While there has been much focus lately on the ways in which ObamaCare is chilling the growth of private business, we should not overlook the continuing deleterious effects of the one surviving relic of HillaryCare, the Health Insurance Portability and Accountability Act (HIPAA). Quietly, September 23 came and went as the compliance effective date for a new rule, expanding the reach of HIPAA, and likely driving many smaller players out of the health care industry.
Spearheaded by then First Lady Clinton, HIPAA was established in 1996 to improve privacy of personal health information, referred to as protected health information, or PHI. It requires health care providers, known as “covered entities,” and their vendors, contractors, and agents with access to PHI, known as “business associates,” to comply with certain privacy standards under its “Privacy Rule,” and with certain security standards under its “Security Rule,” in order to protect sensitive health information that is held or transferred in electronic form.
Over the past decade, equipped with the noble aim of protecting our privacy, HIPAA has successfully demonstrated the power of the law of unintended consequences. Improved protection of PHI has been marginal. However, HIPAA has impeded communication among physicians, reduced physician time devoted to patient care, and deterred medical research. And all at an enormous cost of compliance. While estimates vary widely, the cost of compliance for many providers has been in the millions.
Now, rather than take heed, the government has decided to double down through expansion. Under the Health Information and Technology for Economic and Clinical Health Act (HITECH), a corollary of HIPAA, promulgated to create incentives to facilitate the development of healthcare information technology, the government has sought to update the requirements of HIPAA in light of the changing dynamics of technology and health practices, increasing the safeguards and obligations of health care providers and their business associates.
Continue reading “Another Law Raising the Cost of Health Care”
Filed Under: OP-ED, THCB
Tagged: HHS, HIPAA, HIPAA Omnibus Rule, HIT, HITECH Act, Josh Tenzer, Patient privacy
Nov 21, 2013
As Congress begins investigations into the Affordable Care Act rollout and the healthcare.gov flaws, Republicans are calling for resignations as far up as the Secretary of Health and Human Services. The logic goes: if managerial issues were behind failures to test the website component of the federal health care exchange, we need new management.
That concern is a valid one. In the private sector and often times in the public sector, when misakes happen—particularly in an area critical to the executive’s interests—heads roll.
Yet, Kathleen Sebelius will stay, and Republicans have no one to blame but themselves.
Why is this? In an ironic twist of fate the Republican Party’s obsession with filibustering, delaying, or holding executive branch nominations will finally have negative consequences for the GOP instead of the president.
Over the past several years, Republicans in Congress had refused to confirm a director of the Consumer Financial Protection Bureau because they did not like the law that authorized the agency. They refused to confirm nominees to the National Labor Relations Board because of opposition to unions. They put a hold on the chairman of the Federal Communications Commission for fear he may require more transparency in campaign activity. The examples go on.
Why, then, would President Obama remove Secretary Sebelius and nominate a replacement? The HHS Secretary oversees the implementation of the Affordable Care Act. And GOP opposition to CFPB or NLRB or FCC pales in comparison to the visceral and existential contempt the party feels toward Obamacare. Given such opposition, the president would be foolish to make such a change in HHS leadership.
Continue reading “Should Sebelius Resign?”
Filed Under: THCB
Tagged: GOP Repeal, Healthcare.gov, HHS, John Hudak, Kathleen Sebelius, Obama administration, The Affordable Care Act
Oct 27, 2013
My sense is that the biggest reason Obamacare is now in trouble is because of the top-secret way in which the administration has handled the rollout. If they had developed the computer system in a transparent way, the marketplace would have told them long ago this would not work.
No one outside the inner circle at the Department of Health and Human Services has any idea what’s really going on behind the Wizard’s curtain. Hasn’t for months. Doesn’t now.
So any technical advice any of us could give would be, to say the least, uninformed.
If I were on the inside, and it were up to me, the first thing I would do is bring in a group of heavyweight information technology experts to tell me just what was really going on. The administration cannot trust the people who have been working on this because they told them to launch this mess on October 1 and almost three weeks in there has been no improvement on the website or in the backroom––they no longer have credibility.
