Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Will ACOs Face Tough Antitrust Scrutiny?

Posted on August 2, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

For some reason, I’ve always been interested in antitrust regulation, not just in the healthcare industry but across the board.

To me, there’s something fascinating about how federal agencies define markets, figure out what constitutes an unfair level of market dominance and decide which deals are out of bounds. For someone who’s not a lawyer, perhaps that’s a strange sort of geeking out to do, but there you have it.

Obviously, given how complex industry relationships are, healthcare relationships are fraught with antitrust issues to ponder. Lately, I’ve begun thinking about how antitrust regulators will look at large ACOs. And I’ve concluded that ACOs will be on the radar of the FTC and U.S. Department of Justice very soon, if they aren’t already.

On their face, ACOs try to dominate markets, so there’s plenty of potential for them to tip the scales too far in their favor for regulators to ignore. Their business model involves both vertical and horizontal integration, either of which could be seen as giving participants too much power.

Please take the following as a guide from an amateur who follows antitrust issues. Again, IANAL, but my understanding is as follows:

  • Vertical integration in healthcare glues together related entities that serve each other directly, such as health plans, hospitals, physician groups and skilled nursing facilities.
  • Horizontal integration connects mutually interested service providers, including competitors such as rival hospitals.

Even without being a legal whiz, it’s easy to understand why either of these ACO models might lead to (what the feds would see as) a machine that squeezes out uninvolved parties. The fact that these providers may share a single EMR could makes matters worse, as it makes the case that the parties can hoard data which binds patients to their network.

Regardless, it just makes sense that if a health plan builds an ACO network, cherry picking what it sees as the best providers, it’s unlikely that excluded providers will enjoy the same reimbursement health plan partners get. The excluded parties just won’t have as much clout.

Yes, it’s already the case that bigger providers may get either higher reimbursement or higher patient volume from insurers, but ACO business models could intensify the problem.

Meanwhile, if a bunch of competing hospitals or physician practices in a market decide to work together, it seems pretty unlikely that others could enter the market, expand their business or develop new service lines that compete with the ACO. Eventually, many patients would be forced to work with ACO providers. Their health plan will only pay for this market-dominant conglomerate.

Of course, these issues are probably being kicked around in legal circles. I’m equally confident that the ACOs, which can afford high-ticket legal advice, have looked at these concerns as well. But to my knowledge these questions aren’t popping up in the trade press, which suggests to me that they’re not a hot topic in non-legal circles.

Please note that I’m not taking a position here on whether antitrust regulation is fair or appropriate here. I’m just pointing out that if you’re part of an ACO, you may be more vulnerable to antitrust suits than you thought. Any entity which has the power to crush competition and set prices is a potential target.

Providers Work To Increase Patient Payments By Improving RCM Operations

Posted on June 29, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A growing body of research on healthcare payment trends is underscoring a painful fact: that consumers are footing a steadily growing share of their medical bills, and sometimes failing to pay. In response, providers are upgrading their revenue cycle management systems and tightening up their collections processes.

A new analysis by payment services vendor InstaMed has concluded that consumer spending on healthcare services should grow to $608 billion by 2019. This is a fairly substantial number even given the high volume of U.S. healthcare spending, which hit $3.4 trillion in 2016.

The growth in patient spending has been fueled by the emergence of high-deductible health plans, which are saddling consumers with increasingly large financial obligations. According to CMS figures cited in the report, the average deductible for covered workers with single coverage has doubled over the past several years, from $735 in 2010 to $1.487 in 2016.

But despite the increasing importance of consumers as healthcare payers, providers don’t seem to be doing enough to inform them about costs. More than 90% of consumers would like to know what the payment responsibility is prior to a provider visit, but they often don’t find out what they owe until they get a bill. What makes things worse is that very few consumers (7%) even know what a deductible, co-insurance and out-of-pocket maximum are, so they’re ill-prepared to understand bills when they receive them, studies have found.

Providers are waiting longer to collect what they are owed by patients, with three-quarters waiting a month or longer to collect outstanding balances from patients. And problems with collecting patient accounts are getting worse over time.  In fact, a new study from TransUnion Healthcare found that about 68% of patients with bills of $500 or less didn’t pay off the full balance during 2016, up from 49% in 2014.

Meanwhile, patient financial responsibility for care has risen from 10% to 30% of costs over the last few years, with more increases likely. This has led to expanding levels of consumer bad debt for medical expenses.

