Categories

Category: Health Policy

Healthcare in the National Privacy Law Debate

This article originally appeared in the American Bar Association’s Health eSource here.

By KIRK NAHRA

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Congress is debating whether to enact a national privacy law.  Such a law would upend the approach that has been taken so far in connection with privacy law in the United States, which has either been sector specific (healthcare, financial services, education) or has addressed specific practices (telemarketing, email marketing, data gathering from children).  The United States does not, today, have a national privacy law.  Pressure from the European Union’s General Data Protection Regulation (GDPR)1 and from California, through the California Consumer Privacy Act (CCPA),2 are driving some of this national debate.  

The conventional wisdom is that, while the United States is moving towards this legislation, there is still a long way to go.  Part of this debate is a significant disagreement about many of the core provisions of what would go into this law, including (but clearly not limited to) how to treat healthcare — either as a category of data or as an industry.

So far, healthcare data may not be getting enough attention in the debate, driven (in part) by the sense of many that healthcare privacy already has been addressed.  Due to the odd legislative history of the Health Insurance Portability and Accountability Act of 1996 (HIPAA),3 however, we are seeing the implications of a law that (1) was driven by considerations not involving privacy and security, and (2) reflected a concept of an industry that no longer reflects how the healthcare system works today.  Accordingly, there is  a growing volume of  “non-HIPAA health data,” across enormous segments of the economy, and the challenge of figuring out how to address concerns about this data in a system where there is no specific regulation of this data today.

Continue reading…

Patient Worries as a Central Feature of their Health Care Experiences

By JOHN JAMES, ROBERT R. SCULLY, CASEY QUINLAN, BILL ADAMS, HELEN HASKELL, and POPPY ARFORD

Political forces trying to shape and reshape American healthcare without hearing the voice of patients provided the rationale for this work. Our experiences as patients, caregivers, and users of media sources cause us to worry. The Patient Council of the Right Care Alliance developed 6 questions to form a national survey of Americans to guide policy makers. The questions and our rationale were as follows:

1) Finding a doctor I can trust. Trust in our doctors is not as high as it once was. There are stories of serious patient abuse that appear in the media; two of the more notorious examples include a neurosurgeon harming many patients before being stopped and an oncologist who was deliberately misdiagnosing cancer to sell chemotherapy. Patients perceive this as the reluctance of the physician community to effectively ‘police their own.’

2) I will be misdiagnosed. Misdiagnosis happens far too often at all levels of healthcare. The problem is so common that the National Academy of Medicine turned its attention to the problem and published Improving Diagnosis in Health Care in 2015. The solution to the misdiagnosis problem is complex and has yet to arrive at the clinician-patient interface.

3) I will get an infection while receiving treatment. Healthcare-associated infections have dropped somewhat in the past decade, yet there are still about 720,000 infections and 75,000 deaths per year from healthcare-associated infections. Many of these are becoming nearly impossible to effectively treat. The improper use of ordinary antibiotics continues to be a problem in clinical settings.

Continue reading…

To Improve Patient Care, Think Both “Zebras” and Golf

By MICHAEL MILLENSON

Super Bowl Week ended with the San Francisco 49ers and 161 U.S. hospitals having something in common.

Both were publicly penalized, both lost money as a result and both passionately believed the process was unfair. Unfortunately, it’s not easy to decide whether their objections were sensible or sour grapes and, in the case of hospitals, the real-life consequences are not a game.

The penalty that pained the 49ers occurred shortly before halftime of Super Bowl LIV, when offensive pass interference was called on tight end George Kittle. The call negated a big gain that might have enabled the 49ers to take the lead.

Replays showed that the referees – nicknamed “zebras” for their black-and-white striped shirts – were technically correct in their decision. Nonetheless, controversy erupted over whether given other possible penalties called or overlooked, this one deserved a yellow flag.

Hospitals call that kind of context “risk adjustment.” A few days before the Super Bowl, the Medicare program blew the whistle on a group of hospitals having high rates of infection and other patient injuries. The hospitals who are outliers in what are blandly labeled “hospital-acquired conditions” (HACs) suffer a cut of one percent in their Medicare payments over next fiscal year.

Continue reading…

Strategic Interests and the ONC Annual Meeting

By ADRIAN GROPPER, MD

The HHS Office of National Coordinator (ONC) hosted a well-attended Annual Meeting this week. It’s a critical time for HHS because regulations authorized under the almost unanimous bi-partisan 21stC Cures Act, three and a half years in the making, are now facing intense political pressure for further delay or outright nullification. HHS pulled out all of the stops to promote their as yet unseen work product.

