It’s My Life, It’s Now or Never

You can walk into a pharmacy any day and buy a test kit to find out if you are ovulating so that you can undertake family planning activities. You can buy home testing kits to screen for high cholesterol, presence of the HIV virus, even illicit drug use. You can also pony up $500 and buy yourself a genetic test kit from 23andMe, a retail DNA testing service, to find out what might be in your genetic blueprint. Hey, you can even visit a fortune teller if you feel that is how you want to make pre-emptive healthcare decisions.

While some might look askew at how you get information to make choices about your life, it is rare that someone steps in and tries to stop you from doing so. In general, the American way is to say, “Hey, you’re an adult and it’s your life. If you want to engage in self-actualization, whether or not it has a scientific basis, that’s your beeswax.”

As medicine has evolved to a point where over-the-counter testing has become more and more accessible, many consumers have responded to the perceived advantages of privacy, convenience and the heightened ability to make health decisions early. In fact, these are part of the key principles espoused by those who believe that consumers have a right to their own healthcare information. The idea is that the information is about you, the healthcare consumer, and thus should be both readily available to you and yours to do with what you wish. And yet, that is not always the case. Often it’s not even close.

Oddly, our healthcare system has evolved in such a way that your
medical records are owned by the physician or hospital or insurance
carrier that oversees what happens to you, but do not, in the end,
belong to you. Essentially, your medical information is owned by some
one else. The records are about you, for goodness sake. Why shouldn’t
you have full access to the data whenever and however you want just as
you would if you took a home pregnancy test?

A story that came out of UC Berkeley this month once again puts this
controversy in the spotlight. As part of a long-standing tradition, my
alma mater has had a mission to examine “issues of profound societal
importance for the benefits of students and the public.” To achieve
that objective, they have traditionally asked all incoming new students
to read a common book and then take multiple classes that use that book
as part of a grander curriculum to study issues of great societal
importance. This year, as an alternative to asking students to read the
assignment, the university decided instead to “examine the DNA-based
technologies certain to alter medical care in the years ahead.”
Specifically, students will be offered the opportunity to look at three
of their 20,000-plus genes to learn how they digest milk products and
metabolize alcohol and whether they need more folic acid, a vitamin
found in leafy green vegetables.”

The idea was to use genetic testing to engage students in a debate about the ethical, legal and social issues raised by the burgeoning fields of genetics and personalized medicine. The program’s sponsors said “they specifically chose genes that were not connected to serious health issues.” More than 5,000 genetic testing kits were sent to incoming students. Seven hundred samples were already returned when this was reported in the San Francisco Chronicle:

Under pressure from state public health officials, the professors behind U.C Berkeley’s controversial plan to genetically test incoming freshmen and transfer students said Thursday that they will scale back the program. Participants will not receive personal results from their DNA samples. The university raised the ire of genetic watchdog and privacy groups in May, when it first launched “Bring Your Genes to Cal.” The voluntary program is believed to be the largest genetic testing project at a U.S. university.

Why was the change implemented? According to reports, “critics said the program was pushing an unproven technology on impressionable students who could misinterpret the significance of their test results.” Mark Schlissel, dean of biological sciences at UC Berkeley, has posed this question: “Who has authority to tell an individual what they’re allowed to know about themselves? “I don’t know the answer to that.” He added: “We believe this is a flawed reading of the statute that raises questions about who has control over teaching at the university, and in the broader sense, who has control over information about our own genes.”

Participation in the gene-testing program was not mandatory, participants in the program signed consent forms and it was clear that the data would be provided to students on a confidential basis. Plus, participants in the program were adults. This is where you see the conflict between consumer engagement and traditional medicine in action. Notably, these students could go to any one of at least five websites, purchase genetic tests and receive results in the privacy of their own homes. Yet when performed under the auspices of “the healthcare system”, which is how the State of California chose to view the administration of these tests, consumers essentially lost their right to get what they paid for—data about their own bodies.

