Whose Data Is It Anyway?

A common and somewhat unique aspect to EHR vendor contracts is that the EHR vendor lays claim to the data entered into their system. Rob and I, who co-authored this post, have worked in many industries as analysts. Nowhere, in our collective experience, have we seen such a thing. Manufacturers, retailers, financial institutions, etc. would never think of relinquishing their data to their enterprise software vendor of choice.

It confounds us as to why healthcare organizations let their vendors of choice get away with this and frankly, in this day of increasing concerns about patient privacy, why is this practice allowed in the first place?

The Office of the National Coordinator for Health Information Technology (ONC) released a report this summer defining EHR contract terms and lending some advice on what should and should not be in your EHR vendor’s contract.

The ONC recommendations are good but incomplete and come from a legal perspective.

As we approach the 3-5 year anniversary of the beginning of the upsurge in EHR purchasing via the HITECH Act, cracks are beginning to show. Roughly a third of healthcare organizations are now looking to replace their EHR. To assist HCO clients we wrote an article published in our recent October Monthly Update for CAS clients expanding on some of the points made by the ONC, and adding a few more critical considerations for HCOs trying to lower EHR costs and reduce risk.

The one item in many EHR contracts that is most troubling is the notion the patient data HCOs enter into their EHR is becomes the property in whole, or in-part, of the EHR vendor.

It’s Your Data. Act Like it.

Prior to the internet-age the concept that any data input into software either on the desktop, on-premise or in the cloud (AKA hosted or time sharing) was not owned entirely by the users was unheard of. But with the emergence of search engines and social media, the rights to data have slowly eroded away from the user in favor of the software/service provider.

Facebook is notorious for making subtle changes to its data privacy agreements that raise the ire of privacy rights advocates.

Of course this is not a good situation when we are talking about healthcare, a sector that collects the most personal data one may own. EHR purchasers need to take a hard detailed look at their software agreements to get a clear picture of what rights to data are being transferred to the software vendors and whether or not that is in the best interests of the HCO and the community it serves..

Our recommendation: Do not let EHR vendor have any rights to the data – Period!

The second data ownership challenge to be very careful of is the increasing incorporation of patient generated health data into the healthcare delivery system. We project an explosion in the use of biometric devices, be it consumer purchased or HCO supplied, to monitor the health of patients outside of the exam room. Much of this data will find its way into the EHR. Exactly who owns this data and what rights each party has is still debatable. It is critical that before HCOs accept user data they work out user data ownership processes, procedures, and rights.

If the EHR vendor has retained some rights to data the patients need to be informed and have consented to this sharing agreement. In our experience this is rarely if ever explicitly stated. HCOs need to be careful here as this could become a public relations disaster.

Note: We are not lawyers. We are offering our advice and experience to HCO CEOs, CFOs and CIOs, from the perspective of business risk and economics.

We have deep experience in best practices used in other industries with regards to data use and sharing agreements. We have also spent significant time reviewing the entire software purchasing lifecycle and culture, and are here to help HCOs in reviewing these contracts.

This post originally appeared at Chilmark Research, where Moore is founder and managing partner and Tholomeier is director with a research focus on EHR 2.0, analysis infrastructure, and new costing models for HCOs.

30 replies »

  1. The unwillingness of competing HCOs to share clinical data is a very valid point that definitely needs to be considered when implementing Health Information Exchange Systems. In order to avoid this potential conflict, EHR purchasers need to understand what rights to data are being transferred to the software vendors and whether or not that is in the best interests of the HCO and the community. Ensuring that EHR vendors do not have the rights to health data is essential for transmission of data between all servers. This minimizes the idea of competition among different HCOs, creating a level playing field for all healthcare facilities. More importantly, it will allow the patients to choose the best Healthcare facility that is right for them without being held hostage by any single health provider.

  2. Good read. Data-driven decision making will be one of the key factors in changing the future of business. There is so much great work being done with data analysis and data linkage tools in various industries such as healthcare. We know in our business good record linkage happens behind the scenes. No personal information is ever shared, even the smallest of data sets aren’t shared. Several departments have to approve each and every data request individually.