I would ask those experts to very quickly answer three questions:
- Can this thing be fixed on the fly––as the administration appears to be trying to do?
- If it can’t be fixed on the fly––and three weeks into this that sure looks doubtful––then can it be taken down for one or two months with a high degree of confidence it can be brought back up in time to enroll people sooner rather than later?
- If the first two options are not possible, just how long will the computer system have to be shutdown before Obamacare can be launched in a way that there can be confidence it will work smoothly?
Then I would take their advice.
Continue reading “Should the Obamacare Exchanges Be Shut Down?”
Filed Under: OP-ED, Tech, THCB
Tagged: Health Insurance Exchanges, Healthcare.gov, HHS, Obamacare, Robert Laszewski, The Affordable Care Act
Oct 19, 2013
The U.S. government shutdown continues to claim victims.
The latest is HealthIT.gov, the website designed to help doctors and hospitals make the transition to electronic and make better use of health information technology – a key component of Obamacare’s drive to transform healthcare.
The Health Information Technology Office of the National Coordinator posted a brief announcement on the site informing visitors to HealthIT.gov that “information … may not be up to date, transactions submitted via the website may not be processed and the agency may not be able to respond to inquiries until appropriations have been enacted.”
Officials also sent a tweet saying that the ONC regrets to inform us that while the shutdown continues it will “not tweet or respond to tweets.”
This struck THCBist as slightly odd.
After all, if you’re looking for an inexpensive way to communicate with the public in a pinch, Twitter seems like the perfect choice. We get that government websites are ridiculously expensive things to run. Blogs are considerably cheaper. Operating a Twitter account — on the other hand — is almost free. Our brains were flooded with scenarios. How much could the ONC possibly be spending on Twitter? And for that matter, didn’t the Department of Defense originally invent the Internet to allow for emergency communication during times of national crisis? Doesn’t a fiscal insurrection by cranky Republicans qualify?
Fallout for the National Health IT Program
While federal officials have issued repeated assurances that the shutdown will not impact the Obamacare rollout, it does look as though there will be a fairly serious impact on the administration’s health IT program. If HHS sticks to script, only 4 of 184 ONC employees will remain on duty during the shutdown. That makes it sound like activities are going to have to be scaled back just a bit.
If you’re counting on getting an incentive payment from the government for participation in the electronic medical records program, you may be in trouble — at least until the stalemate is settled. Although ONC has not yet made an official statement, presumably because the aforementioned Twitter channel has been disabled, leaving the agency unable to speak to or otherwise communicate with the public, going by the available information in the thirteen-page contingency plan drafted by strategists at HHS, it is unclear where the money will come from.
This could be bad news for electronic medical records vendors counting on the incentive program to drive sales as the Obamacare rollout gets officially underway.
Continue reading “Washington In Crisis: ONC Announces That It Will Not Tweet Or Respond to Tweets During Shutdown”
Filed Under: Tech, THCB
Tagged: Data, EHR, government shutdown, HHS, HIPAA, HIT, ONC, public health messaging, THCBist, The Affordable Care Act
Oct 1, 2013
Health IT Week demonstrated a double barrel strategy to segregate patient information from provider information. Providers already have the power to set prices and health IT plays the central role.
By rebranding HIPAA as “Meaningful Consent” and making patients second-class citizens in Meaningful Use Stage 2 interoperability, providers and regulators are working together to keep it that way.
Essential consumer protections such as price transparency or independent decision support are scarce in the US healthcare system. The journalists are shouting from the rooftops.
There’s $1 Trillion (yes, $3,000 per person per year) of unwarranted and overpriced health services steering the Federal health IT bus with an information asymmetry strategy. Those of us that want to see universal coverage succeed need the information transparency tools to drive for changes.