Myself and other patient advocates benefited from the all-out push by ONC. We were given prominent spots on the plenary panels, for which we are grateful to ONC. This post summarizes my impressions on three topics discussed both on-stage and off:

  • Patient Matching and Unique Patient Identifiers (UPI)
  • Reaction to Judy Faulkner’s Threats
  • Consumer App Access and Safety

Each of these represents a different aspect of the strategic interests at work to sideline patient-centered practices that might threaten the current $Trillion of waste. 

The patient ID plenary panel opened the meeting. It was a well designed opportunity for experts to present their perspectives on a seemingly endless debate. Here’s a brief report. My comments were a privacy perspective on patient matching, UPI, and the potential role of self-sovereign identity (SSI) as a new UPI technology. The questions and Twitter about my comments after the panel showed specific interest in:

  • The similarity of “enhanced” surveillance for patient matching to the Chinese social credit scoring system.
  • The suggestion that we already have very useful UPIs in the form of email address and mobile phone numbers that could have been adopted in the marketplace, but are not, for what I euphemistically called “strategic interests”.
  • The promise of SSI as better and more privacy preserving UPIs that might still be ignored by the same strategic interests.
  • The observation that a consent-based health information exchange does not need either patient matching or UPIs.
Continue reading…

A Letter to Ms. Judy Faulkner & Mr. Tommy Thompson

By GRACE CORDOVANO PhD, BCPA

Being a patient or a carepartner can be a lonely, powerless place.

There’s no high powered legal or lobbying team to help support you in your or your loved one’s health care journey. There’s no PR team at your beck and call. There’s no advisory board, no executive committee, no assistants, no chatbots or AI-powered technology coming to the rescue. There’s no funding or a company sponsoring your efforts.

There’s no course in how to be a professional patient or carepartner.

There’s no one there in the stillness and dark of the night, when you are in the quiet of your thoughts, the privacy of your personal space, where there are fleeting moments that you don’t have to be strong and courageous. There is no one there to console you, support you as you lay there willing to make a deal with the devil for the slightest glimmer of hope, the slightest bit of clarity, or slightest bit of peace.

As a the carepartner to a loved one who is sick or disabled, many wouldn’t second guess charging head first through a thousand wielded swords if it meant a hope or a cure.

As an advocate, the majority of the work you do is self-created, self-supported, and unpaid. A calling. An undeniable, magnetic force that pulls you in because you cannot turn a blind eye no matter how hard you try. Because you cannot bear witness to human suffering and not do anything. Because you’ve been there and you can relate to another’s pain, grief, and sense of hopelessness and it is unacceptable to not help ease the heaviness of another’s burden.

Continue reading…

Will Medicare Advantage (MA) Startup Plans Be The Future?

By ANDY MYCHKOVSKY

Would it blow your mind if only five startup health plans interested in Medicare Advantage (MA) have collectively raised over $3.9 billion in private funding to-date? Well, readers, that is the reality. Now I know there are some skeptics out in the healthcare ecosystem, so I’m here to break down some of the investment thesis. Not going to necessarily defend, but explain some reasons why you should love and hate these investments. Let’s start with who raised these mind-boggling sums of money. The five startups are Oscar Health, Bright Health, Clover Health, Devoted Health, and Alignment Healthcare.

  • Oscar Health has raised $1.3 billion
  • Bright Health has raised $1.1 billion
  • Clover Health has raised $925 million
  • Devoted Health has raised $362 million
  • Alignment Healthcare has raised $240 million

I think it’s safe to say that the MA insurance market (also known as Medicare Part C) has captured the imagination of the venture capital and private equity community. The changing demographic trends of an aging baby boomer population, the increased selection of MA plans versus traditional Medicare fee-for-service (FFS), and the opportunity of technology-first MA startup plans to better reduce administrative fees (“Administrative Loss Ratio” or “ALR”) and control medical spend (“Medical Loss Ratio” or “MLR”) seems too good to pass up. If you were going to start a health plan, of all the lines of business you could be focused on, MA has highest profit margins, growing population, and better potential to impact patient spend and manage chronic diseases. It is certainly harder than writing the previous statement, but there are some real benefits versus the traditional commercial or Medicaid managed care.

Continue reading…

Your Wealth is Your Health

By KIM BELLARD

We’ve been spending a lot of time these past few years debating healthcare reform.  First the Affordable Care Act was debated, passed, implemented, and almost continuously litigated since.  Lately the concept of Medicare For All, or variations on it, has been the hot policy debate.  Other smaller but still important issues like high prescription drug prices or surprise billing have also received significant attention.