    Linda Boudreau

  3. Greetings,

    We have developed a platform to secure your health records safely. No one can access your data as long as you allow them to access your records in our platform. All your health records will be by default locked and until and unless you unlock it no one gets to see your record.
    We have also added an additional SSL to it.

    For more information please visit, https://www.medicalui.com

  4. Ross, please call me Robert.
    Thanks for your suggestion. We are definitely planning on doing that. However just to be clear, what we are NOT going to do is provide analysis of the information we collate. For example we will not make a determination that any course of action or therapy is the preferred one. We will not be in the business of establishing or enforcing standards of care. We will provide the raw data of how the doctor compares to his peers but the doctor is the one who will determine what significance the information has.

  5. Dr. Pollack, Sounds great. I urge you to get someone who understands sampling methods, survey methods and statistics if you are going to use the data in any way for advice, comparisons, thought or discussion. In other words, if you want to use the data, you must understand their limitations.
    Best wishes for your good works.

  6. As a practicing plastic surgeon and co-founder of an EHR for surgeons that is under development I can tell you we realized early on this was an issue. One of the features we decided on was to have all the practice data freely downloadable in common format by our providers at any time.

    We would never consider our company to own any of the information that either the doctors or the patients provide. However, one of the benefits of a web-based app is we do have a repository of practice data from a multitude of providers. Our plastic surgery society surveys its doctors annually to provide practice statistics about types and numbers of procedures and patient demographics. We would like to reduce the burden on our plastic surgeons by collating this information for submission to the society for them.

    Additionally, we would like to provide our doctors with a comparison of average practice patterns so they can compare their own practice and see if they have higher numbers of complications, reoperations, as well as other performance parameters and see where there might be a need for improvement. We see this as a true benefit which has never been available to private practice surgeons before. Like the Kaiser model that was mentioned earlier but available to our doctors.

    Theses are just a couple of benefits that this repository of data can provide but we would definitely need to get our doctors permission to do this in the contract.

    Robert Pollack, MD
    CTO, SupraMed, Inc

  7. Rob, look both ways before you cross this street!

    The chain of custody – and value – of private patient data goes in both directions.

    Your focus on enterprise software is artificial in the age of smartphones and web services. Apple benevolently manages my apps for a 30% cut and Google has trained us all to barter our data in return for valuable services.

    The patient data value chain is marked by choices enabled by technology. Patients can choose to be anonymous, at least if they get medical services on-line. Doctors can choose to not use an enterprise EHR by using a personal charting program or a Web EHR. Enterprises can choose to use an open source EHR that they completely control with in-house or competitive support.

    The two-way street is particularly important for physicians that are part of Independent Practice Associations (IPA) and need to enter into value-based, risk-bearing contracts. The IPA might have dozens of EHR vendors and a handful of contracts. When it comes to managing risk, coordinating care and apportioning value, the EHRs often get in the way.

    Data ownership in enterprise EHR contracts is putting lipstick on a pig. Patients and physicians are the key “owners” in the value chain with a stake in selling their data through the equivalent of Apple and Google for as much as they care to get. The enterprise EHR contract needs to focus on free, modern, and privacy-preserving interfaces or else the pig is, well…

  8. The point we are making is that in no other industry that we know of do users, as part of the basic enterprise software contact, allow the software vendor rights to access the information for any reason. There are times when the user may request that the vendor access the system to fix bugs, and their are times when the user may wish to sell its OWN formation, but I do not recall ever seeing users granting the type of access we see in EHRs. We suspect that in most cases the topic does not come up in the software evaluation and contacting process and it MUST.

    The action item we are recommending is to review your agreement now, understand exactly what you are agreeing to, and if you are not happy take the steps we recommend in our October Monthly Update. We would not accept any vendor having any rights to data we enter. PERIOD.

