Health leaders: Increase data use to improve patient care

Day 2 of the 2013 Health Privacy Summit Thursday felt timely as news broke of the National Security Administration using a program called PRISM to extract user data from major tech companies like Google and Facebook. Healthcare technology has its own extensive security problems while the industry starts to understand the value of big data, and an expert panel offered their views at Georgetown Law Center in Washington, D.C.

In the day’s first panel discussion, “The Value of Health Data Inside Healthcare,” David Chao, Chief Technology Officer at the Washington, D.C.-based Advisory Board, said that the status quo in healthcare delivery today is not acceptable.”It’s obvious to everyone,” Chao said. “We need to improve outcomes.”

Anil Jain, Chief Medical Information Officer of Explorys, a secure software platform that allows healthcare systems to aggregate and manage big data, called the “transformation gap” in healthcare real. Data, Jain said, happens to be the way doctors and CIOs get transparency on what’s really happening.

Todd Park: Patient engagement will ‘vastly’ improve healthcare

Addressing a packed room at the Health Privacy Summit in Washington, D.C., this week, U.S. Chief Technology Officer Todd Park emphasized the importance of federal efforts to engage patients in their own healthcare.

“We’re in the middle of a huge cultural shift to get patients access to their records,” Park said. “Patient engagement–to quote Leonard Kish–may be the blockbuster drug of the 21st Century. This will vastly improve our healthcare system.”

Park, who previously served as CTO for the U.S. Department of Health & Human Services, spoke at length about the evolution of the Blue Button, which gives patients easy access to their medical records. He said that more than 88 million Americans now have access to their data via Blue Button, a number that is expected to grow to 115 million by the end of the year. More than one million people, to date have downloaded their data via Blue Button, he said.

Privacy experts: Health data security efforts too reactive

Privacy experts spoke about their data breach experiences Thursday at the Healthcare Privacy Summit in Washington, D.C., agreeing that what they’ve experienced likely is just the beginning for what’s possible in security fissures at healthcare organizations.

Omar Khawaja, a global project manager for Verizon, noted that 61 percent of breaches his group finds are for payment card information, and pointed out that the reactive system presently in place for combating such breaches is problematic.

“What does 911 look like in cyberspace? Who do you call when you have a breach?” Khawaja asked. “It takes months just to contain the breach.”

Bill Turner, Chief Privacy and Security Officer of Brookfield, Wis.-based Allium Healthcare, a technology consulting and staffing firm, said that most of the privacy errors he sees stem from human error. Turner recalled a story about a hospital having in its records that he had passed away, when it was really a man listed above him in the hospital’s logs.

Panel: Big data’s role in healthcare remains unclear

Big data is an enigma when it comes to healthcare, as described by a panel on Wednesday at the third annual Health Privacy Summit in Washington, D.C., hosted by Patient Privacy Rights. On one hand, according to Deloitte principal Deborah Golden, there are infinite positive possibilities for big data use, such as improving patient safety via openly available medication information.

On the other hand, according to Harvard professor Latanya Sweeney, big data also represents big privacy issues.

“A lot of our problems come from giving data away,” Sweeney said.

Much of the conversation focused on those problems, particularly as they related to data being used without patient consent–or knowledge that they gave consent.

“In the U.S., we tend to take a sector-specific approach to privacy regulation,” David Jacobs, an attorney with the Electronic Privacy Information Center, said. “We’re nowhere near where we should be as far as consumer access to their own medical information to find out where it does and to exercise control over it.”

States’ Hospital Data for Sale Puts Privacy in Jeopardy

Before speaking at the 3rd Annual Summit on the Future of Health Privacy, Jordan Robertson did extensive research with Latanya Sweeney, PhD and theDataMap.org team to expose a nationwide privacy problem. MANY states are selling de-identified hospital records, which can be easily re-identified by using your local newspaper. Using other publicly available information makes re-identification even easier.

From Jordan Robertson’s article in Bloomberg News: States’ Hospital Data for Sale Puts Privacy in Jeopardy

Hospitals in the U.S. pledge to keep a patient’s health background confidential. Yet states from Washington to New York are putting privacy at risk by selling records that can be used to link a person’s identity to medical conditions using public information.

Consider Ray Boylston, who went into diabetic shock while riding his motorcycle in rural Washington in 2011. He careened off the road and was thrown into the woods, an accident that was covered only briefly, in the local newspaper. Boylston disclosed his medical condition and history to a handful of loved ones and the hospital that treated him.

After Boylston’s discharge, Washington collected the paperwork of his week-long stay from Providence Sacred Heart Medical Center in Spokane and added it to a database of 650,000 hospitalizations for 2011 available for sale to researchers, companies and other members of the public. The data was supposed to remain anonymous. Yet because of state exemption from federal regulations governing discharge information, Boylston could be identified and his medical background exposed using only publicly available information.

