody, much less control over our health information,’ she said. Having personal information get out could lead to ‘health discrimination’ in employment or insurance coverage for patients with mental health disorders, sexually transmitted diseases or cancer, Peel added, and the threat of a breach often leads to care avoidance.”

The Verizon order, the NSA, and what call records might reveal about psychiatric patients

The NSA knows we are sick because we phone doctors’ offices.

As a mental health professional, Dissent Doe explains in her blog (below) how revealing phone call metadata is:

“Because my phone is used mainly for calls to and from patients and clients, can the NSA figure out who my patients are?  And could they, with just a query or bit of analysis, figure out when my patients were going into crisis or periods of symptom worsening?  I suspect that they can. And because I am nationally and internationally known as an expert on a particular disorder, could the government also deduce the diagnosis or diagnoses of my patients or their family members? Probably.”

There is a huge national media response to the NSA spying on Americans’ cell phone calls, but the media does NOT report on the far worse systemic corporate and government spying on the nation’s electronic health records.

The US healthcare system is engineered for hidden corporate and government surveillance of personal data about the minds and bodies of all 300 million Americans –from prescriptions to diagnoses to DNA—it’s all collected and sold.

The US media simply repeats industry and government talking points about the benefits of electronic health systems without reporting on the massive harms:

  • -Millions of patients/year avoid early diagnosis and treatment of cancer, depression, and sexually transmitted diseases because they know that information will not be private (see citations and statistics in:http://patientprivacyrights.org/wp-content/uploads/2010/08/The-Case-for-Informed-Consent.pdf)
  • -1/8 people hide health information because they know that information will not be private
  • -Should we use technology that causes millions to suffer bad outcomes?

2013 is a critical year: every state will share your health data with hundreds-thousands more hidden users via Health Information Exchanges (HIEs).

  • -Many states to not allow you to ‘opt-out’ of HIEs that exchange your health data.
  • -Most states do not allow you to prevent your most sensitive health information from being exchanged.
  • -So far, not one state gives patients control over data exchange.

SIGN PPR’s petition and say “no” to data exchange without your consent at: http://patientprivacyrights.org/2013/06/sign-the-petition-for-patient-controlled-exchange-of-health-information/

We need trustworthy technologies that put patients back in control of the use, disclosure, and sale of their sensitive health data.

  • -Patients have always controlled who could see and use paper medical records.
  • -Now institutions (corporations and government) control who can see and use the nation’s electronic health records.

Great existing technologies can fix badly designed electronic health systems, but we need new laws that require privacy-protective technologies are built into all electronic systems that handle health data.

Panel: Cloud’s role in healthcare still up in the air

As hospitals and healthcare facilities continue to adopt electronic tools to store and share patient data, some are turning to cloud-based tools to meet their needs. What that means for privacy and protection still is up for debate, as evidenced in the tone of a discussion panel at last week’s Health Privacy Summit in Washington, D.C.

“When data is managed or stored in-house [by a provider], there’s a very clear responsibility of one company” to protect that data, Adrian Gropper, chief technology officer for Patient Privacy Rights, the non-porofit organization that hoted the event, said. “The cloud blurs that distinction–sometimes intentionally.”

Why privacy should be among the first considerations of a health care app developer

Given all the complexities app developers need to worry about already–user experience, piquing doctors’ and patients’ interest, performance, accommodation of multiple devices–do they have time to worry about patient privacy too? The Health Privacy Summit on June 5 and 6 in Washington, DC explained why they should–in fact, that a respect for privacy may do more to promote an app than any other feature.

The headlines over the past week should be enough to persuade you that you don’t want to be seen as one of the creeps. It’s takes more time and digging around, though, to learn what patients really want and how to write an app that fulfills their expectations.

Certainly, Fair Information Practices and proper security are a place to start, and below I’ll list a few things developers need to keep in mind. But overriding all these technical details are questions of business model. Can you make money without treating patients as so many assets to sell?

What Do Patients Really Think?

Health reform activists and privacy mavens have been at loggerheads for years. Those touting health reform complain that an oversensitivity to privacy risks would hold back progress in treatments. Running in parallel but in the opposite direction, the privacy side argues that current policies are endangering patients and that the current rush to electronic records and health information exchange can make things worse.

It’s time to get past these arguments and find a common ground on which to institute policies that benefit patients. Luckily, the moment is here where we can do so. The common concern these two camps have for giving patients power and control can drive technological and policy solutions.

Deborah Peel, a psychiatrist who founded Patient Privacy Rights, has been excoriated by data use advocates for ill-considered claims and statements in the past. But her engagement with technology experts has grown over the years, and given the appointment of a Chief Technology Officer, Adrian Gropper, who is a leading blogger on this site, PPR is making real contributions to the discussion of appropriate technologies.

PPR has also held three Health Privacy Summits in Washington, DC, at the Georgetown Law Center, just a few blocks from the Capitol building. Although Congressional aides haven’t found their way to these conferences as we hoped (I am on the conference’s planning committee), they do draw a wide range of state and federal administrators along with technologists, lawyers, academics, patient advocates, and health care industry analysts. The most recent summit, held on June 5 and 6, found some ways to move forward on the data sharing vs. privacy stand-off in such areas as patient repositories, consent, anonymization, and data segmentation. It also highlighted how difficult these tasks are.