UPMC, Oracle to help with ID management

To view the article, please visit UPMC, Oracle to help with ID management.

UPMC revealed plans on Thursday to collaborate with Oracle in the development of cloud-based identity management technology to be utilized by small to mid-sized healthcare providers.

According to the article, “CloudConnect Health IT will enable healthcare users to easily manage computer accounts, including adding, modifying and terminating a user’s computer access, officials say. They’ll also help providers manage access based on the user’s job responsibility and provide self-service tools for retrieving forgotten passwords and unlocking accounts, as well as offer comprehensive management reporting.”

This poses a problem because, as Adrian Gropper, MD, points out “Proprietary identity systems risk being coercive of the patient to the extent that they allow aggregation of a patient’s records across multiple institutions without informed patient consent. Voluntary ID systems can be created that are not coercive while still offering the value of global uniqueness.”

Should the U.S. Adopt European-Style Data-Privacy Protections?

View the full article at Should the U.S. Adopt European-Style Data-Privacy Protections?

This urgent issue will be debated at the 3rd International Summit on the Future of Health Privacy in Washington, DC on June 5-6, 2013 at Georgetown Law Center.

The opening keynote will be Peter Hustinx, the EU Data Protection Supervisor. He will speak on “A health check on data privacy?”

Register to attend at www.healthprivacysummit.org . Later we will post a link to watch via live-streaming video.

HIPAA Omnibus: Gaps In Privacy? — Interview with Deborah C. Peel, MD

Although the HIPAA Omnibus Rule is a step in the right direction for protecting health information, the regulation still leaves large privacy gaps, says patient advocate Deborah Peel, M.D.

HIPAA Omnibus finally affirmed that states can pass laws that are tougher than HIPAA, and that’s really good news because HIPAA is so full of flaws and defects that we are concerned that what is being built and funded will not be trusted by the pubic,” Peel says in an interview with HealthcareInfoSecurity during the 2013 HIMSS Conference.

Listen to this interview and read the full article here.

CommonWell Is a Shame and a Missed Opportunity

This is a story about how major data holders are moving to consolidate THEIR control over the collection and use of our personal health information.

Instead of building electronic health systems that enable us to decide who can see and use our health data, we are locked out and have no way to know who is using our data or what it’s used for.

-Deborah Peel

From The Health Care Blog article: CommonWell Is a Shame and a Missed Opportunity

“The big news at HIMSS13 was the unveiling of CommonWell (Cerner, McKesson, Allscripts, athenahealth, Greenway and RelayHealth) to “get the ball rolling” on data exchange across disparate technologies. The shame is that another program with opaque governance by the largest incumbents in health IT is being passed off as progress. The missed opportunity is to answer the call for patient engagement and the frustrations of physicians with EHRs and reverse the institutional control over the physician-patient relationship. Physicians take an oath to put their patient’s interest above all others while in reality we are manipulated to participate in massive amounts of unwarranted care.

There’s a link between healthcare costs and health IT. The past months have seen frustration with this manipulation by industry hit the public media like never before. Early this year, National Coordinator for Health Information Technology Farzad Mostashari, MD, called for “moral and right” action on the part of some EHR vendors, particularly when it comes to data lock-in and pricing transparency. On February 19, a front page article in the New York Times exposed the tactics of some of the founding members of CommonWell in grabbing much of the $19 Billion of health IT incentives while consolidating the industry and locking out startups and innovators. That same week, Time magazine’s cover story is a special report on health care costs and analyzes how the US wastes $750 Billion a year and what that means to patients. To round things out, the March issue of Health Affairs, published a survey showing that “the average physician would lose $43,743 over five years” as a result of EHR adoption while the financial benefits go to the vendors and the larger institutions…”

Re: Car X.O. cares about health

In response to the Healthcare IT News article: Car X.O. cares about health

This sounds like a bad joke: your new Ford car’s “SYNC” technology monitors your stress, blood sugars, blood pressure, gives you allergy alerts while tracking your behavior behind the wheel and how distracted you are. But it’s no joke, it’s in 5 million cars.
According to Ford:

  • “There’s a strong business case to explore health options”
  • “consumers are on the road more than ever”
  • “Drivers could manage their health while in motion, said Strumolo, or more likely while at a red light.”
  • “Ford has forged partnerships with Healthrageous Microsoft, Medtronic, IMS, WellDoc and others.”

What business case? How does tracking your health give Ford and health-monitoring technologies a way to make money?

Answer: selling your health data, most likely to auto insurers, health insurers, life insurers, and employers like trucking companies and those who employ drivers.

It would be great for us to have this kind of information about our bodies and minds so we can act to improve our health or share it with our doctors: instead, it’s sold to discriminate against us.

Surveillance and collection of the nation’s health data is a growth industry worth hundreds of billions in annual revenue to corporate America—-but what value do we get from that?

But state lawmakers can fix the broken HIPAA Privacy Rule and require meaningful, informed consent before EVERY use or collection of our health information—-we don’t have to wait for Congress. We can fix this in our home states.

Re: Web Privacy Becomes a Business Imperative

New York Times article Web Privacy Becomes a Business Imperative by Somini Sengupta discusses web privacy affecting businesses’ bottom line. As Mozilla’s Chief Privacy Officer says in the article:

“They’re asking for a different level of privacy on your service,” he said, “You have to listen to that. It’s critical to your business.”

