Re: Top 100 – Under Their Influence

This is in response to the article in Modern Healthcare By Andis Robeznieks: “Under their influence, Washington insiders hold sway over our ’100 Most Influential’ ranking, but real change seems to be coming from elsewhere.”

“The Politics of Privacy” is one of four key areas in Modern Healthcare’s story about the “100 Most Influential People in Healthcare” in 2011. Privacy was highlighted because the expectation to control personal health data is a truly bipartisan, trans-partisan issue.

The historic first-ever summit on the future of health privacy co-sponsored by Patient Privacy Rights (PPR) and the UT LBJ School in June was highlighted (see www.healthprivacysummit.org to watch videos of the sessions).

The story recognizes the crucial importance of PPR’s leadership on building patients’ rights to control use of the most sensitive personal information into the healthcare system up front, so patients will use and trust health IT systems and data exchanges.

Unfortunately, many of the new consumer privacy protections the Obama Administration supported in the stimulus bill (HITECH) are being implemented by federal agencies in ways that do not comply with HITECH and other existing federal regulations.

If industry and key government rule makers continue to ignore the American people’s expectations for control over the use of sensitive personal health data, the stimulus billions will be wasted on systems that can’t be trusted and the tremendous potential benefits health IT can bring to treatment and research may never be realized.

PPR Makes the List: 100 Most Influential People in Healthcare

Each year Modern Healthcare Magazine encourages the public to nominate and vote for the top “100 Most Influential People in Healthcare.” This year we are happy to announce that Dr. Peel is back on the list at #52. You can see the full list here.

She and Patient Privacy Rights are also highlighted in this article in Modern Healthcare: “Under their influence, Washington insiders hold sway over our ’100 Most Influential’ ranking, but real change seems to be coming from elsewhere.” Subscription is required to read the entire story, however one of four sections on the list of 100 addresses privacy, and highlights Patient Privacy Rights and Dr. Deborah Peel as leaders in this area.

Dr. Peel first appeared on the list in 2007 as #4 of the “100 Most Powerful People in Healthcare” for her work to make sure patients control access to their electronic medical records, and continued to be the only privacy advocate on the list in 2008 and 2009. She was nominated but did not make the final list in 2010. Her recognition this year shows that people are aware of privacy being a major issue in health care and that they are starting to realize we still do not have control over who sees our health records.

Resolution of Disapproval in Supreme Court Decision in Sorrell v. IMS Health Case

Lawmaker, author of health privacy protections in economic recovery act, declares privacy rights of doctors, patients should trump commercial interests

WASHINGTON, D.C. – On Friday July 8, 2011, Congressman Edward J. Markey (D-Mass.), co-chairman of the Congressional Bi-Partisan Privacy Caucus and senior member of the House Energy and Commerce Committee, introduced H.Res. 343, a resolution expressing disapproval of the recent Supreme Court decision in Sorrell v. IMS Health. In its decision, the Court struck down a Vermont state law that banned the sale of doctors’ drug prescriptions records if the records are used for commercial purposes without the doctors’ permission.

Rep. Markey’s resolution states that the Court erred in applying free speech protections to a Vermont law that lawfully regulated a purely commercial interest. Before the Vermont law was enacted, data-mining companies would purchase information about doctors’ prescription drug information from pharmacies and then resell the data to pharmaceutical companies. The pharmaceutical companies could use the information – without the doctors’ consent – for the commercial purpose of targeting their sales messages and marketing more expensive, brand-name drugs to physicians.

“In this case, the Supreme Court tipped the scales of justice in favor of big drug companies at the expense of patients and their doctors,” said Rep. Markey. “The privacy of the doctor-patient relationship should outweigh the ability of pharmaceutical companies to mine data simply so they can market expensive drugs to providers and reap huge profits. States should be able to regulate pharmaceutical companies in a way that protects the privacy of their residents and prevents pharmaceutical companies from having undue influence on doctors’ prescribing habits.”

Dissenting in the Supreme Court’s 6-3 decision, Justice Stephen Breyer wrote that the Vermont state law in question “adversely affects expression in one, and only one way. It deprives pharmaceutical and data-mining companies of data…that could help pharmaceutical companies create better sales messages.” The dissent, which was joined by Justices Ruth Bader Ginsburg and Elena Kagan, stated that the Vermont statute is a “lawful governmental effort to regulate a commercial enterprise…The far stricter, specially ‘heightened’ First Amendment standards that the majority would apply to this instance of commercial regulation are out of place here.”

Dr. Deborah Peel, a national health privacy expert and founder of the non-profit Patient Privacy Rights, praised the Markey resolution. “With a Supreme Court that stands up for the interests of pharmaceutical companies, it’s reassuring to know that Congressman Markey is looking out for patients and doctors who value the privacy of their prescription drug information.”

Text of the resolution can be found HERE.

Don’t bet on knowing your records’ whereabouts

Joseph Conn with ModernHealthcare.com wrote about the Health Privacy Summit in the IT Everything blog. You can read the full article here: Don’t bet on knowing your records’ whereabouts

“Do you know where your electronic health information is tonight?

Here’s a reader challenge: I’ll pay $10 to the first adult who has had at least five encounters with the private-sector healthcare system in the past 10 years to come up with a complete map of where all his or her electronic health records have traveled, who has seen them and where they are now.

I feel my money is safe in my pocket, and here’s why:

First, I’ve been covering health IT for nearly 11 years, and there is no system I know in this country that can completely track the whereabouts of someone’s electronic health information.

Second, there are no laws or incentives to induce complete tracking of a patient’s records.