    One of the related issues we wrote about in the Monthly Update is that during product evaluation and contract negotiations HCOs tend to sign overly restrictive NDAs with the vendors. In our article we strongly recommend against it. The vendors want to stop the users from getting outside help during the purchasing process — a third party specialist can almost always get better terms for the user playing the bad-cop — and the software company does not want you to openly discuss bad products or bad support. We do appreciate and support the desire of the software company to protect its IP, but that is as far as it should go.

    We, of course, join those that are concerned about privacy and security (which are different topics), but this article is about basic software licensing practices. Again, we are delighted to help users reduce risk and cost in their software purchases.

    Ross, we do not see this as something the ONC must handle. It should be up to the HCOs to make better decision. Get better advice. If they brought in outside experts with diverse industry contracting and software experience this bad practice would be nipped at the bud.

    Our call is for the HCOs to step up to the plate and take responsibility. Contract smart and tough.

  9. Secret source and secret sauce are the same. If your goal is to keep competitors from criticizing, reproducing or improving your medicine, then having a secret recipe or adding a secret ingredient are pretty much equivalent.

  10. Ross–so I think on my major you agree with me. Data access is crucial. I dont care who “owns” the data so long as I can get a copy (or my doctor cna) when I want. To me this is FAR more important than who gets to mine the data for interesting inferences and sell that to pharma–which anyway is a smaller business than most people think it is.

    On my minor point, we indeed may need a whole new set of regulations and transparency into how data are being used for secondary purposes, but as far as I can tell what Practice Fusion is doing is anonymizing the data and analyzing it. Which is after all what IMS has done for 30 years and what Kaiser and that group of health plans it works with do now.

    and even more trivial, it’s Matthew not Matt 🙂

  11. Matt, The fact that Practice Fusion takes the the patients’ data as payment for the docs’ free use of an EHR does not mean it’s safe, moral or sensible. The patient’s didn’t sign on to having their data mined and there are no protections built into the process. How would a wife/girlfriend/husband like to receive an advt about how to protect him/herself from an HIV-infected lover?
    Your point about who cares about ownership as long as the data are accessible is indeed interesting. If the data are in fact always available, you make an important point. But if they disappear, then that’s horrific. And they have disappeared time after time after time.
    Trivial: my name is Ross, not Russ.

    Adrian, one question, one note:
    Q. Did you mean “secret source” or perhaps “secret sauce?”
    Note: Allow a professor of statistics and research methods to make one small correction: This thread should be called whose data ARE THEY anyway. Data is a plural word.

  12. Actually the concept of health data “ownership” IS very relevant to the public.

    The leading candidate for Governor of Texas just raised this very question–he thinks Texans deserve property rights in their DNA.

    He also believes states should not sell any data without residents’ consent, wants to prohibit data resale and anonymous purchasing by third parties, and intends to ban re-identification of data. This is a very significant and POWERFUL set of data privacy protections coming from the likely next Governor of Texas.

    1) http://townhall254.gregabbott.com/wp-content/uploads/2013/08/GregAbbottsWethePeoplePlanFINAL.pdf
    2) http://www.texastribune.org/2013/11/21/abbotts-privacy-rights-proposals-gain-support/

    The public hasn’t known about the systemic health data theft industry—BUT the NSA revelations and fears about personal health data is used or required by the Obamacare website are bringing knowledge of the hidden army of health data mining corporations out of the Darkness and into the Sunlight. Imagine the sense of betrayal the public will feel when they find out physicians profit from allowing EHRs to sell their data, rather than protecting their privacy rights.

    The need to clarify data ownership has been forced on the public by government and corporations that violate our strong Constitutional rights to privacy and to health information privacy. US Supreme Court Justice Brandeis’ stated the right to be ‘let alone’ is the highest right of civilized man. It’s one thing to take away the privacy rights of criminals, but to take away the privacy rights law-abiding citizens will destroy Democracy and our rights to liberty and freedom.

    The right to own health data and be able to control its use is now a major political issue> Abbott sided with voters not the healthcare and HIT industries.

