Information Asymmetry – The Politics of Health IT Policy

Let’s recognize as the dawn of mass patient engagement – and applaud it. Before this website, patients were along for the ride. Employers choose most of the insurance benefits, hospital web portals are an afterthought, and getting anything done with an insurance company, for both doctors and patients, means a phone call and paper. Can you imagine going online to find out the actual cost and buy anything? All that changed with

Information is valuable and not evenly distributed. The haves are immensely valuable corporations. The have nots are patients and doctors. Welcome to the world of health IT politics where the rich get richer ($20 Billion of “incentives” have caused massive health IT consolidation and a hidden health surveillance state) and the poor get frustrated (talk to an independent physician about their EHR or to a patient trying to access her own health records).

Information asymmetry drives $1 Trillion waste of our $2.7 Trillion health care cost. That waste is about $3,000 per year per citizen.

The politics of health IT policy are not left vs. right but institution vs. individual. Politicians and regulators alike are now scrambling to understand the role of health IT policy in that $3,000 annual waste per citizen.

The asymmetry that drives health IT policy is easy to understand when you consider that health IT is sold to corporations. As physicians and patients, we do not prescribe or buy information technology and we are paying the price through a total lack of price and quality transparency.

Incumbent “stakeholders” and multi-$Billion not-for-profit “delivery networks” stand to lose half their revenue if our cost structure aligned with the rest of the developed world. Information asymmetry drives our health IT policy as we implement the Affordable Care Act and the HITECH information technology mandates. From the earliest days, the strategy of costly health IT “certification” seems designed to drive small vendors and open source software out of the market. In the middle ages of post ACA health IT policy, circa 2012, our federal health architecture EHR procurement (the VA and Department of Defense, among others) began wild gyrations that have muted one of the few potential sources of rational, citizen-funded open source health information technology. We are now in the predictive analytics era, as our healthcare “providers” figure out how to manage the physician-patient relationship to their economic advantage. They call it Population Health Management.

Population Health Management doesn’t have to increase information asymmetry. Patient engagement and Fair Information Practice principles are not controversial. Combined with patient-directed automation via Blue Button Plus and NSTIC-style voluntary identities, we can have Big Data analytics to drive health reform policy and population health management. All it takes is democratizing access to our own information and reasserting the primacy of the physician-patient relationship. To get there, our federal and state policymakers will need to use the reduction of information asymmetry as a guiding principle.

The opportunities for policymakers to reduce information asymmetry and engage patients abound:

  • Confirm the patient’s right to access all information using Blue Button Plus so we can delegate that access to the physicians and analytics services we trust.

  • Confirm the patient’s right to specify a voluntary identity for patient matching when we participate in health information exchange.

  • Confirm the patient’s right to a real-time online Accounting of Disclosures so that we can know who is getting our information and see what they’re getting.

  • Confirm the physician’s right to communicate with anyone using Direct secure messages without interference from their employer or a state health information bureaucracy.

We already have these rights under existing law. What we don’t have is regulators and public procurement processes that put consumer protection ahead of politics. It’s time for them to step up. Start by fixing with privacy-preserving, voluntary sign-in credentials that we can use with Blue Button Plus to access our hospitals, insurers and state databases without risk of identity theft. There’s $3,000 in it for each of us.

Adrian Gropper, MD is Chief Technical Officer of Patient Privacy Rights and participates in Blue Button+, Direct secure messaging governance efforts and the evolution of patient-directed health information exchange.

Spread the love

21 replies »

  1. Yes, I have. It’s taken this many years for Eligible Providers to realize the unintended economic and professional consequences of Meaningful Use and its relationship to Payment Reform. The massive PR campaign around HITECH obscured the obvious side-effect and synergy of massive vendor lock-in and institutional lock-in. Lock-in always has economic consequences – otherwise, it wouldn’t exist. The medical societies just followed along to make sure everyone could be an EP and get their share of the “incentives”.

    Now the EPs are looking to state medical societies for leadership and it’s also time for ONC and OCR regulators, and the federal health system, to step up as well.

  2. I think you are probably right, unfortunately.

    Have you seen different behavior by the EPs, assuming they are not employed by institutions that behave this way, if employed at all?

  3. Rebecca, unfortunately, I think you will need to tweak the regulations. The physician’s interests are different than their employers’ and it’s the employer that buys and controls the EHR.

    The employer’s goal is to control patient “leakage” to unaffiliated institutions. This is done, in part, by creating workflow barriers. The physician’s goal is to do what’s best and least expensive for the patient. Although these two goals are aligned most of the time, it’s unlikely that the employer will willingly give up control over the physician.