Here’s how it works: The department of Health and Human Services (HHS) controls the health IT incentives and regulations. HIPAA applies to most licensed health services providers. Laboratories and devices are regulated by Medicare and the FDA.
Unlicensed services offered directly to patients, such as personal health records, web info sites and apps are regulated by the FTC. Separate regulatory domains facilitate the segregation of information and contribute to the lack of transparency by making patient-directed services use delayed and degraded information. This keeps independent advice from FTC-regulated service providers from illuminating the specific abuses.
The segregation of patient information from “provider” information is the current federal regulatory strategy. It’s even more so in the states. By making patients into second-class citizens, the providers can avoid open scrutiny, transparent pricing, and independent decision support.
Federal regulators then create a parallel system where information is delayed, diluted, and depreciated by lack of “authenticity”. This is promoted as “patient engagement”. For regulators, it’s a win-win solution: the providers support the regulation that enables their price fixing and many patient advocates get to swoon over patient engagement efforts.
The proof of this strategy became clear on the first day of Health IT Week – the Consumer Health IT Summit.
Continue reading “A Troubling Strategy at Health IT Week”
Filed Under: Tech, THCB
Tagged: Adrian Gropper, Blue Button, HHS, HIPAA, HIT, HITECH Act, independent decision support, Meaningful Consent, Meaningful Use Stage 2, National Health IT Week
Sep 19, 2013
Two years ago, the Department of Health and Human Services released proposed regulations that would allow patients to obtain their clinical lab test results directly from the lab, rather than having to wait to receive the results from their health care provider. CDT and other consumer groups enthusiastically supported this proposed rule at the time of its release.
Yet an Administration largely characterized by increasing patient access to health information seems inexplicably unable to close the deal on this important access initiative. As a result, patients still must wait for their providers to contact them with test results.
Under the current regulations, known as the Clinical Laboratory Improvement Amendments (CLIA), laboratories are restricted from disclosing test results to patients directly. Instead, labs can only send the test results to health care providers, people authorized to receive test results under state law or other labs. Only a handful of states permit labs to send patients test results directly, and some of these states require the provider’s permission before patients can have the results. The HIPAA Privacy Rule reflects this restriction, exempting CLIA-regulated labs (which are the great majority of clinical labs) from patients’ existing right to access their health information.
This existing regime has put patients at risk. A 2009 study published in the Archive of Internal Medicine indicated that providers failed to notify patients (or document notification) of abnormal test results more than 7 percent of the time. The National Coordinator for Health IT recently put the figure at 20 percent. This failure rate is dangerous, as it could lead to more medical errors and missed opportunities for valuable early treatment.
The 2011 proposed regulations would modify CLIA to permit labs to send results directly to patients, and they would also modify the HIPAA Privacy Rule to give patients the right to access or receive their lab results. Contrary state laws would be preempted. Patients would have the ability to request their lab results in a particular form or format, as with their other health information; for example, patients could request a paper copy of their test results, or to have the results sent electronically to the their personal health records
Continue reading “Give Us Our Damn Lab Results!!”
Filed Under: OP-ED, THCB
Tagged: Alice Leiter, Center For Democracy and Technology, CLIA, Deven McGraw, HHS, HIPAA, Privacy, Test Results
Sep 15, 2013
In the wake of the National Coordinator’s announcement that he is departing, there has been a flurry of tweets, blog posts, impromptu online polls, and conjecture about the most likely successor. To date, none of these conversations has resulted in a thoughtful assessment of the set of characteristics that would represent the ideal candidate, nor has there been any thorough review of the most likely candidates in the context of these attributes. The need for a rapid transition to a successor is well understood by all – yet there has been no indication that the Obama administration is in a hurry. Let’s hope that we can evolve them toward a greater sense of urgency. The fragility of ONC – and the importance of its health – can’t be overlooked.
Let’s consider some history:
The first two National Coordinators, David Brailer and Rob Kolodner, were appointed before ARRA. The agency was small, focused largely on certification (through CCHIT), standards (through HITSP) and policy. When ARRA arrived, David Blumenthal, a thoughtful, deliberate, policy-savvy internal medicine physician from Boston was brought in to lead the rapid expansion of health IT that was facilitated by the HITECH Act.