As worthy as these all are, a new study suggests that focusing on them may be missing the point.  If we’re not addressing wealth disparities, we’re unlikely to address health disparities.  

It has been well documented that there are considerable health disparities in the U.S., attributable to socioeconomic statusrace/ethnicitygender, even geography, among other factors.  Few would deny that they exist.  Many policy experts and politicians seem to believe that if we could simply increase health insurance coverage, we could go a long way to addressing these disparities, since coverage should reduce financial burdens that may be serving as barriers to care that may be contributing to them.

Universal coverage may well be a good goal for many reasons, but we should temper our expectations about what it might achieve in terms of leveling the health playing field.

Continue reading…

Health Data Outside HIPAA: Simply Extending HIPAA Would Be a #FAIL

Vince Kuraitis
Deven McGraw

By DEVEN McGRAW and VINCE KURAITIS

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Early in 2019 the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services (CMS) proposed rules intended to achieve “interoperability” of health information.

Among other things, these proposed rules would put more data in the hands of patients – in most cases, acting through apps or other online platforms or services the patients hire to collect and manage data on their behalf. Apps engaged by patients are not likely covered by federal privacy and security protections under the Health Insurance Portability and Accountability Act (HIPAA) — consequently, some have called on policymakers to extend HIPAA to cover these apps, a step that would require action from Congress.

In this post we point out why extending HIPAA is not a viable solution and would potentially undermine the purpose of enhancing patients’ ability to access their data more seamlessly:  to give them agency over health information, thereby empowering them to use it and share it to meet their needs.

Continue reading…

Will Your Health Plan Tell You That It Can Save Your Life?

By MICHAEL MILLENSON

At kitchen tables everywhere, ordinary Americans have been grappling with the arcane language of deductibles and co-pays as they’ve struggled to select a health insurance plan during “open enrollment” season.

Unfortunately, critical information that could literally spell the difference between life and death is conspicuously absent from the glossy brochures and eye-catching websites.

Which plan will arrange a consultation with top-tier oncologists if I’m diagnosed with a complex cancer? Which might alert my doctor that I urgently need heart bypass surgery? And which plan will tell me important information such as doctor-specific breast cancer screening rates?

According to Matt Eyles, president and chief executive officer of America’s Health Insurance Plans (AHIP), insurers over the last decade have made a “dramatic shift” to focus more on consumers.  That shift, however, has yet to include giving members the kind of detailed information available to corporate human resources managers and benefits consultants (one of my past jobs).

What’s at stake could be seen at a recent AHIP-sponsored meeting in Chicago on consumerism. Rajeev Ronaki, chief digital officer for Anthem, Inc., explained how the giant insurer is using artificial intelligence to predict a long list of medical conditions, including the need for heart bypass surgery. Information on individual patients is passed on to clinicians.

Continue reading…

Patient-Directed Uses vs. The Platform

By ADRIAN GROPPER, MD

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

It’s 2023. Alice, a patient at Ascension Seton Medical Center Austin, decides to get a second opinion at Mayo Clinic. She’s heard great things about Mayo’s collaboration with Google that everyone calls “The Platform”. Alice is worried, and hoping Mayo’s version of Dr. Google says something more than Ascension’s version of Dr. Google. Is her Ascension doctor also using The Platform?

Alice makes an appointment in the breast cancer practice using the Mayo patient portal. Mayo asks permission to access her health records. Alice is offered two choices, one uses HIPAA without her consent and the other is under her control. Her choice is:

  • Enter her demographics and insurance info and have The Platform use HIPAA surveillance to gather her records wherever Mayo can find them, or
  • Alice copies her Mayo Clinic ID and enters it into the patient portal of any hospital, lab, or payer to request her records be sent directly to Mayo.

Alice feels vulnerable. What other information will The Platform gather using their HIPAA surveillance power? She recalls a 2020 law that expanded HIPAA to allow access to her behavioral health records at Austin Rehab.

Alice prefers to avoid HIPAA surprises and picks the patient-directed choice. She enters her Mayo Clinic ID into Ascension’s patient portal. Unfortunately, Ascension is using the CARIN Alliance code of conduct and best practices. Ascension tells Alice that they will not honor her request to send records directly to Mayo. Ascension tells Alice that she must use the Apple Health platform or some other intermediary app to get her records if she wants control.  

Continue reading…

Registration

Forgotten Password?