It’s interesting that who owns your medical data is so subject to debate. There should be no more fundamental right than owning data that is, in the end, about you — and you alone. This seems especially obvious when you purchase the data for your own use, which is effectively what Cal students did by agreeing to participate in the program alongside their tuition agreement.

The loudest arguments against consumers owning their medical data generally fall into two categories:

  1. The tests are imperfect so individuals should not make decisions solely from the data provided from these tests; or,
  2. The information is extremely sensitive. If it was given to an individual without a physician present, he or she might make terrible choices from that data.

The first reason is definitely worth worrying about. Consumer genetic tests have been controversial because they aren’t FDA-regulated and have not proven to provide entirely reliable results. There have been recent studies of gene testing products that have questioned the utility of these tests, saying that they produce inconsistent results more than half of the time and also produce false positive results that might lead consumers to make poor healthcare choices (Reuters).

Still, this would be a more valid argument if we didn’t have the same problem in widely accepted medical tests used by doctors every day, such as Fasting Plasma Glucose tests used to screen for diabetes, which are known to be highly inaccurate, or an abundance of diagnostic imaging tests such as mammograms. These are also notorious for false positive findings and wide variance in results, based, in part, on which clinician is interprets them. This largely leads people to the second argument: Consumers aren’t able to make good healthcare decisions alone.

This is probably right. Smart consumers use their healthcare information in conjunction with experts who are qualified to help them make treatment decisions. This is the best course, but it’s obviously not the same as saying that consumers shouldn’t have a right to see or own their own information.

I find the whole UC Berkeley debate to be somewhat of a red herring. It is easy to find out the same genetic data and even to establish your own personal health record (“PHR”) on Google Health or the Microsoft Health Vault. It is true that these have significant limitations. They don’t yet take much data directly from providers and rely heavily on consumers inputting their own data, which is not always complete. It is also true that many of these newfangled PHRs are not subject to HIPAA privacy rules and thus could be more readily accessed or abused by those other than the consumer. Yet consumers are so aggravated by the difficulty in having a comprehensive medical record that they are willing to turn to non-healthcare companies to do it on their own and take their chances on privacy.

The idea of keeping people from data about their own bodies flies in the face of what we are taught about our right to life, liberty and the pursuit of happiness, privacy and self-determination. It is clear that consumers want more access to their medical data and that advances in technology will make this a reality. As consumers are asked to take a greater role in paying for their own healthcare and managing their own health insurance, they are going to start seeking information to guide them in their new-found roles as healthcare decision-makers. Paternalistic attempts to keep patients from their own medical data, such as that in the Berkeley case, are likely to be hard to enforce. One-way communication between physician and patient is a model that has already begun to erode, as patients frequently come into their physician’s office armed with WebMD print-outs and home diagnostic test results.

While we should applaud efforts to ensure that data privacy and that home diagnostics are reliable and accurate, we must encourage greater transparency and availability of information to ensure that the true goal of consumer engagement can be realized. Companies are emerging to provide consumers with pricing data, quality data, data about medical errors and physician ratings. These are incredibly meaningful ideas, but it is the medical content that will, in the end, be the most meaningful for consumers who wish to actively engage in living a healthier life. To quote that great representative of American self-determination, Jon Bon Jovi:

It’s my life,
It’s now or never,
I ain’t gonna live forever,
I just wanna live while I’m alive

While it may not be life-changing for an 18-year old college student to know that his genes predispose him to effectively metabolize the milk in his triple shot non-fat latte, it is, as they say, the principle of the thing. If Americans are going to get as close as they can to living forever, they will need all available tools to do so. No tool is more powerful than real-time access to personal medical information that fosters highly individualized health and wellness practices. Information is power in medicine, as in every other facet of life, and every effort should be made to eliminate barriers that stand between a person and their own medical information.