ONC expanded under Blumenthal from a team of ~ 30 people to a team of >100 in the two years that he was at the helm, and the agency published the 2011 certification criteria regulations, and collaborated with CMS to publish the regulations that defined stage 1 of the Meaningful Use incentive program. The policy foundation was that the three-stage program – to be implemented over six years – would evolve the nation’s care delivery system by causing adoption of EHR technology (stage 1) and then exchange of clinical information electronically (stage 2) and finally improved clinical outcomes (stage 3).
Farzad Mostashari, who joined Blumenthal as the Deputy National Coordinator early in Dr Blumenthal’s tenure, was quickly named as Blumenthal’s successor when Blumenthal announced his resignation in the Spring of 2011. Both Mostashari and Blumenthal pushed hard for Mostashari’s appointment – so that the consistency, focus and forward momentum of the organization could be maintained.
And so it was. Under ARRA, adoption of EHRs has skyrocketed. The CMS MU Stage 2 regulations and the ONC 2014 certification regulations were published, and the size of the agency has doubled to over 150 people. Recognizing the need for experienced partners to assist him in leading a larger agency – and growing national reliance on health IT and an essential component of the care delivery ecosystem – Mostashari hired David Muntz as the “Principal Deputy” (essentially the COO of the agency), Jacob Reider as Chief Medical Officer (leading a team of clinicians focused on quality and safety) and Judy Murphy as the Deputy National Coordinator for Programs and Policy (adding internal coordination support for ONC programs).
Continue reading “Replacing Farzad”
Filed Under: OP-ED, Tech, THCB
Tagged: ARRA, CMS, EHR, Farzad Mostashari, HHS, HIT, HITECH Act, Meaningful Use, ONC, Physicians, software
Aug 22, 2013
Stealthily, AHRQ has acquired a new head, but the ax still hovers over it.
Very quietly, researcher Richard Kronick, PhD was named by the Department of Health and Human Services (HHS) to be the new director of the Agency for Healthcare Research and Quality (AHRQ). He joins an organization that remains squarely on the House GOP’s chopping block and with few friends strong enough to ward off the blow.
Last fall, when a House appropriations subcommittee voted to eliminate all AHRQ funding, I wrote that the agency’s execution went almost unnoticed: it didn’t even rate a separate mention in the committee’s lengthy press release.
Back then, the House GOP’s big target was Big Bird, a/k/a funding for public broadcasting. Since then, the rampaging Republican right-wing has decided it won’t approve subsidies to farmers unless it can also slash food stamps to the poor and that undocumented immigrants are mostly a law-and-order problem, not a human one. That these positions contradict views held by many conservative Republican senators, governors and party leaders has had little to no effect.
Enter Kronick, after a months-long search to replace Dr. Carolyn Clancy, who’d held the top AHRQ post since February, 2003. Oddly, the announcement by HHS Secretary Kathleen Sebelius wasn’t posted on the HHS website or even the AHRQ one. Searching Kronick’s name simply turned up press releases from his current position as deputy assistant secretary for health policy. According to MedPage Today, the naming of Kronick was made “in the department’s daily electronic afternoon newsletter.”
Why? My guess: politics.
Clancy was known for good relations with policymakers of both parties; she was upgraded from “acting director” to permanent status during the George W. Bush administration. Her predecessor, Dr. John Eisenberg, enjoyed a similar bipartisan rapport. Of course, that was before conservatism gave way to crusaders. Kronick, by contrast, has a background almost tailor-made to tick off Tea Partyers.
Continue reading “In a Quiet Move, Washington Replaces the Head of AHRQ. Is It Too Late to Save the Agency?”
