Your Doctor Knows You’re Killing Yourself. The Data Brokers Told Her.

Shannon Pettypiece and Jordan Robertson | Bloomberg News | Jun 26, 2014 11:35 AM CT

You may soon get a call from your doctor if you’ve let your gym membership lapse, made a habit of picking up candy bars at the check-out counter or begin shopping at plus-sized stores.

That’s because some hospitals are starting to use detailed consumer data to create profiles on current and potential patients to identify those most likely to get sick, so the hospitals can intervene before they do.

Information compiled by data brokers from public records and credit card transactions can reveal where a person shops, the food they buy, and whether they smoke. The largest hospital chain in the Carolinas is plugging data for 2 million people into algorithms designed to identify high-risk patients, while Pennsylvania’s biggest system uses household and demographic data. Patients and their advocates, meanwhile, say they’re concerned that big data’s expansion into medical care will hurt the doctor-patient relationship and threaten privacy.

Related:

“It is one thing to have a number I can call if I have a problem or question, it is another thing to get unsolicited phone calls. I don’t like that,” said Jorjanne Murry, an accountant in Charlotte, North Carolina, who has Type 1 diabetes. “I think it is intrusive.”

Acxiom Corp. (ACXM) and LexisNexis are two of the largest data brokers who collect such information on individuals. Acxiom says their data is supposed to be used only for marketing, not for medical purposes or to be included in medical records. LexisNexis said it doesn’t sell consumer information to health insurers for the purposes of identifying patients at risk.

To view the full article, please visit Your Doctor Knows You’re Killing Yourself. The Data Brokers Told Her.

Risking OCR and Patient Ire, Many CEs Don’t Comply With Patient Access Rules

June 2014 Volume 14 Issue 6
aishealth.com

REPORT ON PATIENT PRIVACY delivers timely news and business strategies for safeguarding patient privacy and data security.

In apparent defiance of final HITECH regulations, many HIPAA covered entities (CEs) are not offering patients the option of receiving an electronic copy of their medical records, let alone in the “form and format” of their choosing, as has been required since January 2013.

Some are imposing fees for copies and applying limits on what they will provide that do not appear to be in line with regulations. Health systems with multiple hospitals have implemented the access requirements inconsistently across their medical centers, meaning some may be in compliance while others are not.

All of this is evident on the websites of covered entities, in their pages that outline the policies and procedures for patients to obtain their protected health information (PHI) — so officials from the Office for Civil Rights (OCR) can readily see it also. An OCR spokeswoman tells RPP “we can and we have” brought enforcement actions against CEs who violate the access requirements.

Patient advocates, medical records providers, privacy experts and others also tell RPP of a multitude of likely unlawful hoops imposed by CEs that people are jumping through to try to get their records.
“Unless you are behind the curtain like I am or unless you start finding the right stones to turn over, you don’t ever get to see the horror show that really exists in various degrees across the country,” says Chris Carpenter, director of operations for Diversified Medical Record Services, Inc. (DMRS), a business associate that processes records requests for hospitals and physicians offices nationwide.

To view the full article, please visit Risking OCR and Patient Ire, Many CEs Don’t Comply With Patient Access Rules

3 Reasons Your Medical Records Are at Risk

When hospitals find themselves in the middle of a breach, they usually prioritize improving their security to prevent further security breach incidents.

In addition to defending themselves against data breaches, health systems also need to find the right balance to adequately protect their patients’ privacy.

Since medical information is stored digitally, patients may not be fully aware how crucial it is to protect their data from being seen by unauthorized persons. Some privacy breaches may be avoidable, and learning from these mistakes is essential for health systems to maintain security of sensitive patient information. Here are three reasons why patient security may be lacking at health organizations.

Privacy Is on the Back Burner

When health IT systems are built, ensuring patient privacy is usually not on the forefront of designers’ and engineers’ minds. These IT experts usually put system functions ahead of privacy, which could result in poor privacy protection down the road. Some developers may also leave out privacy features altogether, which could put patient information at risk for being compromised.

Human Error

In a recent report, psychiatric facilities in Texas suffered a string of data breaches, but the majority of them were caused by human error, The Republic reported.

Deborah Peel, the Austin founder of watchdog group Patient Privacy Rights, said repeated data breach incidents could lead patients to question whether their information is secure, which could cultivate distrust among patients. “Our patients deserve privacy and expect that their information is kept confidential,” said Christine Mann, spokeswoman for the Texas Department of State Health Services.

To view the full article please visit: 3 Reasons Your Medical Records Are at Risk

Can Big Data Make Healthcare Better, Cheaper?

December 12, 2013
Medical records are being digitized on a massive scale to bring down the costs of healthcare and, maybe, to produce better outcomes. It also means a loss of patient privacy. President Obama’s Affordable Care Act promotes the digitization of millions of medical records to measure outcomes and contain costs. Big Data may also help doctors better understand many diseases, who’s most likely to get them and what the best treatments might be. It also makes the most intimate kind of personal information available to the government, insurance and drug companies — even prospective employers. Should patients be able to say “yes” or “no?”

 

Host, Warren Olney of NPR affiliate KCRW, interviews Dr. Deborah Peel, to discuss the risks and the benefits of Big Data in the field of medicine. She is joined by fellow panelists Joel Dudley, Department of Genetics and Genomic Sciences, Mt. Sinai Medical School, Iya Khalil, Executive VP and Co-Founder, GNS Healthcare, and Nortin Hadler, Professor of Medicine and Microbiology/Immunology, University of North Carolina at Chapel Hill.
Subscribe to this Podcast:
PodcastiTunes Podcast
Listen to/Watch entire show:
ListenDownloadAdd to My Shows