    This is a case of information asymmetry between the employer and the physician. This strategic use of Health IT is partly what drives hospitals to buy out independent physician practices or to offer Stark Law EHR “subsidies” to independent practitioners.

  4. Interesting. No- MU does not create a clear basement requirement that this has to be configured at the individual user level – although interestingly you could interpret the patients right send to the third party of their choice this way. I’m hoping one of the ePatients loudly pushes the issue as soon as they can’t use their patient portal to send to an endpoint that is part of a well known trust bundle, like the Blue Button Trust Bundle. You know that I agree with the importance of an individual provider/patient being able to whitelist their intended destination.

    Do you see a large number of providers actually pushing on their institutions to configure the EHR to allow for immediate data access and whitelisting? Since they are the customer it would probably get us there a lot faster than trying to tweak regulations.

  5. I’m not sure I’m following. MU does say that it MUST be available within a certain period of time, depending on whether its a hospital discharge or encounter with an EP, but there is nothing in MU that prevents a provider from asking their vendor to make the data immediately available. Its a baseline, not a ceiling. As mentioned certain Kaiser facilities have their systems configured this way.

    When I review the public comments on when the data should be available, it appears to be push back from the physician community that created the delay in data access for the reasons that we are all used to hearing: patients will see an abnormal lab and not understand it, patients will receive a cancer diagnosis through an EHR instead of from a person/their doctor, etc. I don’t think it was regulators that didn’t want to give patients access to their data…. though I hope for the sake of patients and the medical community that your read on the situation is the correct one, because from my perspective that means the biggest cultural barrier to this taking place is less acute than we all think!

    • Rebecca, indeed, I’m counting on the point that delay is a baseline and not a ceiling in both HIPAA and MU.

      The point that may be confusing is that I’m highlighting that the determination of a delay override and/or trustworthiness of a Direct or Blue Button Plus endpoint be accessible to the individual physician. In other words, the EHR configuration and/or HISP need to provide an interface or equivalent means for the physician to _override_ any system-imposed default delays or endpoint address limitations.

      As you suggest, this may be both within the scope of current law and consistent with the intent of the MU2 regulations. If so, only a relatively simple clarification should be sufficient.

  6. Adrian,

    I wholeheartedly agree that information asymmetry is at the heart of many problems in healthcare. I would include information asymmetry between clinicians and patients as a major problem, too. We certainly can’t talk about shared decisionmaking without talking about equal access to information between the parties. Granted, we are making progress on rebalancing information sharing between clinicians and patients via Meaningful Use and Blue Button+ initiatives. However, I continue to see a lot of resistance from physicians over the concept of “information symmetry” with patients. I think the problem stems in part from their equating information symmetry with knowledge or expertise symmetry.

    As you point out, with more data being shared between more stakeholders in the era of big data analytics, it is important that patients have control of—or at least consent over–who accesses their data and how the data are used. I think your four bullet points are excellent areas for policymakers to focus their efforts.

    • I’d love to learn more about what’s underlying physician resistance to information symmetry, as this would help us know how to modify it/work around it.

      My own hypothesis is that many docs are at some level wary of having to do more work in consequence…like more work explaining things to patients. It’s our job to explain things, of course, but at some level I think people tend to avoid things that sound like extra effort…esp since things tend to feel so busy for clinicians.

      • Leslie, your hypothesis may well be true, however, we need to work through the prejudices that stifle information flow if we want to harness the benefit of information technology. Progress demands that we identify real problems and real risks and mitigate them.

        The closest example I can think of is Open Notes. Common wisdom on the risks and costs of open notes has not been supported by evidence and we seem to be moving on.

        I think the next barrier to fall might be the current practice (enshrined in Meaningful Use) that patient access to information should be delayed by days or weeks. I wonder if anyone is testing this hypothesis.

        • I was of the impression that certain Kaiser locations offer immediate access to results for many labs and other results, but would be great to have that confirmed by an actual Kaiser doc or patient!

          I believe the MU requirement was written to be consistent with HIPAA, you would probably get further by changing the latter.

          • Rebecca, HIPAA is a long and somewhat convoluted road but certainly an option.

            An alternative would be for ONC to issue guidance empowering the physician to provide complete and un-delayed access via Blue Button Plus and other patient-directed physician and patient portals.

            Before HITECH and Meaningful Use EHRs, physicians had unrestricted control of communications via fax, fax gateways and postal service. As we’ve moved to digital communications, physicians have lost the power to control their referrals, messages and patient communications to EHR vendors, employer institutions, and state-operated or private HIEs.