Finally. More Internet companies are realizing the truth behind what PPR has said all along: products and services that don’t offer real privacy and security don’t fly with consumers. While some still may debate the exact meaning of “privacy,” what we consistently see is that consumers want to have control over what happens with their data. It’s about time we start listening to what the public wants and honor everyone’s right to be let alone as they see fit.

Dr. Peel at Authors’ Roundtable at HIMSS 2013

Dr. Deborah Peel, PPR Founder & Chair, will join her co-authors to talk about pressing privacy issues raised in HIMSS’s just released book, Information Privacy in the Evolving Healthcare Environment. As a co-author, Dr. Peel’s contributing chapter discusses patients’ rights to privacy and consent and outlines the auditable criteria of PPR’s Trust Framework, which includes 15 clear principles to ensure meaningful consent within all electronic systems.

Purchase the book here.

Restoring patient control over PHI will be a key topic discussed, with additional focus on the technologies and laws needed to address the gaps and flaws in the Omnibus Privacy Rule.

Date: Tuesday, March 5, 2013
Time: 11:00 AM CT
Where:
HIMSS 2013 Annual Conference and Exhibition
Room 213
New Orleans Ernest N. Morial Convention Center
900 Convention Center Boulevard
New Orleans, Louisiana

An advocate for patients’ rights to health privacy since 2004, when she formed PPR, Dr. Peel has led the charge for more stringent data privacy and security protections, as well as tough new enforcement and penalties for violations that were included in the January 2013 release of the Omnibus Privacy Rule.

theDataMap™

theDataMap™ is an online portal for documenting flows of personal data. The goal is to produce a detailed description of personal data flows in the United States.

A comprehensive data map will encourage new uses of personal data, help innovators find new data sources, and educate the public and inform policy makers on data sharing practices so society can act responsibly to reap benefits from sharing while addressing risks for harm. To accomplish this goal, the portal engages members of the public in a game-like environment to report and vet reports of personal data sharing. More…

Members of the public sign-up to be Data Detectives and then work with other Data Detectives to report and vet data sharing arrangements found on the Internet. Data Detectives are responsible for content on theDataMap™.

See the debut of theDataMap™ from the “Celebration of Privacy” during the 2nd International Summit on the Future of Health Privacy here:

How the Insurer Knows You Just Stocked Up on Ice Cream and Beer

View the full article at How the Insurer Knows You Just Stocked Up on Ice Cream and Beer.

Your employer already has access to personal medical information such as how often you get check ups and whether you’re taking prescription mediation through your insurance carrier, but now some companies are beginning to monitor where you shop and what you eat.

Some key quotes from the article:

“…But companies also have started scrutinizing employees’ other behavior more discreetly. Blue Cross and Blue Shield of North Carolina recently began buying spending data on more than 3 million people in its employer group plans. If someone, say, purchases plus-size clothing, the health plan could flag him for potential obesity—and then call or send mailings offering weight-loss solutions.”

“Some critics worry that the methods cross the line between protective and invasive—and could lead to job discrimination. ‘It’s a slippery-slope deal,’ says Dr. Deborah Peel, founder of Patient Privacy Rights, which advocates for medical-data confidentiality. She worries employers could conceivably make other conclusions about people who load up the cart with butter and sugar.”

“Analytics firms and health insurers say they obey medical-privacy regulations, and employers never see the staff’s personal health profiles but only an aggregate picture of their health needs and expected costs. And if the targeted approach feels too intrusive, employees can ask to be placed on the wellness program’s do-not-call list.”

Private traits and attributes are predictable from digital records of human behavior

Picture a box with 2,000 or 10,000 puzzle pieces inside—any one puzzle piece reveals nothing about the picture. But when all the pieces are assembled, an incredibly detailed picture FULL of information is created.

The data mining industry—including Google, Facebook, Acxiom and thousands more unknown corporations and foreign businesses—assembles the puzzle of who we are from thousands of bits of data we leave online. They know FAR MORE than anyone on Earth knows about each of us—more than what our partners, our moms and dads, our best friends, our psychoanalysts, or our children know about us.

The UK study (abstract below) shows how easy it is for hidden data mining companies to intimately know us (and sell) WHO WE ARE.

Most Americans are not aware of the ‘surveillance economy’ or that data miners can easily collect intimate psychological and physical/health profiles of everyone from online data.

The study:

-“demonstrates the degree to which relatively basic digital records of human behavior can be used to automatically and accurately estimate a wide range of personal attributes that people would typically assume to be private”

-“is based on Facebook Likes, a mechanism used by Facebook users to express their positive association with (or “Like”) online content, such as photos, friends’ status updates, Facebook pages of products, sports, musicians, books, restaurants, or popular Web sites”

-correctly discriminates between:

  • -Homosexual and heterosexual men in 88% of cases
  • -African Americans and Caucasian Americans in 95% of cases
  • -Between Democrat and Republican in 85% of cases
  • -For the personality trait “Openness,” prediction accuracy is close to the test–retest accuracy of a standard personality test

The “surveillance economy” is why the US needs FAR STRONGER LAWS at the very least to prevent the hidden collection, use, and sale of health data, including everything about our minds and bodies, unless we give meaningful informed consent.

This urgent topic, ie whether the US should adopt strong data privacy and security protections like the EU—will be debated at the 3rd International Summit on the Future of Health Privacy June 5-6 in DC (it’s free to attend and will also be live-streamed). Register at: www.healthprivacysummit.org