In attempt to cope with these issues, providers are buying new revenue cycle management systems. A survey released last year by Black Book Research, which included 5,000 management and user-level RCM clients, found that many healthcare organizations are rethinking RCM technology and demanding better performance.

Forty-eight percent of responding CFOs told Black Book that they weren’t sure they had the budget they needed to upgrade to an end-to-end RCM system this year.  Nonetheless, 93% of CFOs said they planned to eliminate RCM vendors, financial and coding technology firms, that are not producing a return on investment, up from 79% with similar plans in Q4 2015.

In addition to investing in newer RCM technology, providers are making it easier for patients to pay via whatever medium they choose. Not only are providers issuing bill reminders via text, and accepting payments online and by phone, they’re also adding new channels like PayPal payments, bank transfers and mobile payments.

Scenarios for Health Care Reform (Part 1 of 2)

Posted on May 16, 2017 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

All reformers in health care know what the field needs to do; I laid out four years ago the consensus about patient-supplied data, widespread analytics, mHealth, and transparency. Our frustration comes in when trying to crack the current hide-bound system open and create change. Recent interventions by US Republicans to repeal the Affordable Care Act, whatever their effects on costs and insurance coverage, offer no promise to affect workflows or treatment. So this article suggests three potential scenarios where reform could succeed, along with a vision of what will happen if none of them take hold.

Patients Forge Their Own Way Forward

In the first scenario, a tiny group of selfer-trackers, athletes, and empowered patients start a movement that ultimately wins over hundreds of millions of individuals.

These scattered enthusiasts, driven to overcome debilitating health problems or achieve extraordinary athletic feats, start to pursue self-tracking with fanaticism. Consumer or medical-grade devices provide them with ongoing data about their progress, and an open source platform such as HIE of One gives them a personal health record (PHR).

They also take charge of their interactions with the health care system. They find that most primary care providers aren’t interested in the data and concerns they bring, or don’t have time to process those data and concerns in the depth they need, or don’t know how to. Therefore, while preserving standard relationships with primary care providers and specialists where appropriate, the self-trackers seek out doctors and other providers to provide consultation about their personal health programs. A small number of providers recognize an opportunity here and set up practices around these consultations. The interactions look quite different from standard doctor visits. The customers, instead of just submitting themselves to examination and gathering advice, steer the conversation and set the goals.

Power relationships between doctors and customers also start to change. Although traditional patients can (and often do) walk away and effectively boycott a practice with which they’re not comfortable, the new customers use this power to set the agenda and to sort out the health care providers they find beneficial.

The turning point probably comes when someone–probabaly a research facility, because it puts customer needs above business models–invents a cheap, comfortable, and easy-to-use device that meets the basic needs for monitoring and transmitting vital signs. It may rest on the waist or some other place where it can be hidden, so that there is no stigma to wearing it constantly and no reason to reject its use on fashion grounds. A beneficent foundation invests several million dollars to make the device available to schoolchildren or some other needy population, and suddenly the community of empowered patients leaps from a miniscule pool to a mainstream phenomenon.

Researchers join the community in search of subjects for their experiments, and patients offer data to the researchers in the hope of speeding up cures. At all times, the data is under control of the subjects, who help to direct research based on their needs. Analytics start to turn up findings that inform clinical decision support.

I haven’t mentioned the collection of genetic information so far, because it requires more expensive processes, presents numerous privacy risks, and isn’t usually useful–normally it tells you that you have something like a 2% risk of getting a disease instead of the general population’s 1% risk. But where genetic testing is useful, it can definitely fit into this system.

Ultimately, the market for consultants that started out tiny becomes the dominant model for delivering health care. Specialists and hospitals are brought in only when their specific contributions are needed. The savings that result bring down insurance costs for everyone. And chronic disease goes way down as people get quick feedback on their lifestyle choices.

Government Puts Its Foot Down

After a decade of cajoling health care providers to share data and adopt a fee-for-outcome model, only to witness progress at a snail’s pace, the federal government decides to try a totally different tack in this second scenario. As part of the Precision Medicine initiative (which originally planned to sign up one million volunteers), and leveraging the ever-growing database of Medicare data, the Office of the National Coordinator sets up a consortium and runs analytics on top of its data to be shared with all legitimate researchers. The government also promises to share the benefits of the analytics with anyone in the world who adds their data to the database.

