HEALTH 2.0: Getting the PHR, Privacy and Deborah Peel issue off my chest

I’m a card carrying member of the ACLU. I oppose the Patriot Act. And I absolutely oppose the current Administration’s decision to ignore the FISA law that already bends over backwards to help the government spy on Americans whom it suspects of criminal activity. I’m also appalled when I read stories like this one—in which the FBI has been illegally abusing its power by issuing “National Security letters” willy nilly.

I say all this because it’s now a couple of weeks since Google announced it’s health initiative and during that time we held the second Health 2.0 conference. And all the mainstream press can write about is the potential for privacy violations in online health sites, and PHRs, whether it’s been in the San Diego Union Tribune, ZDNET, USA Today or Modern Healthcare.

So even this balanced article in the Washington Post leads with Deborah Peel from Patient Privacy Rights and you have to wade through her incendiary rhetoric before you get to some sense from John Rother, while David Kibbe’s rational applauding of electronic health records only appears towards the end. Here’s what Peel says:

Many online PHR firms share information with data-mining companies, which then sell it to insurers and other interested parties, Peel said.

Well I’m still waiting to see the proof about this. Essentially she’s saying that consumers’ identifiable data is being sold and used against them, and so PHRs are bad.

Much data is of course sold in health care, but as far as I’m aware it’s all de-idenitifed. Whether PHR companies are systematically selling data is unclear. Whether they are selling identifiable data (the thing HIPAA bans and everyone agrees is a bad idea) I severely doubt.

And the problem is that this type of allegation gets the conversation completely off track. The biggest problem with the US health care system and its use of technology is not privacy violations. It’s inefficient use of data causing harm (and costs and poor quality care).

I am getting more than a little annoyed with this focus on the wrong thing. As my commenter JD paraphrased in my earlier piece on the topic (5th comment down here), do the Deborah Peels of the world not use bank accounts or credit cards? Do they not buy houses or have credit scores? Do they not know about what is already known about them in the real world? People understand this data flow and they accept it because it brings them a return that they value. And the same will be true for health information—if health information technology produces valuable results

So what are the nay-sayers going on about? Well I actually suffered and read the World Privacy Forum report on PHRs by Robert Gellman. It’s a hash of conjecture with its main complaint being that HIPAA doesn’t explicitly cover PHRs. Well, no shit Sherlock. HIPAA passed in 1996. It was actually was prepared years earlier and it’s about the automated transactions that existed then. No one had heard of a PHR in 1995, so why should the law cover them? What will happen is that PHRs will start being provided by covered entities and will be under the aegis of HIPAA (in this country at least—it’s called the “World” privacy forum but in reading the report Gellman only has heard of one country apparently).

But even if PHRs are not covered by HIPAA, what are the terrible consequences? Well let’s see. I’ve taken a few excerpts from the report. In the first Gellman says:

Regardless of the PHR’s policy on marketing disclosures, advertising can provide a method for a consumer’s health information to escape into marketing files. Marketers already have millions of names of consumers categorized by specific diseases and diagnoses. Most of the information comes from consumers who provided it in response to “consumer surveys” or through other stealthy methods for collecting health information for marketing use. Health records maintained by health care providers have been unavailable to marketers directly, but commercial PHRs operated outside of HIPAA offer marketers the promise of more and better health information from consumers.

So the problem is not PHRs. It’s consumer surveys taken over the years by marketers. But let’s blame PHRs because they might potentially be used for the same thing.

But hang on, if I’m a transparent PHR vendor won’t I drive out the scummy guys who are secretly selling data which will be used to harm their customers? And aren’t Microsoft and Google and many others being transparent about that? Yes they are, and why won’t consumers vote with their data?

But if you want to lock your data away in a place where
no marketer will get it without your permission, apparently a vault,
even a Healthvault, is not good enough. Here’s what Gellman says next:

Suppose that a consumer has a totally secure safe in
her home that can only be opened with her express approval. The
consumer writes down her Social Security Number (SSN) on a piece of
paper and puts that paper in the safe. Is her SSN more protected than
before? Not really. Everyone else who had the SSN before the paper was
deposited in the safe still has it. That includes banks, the IRS,
credit bureaus, employers, the Social Security Administration, a
partner or spouse, and perhaps dozens of other agencies and
organizations. The locked safe does nothing to enhance the privacy of
the SSN, although the privacy and security of that one piece of paper
may well be improved.

