Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Why Should Patients Control Their Health Data? Here Are A Few Ideas.

Posted on September 29, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she’s served as editor in chief of several healthcare B2B sites.

Lately, healthcare organizations have begun working to give patients more access to their personal health data. They’ve concluded that the more control patients have, the more engaged they become in your care, which in turn leads to better outcomes.

But patient engagement isn’t the only reason for giving patients the keys to their PHI. In fact, organizational control of patient health data can cause problems for everyone in the healthcare data exchange chain.

An item found on the Allscripts blog does a nice job of articulating issues that can arise.  According to the blog item, those issues include the following:

  • The patient is in the best position to address inconsistencies in their medical record. For example, if one doctor diagnoses the patient with asthma, then another physician conclusively demonstrates the patient is not asthmatic, the patient can reconcile the two physicians’ conclusions.
  • Patients have a better overview of their care than most doctors. When a chronically ill patient sees multiple clinicians, their impressions may conflict with one another, but the patient can provide context on their overall conditions.
  • If a patient consents to multiple uses of their health data, and the consents seem to be in conflict, only the patient can articulate what their intentions were.
  • If the master patient indexing process generates a false match with someone else’s records, the patient will recognize this immediately, while physicians may not.
  • Giving patients control of the record allows them to decide how long those records should be maintained. Otherwise, HIEs — or other entities not bound by record retention laws — might destroy the data prematurely.
  • When patients have control of their data, they can make sure it gets to whomever they choose. On the other hand, patient data may not make it to other care settings if providers drop the ball.

To be sure, delegating control of their PHI to patients can go too far.

For example, if they’re transmitting most or all of their health data between providers, it could pose a significant administrative burden.  Patients may not have the time or energy to route the data files between their providers, assure that data has been received on the other end and make certain that the data was formatted in a way their clinicians can use.

Also, if the patient is chronically ill and sees multiple providers, they may end up having to manage a large body of data files, and not everyone can do so effectively. Ultimately, they may get too overwhelmed to send their records to anyone, or send the wrong records, which can create complications of its own.

Still, on the whole, healthcare organizations are giving patients more control of their health data for good reasons. When patients take responsibility for their health data, they’re far more likely to understand their condition and take steps to address problems. Establishing a balance between patient and provider control may be tricky, but it can and should be done.

The Fight For Patient Health Data Access Is Just Beginning

Posted on July 11, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she’s served as editor in chief of several healthcare B2B sites.

When some of us fight to give patients more access to their health records, we pitch everyone on the benefits it can offer — and act as though everyone feels the same way.  But as most of us know, in their heart of hearts, many healthcare industry groups aren’t exactly thrilled about sharing their clinical data.

I’ve seen this first hand, far too many times. As I noted in a previous column, some providers all but refuse to provide me with my health data, and others act like they’re doing me a big favor by deigning to share it. Yet others have put daunting processes in place for collecting your records or make you wait weeks or months for your data. Unfortunately, the truth, however inconvenient it may be, is that they have reasons to act this way.

Sure, in public, hospital execs argue for sharing data with both patients and other institutions. They all know that this can increase patient engagement and boost population health. But in private, they worry that sharing such data will encourage patients to go to other hospitals at will, and possibly arm their competitors in their battle for market share.

Medical groups have their own concerns. Physicians understand that putting data in patient’s hands can lead to better patient self-management, which can tangibly improve outcomes. That’s pretty important in an era when government and commercial payers are demanding measurably improved outcomes.

Still, though they might not admit it, doctors don’t want to deluge patients with a flood of data which could cause them to worry about inconsequential issues, or feel that data-equipped patients will challenge their judgment. And can we please admit that some simply don’t like ceding power over their domain?

Given all of this, I wasn’t surprised to read that several groups are working to improve patients’ access to their health data. Nor was it news to me that such groups are struggling (though it was interesting to hear what they’re doing to help).

MedCity News spoke to the cofounder of one such group, Share for Cures, which works to encourage patients to share their health data for medical research. The group also hopes to foster other forms of patient health data sharing.