    Learn more at http://www.patientprivacyrights.org

  13. This issue has a larger context of interface costs and the regulation of medicine.

    Unless we address all aspects of interface costs, the problem of vendor lock-in will continue to limit our control over our clinical tools and regulators will step in to fill the void. Asking for more regulation is ok, but it needs to be matched by professional initiatives directed at self-regulation if we are to retain our role in the evolving health care enterprise.

    If physicians do not choose our software, others will step in and do it for us.

    Locked-in EHR vendors need to compete to sell us functionality with other software and services providers. Unless interface costs become negligible, our ability to choose our clinical software will continue to be minimal. Competition for our software choices needs to be more like competition for our other prescriptions. It needs to look like choosing or switching an app for our iPhone.

    The current vendor lock-in EHR model not only depends on high interface costs but, more insidiously, it depends on vendor control over our software. This, in turn, leads to calls for more and more vendor regulation. As we have seen with Meaningful Use regulation we end up with our profession being regulated. For example, MA 2012 Chapter 224 law actually ties physician licensing to vendor Meaningful Use regulations.

    To a significant extent, vendor regulation in a secret-source, vendor lock-in EHR architecture is a zero-sum game with the traditional ability for medicine to self-regulate as a profession based on open and non-secret practices. What could possibly go wrong?

  14. hmm…this is an old conversation, and we need a new version. Ownership is irrelevant. Most important questions are
    1) Can the provider EASILY get all the data out of the system in case they want to change systems in a way that it can be easily stored and later uploaded to another system (think credit cards and .csv files, in Legacy Flyers Russ Koppel’s example of vendor going bust)
    2) can the patient EASILY get all the data (Blue Button)
    3) can another provider on the patients behalf get the data (Blue Button/Direct)
    4) What is the agreement about a copy of the data being used by anyone (provider or vendor) for research. Anonymized vs not. This has been going on for a LONG time (well pre Web based systems) and is not necessarily a bad thing. And is what Practice Fusion essentially swops for free EMR services.

  15. EMR is one of those things that sound better than they really are. Different systems can’t “talk” to each other. My health system has one EMR for the hospital and another for over 600 doc offices. The trouble is they can’t communicate with each other. PPP. Also, being basically lazy or cost conscious, or both, they did not isolate each office, so that anyone in one office can access the patient record from any other office. They get a broad patient release which they feel protects them from privacy suits. The problem is that there are aspects of many records that patients, when they had paper records, did not want any other person to see. Some data is given special legal protection, such as any mental health discussion or STD’s. Those issues needed very specific patient releases. But….you can find the result of a Pap smear on most any woman’s lab record, ignoring the fact that a GYN is looking for the effects of HPV, an STD! What about the patient who receives sex counseling or marital counseling? EMR requires more encounter time, can lead to exaggerated information and upcoding and tends to bury the important information in a field of bullshit.

  16. “More common is that the EHR vendor lays claim to access the data and use as they see fit”

    Yeah. And, that’s a distinction without a difference. The very legal concept of “ownership” means usage control over that which is “owned.”

  17. We have seen contracts wherein the EHR vendor states that they own the data. More common is that the EHR vendor lays claim to access the data and use as they see fit.

    The example below comes from the Practice Fusion website:
    4.1 Ownership
    You retain ownership of the intellectual property rights you hold in Content you submit on our Services. When you submit Content on our Services, you grant us and those we work with a worldwide, royalty-free right to store, host, reproduce, create derivative works of (such as translations, adaptations, reformatted versions and anonymized or de-identified versions), publish, publicly perform, display, use and distribute such Content as further described in our Privacy Policy and, if applicable, in your User Agreement. For some of our Services, your User Agreement or settings may narrow the scope of our use of Content you submit. You can find more information about how we use and store Content in our Privacy Policy or, if applicable, your User Agreement.

    Not here to pick on Practice Fusion, simply using this as an example of what is actually fairly common practice in the industry.

  18. He’s a dumb a## for allowing the data to be held in a proprietary format (or more likely forced to by politicians who took money from lobbyists). This problem could have been easily forseen and prevented.