For health records, the information in the PHR must
originate from somewhere. Prime sources are physicians and insurers,
but in some PHRs consumers can also add information about their use of
supplements, gyms, and so forth. The health information about consumers
held by their physicians, health plans, dentists, laboratories,
pharmacies, and others remains exactly where it was before it entered
the PHR. That information is subject to the same good or bad rules or
practices that applied before the deposit of the information in the PHR.

So the problem with the vault is that it
contains health data, and that data doesn’t originate in the vault. And
so those nasty people in the health care business who have been selling
your data still have a copy of it and will keep selling it, even
thought you have a copy in a vault. And your data is still out there,
as Gellman makes clear.

No one who had the ability to obtain health
information before a copy entered the PHR need pay any attention to the
PHR or any consumer controls on the PHR. The records that were
available before from other sources remains available. For example,
health fraud investigators can obtain patient records for their work.
Putting a record in the PHR changes nothing because the fraud
investigators can still obtain the record from the physician or health
plan. The PHR record is a copy but not the only copy. Consumers who see
the control promised by PHR vendors may be easily confused about the
meaning of that control.

So how again is this the fault of the PHR vendor (or
non-PHR vendor as Microsoft insists it is)? This entire diatribe is
aimed at the wrong direction—inappropriate use of data that exists due
to what is currently normal activity in health care. It has nothing to
do with PHRs other than these nay-sayers use the PHR to get in the
news—and apparently no one has the sense to oppose them.

Meanwhile for those of you still reading the
report, Gellman wonders off into the absurd—apparently losing your
health data is good for you:

As time passes, as people move, and as people change
physicians, older information tends to disappear, get lost, or remain
disconnected from current information. That benefits privacy, although
the loss of some old information may sometimes, but not always,
negatively affect health care. PHRs may bring old information together
in ways that may not please consumers all of the time.

Let me give one teeny example to show why not
losing your old data—or at least having it available—might be a good
idea. I have a good friend who sliced his finger off in an accident. At
the emergency room they stitched it back on. They then asked him if
he’d had a tetanus shot in the last ten years. He had no idea because
he had no PHR. So they gave him a tetanus shot. Five days later he got
numbness in his feet. He spent three days being mis-diagnosed at vast
expense before someone asked him about that tetanus shot. Had he had
even that recent week old data in a PHR or EMR a decision support tool
using it might have suggested a rare but very serious complication from
a tetanus shot—the one that he might not have needed in the first
place—called Guillain-Barres syndrome.
The delay in diagnosis can be fatal and can certainly cause paralysis.
Would my friend have been helped by a comprehensive PHR/EMR? You bet he
would. But Gellman seems to think that it’s not worth keeping old
information about inoculations or previous events because having that
information “may not please consumers all the time.”

I was so ticked off by this report that I even went to
Deborah Peel’s organization’s website — which the World Privacy Forum
links to — and looked at the long list of privacy violations in their “True Stories” fact sheet.

And what’s the takeaway? Most of these violations were
one-off accidents or criminal activity. There weren’t very many of them
and most of them concern paper records. And most of them had relatively minor consequences.

So why are these zealots so opposed to PHRs and online
health sites—all of which are being offered by companies that have far,
far more to lose than to gain from betraying their consumers’ trust?
And why are they so loathe to mention the potential benefits of the
spread of PHRs, EMRs and other health information tools?

You would think it’s because they care about the
consequences. And while the consequences of having these sites mean
incredible benefits to their users (here’s just one shining example),
the consequences of a breach of health privacy can be bad, including
losing insurance, employment and enduring social embarrassment. 