The goals of the analytics are multi-faceted, combining fraud checks, a search for cures, and everyday recommendations about improving interventions to save money and treat patients earlier in the disease cycle. The notorious 17-year gap between research findings and widespread implementation shrinks radically. Now, best practices are available to any patient who chooses to participate.

As with the personal health records in the previous scenario, the government database in this scenario creates a research platform of unprecedented size, both in the number of records and the variety of participating researchers.

To further expand the power of the analytics, the government demands exponentially greater transparency not just in medical settings but in all things that make us sick: the food we eat (reversing the rulings that protect manufacturers and restaurants from revealing what they’re putting in our bodies), the air and water that surrounds us, the effects of climate change (a major public health issue, spreading scourges such as mosquito-borne diseases and heat exhaustion), disparities in food and exercise options among neighborhoods, and more. Public awareness leads to improvements in health that lagged for decades.

In the next section of this article, I’ll present a third scenario that achieves reform from a different angle.

E-Patient Update: Reducing Your Patients’ Security Anxiety

Posted on March 31, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Even if you’re not a computer-savvy person, these days you can hardly miss the fact that healthcare data is a desirable target for cyber-criminals. After all, over the past few years, healthcare data breaches have been in the news almost every day, with some affecting millions of consumers.

As a result, many patients have become at least a bit afraid of interacting with health data online. Some are afraid that data stored on their doctor or hospital’s server will be compromised, some are afraid to manage their data on their own, and others don’t even know what they’re worried about – but they’re scared to get involved with health data online.

As an e-patient who’s lived online in one form or another since the 80s (anyone remember GEnie or Compuserve?) I’ve probably grown a bit too blasé about security risks. While I guard my online banking password as carefully as anyone else, I don’t tend to worry too much about abstract threats posed by someone who might someday, somehow find my healthcare data among millions of other files.

But I realize that most patients – and providers – take these issues very seriously, and with good reason. Even if HIPAA weren’t the law of the land, providers couldn’t afford to have patients feel like their privacy wasn’t being respected. After all, patients can’t get the highest-quality treatment available if they aren’t comfortable being candid about their health behaviors.

What’s more, no provider wants to have their non-clinical data hacked either. Protecting Social Security numbers, credit card details and other financial data is a critical responsibility, and failing at it could cost patients more than their privacy.

Still, if we manage to intimidate the people we’re trying to help, that can’t be good either. Surely we can protect health data without alienating too many patients.

Striking a balance

I believe it’s important to strike a balance between being serious about security and making it difficult or frightening for patients to engage with their data. While I’m not a security expert, here’s some thoughts on how to strike that balance, from the standpoint of a computer-friendly patient.

  • Don’t overdo things: Following strong security practices is a good idea, but if they’re upsetting or cumbersome they may defeat your larger purposes. I’m reminded of the policy of one of my parents’ providers, who would only provide a new password for their Epic portal if my folks came to the office in person. Wouldn’t a snail mail letter serve, at least if they used registered mail?
  • Use common-sense procedures: By all means, see to it that your patients access their data securely, but work that into your standard registration process and workflow. By the time a patient leaves your office they should have access to everything they need for portal access.
  • Guide patients through changes: In some cases, providers will want to change their security approach, which may mean that patients have to choose a new ID and password or otherwise change their routine. If that’s necessary, send them an email or text message letting them know that these changes are expected. Otherwise they might be worried that the changes represent a threat.
  • Remember patient fears: While practice administrators and IT staff may understand security basics, and why such protections are necessary, patients may not. Bear in mind that if you take a grim tone when discussing security issues, they may be afraid to visit your portal. Keep security explanations professional but pleasant.

Remember your goals

Speaking as a consumer of patient health data, I have to say that many of the health data sites I’ve accessed are a bit tricky to use. (OK, to be honest, many seem to be designed by a committee of 40-something engineers that never saw a gimmicky interface they didn’t like.)

And that isn’t all. Unfortunately, even a highly usable patient data portal or app can become far more difficult to use if necessary security protections are added to the mix. And of course, sometimes that may be how things have to be.

I guess I’m just encouraging providers who read this to remember their long-term goals. Don’t forget that even security measures should be evaluated as part of a patient’s experience, and at least see that they do as little as possible to undercut that experience.