And yet, patients ought to have access to just such a record map, according to health IT and privacy experts participating in the first Health Privacy Summit Monday in Washington. The daylong conference was put together by Patient Privacy Rights and the Lyndon B. Johnson School of Public Affairs at the University of Texas, Austin…”

Report from first health care privacy conference

Andy Oram, editor at O’Reilly Media, was also a Rapporteur and part of the Planning Committee for the First International Summit on the Future of Health Privacy.

You can view his recap and thoughts from the Summit here: Report from first health care privacy conference

Strange that a conference on health privacy has never been held before, so I’m told. Privacy in health care is the first topic raised whenever someone talks about electronic health records–and dominates the discussion from then on–or, on the other hand, is dismissed as an overblown concern not worthy of criticism. But today a conference was held on the subject, prepared by Patient Privacy Rights and the University of Texas’s Lyndon B. Johnson School of Public Affairs, and held just a few blocks from the Capitol building at the Georgetown Law Center as a pre-conference to the August Computers, Freedom & Privacy conference.

PPR Comments on FTC Consumer Privacy Protection Report

We applaud the FTC for creating a report focused on protecting consumer privacy. The proposed framework
upholds many of the practices we believe in: informed consumer consent, privacy protection and data security,
and greater transparency.

View the FTC Staff Report: Protecting Consumer Privacy in an Era of Rapid Change

View PPR’s full comments

PPR Comments on the PCAST HIT Report

The President’s Council of Advisors on Science and Technology (PCAST) weighed in on the key problems with how the Administration is building health IT systems and data exchanges. They recommend that patients be able to meta-tag data to protect privacy, that interoperability requires adoption of a common “language”, and that the goal should be a “data-centric” system for research on all health records without consent. The report recommends that HHS and CMS decide when patient data can be used for “secondary” purposes without consent.

See the full PCAST report: http://www.whitehouse.gov/blog/2010/12/08/pcast-releases-health-it-report

Patient Privacy Rights letter of comments to HHS emphasized:

  • Privacy is essential to build in up front.
  • We should not rush to deploy systems and spend billions on electronic systems and data exchanges until we know the privacy technologies PCAST recommends are adequate.
  • The recommendations for de-identifying health data were insufficient. Extensive work needs to be done to ensure that standards for de-identification actually work.

See PPR’s full comments here: http://patientprivacyrights.org/wp-content/uploads/2011/01/PCAST-comments-PPR-Final.pdf

See PPR’s written testimony here: http://patientprivacyrights.org/wp-content/uploads/2011/05/Patient-Privacy-Rights-Testimony-PCAST-WG-Feb-15-2011.pdf

Experts Forecast Top Seven Trends in Healthcare Information Privacy for 2011

A panel of healthcare experts representing privacy, trends, technology, regulatory, data breach, and governance were asked to weigh in with their forecasts for 2011. These experts suggest that as health information exchanges take form, millions of patient records—soon to be available as digital files—will lead to potential unauthorized access, violation of new data breach laws and, more importantly, exposure to the threat of medical and financial identity theft.

These predictions are supported by the recent Ponemon Institute’s Benchmark Study on Patient Privacy and Data Security, published November 2010, which found that data breaches of patient information cost the healthcare industry $6 billion annually; protecting patient data is a low priority for hospitals; and the healthcare industry lags behind the recently enacted HITECH laws…

Industry-Wide Experts Share Their Opinions and Insight…

Dr. Deborah Peel, M.D., practicing physician and founder of Patient Privacy Rights; the nation’s health privacy watchdog

“2011 will be the year that Americans recognize they can’t control personal health information in health IT systems and data exchanges. Will 2011 be the year that data security and privacy are the top of the nation’s agenda? I hope so. The right to privacy is the essential right of individuals in vibrant Democracies. If we don’t do it right in healthcare, we won’t have any privacy in the Digital Age.”…

Experts name top 7 trends in health information privacy for 2011

A panel of healthcare experts representing privacy, trends, technology, regulatory, data breach and governance have identified the top seven trends in healthcare information privacy for 2011.

The experts suggest that as health information exchanges take form, millions of patient records – soon to be available as digital files – will lead to potential unauthorized access, violation of new data breach laws and exposure to the threat of medical and financial identity theft.

“Endemic failure to keep pace with best practices and advancing technology has resulted in antiquated data security, governance, policy plaguing in the healthcare industry,” said Larry Ponemon, chairman and founder, Ponemon Institute.

“Millions of patients are at risk for medical and financial identity fraud due to inadequate information security,” he said. “Information security in the healthcare industry is at the fulcrum of economic, technological, and regulatory influence and, to date, it has not demonstrated an ability to adapt to meet the resulting challenges – but it must. The reputation and well-being of those organizations upon which we rely to practice the healing arts depends on it,” he said…

Privacy desires ignored

For psychiatrist Deborah Peel, maybe patient privacy and patient consent aren’t identical twins, but they’re sure close relatives.

Not surprisingly, a recent Zogby International poll commissioned by Peel’s not-for-profit Patient Privacy Rights Foundation, Austin, Texas, focuses on patient consent and its relationship to privacy—a unity the federal government has chosen to either ignore or deny.

The 2,000 adult poll respondents reached by Zogby via the Internet put great store in their right to privacy. They cling to the quaint notion that they should be asked before their electronic health records are sent skittering off to unknown users for unknown purposes. See full poll results here.

Silly them.

HHS rulemakers wrote away a key right to privacy eight years ago.

An HHS revision to the Health Insurance Portability and Accountability Act privacy rule in 2002 stripped away one of the broader authorities giving patients the right to control the flow of their medical information. HHS rulemakers did it by eliminating the right of consent. They took a stringent privacy protection rule and transformed it into a disclosure rule.

There are a lot of bright folks who have warned HHS that this privacy issue broadly—and this HIPAA privacy rule revision, specifically—are going to explode on the healthcare industry. One of the more insistent voices has been Peel’s, but she by no means alone.