But hang on a minute. the most potentially devastating of these is losing insurance. But you can already
lose the chance to get insurance (and of course retroactively lose it
when you’re sick) due to information that you are forced to give up in
the application process. That’s far more prevalent and impacts far more
people than some secret information getting out from a PHR and a
malevolent insurer surreptitiously using it. It’s done right in plain
sight! We know all about that in California.

So we should (as I advocate) take the obvious tack and
ban discrimination based on health information—especially with regard
to insurance coverage.

Why haven’t Deborah Peel and the people behind the
Patients Privacy Rights organization gone down that path? I have yet to
hear her ever mention that in an interview, and yet it’s a much, much
bigger problem than PHR privacy violation.

So I took a little look as to who is on the board of
Patients Privacy Rights. The board includes a veteran Texas Democrat
called Ben Barnes and Kim Ross, an Internet consultant who would appear
to have no axe to grind. But then you start seeing some vested

The board includes several people with affiliations to
organizations that have benefited from the screwed up state of our
current health care system. Peel and Bob Pyles are mental health
clinicians. They would seem to have a legitimate concern about patient
care being harmed if those patients fear that their sensitive
information will be shared without their permission. But that’s not all

How did Peel start getting involved in the privacy
issue? By opposing the Clinton plan because it was supposedly going to
put all information in one big database (which in itself is a very
strange and erroneous reading of that plan). Ed Baxter is a former
lobbyist for Blue Cross of Texas who’s worked with the HIAA. Who’s
HIAA? It was the group behind the Harry & Louise adverts that
helped kill the Clinton plan. And Kim Ross is a former lobbyist for the
Texas Medical Association.

I have no doubt that they have an unbending commitment
to patient privacy that’s strongly held and well intentioned. But
that’s clearly not the only view they hold. I think I’ve found the
answer from the organization’s mission

Without health privacy, electronic health systems will create whole new classes of people who are unemployable, uninsurable and dependent on government, simply because of an illness or genetic risk of disease (my emphasis added)

So I’m not sure this is about privacy at all. I think
this is about a bunch of naysayer anti-“government of any stripe” types
wanting to do anything they can to prevent a rationalization of the
health care system because the government might be involved. Today
they’re opposing EMRs and PHRs, tomorrow it’ll be insurance reform, and
who knows what next.

Perhaps it’s their goal to have a health care system
with no records of any kind. Then there’ll be no privacy violations.
But then again, the quality of the health care won’t be too great.

The rest of us should just ignore them. Instead we can
get on with the serious discussion of how to reform the insurance
market and how to develop and use information tools to improve the cost
and quality of health care. Privacy is important, and it’s too
important to be left in the hands of these extremists.

So can the reporters of America please think about that when they’re writing about online health information?

Livongo’s Post Ad Banner 728*90

Leave a Reply

14 Comment threads
0 Thread replies
Most reacted comment
Hottest comment thread
14 Comment authors
Matthew HoltHenry MassingaleSanfordManishLesley Recent comment authors
newest oldest most voted
Matthew Holt

Modest correction to Sanford. The commenter JD is NOT JD Kleinke the of Omnimedix, but another separate health care industry employee who has no connection to an EMR o PHR company

Henry Massingale

Wow, It was stated that Health care is not a moral issue,hmmmm As for the Patriot Act, when the Use of a Law and its goal as a moral building block, then that Law is within its creation, but miss-used by a people, then it has lost the weight of its design,{The Patriot Act Is Of A Moral Law}to protect the people Of The United States Of America…… Please allow me to share a little story with you. As I watched my mom die from cancer, and Health care Insurance Companies dumped on her as if she was no more… Read more »


For those of you excited by the arguments of the PHR vendors, don’t forget, they have a product to sell, and they are desperate to sell it. Matthew Holt’s “commenter,” J.D., is just another vendor (Omnimedix), and has a lot to lose if his version of the PHR isn’t picked up, as well as if the whole concept of PHR isn’t picked up. We’d all do well to keep in mind that we must have watchdogs out there questioning every step of this. So instead of vilifying the watchdogs, just keep your eye on the pulse of the debate and… Read more »


I think Healthcare is a right to know regarding oneself. And this right has to be more patient focussed rather than care provider focussed as it is today.