Filed Under: OP-ED, THCB
Tagged: AHRQ, Carolyn Clancy, GOP, HHS, Michael Millenson, Richard Kronick
Aug 22, 2013
Secrecy breeds suspicion. The role of secrecy in health care is practically non-existent so when we see examples of secrecy, as in the operational details of the Federal Data Services Hub, we get the recent outcry from a range of politicians and journalists waving privacy flags. For Patient Privacy Rights, this is a teachable moment relative to both advocates and detractors of the Affordable Care Act.
There’s a clear parallel between the recent concerns around NSA communications surveillance and health care surveillance under the ACA. Some surveillance is justified, to combat terrorism and fraud respectively, but unwarranted secrecy breeds suspicion and may not help our civil society.
“The Hub” is described by the government as:
“For all marketplaces, CMS [the Centers for Medicare and Medicaid Services] is also building a tool called the Data Services Hub to help with verifying applicant information used to determine eligibility for enrollment in qualified health plans and insurance affordability programs. The hub will provide one connection to the common federal data sources (including but not limited to SSA, IRS, DHS) needed to verify consumer application information for income, citizenship, immigration status, access to minimum essential coverage, etc.
CMS has completed the technical design, and reference architecture for this work, is establishing a cross-agency security framework as well as the protocols for connectivity, and has begun testing the hub. The hub will not store consumer information, but will securely transmit data between state and federal systems to verify consumer application information. Protecting the privacy of individuals remains the highest priority of CMS.”
Here’s where the secrecy comes in: I tried to find out some specific information about the Hub. Technical or policy details that would enable one to apply Fair Information Practice Principles? Some open evidence of privacy by design? Some evidence of participation by privacy experts? I got nothing. Where’s Mr. Snowden when we need him?
Continue reading “The Federal Health Data Services Hub Hubbub”
Filed Under: Tech, THCB
Tagged: Adrian Gropper, data breaches, Federal Data Services Hub, HHS, NSA, Patient privacy, Privacy, The Affordable Care Act
Aug 15, 2013
Recently, there was a bit of a dust-up over whether it was appropriate for the Secretary of Health and Human Services (HHS) to engage the National Football League (NFL) to help HHS with the process of drumming-up enrollment for health insurance exchanges. In the end, the NFL and other sports leagues decided they were not going to be involved fearing the appearance of taking political sides.
In our view HHS is better off with this outcome. To our way of thinking the exercise would not have delivered the desired results and would have left individuals confused and created a political distraction. At the heart of most public health communication plans are three main functions: create a message, deliver the message and get people to act on the message (many variations: example
, and example
). The HHS/NFL combo would likely have failed the test: What exactly does someone who catches a football for a living say that would make the uninsured purchase insurance on an exchange? While it’s easy to single out HHS and the administration, the opposition party also thinks messaging alone
will solve all of its ills but that is far from correct assumption in our view.
In terms of creating a message, our first instinct would be to recommend a governmental agency like the FCC but for healthcare. We would call it something like the clinical communications clarification committee (CCCC). However, given recent concerns about “Orwellian” government information gathering, perhaps a more open-source, crowd-sourced approach to communicating may be more readily accepted. What we have in mind is a something like Pubmed meets Wikipedia where the information is readily available, credible, and based on updated facts. Inevitably something like this would need to be proctored to keep unreliable information out. Many crowd-sourced communities do a good job of self-policing but it couldn’t hurt to have an adult watching just in case.
Assuming we can create information (the message) in a way that is understandable and credible, how to transmit this information (the medium) becomes the next challenge. While we are pretty sure the “wired generation” who wear body monitoring devices are getting the “right” information via mobile devices, the web etc., we think that more important populations that are not technologically savvy may be missing out. Dual-eligibles for example, who are major drivers of cost and poor outcomes in the system, are not in our view, easily able to access useful information via high-tech gadgetry.
Continue reading “Getting Obamacare’s Messaging Right”
Filed Under: OP-ED, THCB
Tagged: HHS, Les Funtleyder, messaging, Obamacare, public health, The Affordable Care Act
Jul 10, 2013