After all, if a girl-geek and e-patient like myself finds the security management aspect of accessing my data to be a bummer, I can only imagine other consumers will just walk away from the keyboard. With any luck, we can find ways to be security-conscious without imposing major barriers to patient engagement.

Healthcare CIOs Focus On Optimizing EMRs

Posted on March 30, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Few technical managers struggle with more competing priorities than healthcare CIOs. But according to a recent survey, they’re pretty clear what they have to accomplish over the next few years, and optimizing EMRs has leapt to the top of the to-do list.

The survey, which was conducted by consulting firm KPMG in collaboration with CHIME, found that 38 percent of CHIME members surveyed saw EMR optimization as their #1 priority for capital investment over the next three years.  To gather results, KPMG surveyed 122 CHIME members about their IT investment plans.

In addition to EMR optimization, top investment priorities identified by the respondents included accountable care/population health technology (21 percent), consumer/clinical and operational analytics (16 percent), virtual/telehealth technology enhancements (13 percent), revenue cycle systems/replacement (7 percent) and ERP systems/replacement (6 percent).

Meanwhile, respondents said that improving business and clinical processes was their biggest challenge, followed by improving operating efficiency and providing business intelligence and analytics.

It looks like at least some of the CIOs might have the money to invest, as well. Thirty-six percent said they expected to see an increase in their operating budget over the next two years, and 18 percent of respondents reported that they expect higher spending over the next 12 months. On the other hand, 63 percent of respondents said that spending was likely to be flat over the next 12 months and 44 percent over the next two years. So we have to assume that they’ll have a harder time meeting their goals.

When it came to infrastructure, about one-quarter of respondents said that their organizations were implementing or investing in cloud computing-related technology, including servers, storage and data centers, while 18 percent were spending on ERP solutions. In addition, 10 percent of respondents planned to implement cloud-based EMRs, 10 percent enterprise systems, and 8 percent disaster recovery.

The respondents cited data loss/privacy, poorly-optimized applications and integration with existing architecture as their biggest challenges and concerns when it came to leveraging the cloud.

What’s interesting about this data is that none of the respondents mentioned improved security as a priority for their organization, despite the many vulnerabilities healthcare organizations have faced in recent times.  Their responses are especially curious given that a survey published only a few months ago put security at the top of CIOs’ list of business goals for near future.

The study, which was sponsored by clinical communications vendor Spok, surveyed more than 100 CIOs who were CHIME members  — in other words, the same population the KPMG research tapped. The survey found that 81 percent of respondents named strengthening data security as their top business goal for the next 18 months.

Of course, people tend to respond to surveys in the manner prescribed by the questions, and the Spok questions were presumably worded differently than the KPMG questions. Nonetheless, it’s surprising to me that data security concerns didn’t emerge in the KPMG research. Bottom line, if CIOs aren’t thinking about security alongside their other priorities, it could be a problem.

Could Patents Freeze Blockchain’s Progress?

Posted on March 6, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Everywhere you look, somebody’s talking about blockchain technology and its amazing future. In fact, the healthcare industry is engaging in perhaps the most aggressive blockchain deployments of any industry, according to Deloitte.

Originally, blockchain was an open-source platform, freely available to anyone who wanted to use it. But that could soon change, if a new item from Reuters is any indication.

According to the news service, Aussie computer scientist Craig Wright – who claims to be the pseudonymous “Satoshi Nakamoto” responsible for the technology – is working with Canadian online gambling entrepreneur Calvin Ayre to patent aspects of bitcoin/blockchain tech.

To date Wright, who’s being funded by the wealthy Canadian, has filed more than 70 patent applications in Britain in cooperation with associates. This may not sound like a big deal, but it is, considering that only 63 blockchain-related patents were filed globally last year, according Reuters.

Not only that, Wright plans to file many more, Reuters research has concluded. The patent applications include approaches specific to healthcare, including storage of medical documents. Ultimately, Wright and his partners plan to file as many as 400 patent applications, the news service reports.

Ayre is investing in blockchain largely because he sees it as a good fit with the gambling business. And that serves Wright’s interests, which have included online gambling for decades. In fact, Reuters notes that the bitcoin code base contains unimplemented functions related to poker. So it makes sense that he wants to lock it down and own it.