  19. This is indeed very disconcerting. Another unintended consequence of HITECH? Or have we been duped by the EHR companies? My question is whether this is a peculiar American phenomenon? What is happening in private and public medical care systems in other industrialized countries? I too lack legal expertise but feel such practices should be regulated. If regulatory solutions are currently lacking, Congress should investigate this issue and pass legislation if warranted.

    Steve Soumerai

  20. Some of us have been writing about this problem of data loss for several years. Some months ago I explained this problem to then ONC chief, Dr. Farzad Mostashari. I told him of many cases where a vendor went bankrupt, leaving the providers and the patients without access to their own data. He agreed this was a significant problem but explained that the ONC did not have authority to insist the data be secured with the provider or with a neutral third party. I do not have the expertise in regulatory law to comment with any degree of knowledge, but it seems to me the ONC could make it a part of vendor certification. I ask others with such legal expertise to explain the law’s limitations to us.

    Ross Koppel

  21. “free and open interfaces to EHRs”

    Imagine going to Home Depot to have to choose between 2,160 “ONC CHPL Certified Complete Products” sizes and shapes and receptacle designs through which to get your 120 VAC electrical power to your computer.

  22. The HITECH strategy was to use the vendor lock-in business model and tens of $B of Meaningful Use incentives as a lure to get rapid adoption of EHRs. They succeeded, but the collateral damage has been significant. Almost 60% of physicians don’t like the EHRs, interoperability, not surprisingly, is still minimal and now everyone is starting to see the economic impact of vendor lock-in.

    Although $16 Billion has already been spent there’s still hope. The recent Stage 3 recommendations from ONC’s Information Exchange Workgroup http://www.healthit.gov/facas/sites/faca/files/IEWG_RecommendationTransmittal.pdf are all about opening up the EHR. It looks hard but really isn’t with modern technology like Blue Button Plus, OpenID Connect and Voluntary Patient ID (for matching) as part of the solution space.

    We (patients, doctors, innovators, state Medicaid admins and insurance commissioners) need free and open interfaces to EHRs to provide real competition for key functionality like decision support, population health management, quality measures and cost transparency.

    Calls for delay like this one http://geekdoctor.blogspot.com/2013/11/fine-tuning-national-healthcare-it.html need to differentiate between functionality (like ICD-10 coding) and interfaces (like Direct and V/D/T in Stage 2). Let’s prioritize the interfaces because that provides the incentive for the EHR vendors to add the functionality.

    ONC and state regulators can provide some balance to the vendor lock-in business model and accelerate consumer protection and health reform in the process. Much of this can start even before Stage 3 by using federal purchasing power and current regulatory authority.

  23. Yes. And, again, I do apologize for my episodic churlishness. I’m Irish, from NYC, and trained in a forensic lab environment. I must do better.

  24. Bobby,

    I will try to be nice too.

    Seems like we are more or less on the same page on this. Yes?

  25. As I just wrote on my blog,

    “Yeah. We’ve been arguing about this all the way back to DOQ-IT and beyond. ePHI data ownership; a hopeless perplex of IP case law, muddled federal regulation, and widly varying state statutes. Who can “own” facts about me? It’s not at all clear.”

    Hi, doc. I’m gonna be nice henceforth.

  26. My understanding of the legal “ownership” of a patients medical record (at least in the paper days) was that it was owned by the physician or institution that created it. And this ownership came with multiple strings. Access to the records could not be withheld, confidential information could not be revealed, etc. etc.

    The idea that an EMR vendor owns the patient information that it electronically “holds” is bizarre. But if it does “own” this data, then the EMR vendors must be under strict rules about making it available to others, and keeping privileged patient information confidential.

    I have heard of a recent case in Milwaukee where a hospital tried to change to a new EMR vendor and the old EMR vendor refused to release/convert the data without a large charge. In effect they held patient information hostage for a ransom. This is completely unacceptable in my mind.

    At the bottom of this problem is the proprietary nature of EMR data, which is a MAJOR desing flaw allowed by the Feds. Makes me wonder how much in campaign contributions was received from EMR vendors.