This was a great post because I am starting to get a PHR together and I’m torn: — on one hand, it doesn’t seem like a good idea to have all my info in one place where it can be mined for advertisting and god-knows-what else. — on the other hand, I have a chronic condition, rheumatoid arthritis, and I am uninsurable, except through group health plans that HAVE to take me. This is all fairly well documented in my health records that I have to send to every insurance company and every doctor. It’s considered fraud not to disclose… Read more »


Thank you for drawing our attention to the right focus. As you wrote, “the biggest problem with the United State’s health care system and its use of technology is not privacy violations. It is the inefficient use of data causing harm (and costs and poor quality care).” You managed to introduce common sense back into the discussion; the setting up of national health care information adds no additional risk to patient’s privacy rights than what actually exists now. The information uploaded to the system is a mere copy, not the original. In fact, what is uploaded can be de-identified, thus… Read more »

Bryan Walser, MD, JD
Bryan Walser, MD, JD

Re: your comments on PHR, privacy & Deborah Peel — We’d like to draw your attention to substantial elements of misinformation and misinterpretation included in a note recently published in Healthcare IT News, on 3/21/08, titled “Patient privacy rights advocate attacks plans to mine medical records.” Perlegen shares with Dr. Peel, the author of the note, the highest regard for maintaining patient privacy. We are actively working to protect that privacy in the context of realizing the substantial clinical benefits we all might expect from the advent of more personalized medicine. Making personalized medicine a reality relies on the discovery… Read more »

Neil Ferree
Neil Ferree

If you’re a frequent flyer road warrior and find yourself on a gurney in some E.R. room in need of urgent medical attention while away from home, seems to me you would absolutely want the attending Doc or E.R. medic to have immediate access to your personal health information (PHI) so they could abide by the “due no harm” mantra. Whether your personal health info is stored in a CCR or EHR or PHR or some other portable appliance, so long as the Doc can instantly and accurately identify (you are you) and immediately find out what Meds you’re taking… Read more »


Matt, You need to consider the following about HIPPA. The Bush admin repealed the HIPPA consent provision which required gaining a patient’s consent before his or her medical informaion could be shared for “health care operations,” and this is what opened the door to doctors, big Pharma, and other companies and entities being able to access a person’s medical information.In your home of the UK, 60 percent of doctors have stated that they will refuse to upload patient’s medical records into the Connecting for Health database because it violates people’s right to privacy. And this is in a nation with… Read more »


Good rant, Matt!
Speaking of privacy, has anyone checked out Google street view lately? If you live in a major city, there is a good chance you can see an up-close view of your house. Wonderful yet creepy.

Vince Kuraitis

I’m with you.
Is our energy truly best directed to worrying about 1) preventing a potential privacy violation or about 2) preventing getting killed or maimed in the health system due to lack of information technology and care providers having the right information at the right time?
#1 is a very valid, but mostly theoretical concern.
#2 is a very real problem affecting all of us today.


“You have zero privacy anyway. Get over it.”
Scott McNealy, CEO Sun Microsystems 1998

John, Industry Analyst, Chilmark Research

Good post Matt and like you, I’ve been on a similar crusade/rant to get people to start thinking beyond the simplistic view that all PHRs are bad, that all pose the risk of selling your data, etc., etc. Written on the topic myself a couple of times, but not quite to the extent as this. Hopefully, te press will get beyond the sensationalist journalism we have seen so far and really take an honest look at the issue. Some points I’d like to add: First, you and others mention HIPAA. It’s tossed around like some rag doll at a kid’s… Read more »


Excellent post. It’s time soneone held Deborah Peel accountable for her unfounded and unhelpful rhetoric. She has managed to make herself the go-to person for dramatic (if false) quotes to buck up so-called news reports. It’s just one more symptom of the prostrate status of journalism today. Writers and editors run her quotes without ever investigating whether there is anything behind them but bald assertions. That’s not journalism—it’s sheer laziness. Proves the point that the easiest person to sell a half-baked story to is a storyteller. Peel fancies herself a crusader and has all the appurtenant failings. Going off half… Read more »