That being said, it seems unlikely that well-funded corporate interests – including healthcare organizations – are going to just sit back and ignore these developments. After all, companies spent more than $1.5 billion on blockchain technology during 2016, and they’re likely to scale up further this year. In other words, they’re not going to let go of blockchain technology without a fight.

Also, it’s worth noting that none of the 70 existing patent applications have been granted to date, and according to Reuters it’s not clear if they’ll even be enforceable if they are.

Finally, Ayer’s history in the U.S. raises questions as to whether he’s completely above-board. In the past, most of his online gambling revenue came from the U.S., a highly-lucrative business which made him extremely rich. But offering such a platform was and is illegal in many states, and as a result one of the states (Maryland) indicted his online gambling network Bodog, Ayer himself and four other people. The case is still pending.

All told, it doesn’t seem likely that health IT organizations need to drop their blockchain plans anytime soon. But it’s worth bearing in mind that blockchain development may be more complicated – and more expensive – in the future.

HIMSS17: Health IT Staff, Budgets Growing

Posted on March 1, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study announced last week at the HIMSS17 event concludes that demand for health IT staff continues to grow as employers expand their budgets. Not surprisingly, given this growth, the healthcare employers are having trouble recruiting enough IT staffers to meet their growing needs.

Results from the HIMSS Leadership and Workforce Survey reflect responses from 368 U.S. health IT leaders made between November 2016 and early January 2017. Fifty-six of respondents from vendors and consulting firms were in executive management, as compared with 41% of providers.

The survey concluded that the majority of health IT respondents have positions they’d like to fill, including 61% of health IT vendors/consultants and 43% of providers who responded. Only 32% of vendor/consultant organizations and 38% or providers said they were fully staffed, HIMSS said. We’ve seen this challenge from many of the healthcare IT companies which post their jobs on Healthcare IT Central.

Demand for IT recruits grew last year, as well. Researchers found that 61% of vendors/consultants responding and 42% of providers responding saw IT staffing increases over the past year, and that the majority of respondents in both groups expect to increase their IT staffing levels or at least hold them steady next year.

Of course, someone has to pay for these new team members. HIMSS researchers found that IT budgets were continuing to rise over time. Roughly nine out of ten vendors/consultants and 56% of providers said they expected to see increases in their IT budgets this year.

As often happens, however, vendors and consultants and providers seem to have different HIT priorities. While vendors seem to be addressing new technology issues, providers are still focused on how to manage their existing EMR infrastructure investments, HIMSS said.

That being said, the survey found, health IT stakeholders have many overlapping concerns, including privacy and security, population health, care coordination and improving the culture of care.

One of the key insights from this study – that vendors/consultants and providers have different views on the importance of enhancing existing EMRs – is borne out by another study released at the HIMSS event.

The study, which was backed by voice recognition software vendor Nuance Communications, found that providers are broadly interested in implementing new technologies that enhance their EMR, especially computer-assisted physician documentation, mobility and speech recognition tools.

However, when asked to be specific about which tools interested them, they were less enthusiastic, with 44% showing an interest in mobility tools, 38% computer-assisted physician documentation and 25% speech recognition. Documentation tools that enhanced existing functions were especially popular, with 54% of respondents expecting to see them support a reduction in denied claims, 52% improved performance under bundled payments, 38% reduced readmissions and 38% better physician time management which improves patient flow.

This survey also found that the most popular strategy for enhancing physician satisfaction with health IT tools was providing clinician training and education (chosen by 82%). Since their EMR is probably their biggest IT investment, my guess is that the training will focus there. And that suggests that EMRs are still the center of their universe, doesn’t it?

E-Patient Update:  Can Telemedicine Fill Gap For Uninsured Patients?

Posted on February 24, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

As someone who will soon will need to buy insurance through an ACA exchange – but doesn’t know whether that will still be possible – I’ve been thinking about my healthcare needs a lot, and how to meet them effectively if I’m ever uninsured.

Being an e-patient, the first thing that crossed my mind was to explore what Internet connectivity could do for me. And it occurred to me that if I had access to a wider range of comparatively-affordable telemedical services, I just might be able to access enough doctors and advanced practice clinicians to survive. (Of course, hospital and prescription drug costs won’t be tamed that easily, but that’s a subject for a different column.)

I admit that video visits aren’t an ideal solution for me and my husband, as we both have complex, chronic health conditions to address. But if I end up without insurance, I hold out hope that cheaper telemedicine options will get me through until we find a better solution.

