THCB

Categories

Tag: Health Data

Getting Ahead of Privacy and the CCPA – Healthcare Needs to Move Beyond HIPAA

0

By DAN LINTON

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Privacy concerns are on the rise. Over the last couple of years, survey after survey have clearly shown a dramatic rise in overall consumer privacy awareness and concern – driven primarily by the never-ending litany of ongoing data breaches that make the news.

The healthcare industry has been somewhat shielded from this, seemingly due to the trust that patients extend to their doctors and, by proxy, the organizations they work with. HITECH and HIPAA legislation have acted as a perceived layer of safety and protection.

But healthcare is not immune from privacy issues.

Most people aren’t even aware of the hundreds of data breaches of unsecured health information in the last 24 months which are being investigated by the U.S. Department of Health & Human Services Office for Civil Rights. In fact, research indicates that consumers still trust healthcare organizations with their data more so than many other industries.

But for how much longer?

Continue reading…

Healthcare in the National Privacy Law Debate

3

This article originally appeared in the American Bar Association’s Health eSource here.

By KIRK NAHRA

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Congress is debating whether to enact a national privacy law.  Such a law would upend the approach that has been taken so far in connection with privacy law in the United States, which has either been sector specific (healthcare, financial services, education) or has addressed specific practices (telemarketing, email marketing, data gathering from children).  The United States does not, today, have a national privacy law.  Pressure from the European Union’s General Data Protection Regulation (GDPR)1 and from California, through the California Consumer Privacy Act (CCPA),2 are driving some of this national debate.  

The conventional wisdom is that, while the United States is moving towards this legislation, there is still a long way to go.  Part of this debate is a significant disagreement about many of the core provisions of what would go into this law, including (but clearly not limited to) how to treat healthcare — either as a category of data or as an industry.

So far, healthcare data may not be getting enough attention in the debate, driven (in part) by the sense of many that healthcare privacy already has been addressed.  Due to the odd legislative history of the Health Insurance Portability and Accountability Act of 1996 (HIPAA),3 however, we are seeing the implications of a law that (1) was driven by considerations not involving privacy and security, and (2) reflected a concept of an industry that no longer reflects how the healthcare system works today.  Accordingly, there is  a growing volume of  “non-HIPAA health data,” across enormous segments of the economy, and the challenge of figuring out how to address concerns about this data in a system where there is no specific regulation of this data today.

Continue reading…

Strategic Interests and the ONC Annual Meeting

6

By ADRIAN GROPPER, MD

The HHS Office of National Coordinator (ONC) hosted a well-attended Annual Meeting this week. It’s a critical time for HHS because regulations authorized under the almost unanimous bi-partisan 21stC Cures Act, three and a half years in the making, are now facing intense political pressure for further delay or outright nullification. HHS pulled out all of the stops to promote their as yet unseen work product.

Myself and other patient advocates benefited from the all-out push by ONC. We were given prominent spots on the plenary panels, for which we are grateful to ONC. This post summarizes my impressions on three topics discussed both on-stage and off:

  • Patient Matching and Unique Patient Identifiers (UPI)
  • Reaction to Judy Faulkner’s Threats
  • Consumer App Access and Safety

Each of these represents a different aspect of the strategic interests at work to sideline patient-centered practices that might threaten the current $Trillion of waste. 

The patient ID plenary panel opened the meeting. It was a well designed opportunity for experts to present their perspectives on a seemingly endless debate. Here’s a brief report. My comments were a privacy perspective on patient matching, UPI, and the potential role of self-sovereign identity (SSI) as a new UPI technology. The questions and Twitter about my comments after the panel showed specific interest in:

  • The similarity of “enhanced” surveillance for patient matching to the Chinese social credit scoring system.
  • The suggestion that we already have very useful UPIs in the form of email address and mobile phone numbers that could have been adopted in the marketplace, but are not, for what I euphemistically called “strategic interests”.
  • The promise of SSI as better and more privacy preserving UPIs that might still be ignored by the same strategic interests.
  • The observation that a consent-based health information exchange does not need either patient matching or UPIs.
Continue reading…

Health Data Outside HIPAA: Simply Extending HIPAA Would Be a #FAIL

2
Vince Kuraitis
Deven McGraw

By DEVEN McGRAW and VINCE KURAITIS

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

Early in 2019 the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services (CMS) proposed rules intended to achieve “interoperability” of health information.

Among other things, these proposed rules would put more data in the hands of patients – in most cases, acting through apps or other online platforms or services the patients hire to collect and manage data on their behalf. Apps engaged by patients are not likely covered by federal privacy and security protections under the Health Insurance Portability and Accountability Act (HIPAA) — consequently, some have called on policymakers to extend HIPAA to cover these apps, a step that would require action from Congress.

In this post we point out why extending HIPAA is not a viable solution and would potentially undermine the purpose of enhancing patients’ ability to access their data more seamlessly:  to give them agency over health information, thereby empowering them to use it and share it to meet their needs.

