Categories

Tag: Health Data

How Can Patients Get Medical Records from a Closed Medical Practice?

By GRACE CORDOVANO, DEVEN McGRAW, and AARON MIRI

The HIPAA Privacy Rule gives patients the right to copies of their medical records, with rare exceptions. When patients need a copy of their medical records, most start the process by calling their doctor’s office and asking for how to get access. The receptionist or office staff point them in the right direction, whether it’s instructing them to write down their request and sending it to the office, pointing them to contact the medical records or radiology department (if the practice is large enough), or assisting them in setting up their patient portal, if the practice is using an electronic health record (EHR). Being able to connect with a person inside the four walls of medicine is often crucial for many patients and their carepartners who may be unsure of exactly how to request their records.

But what happens to those records when a doctor closes or leaves the practice?

Independent practices close for a variety of reasons. Physicians may merge with a large practice or health system, retire, they may sell or close their practice for personal reasons, they may file for bankruptcy, or they may get sick and die. The COVID19 pandemic has had devastating financial consequences on many small, independent, and rural practices, leading to their consequent closure, acquisition, or merger.

What should patients do when their doctor’s office closes, and they need a copy of their medical records? This is especially challenging when a doctor may not have had an EHR, as is the case with many independent practices as well as more rural settings. On September 26, 2020, a tweet from Cait DesRoches, Executive Director of OpenNotes, inquired about how a family member may get access to medical records from her physican’s practice that closed, triggering a robust conversation that led to the realization that patients and families are not well informed in these circumstances.

Prevention is Worth a Pound of Cure

It can be much more difficult to get copies of records after a practice has closed. Patients should get copies of their medical records as they are generated instead of waiting until they’re needed. HIPAA Privacy Rule guidance states that individuals can get digital copies of digital information (or even digital copies of records kept on paper, as long as the practice has a scanner). Companies are developing tools and services that enable individuals and their care partners to collect, use, and store health records. Request digital (or paper, if that is preferred) copies of blood work, imaging, discharge instructions, and corresponding reports before you leave the practice.

Continue reading…

COVID-19 is Bringing Data Privacy into the Spotlight – This is How Healthcare Companies Should Respond

By DAN LINTON

Privacy concerns across the country continue to increase, and consumers expect their healthcare information to be private. Headline-making data sales, skepticism of Silicon Valley privacy practices, and COVID-19 contact tracing concerns compounded with a general lack of consumer awareness have continued to generate an ongoing storm ofnegative press and political scrutiny.

With COVID-19 continuing to rampage throughout the country, there is a need for the contact tracing and other technology applications to assess public health. At the same time, changing HHS rules are giving Americans more access and control over their own health data. Both availability and the promise of positive impact of data on people’s lives has never been greater.

Despite the critical need and incredible potential, there is still a great deal of confusion, lack of awareness and heightened concern among consumers. Studies show that the vast majority of Americans think the potential risks of data collection outweighs the potential benefits.

Clamping down on data privacy stifles innovation, and moving forward as we’ve been doing presents a potential privacy minefield. So, what should the healthcare industry do about it?

Continue reading…

Is Covid-19 the Argument Health Data Interoperability Needed? | WTF Health

By JESSICA DAMASSA, WTF HEALTH

“This pandemic highlights why we need that free flow of healthcare data. So that we can make better decisions sooner.”

In the way that Covid-19 has proven the utility of telehealth as a means for health systems to reach their patients, has the pandemic also become the final argument for healthcare data interoperability? Has this pandemic been the worst case scenario we needed to make our best ‘case-in-point’ for why U.S. healthcare needs a national health data infrastructure that makes it possible for hospitals to share information with one another and government health organizations?

Interoperability advocates have been clamoring for this for years, but Dan Burton, CEO of data-and-analytics health tech company, Health Catalyst, says this public health crisis has likely created an inflection point in the interoperability argument.

Continue reading…

A Patient’s View of the Cures Regulations

By ADRIAN GROPPER, MD

How should we react to 1,718 pages of new regulation? Let’s start by stipulating the White House and HHS perspective

“Taken together, these reforms will deliver on the promise to put patients at their center of their own health care — you are empowered with control over your own health care choices.” 

Next, let’s stipulate the patient perspective via this video lovingly assembled by e-Patient Dave, Morgan Gleason, and the folks at the Society for Participatory Medicine. In less than 3 minutes, there are 15 patient stories, each with a slightly different take on success.

Continue reading…

Getting Ahead of Privacy and the CCPA – Healthcare Needs to Move Beyond HIPAA

By DAN LINTON

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Privacy concerns are on the rise. Over the last couple of years, survey after survey have clearly shown a dramatic rise in overall consumer privacy awareness and concern – driven primarily by the never-ending litany of ongoing data breaches that make the news.

The healthcare industry has been somewhat shielded from this, seemingly due to the trust that patients extend to their doctors and, by proxy, the organizations they work with. HITECH and HIPAA legislation have acted as a perceived layer of safety and protection.

But healthcare is not immune from privacy issues.

Most people aren’t even aware of the hundreds of data breaches of unsecured health information in the last 24 months which are being investigated by the U.S. Department of Health & Human Services Office for Civil Rights. In fact, research indicates that consumers still trust healthcare organizations with their data more so than many other industries.

But for how much longer?

Continue reading…

Healthcare in the National Privacy Law Debate

This article originally appeared in the American Bar Association’s Health eSource here.