Right now, unfortunately, telemedical services largely seem to be delivered on a hit-or-miss basis – with some specialties being easy to find and others almost inaccessible via digital connectivity – but if enough people like me are forced to rely on these channels perhaps this will change.

What’s available and what isn’t

This week, I did some unscientific research online to see what kind of care consumers can currently access online without too much fuss. What I found was a decidedly mixed bag. According to one telehealth research site, a long list of specialties offer e-visits, but some of them are much harder to access than others.

As you might have guessed, primary care – or more accurately, urgent care — is readily available. In fact one such provider, HealthTap, offers consumers unlimited access to its doctors for $99 a month. Such unfettered access could be a big help to patients without insurance.

And some specialties seem to be well-represented online. For example, if you want to get a dermatology consult, you can see a dermatologist online at DermatologistOnCall, which is partnered with megapharmacy Walgreens.

Telepsychiatry seems to be reasonably established, though it doesn’t seem to be backed yet by a major consumer branding effort. On the other hand, video visits with talk therapists seem to be fairly commonplace these days, including an option provided by HealthTap.

I had no trouble finding opportunities to connect with neurologists via the Web, either via email or live video. This included both multispecialty sites and at least one (Virtual Neurology) dedicated to offering teleneurology consults.

On the other hand, at least in searching Google, I didn’t find any well-developed options for tele-endocrinology consults (a bummer considering that hubby’s a Type 2 diabetic). It was the same for tele-pulmonology services.

In both of the former cases, I imagine that such consults wouldn’t work over time unless you had connected testing devices that, for example allow you to do a peak flow test, spirometry, blood or urine test at home. But while such devices are emerging, I’m not aware of any that are fully mature.

Time to standardize

All told, I’m not surprised that it’s hit or miss out there if you want to consult your specialists via an e-visit. There are already trends in place, which have evolved over the last few years, which favor some specialties and fail to address others.

Nonetheless, particularly given my perilous situation, I’m hoping that providers and trade groups will develop some standardized approaches to telemedicine. My feeling is that if a specialty-specific organization makes well-developed clinical, technical, operational and legal guidelines available, we’ll see a secondary explosion of new tele-specialties emerge.

In fact, even if I retain my health insurance benefits, I still hope that telemedical services become more prevalent. They’re generally more cost-efficient than traditional care and certainly more convenient. And I’m pretty confident that I’m not the only one champing at the bit here. Let’s roll ‘em out, people!

Exchange Value: A Review of Our Bodies, Our Data by Adam Tanner (Part 3 of 3)

Posted on January 27, 2017 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The previous part of this article raised the question of whether data brokering in health care is responsible for raising or lower costs. My argument that it increases costs looks at three common targets for marketing:

  • Patients, who are targeted by clinicians for treatments they may not need or have thought of

  • Doctors, who are directed by pharma companies toward expensive drugs that might not pay off in effectiveness

  • Payers, who pay more for diagnoses and procedures because analytics help doctors maximize charges

Tanner flags the pharma industry for selling drugs that perform no better than cheaper alternatives (Chapter 13, page 146), and even drugs that are barely effective at all despite having undergone clinical trials. Anyway, Tanner cites Hong Kong and Europe as places far more protective of personal data than the United States (Chapter 14, page 152), and they don’t suffer higher health care costs–quite the contrary.

Strangely, there is no real evidence so far that data sales have produced either harm to patients or treatment breakthroughs (Conclusion, 163). But the supermarket analogy does open up the possibility that patients could be induced to share anonymized data voluntarily by being reimbursed for it (Chapter 14, page 157). I have heard this idea aired many times, and it fits with the larger movement called Vendor Relationship Management. The problem with such ideas is the close horizon limiting our vision in a fast-moving technological world. People can probably understand and agree to share data for particular research projects, with or without financial reimbursement. But many researchers keep data for decades and recombine it with other data sets for unanticipated projects. If patients are to sign open-ended, long-term agreements, how can they judge the potential benefits and potential risks of releasing their data?

Data for sale, but not for treatment

In Chapter 11, Tanner takes up the perennial question of patient activists: why can drug companies get detailed reports on patient conditions and medications, but my specialist has to repeat a test on me because she can’t get my records from the doctor who referred me to her? Tanner mercifully shields here from the technical arguments behind this question–sparing us, for instance, a detailed discussion of vagaries in HL7 specifications or workflow issues in the use of Health Information Exchanges–but strongly suggests that the problem lies with the motivations of health care providers, not with technical interoperability.

