Thanks to the flood of new data expected to enter the health field from all angles–patient sensors, public health requirements in Meaningful Use, records on providers released by the US government, previously suppressed clinical research to be published by pharmaceutical companies–the health field faces a fork in the road, one direction headed toward chaos and the other toward order.
The road toward chaos is forged by the providers’ and insurers’ appetites for categorizing us, marketing to us, and controlling our use of the health care system, abetted by lax regulation. The alternative road is toward a healthy data order where privacy is protected, records contain more reliable information, and research is supported or even initiated by cooperating patients.
This was my main take-away from a day of meetings and a panel held recently by Patient Privacy Rights, a non-profit for whom I have volunteered during the past three years. The organization itself has evolved greatly during that time, tempering much of the negativity in which it began and producing a stream of productive proposals for improving the collection and reuse of health data. One recent contribution consists of measuring and grading how closely technology systems, websites, and applications meet patients’ expectations to control and understand personal health data flows.
With sponsorship by Microsoft at their Innovation and Policy Center in Washington, DC, PPR offered a public panel on privacy–which was attended by 25 guests, a very good turnout for something publicized very modestly–to capitalize on current public discussions about government data collection, and (without taking a stand on what the NSA does) to alert people to the many “little NSAs” trying to get their hands on our personal health data.
It was a privilege and an eye-opener to be part of Friday’s panel, which was moderated by noted privacy expert Daniel Weitzner and included Dr. Deborah Peel (founder of PPR), Dr. Adrian Gropper (CTO of PPR), Latanya Sweeney of Harvard and MIT, journalist Sydney Brownstone of Fast Company, and me. Although this article incorporates much that I heard from the participants, it consists largely of my own opinions and observations.
Health IT Week demonstrated a double barrel strategy to segregate patient information from provider information. Providers already have the power to set prices and health IT plays the central role.
By rebranding HIPAA as “Meaningful Consent” and making patients second-class citizens in Meaningful Use Stage 2 interoperability, providers and regulators are working together to keep it that way.
Essential consumer protections such as price transparency or independent decision support are scarce in the US healthcare system. The journalists are shouting from the rooftops.
There’s $1 Trillion (yes, $3,000 per person per year) of unwarranted and overpriced health services steering the Federal health IT bus with an information asymmetry strategy. Those of us that want to see universal coverage succeed need the information transparency tools to drive for changes.
Here’s how it works: The department of Health and Human Services (HHS) controls the health IT incentives and regulations. HIPAA applies to most licensed health services providers. Laboratories and devices are regulated by Medicare and the FDA.
Unlicensed services offered directly to patients, such as personal health records, web info sites and apps are regulated by the FTC. Separate regulatory domains facilitate the segregation of information and contribute to the lack of transparency by making patient-directed services use delayed and degraded information. This keeps independent advice from FTC-regulated service providers from illuminating the specific abuses.
The segregation of patient information from “provider” information is the current federal regulatory strategy. It’s even more so in the states. By making patients into second-class citizens, the providers can avoid open scrutiny, transparent pricing, and independent decision support.
Federal regulators then create a parallel system where information is delayed, diluted, and depreciated by lack of “authenticity”. This is promoted as “patient engagement”. For regulators, it’s a win-win solution: the providers support the regulation that enables their price fixing and many patient advocates get to swoon over patient engagement efforts.
The proof of this strategy became clear on the first day of Health IT Week – the Consumer Health IT Summit.
One major issue facing private and public Health Information Exchanges (HIE) is how to ensure patients privacy preferences are respected by obtaining their consent before data is shared.
Today I met with a multi-disciplinary team of attorneys, vendor experts, and IT leaders to discuss BIDMC’s approach to private HIE consent.
After two hours of discussion, here’s what we agreed upon:
Patients and families should be able to control the flow of their data among institutions. The ability for the patient to chose what flows where for what purpose is “meaningful consent.”
To achieve “meaningful consent” we will ask all the patients of our 1800 BIDMC associated ambulatory clinicians to opt in for data sharing among the clinicians coordinating their care.
Patients may revoke this consent at any time.
Consent for patients under 18 years old and not emancipated will be sought from their parents. Upon turning 18, the patients themselves will select their consent preferences.