By KIRK NAHRA

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Congress is debating whether to enact a national privacy law.  Such a law would upend the approach that has been taken so far in connection with privacy law in the United States, which has either been sector specific (healthcare, financial services, education) or has addressed specific practices (telemarketing, email marketing, data gathering from children).  The United States does not, today, have a national privacy law.  Pressure from the European Union’s General Data Protection Regulation (GDPR)1 and from California, through the California Consumer Privacy Act (CCPA),2 are driving some of this national debate.  

The conventional wisdom is that, while the United States is moving towards this legislation, there is still a long way to go.  Part of this debate is a significant disagreement about many of the core provisions of what would go into this law, including (but clearly not limited to) how to treat healthcare — either as a category of data or as an industry.

So far, healthcare data may not be getting enough attention in the debate, driven (in part) by the sense of many that healthcare privacy already has been addressed.  Due to the odd legislative history of the Health Insurance Portability and Accountability Act of 1996 (HIPAA),3 however, we are seeing the implications of a law that (1) was driven by considerations not involving privacy and security, and (2) reflected a concept of an industry that no longer reflects how the healthcare system works today.  Accordingly, there is  a growing volume of  “non-HIPAA health data,” across enormous segments of the economy, and the challenge of figuring out how to address concerns about this data in a system where there is no specific regulation of this data today.

Continue reading…

Strategic Interests and the ONC Annual Meeting

By ADRIAN GROPPER, MD

The HHS Office of National Coordinator (ONC) hosted a well-attended Annual Meeting this week. It’s a critical time for HHS because regulations authorized under the almost unanimous bi-partisan 21stC Cures Act, three and a half years in the making, are now facing intense political pressure for further delay or outright nullification. HHS pulled out all of the stops to promote their as yet unseen work product.

Myself and other patient advocates benefited from the all-out push by ONC. We were given prominent spots on the plenary panels, for which we are grateful to ONC. This post summarizes my impressions on three topics discussed both on-stage and off:

  • Patient Matching and Unique Patient Identifiers (UPI)
  • Reaction to Judy Faulkner’s Threats
  • Consumer App Access and Safety

Each of these represents a different aspect of the strategic interests at work to sideline patient-centered practices that might threaten the current $Trillion of waste. 

The patient ID plenary panel opened the meeting. It was a well designed opportunity for experts to present their perspectives on a seemingly endless debate. Here’s a brief report. My comments were a privacy perspective on patient matching, UPI, and the potential role of self-sovereign identity (SSI) as a new UPI technology. The questions and Twitter about my comments after the panel showed specific interest in:

  • The similarity of “enhanced” surveillance for patient matching to the Chinese social credit scoring system.
  • The suggestion that we already have very useful UPIs in the form of email address and mobile phone numbers that could have been adopted in the marketplace, but are not, for what I euphemistically called “strategic interests”.
  • The promise of SSI as better and more privacy preserving UPIs that might still be ignored by the same strategic interests.
  • The observation that a consent-based health information exchange does not need either patient matching or UPIs.
Continue reading…

Health Data Outside HIPAA: Simply Extending HIPAA Would Be a #FAIL

Vince Kuraitis
Deven McGraw

By DEVEN McGRAW and VINCE KURAITIS

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Early in 2019 the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services (CMS) proposed rules intended to achieve “interoperability” of health information.

Among other things, these proposed rules would put more data in the hands of patients – in most cases, acting through apps or other online platforms or services the patients hire to collect and manage data on their behalf. Apps engaged by patients are not likely covered by federal privacy and security protections under the Health Insurance Portability and Accountability Act (HIPAA) — consequently, some have called on policymakers to extend HIPAA to cover these apps, a step that would require action from Congress.

In this post we point out why extending HIPAA is not a viable solution and would potentially undermine the purpose of enhancing patients’ ability to access their data more seamlessly:  to give them agency over health information, thereby empowering them to use it and share it to meet their needs.

Continue reading…

Healthcare Might Look Good in Plaid

By KIM BELLARD

I don’t really follow FinTech — I can’t even keep up with HealthTech! — but it caught my eye when Visa announced that it was acquiring FinTech company Plaid for $5.3b; a 2018 funding round valued the company at $2.65b.  A 100% increase in valuation within a year suggests that something important is going on, or at least that people think something is.  

I suspect there may be some lessons for healthcare in there somewhere.  

For those of you who are equally as unfamiliar with FinTech’s terrain, Plaid has been described as the “plumbing” that supports many other FinTech companies.  Launched in 2013, one in four people with a U.S. bank account are now believed to use Plaid to connect with 2,600 FinTech developers connected to more than 11,000 financial institutions.  Its customers include Acorns, Betterment, Chime, Coinbase, Gemini, Robinhood, Transferwise, and Venmo.  Plaid claims it connects with 200 million consumer accounts. 

Continue reading…

For all who hate computers in medicine: here’s what we got before.

By e-Patient Dave DeBronkart

The photo below shows what “visit notes” from a doctor appointment might look like in the era before computers. Just two days before my first speech where I said “Gimme my damn data,” I had an ENT visit, and on the way out I asked for a copy of the doctor’s notes. The clerk snickered out loud and showed it to me, saying, “If you really want it….”

No joke; this is what the doctor had recorded.

Visit notes from my ENT appointment, Sept 15, 2009
Continue reading…

Registration

Forgotten Password?