And this makes sense. Doctors do not have to engage in explicit “blocking” (a slippery term) to keep data away from fellow practitioners. For a long time they were used to just saying “no” to requests for data, even after that was made illegal by HIPAA. But their obstruction is facilitated by vendors equally uninterested in data exchange. Here Tanner discards his usual pugilistic journalism and gives Judy Faulkner an easy time of it (perhaps because she was a rare CEO polite enough to talk to him, and also because she expressed an ethical aversion to sharing patient data) and doesn’t air such facts as the incompatibilities between different Epic installations, Epic’s tendency to exchange records only with other Epic installations, and the difficulties it introduces toward companies that want to interconnect.

Tanner does not address a revolution in data storage that many patient advocates have called for, which would at one stroke address both the Chapter 11 problem of patient access to data and the book’s larger critique of data selling: storing the data at a site controlled by the patient. If the patient determined who got access to data, she would simply open it to each new specialist or team she encounters. She could also grant access to researchers and even, if she chooses, to marketers.

What we can learn from Chapter 9 (although Tanner does not tell us this) is that health care organizations are poorly prepared to protect data. In this woeful weakness they are just like TJX (owner of the T.J. Maxx stores), major financial institutions, and the Democratic National Committee. All of these leading institutions have suffered breaches enabled by weak computer security. Patients and doctors may feel reluctant to put data online in the current environment of vulnerability, but there is nothing special about the health care field that makes it more vulnerable than other institutions. Here again, storing the data with the individual patient may break it into smaller components and therefore make it harder for attackers to find.

Patient health records present new challenges, but the technology is in place and the industry can develop consent mechanisms to smooth out the processes for data exchange. Furthermore, some data will still remain with the labs and pharmacies that have to collect it for financial reasons, and the Supreme Court has given them the right to market that data.

So we are left with ambiguities throughout the area of health data collection. There are few clear paths forward and many trade-offs to make. In this I agree ultimately with Tanner. He said that his book was meant to open a discussion. Among many of us, the discussion has already started, and Tanner provides valuable input.

Exchange Value: A Review of Our Bodies, Our Data by Adam Tanner (Part 2 of 3)

Posted on January 26, 2017 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The previous part of this article summarized the evolution of data brokering in patient information and how it was justified ethically and legally, partly because most data is de-identified. Now we’ll take a look at just what that means.

The identified patient

Although doctors can be individually and precisely identified when they prescribe medicines, patient data is supposedly de-identified so that none of us can be stigmatized when trying to buy insurance, rent an apartment, or apply for a job. The effectiveness of anonymization or de-identification is one of the most hotly debated topics in health IT, and in the computer field more generally.

I have found a disturbing split between experts on this subject. Computer science experts don’t just criticize de-identification, but speak of it as something of a joke, assuming that it can easily be overcome by those with a will to do so. But those who know de-identification best (such as the authors of a book I edited, Anonymizing Health Data) point out that intelligent, well-designed de-identification databases have been resistant to cracking, and that the highly publicized successes in re-identification have used databases that were de-identified unprofessionally and poorly. That said, many entities (including the South Korean institutions whose practices are described in Chapter 10, page 110 of Tanner’s book) don’t call on the relatively rare experts in de-identification to do things right, and therefore fall into the category of unprofessional and poor de-identification.

Tanner accurately pinpoints specific vulnerabilities in patient data, such as the inclusion of genetic information (Chapter 9, page 96). A couple of companies promise de-identified genetic data (Chapter 12, page 130, and Conclusion, page 162), which all the experts agree is impossible due to the wide availability of identified genomes out in the field for comparison (Conclusion, page 162).

Tanner has come down on the side of easy re-identification, having done research in many unconventional areas lacking professional de-identification. However, he occasionally misses a nuance, as when describing the re-identification of people in the Personal Genome Project (Chapter 8 page 92). The PGP is a uniquely idealistic initiative. People who join this project relinquish interest in anonymity (Chapter 9, page 96), declaring their willingness to risk identification in pursuit of the greater good of finding new cures.