            This encroachment on the physician-patient relationship is a consequence of the current state of regulation based on HIPAA and HITECH and may be unintentional and fixable by the regulators.

            Physicians are starting to notice this issue and I’m sure would strongly support ONC or OCR clarification of this EHR design issue.

  7. I love this article. You summarize the crux of why I’m working in Health IT and policy. And its become so much more personally relevant this year being both bicoastel for work and pregnant. Double all of the information asymmetry aches and pains you listed.

  8. Excellent post, Adrian! I think this is an important step in reducing healthcare costs. When patients understand what they’re getting, just like when they understand their other purchases, they can start making more sensible decisions. If I want to purchase ingredients in their original state and cook it myself, or grow my own food, or only purchase food already prepared in restaurants, that’s all my choice. Yes, I want to know that restaurant kitchens and food distributors are clean and safe, but I do want choice and to be able to increase or decrease my spending depending on how much effort I put into it myself (and other factors, such as quality). More information helps – and what you propose gets to how we as patients can all access that information. How to best utilize it? That will come, I think, when the information is available.

  9. Adrian, I’m with you on this one. The data-access asymmetry in healthcare is epic (pun fully intended), with patients, and to some degree docs, so glad to get access to much if it at all that we fail to see the whole elephant before us.

    I’ve said – frequently, and in public – that I’d be willing to get a barcode tattooed on my neck if it meant I could avoid filling out another health history form. That’s a very “1984” approach (in both ways, actually), but I think we’ve all been worn down by the system’s unwillingness to be open-data with us.

    I love Peter Bachman’s statement, “However if you are currently a patient, you are completely (and very often in a very paternalistic manner) powned in this asymmetrical model that sucks 18% of the GDP,” since it is SO. BLOODY. TRUE.

    How do we shift this? What can a plain-ol’-person … do?

    • There are three things everyone can do:

      – Work with your physician. Ask for the ability to exchange emails. Ask for the time and opportunity to shop for imaging and lab services. Ask for referrals so your second opinions are covered by insurance. Let the physician know that costs are an issue for you and talk about the cost of alternatives.

      – Opt out of any health information exchange that doesn’t give you complete real-time, online access to your own information via Blue Button Plus. Health information exchanges, particularly the ones that are supported by Medicaid or state funds don’t have to be asymmetrical. Contribute information about opt-out policies for your state to public forums so regulators get the message.

      – Plan on purchasing insurance through the exchanges instead of giving your purchasing power to an employer. This is a long-term issue but worth keeping in mind.

  10. Bubba for prez, you want to take a look at the technologies that have emerged that have gotten traction and almost universal usage.

    HIT has not yet been allowed to make that connection yet with the end user, but that is coming very soon as people understand the costs.

    I agree is a poor example of tAdrian’s point, but for a very specific reason.

    Web sites are not the only option and are not actually full duplex with a hospital EHR system that was acquired under MU1 stimulus funding.

    What if you had side effects from a particular prescription and decided to stop taking it?

    Or got a report of your medication list from your medical provider and found out it was wrong?

    What’s your gut reaction on how you would first discover, and then fix that error? On your computer or smart phone. Well you can do that now.

    Do you use email, own a cell phone, how about a smart phone?

    Try downloading data from a Blue Button + enabled provider? Not that hard and not that difficult, many veterans have done so from the VA who are not computer gurus. It’s not getting the information to you, it’s getting your feedback on all levels back into the system when you might only see your doctor 1 hr a year.

    In fact the website was anything but simple, and it was not the actual website that was the problem, but the architecture and design of the back end technologies that fed the website, and the effect of the decision to make people sign up to establish an account first to see pricing.

    Think about it, where else would you have to sign up first to be presented with a tray full of options (none of your choice, but pre-chosen) and then take it or leave it? One example comes to mind.

    That is symptomatic of what Adrian describes as systemic lock in. Your results will not vary, this is built in.

    It got so bad, the lock in, that people with pre-existing conditions were locked in to their jobs, and could not switch, unless they were of an age where that didn’t matter. But once they had kids, etc, they were out of the market.

    That lowered wages…get it?

    No opportunity cost for employers lose valuable employees. More money for the 1%. Less money for the middle class as health care costs rose.

    By giving people the ability to be insured without that lock in Obamacare can create job enhancement for people working, and not just employers who had the medical handcuffs, and not just for the younger employees!

    That’s a good thing, but does not address the costs of Healthcare as delivered, just the cost to the consumer. Thus it is still a machine.

    Let me show a classic example how a famous cartel operated to fix prices for consumers for diamonds. Of course that was only part of the machine, since of course a diamond ring was obligatory to get married for example.

