EXCLUSIVE TO THCB: HIMSS Analytics, the research arm of the powerful, thoughtful and highly regarded Health Information Management Systems Society, has published a sobering study, Security of Patient Data – see here – that highlights the gap between hospital patient data security practices and the reality of impacts if a breach occurs. The report, commissioned by Kroll Fraud Solutions, should be a splash of cold water to health care executives in all settings with responsibility for patient data. A link to the Executive Summary has been placed at the bottom of this post.
In the wake of several recent incidents involving breaches of celebrity records, what’s fascinating about the study is that the executives interviewed claimed a very high familiarity with HIPAA rules; they averaged 6.53 (on a 7 point scale) and 75 percent of those interviewed gave themselves a 7. The report attributes the high sense of HIPAA knowledge with the current rounds of HIPAA compliance audits and the penalties for non-compliance that have resulted in some cases.
Given Matthew’s quite visceral response to some complaints that broad-based, government-encouraged (mandated, I suspect), electronic medical records I am interested in both his and THCB readers’ thoughts on the Bangor Daily News editorial staff’s approach to health care reform.
They suggest that transparency is the key – "lawmakers should require health providers and insurance companies to report all of their costs to the public."
So Modern Healthcare‘s Joseph Conn has a whole page to write about the Cleveland Clinic and he writes just about HIPAA and the fact that this pilot is not going to be covered by it. Writing in the San Francisco Chronicle Victoria Colliver talks about not a lot more, but at least she has someone stating the bleedingly bloody obvious—
"If it’s made convenient
enough and easy enough, people will be no more concerned about privacy
with these systems than they are with their financial information," he
said. "Far more people die because health information is not released
or difficult to get … than anybody’s ever been harmed because the
information has been inadvertently released."
OK so it was me she quoted, but someone needs to give Deborah Peel
and whoever the hell the World Privacy Forum is a big shake. I say this
as a card-carrying member of the ACLU and Amnesty International who is
deeply concerned about anyone’s private information and what use is
made of it.
And the shake is, if a government overhears your private information
illegally (or quasi-legally) it can use that information to take away
your freedom and worse. So the standard for their ability to access
that information should be an awful lot higher than it is in virtually
every country—including this one.
If a private corporation unwittingly lets slip your private health
data, or even uses some aspect of it knowingly to target you for
marketing, the chances of you suffering much from it are very, very low.
These are vastly different things, and conflating the two does not help in the least.
Where have all the savings gone, long time passing?
I am not the first to comment on this New England Journal of Medicine article, but it does deserve a place here at THCB.
It has been the dogma of many at THCB that prevention = savings, and substantial ones at that!Put in the context of this study from the Netherlands, also published this month, is it time for some health care reformers to change their tune on how the health care reforms they promote will save money?
And before simply putting the savings to ‘pay’ for this on the elimination of administrative costs, please see my previous post.
And before saying that electronic medical records will, by themselves save 80 billion dollars per year (as I heard former President Clinton say at a Wisconsin rally this weekend- as an aside, I love XM radio for unlimited access to C-SPAN), consider the $4 billion struggle at Kaiser Permanente to get medical records for a measly 8.6 million patients… Now, with over 300 million in the country, that might mean an investment of well over $120 BILLION (with a B) to TRY to computerize the electronic medical records of the country.
Do not misread me to claim I am a proponent of the status quo, nor that I am not in favor of the WORD OF 2008—change— it is simply that I would like to hear more from those who want to institute certain kinds of change— how will they really ‘save money’ while simultaneously increasing access without severely impacting my liberty as a patient.
The explosive growth of Facebook and MySpace illustrates the market for electronic tools to enhance communication and collaboration. Could there possibly be another workplace more in need of social networking tools than the modern hospital?
If you are not familiar with Facebook, find yourself a teenager and take a look over his shoulder while he is using it (mine are available for rent if you get desperate; the best time to catch them is when they should be doing homework). In one thrilling, chaotic electronic e-universe, the site allows users to exchange instant messages with dozens of friends, to post pictures and videos, and to link to virtually everything on the Web – all at the same time. John McCain would be flabbergasted.