In the US, no legal requirement for anonymization interferes with selling personal data collected on social media sites, from retailers, from fitness devices, or from genetic testing labs. For most brokers, no ethical barriers to selling data exist either, although Apple HealthKit bars it (Chapter 14 page 155). So more and more data about our health is circulating widely.

With all these data sets floating around–some supposedly anonymized, some tightly tied to your identity–is anonymization dead? Every anonymized data set already contains a few individuals who can be theoretically re-identified; determining this number is part of the technical process of de-identification? Will more and more of us fall into this category as time goes on, victims of advanced data mining and the “mosaic effect” (combining records from different data sets)? This is a distinct possibility for the future, but in the present, there are no examples of re-identifying data that is anonymized properly–the last word properly being all important here. (The authors of Anonymizing Health Data talk of defensible anonymization, meaning you can show you used research-vetted processes.) Even Latanya Sweeney, whom Tanner tries to portray in Chapter 9 as a relentless attacker who strips away the protections of supposedly de-identified data, believes that data can be shared safely and anonymously.

To address people’s fretting over anonymization, I invoke the analogy of encryption. We know that our secret keys can be broken, given enough computing power. Over the decades, as Moore’s Law and the growth of large computing clusters have increased computing power, the recommended size of keys has also grown. But someday, someone will assemble the power (or find a new algorithm) that cracks our keys. We know this, yet we haven’t stopped using encryption. Why give up the benefits of sharing anonymized data, then? What hurts us is the illegal data breaches that happen on average more than once a day, not the hypothetical re-identification of patients.

To me, the more pressing question is what the data is being used for. No technology can be assessed outside of its economic and social context.

Almighty capitalism

One lesson I take from the creation of a patient data market, but which Tanner doesn’t discuss, is its existence as a side effect of high costs and large inefficiencies in health care generally. In countries that put more controls on doctors’ leeway to order drugs, tests, and other treatments, there is less wiggle room for the marketing of unnecessary or ineffective products.

Tanner does touch on the tendency of the data broker market toward monopoly or oligopoly. Once a company such as IMS Health builds up an enormous historical record, competing is hard. Although Tanner does not explore the affect of size on costs, it is reasonable to expect that low competition fosters padding in the prices of data.

Thus, I believe the inflated health care market leaves lots of room for marketing, and generally props up the companies selling data. The use of data for marketing may actually hinder its use for research, because marketers are willing to pay so much more than research facilities (Conclusion, pages 163-164).

Not everybody sells the data they collect. In Chapter 13, Tanner documents a complicated spectrum for anonymized data, ranging from unpublicized sales to requiring patient consent to forgoing all data sales (for instance, footnote 6 to Chapter 13 lists claims by Salesforce.com and Surescripts not to sell patient information). Tenuous as trust in reputation may seem, it does offer some protection to patients. Companies that want to be reputable make sure not to re-identify individual patients (Chapter 7, page 72, Chapter 9, pages 88-90, and Chapter 9, page 99). But data is so valuable that even companies reluctant to enter that market struggle with that decision.

The medical field has also pushed data collectors to make data into a market for all comers. The popular online EHR, Practice Fusion, began with a stable business model offering its service for a monthly fee (Chapter 13, page 140). But it couldn’t persuade doctors to use the service until it moved to an advertising and data-sharing model, giving away the service supposedly for free. The American Medical Association, characteristically, has also found a way to extract profit from sale of patient data, and therefore has colluded in marketing to doctors (Chapter 5, page 41, and Chapter 6, page 54).

Thus, a Medivo executive makes a good argument (Chapter 13, page 147) that the medical field benefits from research without paying for the dissemination of data that makes research possible. Until doctors pony up for this effort, another source of funds has to support the collection and research use of data. And if you believe that valuable research insights come from this data (Chapter 14, page 154, and Conclusion, page 166), you are likely to develop some appreciation for the market they have created. Another obvious option is government support for the collection and provision of data for research, as is done in Britain and some Nordic countries, and to a lesser extent in the US (Chapter 14, pages 158-159).

But another common claim, aired in this book by a Cerner executive (Chapter 13, page 143) is that giving health data to marketers reduces costs across the system, similarly to how supermarkets grant discounts to shoppers willing to have their purchases tracked. I am not convinced that costs are reduced in either case. In the case of supermarkets, their discounts may persuade shoppers to spend more money on expensive items than they would have otherwise. In health care, the data goes to very questionable practices. These become the topic of the last part of this article.