Lisa Suennen is a managing member of Psilos Group, co-headquartered in the Bay Area and New York City, The firm has funded and developed more than 38 innovative companies, including ActiveHealth, AngioScore, Click4Care, Definity Health, ExtendHealth and OmniGuide. Lisa regularly posts on her blog, Venture Valkyrie.

16 replies »

  1. inchoate,
    As requested: Link defining a “covered entity”.Perhaps I’m a bit behind the times, but the recently passed HITECH Act seems to extend to “Business Associates” the same HIPAA privacy rules that were originally only applicable to Covered entities. I believe this would indicate that banks providing ACH, Lockbox, and check cashing services are now considered as under the application of the HIPAA privacy rules. At least as they apply to the business associates. Not sure how this would affect education or employment records however.

  2. ciphertext, it occurs to me you’re thinking about HIPAA’s security provisions, rather than HIPAA in its entirety (for its privacy provisions definitely encompass paper records).

  3. ciphertext wrote:

    There exists a great deal of “health” related data on individuals that isn’t covered by HIPAA (as HIPAA applies only to medical records maintained by health care providers, health plans, and health clearinghouses – and only if the facility maintains and transmits records in electronic form….

    I’m afraid you’re gonna have to produce a citation of statutory/regulatory chapter & verse, pardner, because that doesn’t sound correct a-tall.
    For example, HHS’s collection of pages summarizing HIPAA’s privacy provisions provides this description under the heading What Information Is Protected:

    Protected Health Information. The Privacy Rule protects all “individually identifiable health information” held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral.

    Thanks in advance for any update you can provide.

  4. Your technology vendor, or intermediary, has no such ethical anything. All we have in place right now is HIPAA and “reasonably” de-identified information is not protected at all. — Margalit Gur-Arie

    Margalit makes a good point concerning HIPAA, and also about copyright. As it is defined by the U.S. Copyright Office, medical records most likely aren’t considered a “work of authorship” in one of eight categoriesThere exists a great deal of “health” related data on individuals that isn’t covered by HIPAA (as HIPAA applies only to medical records maintained by health care providers, health plans, and health clearinghouses – and only if the facility maintains and transmits records in electronic form). For instance, it is possible for health data to be contained in school records, employment records, and financial records (of which insurance is an example). It is possible for someone to garner medical information about a person from non HIPAA sources. Of course, doing so means that there are other regulations (FMLA, OSHA, FERPA, and FCRA for instance) that set forth how information covered by those regulations can be stored, transmitted, and in some instances used.The availability of medical information in a variety of forms, and thus being covered by a variety of similar and disparate regulations makes for a very difficult scenario for a person to protect their medical data. Additionally, once a medical record has been subpoenaed for a legal proceeding it becomes a public record (unless the judge decides to seal all or a portion of those records). Similarly, Intelliscript and MedPoint contain information about a person’s prescription drug purchases. The MIB (Medical Information Bureau) contains coded medical data on U.S. and Canadian citizens and may contain a record on you with coded information submitted by various insurance agencies. This information consists of data elements describing high-risk activities you are involved in (such as skydiving or cigarette smoking) as-well-as potentially significant medical data such as if you are HIV or Hepatitis (variant) positive and also conditions such as asthma, depression, diabetes, and heart disease.It might be much easier to assess and control the issue of medical/health record privacy if we redefine, legally, health care data so as to include all health and medical data regardless of the recording entity. Rather than simply information based upon what entity is recording the information. Secondly, we would treat the product of such data aggregation as being private property of the individual for whom the aggregation describes.