Continue reading…

Healthcare Might Look Good in Plaid

2

By KIM BELLARD

I don’t really follow FinTech — I can’t even keep up with HealthTech! — but it caught my eye when Visa announced that it was acquiring FinTech company Plaid for $5.3b; a 2018 funding round valued the company at $2.65b.  A 100% increase in valuation within a year suggests that something important is going on, or at least that people think something is.  

I suspect there may be some lessons for healthcare in there somewhere.  

For those of you who are equally as unfamiliar with FinTech’s terrain, Plaid has been described as the “plumbing” that supports many other FinTech companies.  Launched in 2013, one in four people with a U.S. bank account are now believed to use Plaid to connect with 2,600 FinTech developers connected to more than 11,000 financial institutions.  Its customers include Acorns, Betterment, Chime, Coinbase, Gemini, Robinhood, Transferwise, and Venmo.  Plaid claims it connects with 200 million consumer accounts. 

Continue reading…

For all who hate computers in medicine: here’s what we got before.

3

By e-Patient Dave DeBronkart

The photo below shows what “visit notes” from a doctor appointment might look like in the era before computers. Just two days before my first speech where I said “Gimme my damn data,” I had an ENT visit, and on the way out I asked for a copy of the doctor’s notes. The clerk snickered out loud and showed it to me, saying, “If you really want it….”

No joke; this is what the doctor had recorded.

Visit notes from my ENT appointment, Sept 15, 2009
Continue reading…

Disrupting Medicare Advantage for Data Access, Better Outcomes | Vivek Garipalli, CEO Clover Health

1

BY JESSICA DAMASSA, WTF HEALTH

Vivek Garipalli, CEO and Co-Founder of Clover Health initially set out trying to create a high-tech healthcare company aimed at improving clinical decision making, while leveraging the best of tech and data science in the process. Sounds about right for a guy who previously founded a health system (CarePoint Health), so…how did he end up with a high-tech Medicare Advantage plan instead? Isn’t clinical disruption hard enough? In this very candid chat about the larger issues thwarting tech and the healthcare business model, Vivek explains how he HAD to turn Clover into a health plan in order to get “reliable access” to the longitudinal set of information that would truly help patients and providers achieve better health outcomes. Can this kind of thinking ever be applied to the under 65 market? How does Clover perpetuate this model? Founded in 2012, this late-stage startup has big plans for scaling up and they’re centered on winning over physicians.

Filmed at the HIMSS Health 2.0 Conference in Santa Clara, CA in September 2019.

Continue reading…

The Intrusion of Big Tech into Healthcare Threatens Patients’ Rights

1

By ANDREW DORSCH, MD

The question of how much time I spend in front of the screen has pestered me professionally and personally. 

A recent topic of conversation among parents at my children’s preschool has been how much screen time my toddlers’ brain can handle. It was spurred on by a study in JAMA Pediatrics that evaluated the association between screen time and brain structure in toddlers. The study reported that those children who spent more time with electronic devices had lower measures of organization in brain pathways involved in language and reading. 

As a neurologist, these findings worry me, for my children and for myself. I wonder if I’m changing the structure of my brain for the worse as a result of prolonged time spent in front of a computer completing medical documentation. I think that, without the move to electronic medical records, I might be in better stead — in more ways than one. Not only is using them potentially affecting my brain, they pose a danger to my patients, too, in that they threaten their privacy. 

As any practicing physician can tell you, electronic medical records represent a Pyrrhic victory of sorts. They present a tangible benefit in that medical documentation is now legible and information from different institutions can be obtained with the click of a button — compared to the method of decades past, in which a doctor hand-wrote notes in a paper chart — but there’s also a downside. 

Continue reading…

Angels are Taking our Data

1

By ePatient Dave deBronkart

A response to Michael Millenson’s holiday song

Angels seeking Clouds to buy
But healthcare’s not like Spotify
My health data’s here and yon
Monetized by Amazon

Gloria, in excessive profits
Gloria, it’s excessive net cash flow

Investors, why this jubilee?
You’ve done naught to soothe our pain
No care’s improved nor costs controlled
My data just fuels cap’tal gains

Gloria, in excessive profits
Gloria, it’s excessive net cash flow

Silicon Valley come and see
Start-up births thy VCs sing
Come invest on bended knee
But health care’s not yet transforming

Gloria, such excessive profits
Gloria, just excessive net cash flow

Angels Have Our Health Data

1

A holiday song from @MLMillenson, December 2019

Angels we’ve heard from the Cloud on high
Or maybe it was Spotify.

Our health data’s floating hither and yon
Monetized by Google and Amazon.

Gloria, in excessive profits
Gloria, in excessive profits                                                                      

Investors, why this jubilee?
’cause you’ve made us healthy and absent pain?
Is care improved and costs controlled?
Or our data just fuels your capital gains?

Gloria, in excessive profits
Gloria, in excessive profits

Come to Silicon Valley and see
Start-ups whose birth the VC’s sing.
Come adore on bended knee
Promises of health care transforming.

Gloria, in excessive profits
Gloria, in excessive profits

Registration

Forgotten Password?