Cofounder Jennifer King told MCN that patients face a technology barrier to accessing such records. For example, she notes, existing digital health tools may offer limited interoperability with other data sets, and patients may not be sure how to use portals. Her group is working to remove these obstacles, but “it’s still not easy,” King told a reporter.

Meanwhile, she notes, almost every hospital has implemented a customized medical record, which can often block data sharing even if the hospitals buy EMRs from the same vendor. Meanwhile, if patients have multiple doctors, at least a few will have EMRs that don’t play well with others, so sharing records between them may not be possible, King said.

To address such data sharing issues, King’s nonprofit has created a platform called SHARE, an acronym for System for Health and Research Data Exchange. SHARE lets users collect and aggregate health and wellness data from multiple sources, including physician EMRs, drug stores, mobile health apps and almost half the hospitals in the U.S.

Not only does SHARE make it easy for patients to access their own data, it’s also simple to share that data with medical research teams. This approach offers researchers an important set of benefits, notably the ability to be sure patients have consented to having their data used, King notes. “One of the ways around [HIPAA] is that patient are the true owners,” she said. “With direct patient authorization…it’s not a HIPAA issue because it’s not the doctor sharing it with someone else. It’s the patient sharing it.”

Unfortunately (and this is me talking again) the platform faces the same challenges as any other data sharing initiative.

In this case, the problem is that like other interoperability solutions, SHARE can only amass data that providers are actually able to share, and that leaves a lot of them out of the picture. In other words, it can’t do much to solve the underlying problem. Another major issue is that if patients are reluctant to use even something as simplified as a portal, they’re not to likely to use SHARE either.

I’m all in favor of pushing for greater patient data access, for personal as well as professional reasons. And I’m glad to hear that there are groups springing up to address the problem, which is obviously pretty substantial. I suspect, though, that this is just the beginning of the fight for patient data access.

Until someone comes up with a solution that makes it easy and comfortable for providers to share data, while diffusing their competitive concerns, it’s just going to be more of the same old, same old. I’m not going to hold my breath waiting for that to happen.

E-Patient Update:  Changing The Patient Data Sharing Culture

Posted on May 19, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she’s served as editor in chief of several healthcare B2B sites.

I’ve been fighting for what I believe in for most of my life, and that includes getting access to my digital health information. I’ve pleaded with medical practice front-desk staff, gently threatened hospital HIT departments and gotten in the faces of doctors, none of whom ever seem to get why I need all of my data.

I guess you could say that I’m no shrinking violet, and that I don’t give up easily. But lately I’ve gotten a bit, let me say, discouraged when it comes to bringing together all of the data I generate. It doesn’t help that I have a few chronic illnesses, but it’s not easy even for patients with no major issues.

Some these health professionals know something about how EMRs work, how accurate, complete health records facilitate care and how big data analysis can improve population health. But when it comes to helping humble patients participate in this process, they seem to draw a blank.

The bias against sharing patient records with the patients seems to run deep. I once called the PR rep at a hospital EMR vendor and complained casually about my situation, in which a hospital told me that it would take three months to send me records printed from their EMR. (If I’d asked them to send me a CCD directly, the lady’s head might have exploded right there on the phone.)

Though I didn’t ask, the vendor rep got on the phone, reached a VP at the hospital and boom, I had my records. It took a week and a half, a vendor and hospital VP just to get one set of records to one patient. And for most of us it isn’t even that easy.

The methods providers have used to discourage my data requests have been varied. They include that I have to pay $X per page, when state law clearly states that (much lower) $Y is all they can charge. I’ve been told I just have to wait as long as it takes for the HIM department to get around to my request, no matter how time-sensitive the issue. I was even told once that Dr. X simply didn’t share patient records, and that’s that. (I didn’t bother to offer her a primer on state and federal medical records laws.) It gets to be kind of amusing over time, though irritating nonetheless.