  5. While it is true that the person who draws or photographs a subject own that work, the owner does not necessarily have the right to use such a work without the model’s permission. Same is true if one draws or photographs a public building, a person’s private property, etc. Most professional photographers must receive permission to use their works for commercial or even editorial use. The press blurs these lines, and the blogger world blurs them even more, but it’s better in copyright issues to assume tighter control than less (therefore potentially mitigating stricter liability consequences).
    As to the Berkley issue, I wonder if liability played a role in this decision. If it was thought that students might incorrectly interpret genetic results and blame the university for such a decision, I could see the university’s lawyers getting worried. To use the article’s language: if I, as a legally responsible adult, go into a fortune teller’s tent to get financial advice of my own free will, then make poor investment decisions, it’s really no one’s fault but my own (especially if the fortune teller is smart enough to have air tight legal waivers signed before she dishes out advice).
    Now consider if I visit a fortune teller because she’s part of a campus-wide event exploring spiritual and supernatural issues. Assume this person applied for and received a permit to set up shop in the business school lobby alongside the bookstore or campus cafe. Alright, the general public would still believe it was my fault for listening to someone who consults the stars rather than Forbes.
    But now consider if this person is not a “fortune teller” but a “financial advisor,” one with a commercial agreement with the campus, one who has some books for sell and some impressive “evidence” to back up his or her predictions. If I make bad investments then, there’s a blurred line: did I do so knowing all the risks, or did I accept this advice on the basis that it was supported by the university? That’s an argument I could see waged in court, especially in light of the Madoff scandals.
    The problem, of course, is that it would be up the interpretation of lawyers and the courts, which is precisely why many business and professions choose to do anything to avoid that position.

  6. Dennis;
    I guess I didn’t express myself very well in my comment, because I don’t see myself saying anything about the recipients. Let me be very clear – I do not think these tests should be allowed to be marketed in their current state, period. Never mind who can or cannot see the results. This opinion is shared by the CDC, see below:
    As for Berkeley or whichever college it was, I did not read beyond the headlines on that one so I don’t know the details, nor why they were “pressured” into withdrawing it. I think it would have been educational for the students. However, if one feels these tests should not be marketed, then why give them more publicity (and therefore business) by the tacit endorsement of a major university? Maybe that’s what people were thinking.
    Anyhow, I do not have the evil motives you ascribe to me; I am retired, and even when working made my $$ from anatomic pathology, not lab tests. Supervising the clinical lab was a major headache for which we were NOT paid by the hospital administration. Another story, but there is no conflict of interest here. Sorry you feel that way.

  7. MD as Hell, as far as I know medical records are not subject to copyright law, so no, they don’t belong to you in the sense that you are free to sell them to the highest bidder. They do belong to you in the sense that you are legally required to keep them for a certain number of years, depending on which State you practice in.
    If I’m not mistaken, you have an ethical obligation to keep those records confidential.
    Your technology vendor, or intermediary, has no such ethical anything. All we have in place right now is HIPAA and “reasonably” de-identified information is not protected at all.
    At some point, somebody will have to rule on this issue and there should be a big difference between who owns the media and who owns the actual content.

  8. If I make a free-hand drawing of you, with or without your permission, it will be a portrait of what I see. I own it.
    With your permission I can get closer to see you better and learn more about your texture, your personality, your health. It is a free-hand drawing created by me. I own it.
    If you want to draw yourself, go ahead. You own that. I may learn something from your drawing, and my impression of your drawing may influence my subsequent drawing of you. I will own that.
    If you pay me to gather data about you and to provide it to you, then you have rights to it, but not exclusive rights. The lab has a right to it. I have a right to it. I cannot exclude you from the raw data and any other service you paid for.
    Even if you go directly to the lab or imaging center and leave me out, you will not have exclusive rights and exclusive control.
    In traditional photography, unless you have the negatives, you do not have exclusive rights to the photos. Ask any wedding photographer who owns the pictures.
    So it is with medical records.
    I own mine. Even if they are about you.

  9. Margalit, I have mixed emotions on that data selling issue. I definitely think that patients who wish their data to be private should have that right. However, there is some greater scientific benefit to being able to use large databases of de-identified information for understanding such things as medication side-effects, etc. It probably makes sense for patients to be asked if it’s ok to include their data in the de-identified mass and allow them to opt out. I am intrigued by the companies that encourage consumers to share their data for clinical trial purposes, giving the consumer the direct control over this process (see https://www.privateaccess.info/ as an example).