UofL professor wins health information privacy award

Patient Privacy Rights, a leading health privacy advocacy organization, will award one of its two annual Louis D. Brandeis Privacy Awards to University of Louisville professor Mark A. Rothstein on June 5 in conjunction with the Third International Summit on the Future of Health Privacy at the Georgetown University Law Center in Washington.

Established in 2012, the award is given with the approval of the Brandeis family and recognizes significant intellectual, cultural, legal, scholarly, and technical contributions to the field of health information privacy.

Rothstein holds the Herbert F. Boehl Chair of Law and Medicine at the UofL School of Medicine, and he also teaches at UofL’s Brandeis School of Law. The award’s ties to Brandeis make it especially meaningful to him, he said.

May 15, 2013 Health Care Symposium – Dialogue on Diversity

PPR Founder Deborah C. Peel, MD Joins Experts at
Dialogue on Diversity’s Health Care Symposium 2013

The Elusive Concept: Health Care a $15 Tr. Economy Can “Afford”

On May 15, 2013, Dr. Deborah Peel will join other experts in Washington, DC for the Health Care Symposium 2013, “The Elusive Concept: Health Care a $15 Trillion Economy Can “Afford.” During the complimentary lunch, the Honorable Donna M. Christian-Christensen will receive Dialogue on Diversity’s Health Leadership Award, followed by Dr. Deborah Peel’s panel.

Registration is free to the public, and a complimentary breakfast will also be provided. See the full agenda with specific times here.

The day begins with focused discussions on the laws of health care as well as the rising costs, followed by a panel on food and nutrition and the need for preventative strategies. After the lunch panel, experts will discuss cultural competency and class and ethnic access disparities. The day will close with a discussion on the  chief medical threats in the United States, such as Cancer, AIDS, and Obesity.

See more on sessions and speakers in this Press Advisory.

For the past two years, Dialogue on Diversity has worked with PPR as a member of the Coalition for Patient Privacy as well as a Consumer Partner of the Health Privacy Summit.

WHAT:

Health Care Symposium 2013
The Elusive Concept: Health Care a $15 Tr. Economy Can “Afford”
WHEN:
Wednesday, May 15th, 2013 | 8:30 a.m. – 3:30 p.m. ET
WHERE:

The American Federation of Teachers
555 New Jersey Avenue, N.W.
Washington, DC 20001

Re: Poor Prognosis for Privacy

In response to The Wall Street Journal article by Melinda Beck: Poor Prognosis for Privacy

Most healthcare institutions and John Halamka ignore the fact that for over a decade technology has empowered millions of patients to control which parts of their electronic health records are disclosed for mental health and addiction treatment. The technology for ‘segmentation’ exists.

Congress, the courts, state and federal laws, and medical ethics require that patients control who can see and use sensitive personal health data, yet federal regulators who write the rules for industry have not required electronic health systems to use either ‘segmentation’ or other technologies like meta-data tagging that could also enable selective disclosures of health information.

When the public finds out they can’t control the use or disclosure of sensitive personal health data, many millions will refuse early diagnosis and treatment for cancer, depression, and STDs every year—and millions more will hide information, refuse tests, and act in ways that put their health at risk. These are bad outcomes.

Should the public be forced to use health technology systems that cause bad outcomes? Why not require technology that IMPROVES health outcomes?

Privacy Framework: A Practical Tool?

An interesting article about our Privacy Framework- to view the full article please visit Privacy Framework: A Practical Tool?

Some key quotes:

“The PPR Trust Framework is … designed to help organizations ensure that technology and IT systems align with the privacy requirements of critical importance to patients and reflect their legal and ethical rights to health information privacy,” Peel says.

“The framework was developed by a group within Patient Privacy Rights – the bipartisan Coalition for Patient Privacy – along with Microsoft and the consulting firm PricewaterhouseCoopers, Peel says. It was developed, tested and validated on Microsoft’s HealthVault personal health record platform.”

“Ensuring the privacy of patient data is a key concern for any healthcare IT vendor,” says Sean Nolan, distinguished engineer, Microsoft HealthVault. “Microsoft as a company advocates for a more standardized federal approach to the privacy of data, and this is especially true for the HealthVault team. We believe that it takes a deep corporate commitment to the privacy of patient data in order to support initiatives such as the PPR Trust Framework.”

Groups develop privacy framework for health IT

To view the full article, please visit Groups develop privacy framework for health IT.

An article written at ModernHealthcare.com about our new Privacy Trust Framework explains how the framework came into being and what it’s major principles are.

Key quote from the article:

“‘This comes from what the American public wants and was devised by Microsoft and PricewaterhouseCoopers,’ Peel said. ‘Some of the bigger corporations see the future as the public controlling things. Microsoft wanted to distinguish itself from Google Health (its one-time rival as a developer of PHR platforms) and wanted HealthVault to be the privacy place and wanted to compete in that way.’ PricewaterhouseCoopers saw a future auditing opportunity, she said. ‘We’re now moving with the Blue Button where patients can access their information and control it. The ultimate consumer is the patient.’”

The Privacy Trust Framework can be found here.