    In effect as noted in the essay, they brought out a tray of diamonds for the local jeweler, and you either bought them, or did not, and then they came back the next year. That’s how the market was controlled.

    Sounds a lot like the insurance exchange, except the government is giving some people money to purchase the insurance.

    Kentucky made a simple website that did not require people to establish an account first, and got very good results to sign people up. That is pragmatic, not political.

    The point is that the Identity Management based on who is a citizen was the “what” of the problem, and looking at the original RFI that was issued for the project, they wanted to extend their working Directory system to accommodate more people, and instead were lobbied to end up replacing it with a Federated concept of identity and web services on a very large scale which all the contractors bought into the design.

    They didn’t have to do that, and could have extended their working model to embrace citizens, they did not.

    The guy who literally wrote the book on that Federated identity governance strategy for healthcare is now in jaiI trying to get his head straight.

    I think it simply drove him nuts how what he chose to embrace fit into the overall surveillance state machine versus the simple citizen actor model of ownership of the country. Almost everyone in the country can figure out what they paid in taxes last year and get access to a calculator. Doing that on a website is much harder because of all the multiple connections between the agencies.

    Remember the government administers some necessary services and aspects of the country, it does not own it, we do. Only the citizens and patients will fix this, it wont happen because of the government and big business that profits great;u from the current inefficiencies and hidden taxation.

    However if you are currently a patient, you are completely (and very often in a very paternalistic manner) powned in this asymmetrical model that sucks 18% of the GDP.

    That is not only not entirely necessary but locked in a specific pattern that is avoided by Direct like Blue Button + communication that is simple in nature.

    But once that IDM part overloaded, (largely due to the political not technical decision to make people get an account first) then then everything stalled.

    Note Adrian mentioned NSTIC, the national strategy for trusted identity, that’s not how they did it, but that was at the heart of the problem, no connection with the citizen. When the first passport was issued, it was signed by Geo Washington to a balloonist that would probably land in a farmer’s field in NJ and get shot. He did land in a field, and almost got shot, but the farmer recognized George’s signature and got the balloonist back to Philadelphia You want to recognize George’s stamp of approval on this concept from the start regarding signing remote identity to a relying party..

    But the why was that the Identity Management (to figure out the who was at the other end of the KVM) was not citizen focused and is asymmetrical in terms of maintaining the profits of the current system.

  11. Adrian, great post on a very important issue.

    Do you think it matters whether we call this patient engagement or patient empowerment?

    I would lean towards empowerment because you are talking about essential steps that not only allow patients to have more connections to the healthcare sytem, but allow them to have greater influence and power in the system, and over their own care and data.

    • is clearly an example of patient empowerment. It’s designed to enable an informed decision of significant consequence and the patient’s decision is final. The process is enhanced by providing the patient with authoritative information on subsidies and by standardizing the description of the plans so that they can be compared, like a nutrition label, relative to typical consumer expectations.

      Most other decisions in healthcare are neither equally informed nor finalized on-line. Patients are not allowed access to our authoritative information as systems impose delays up to 30 days on complete access to records and the records are not completely available on-line. Making decisions on-line is not supported because many systems do not allow bi-directional secure messaging with physicians.

      Take, for example, the process for a sprained knee. Can you imagine a patient, after an in-person visit, empowered to choose the place where their X-ray is done on the basis of price, get all her records and imaging for a second-opinion on-line, and find and schedule the second opinion based on on-line quality and cost resources?

  12. I theory, yes. In reality, no. shows how far we have to go before the reality catches up with the rhetoric. Seriously, if we can’t build a simple website what on earth makes you think we are going to be able to build this kind of sophisticated technologies?

    • The technology has been around for years. Using it for consumer benefit is the only real issue. Here, for example is a quote from a recent trade article:

      “For instance, many payers have routinely handled provider queries of patient insurance eligibility by simply confirming that the person is eligible or ineligible. Insurers had other information they could pass on in the response, such as the remaining level of a patient’s in-network deductible and coverage for certain services such as chiropractic, but it wasn’t mandated and most didn’t. “The problem was what you got back was what payers wanted to give you,” says Franco Rizzolo, D.C., a chiropractor and administrator at Suburban Orthopaedic Medical Center in Newark, N.J., and also head of National Billing Solutions LLC, a billing firm. Now, Rizzolo can fire off a query and learn not only that a patient has coverage, but what the deductible is and how much is left, and what services fall under the benefit plan.”

      My point is that when “trading partners” want to know what’s in your wallet they can do it but if you want to look in your wallet… “that’s too hard”. This is the essence of information asymmetry.

Leave a Reply

Your email address will not be published. Required fields are marked *