  10. If the tests are fraudulent, they should be removed from “the shelves” and the company selling them prosecuted. If the tests are tested, and their accuracy is within FDA acceptable limits, and those limits are clearly displayed on the box, I don’t see a problem with selling them.
    Sooner or later we will all be forced to lead our lives knowing when and how we will die, just like most of us now know the gender of our babies well before they are born. That’s science fiction stuff and it is disconcerting.
    I am more interested in the immediate notion that patients “own” their records. Just for my own curiosity, Lisa, if you think that holds true, would you also advocate for abolishing the right of incidental holders of those records to sell the records in their entirety or parts thereof (de-identified)?
    It seems to me that once a lawful owner was identified, no other organization should be able to traffic in someone else’s property.

  11. Connie, I may be delusional, but not about thinking consumers can make good medical choices without a physician’s guidance. I specifically said in the post that SMART consumers use their data in conjunction with those who are expert in guiding them. Lisa

  12. Yale and UConn_Your records may be your own but they now belong to thieves:
    In addition, Lisa is delusional to think that consumers could make adequate decisions based on their test results without a physician’s guidance. Such self help patients, and perhaps Lisa, have fools for patients and fools for doctors. Finally, the home test glucose meters sold by profitteers are inaccurate (a travesty that they are allowed to be sold), but go to Bev’s lab and they can be trusted.

  13. Okay, Bev, I’ll agree that accredited labs might be assumed to be more likely to get consistent answers, and no such accreditation exists for genetic testing. Still, this is UC Berkeley we’re talking about. So, unless you have reason to believe they were submitting the tests to some back-alley testing service, I’d say their genetics department has more than a little reason to be mad at you.
    All in all, who cares? Your argument isn’t really about the testers but about the recipients. Yes, you’re correct. Gynecolegists made the same arguments when pharmaceutical companies began manufacturing home pregnancy test kits. They were right. Some people are just too stupid to read a pregnancy test kit, so they get a lot of false positives and false negatives.
    Amazing, that compared to accredited testing labs, such testing should be allowed–that people should be allowed to purchase such tests. Seriously, lets compare the accredited test results. Remember this article from Forbes just this past June: False Alarm Medical Tests? Seems even the accredited test centers aren’t all that hot.
    Oh, but that’s not your argument, is it? Your argument is that the genetic tests are “fodder for profit-seeking charlatans.” Hmm. Sounds like your argument isn’t for accredited test centers but rather against giving the test results to laymen. Those poor students have to be protected from themselves because they’ll turn over the results to the first P. T. Barnum who comes along to take their cash and give them meaningless predictions. Is that it, Bev?
    If that’s your concern, you have reason to be afraid already. You can’t keep our data from us, Bev. Federal law prevents it. I can get my records, including your lab results, any time I want.
    Then, if I want to turn over my PSA results to some blood-reading psychic, I can do so. And you can’t stop me.
    Be afraid, Bev. Be very afraid.

  14. BevMD–I know many agree with your views of the currently available genetic tests. That will, hopefully, lead to proper regulation of the tests as well as appropriate warnings to consumers. However, I still think that if someone decides to take a test that is available, rightly or wrongly, they should get to see the results. I see that you and I agree in principle so no big debate here, but I am amazed by how little information on the inaccuracy of well-accepted tests is offered to consumers.

  15. As a pathologist (the specialty which is in charge of laboratories), I agree with the principle of your post. However, asserting that consumers should have unfettered acess to unproven lab tests by using the analogy that already-approved tests are inaccurate, or that doctors may misinterpret them, misses the point. There is no lab test on earth that is 100% accurate. But approved lab tests performed by accredited labs at least get one as far toward that goal as possible. These genetic tests do not meet that goal and are fodder for profit-seeking charlatans in my opinion. It’s a matter of consumer protection – not consumer oppression.