Some of these skirmishes can be explained by training gaps or ignorance, certainly. What’s more, even if a provider encourages patient record requests there are still security and privacy issues to navigate. But I believe that what truly underlies provider resistance to giving patients their records is a mix of laziness and fear. In the past, few patients pushed the records issue, so hospitals and medical groups got lazy. Now, patients are getting assertive, and they fear what will happen.

Of course, we all have a right to our medical records, and if patients persist they will almost always get them. But if my experience is any guide, getting those records will remain difficult if attitudes don’t change. The default cultural setting among providers seems to be discomfort and even rebellion when they’re asked to give consumers their healthcare data. My protests won’t change a thing if people are tuning me out.

There’s many reasons for their reaction, including the rise of challenging, self-propelled patients who don’t assume the doctor knows best in all cases. Also, as in any other modern industry, data is power, and physicians in particular are already feeling almost powerless.

That being said, the healthcare industry isn’t going to meet its broad outcomes and efficiency goals unless patients are confident and comfortable with managing their health. Collecting, amassing and reviewing our health information greatly helps patients like me to stay on top of issues, so encumbering our efforts is counter-productive.

To counter such resistance, we need to transform the patient data sharing culture from resistant to supportive. Many health leaders seem to pine for the days when patients could have the data when and if they felt like it, but those days are past. Participating happily in a patient’s data collection efforts needs to become the norm.

If providers hope to meet the transformational goals they’ve set for themselves, they’ll have to help patients get their data as quickly, cheaply and easily as possible. Failing to do this will block or at least slow the progress of much-needed industry reforms, and they’re already a big stretch. Just give patients their data without a fuss – it’s the right thing to do!

E-Patient Update: Reducing Your Patients’ Security Anxiety

Posted on March 31, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she’s served as editor in chief of several healthcare B2B sites.

Even if you’re not a computer-savvy person, these days you can hardly miss the fact that healthcare data is a desirable target for cyber-criminals. After all, over the past few years, healthcare data breaches have been in the news almost every day, with some affecting millions of consumers.

As a result, many patients have become at least a bit afraid of interacting with health data online. Some are afraid that data stored on their doctor or hospital’s server will be compromised, some are afraid to manage their data on their own, and others don’t even know what they’re worried about – but they’re scared to get involved with health data online.

As an e-patient who’s lived online in one form or another since the 80s (anyone remember GEnie or Compuserve?) I’ve probably grown a bit too blasé about security risks. While I guard my online banking password as carefully as anyone else, I don’t tend to worry too much about abstract threats posed by someone who might someday, somehow find my healthcare data among millions of other files.

But I realize that most patients – and providers – take these issues very seriously, and with good reason. Even if HIPAA weren’t the law of the land, providers couldn’t afford to have patients feel like their privacy wasn’t being respected. After all, patients can’t get the highest-quality treatment available if they aren’t comfortable being candid about their health behaviors.

What’s more, no provider wants to have their non-clinical data hacked either. Protecting Social Security numbers, credit card details and other financial data is a critical responsibility, and failing at it could cost patients more than their privacy.

Still, if we manage to intimidate the people we’re trying to help, that can’t be good either. Surely we can protect health data without alienating too many patients.

Striking a balance

I believe it’s important to strike a balance between being serious about security and making it difficult or frightening for patients to engage with their data. While I’m not a security expert, here’s some thoughts on how to strike that balance, from the standpoint of a computer-friendly patient.

  • Don’t overdo things: Following strong security practices is a good idea, but if they’re upsetting or cumbersome they may defeat your larger purposes. I’m reminded of the policy of one of my parents’ providers, who would only provide a new password for their Epic portal if my folks came to the office in person. Wouldn’t a snail mail letter serve, at least if they used registered mail?
  • Use common-sense procedures: By all means, see to it that your patients access their data securely, but work that into your standard registration process and workflow. By the time a patient leaves your office they should have access to everything they need for portal access.
  • Guide patients through changes: In some cases, providers will want to change their security approach, which may mean that patients have to choose a new ID and password or otherwise change their routine. If that’s necessary, send them an email or text message letting them know that these changes are expected. Otherwise they might be worried that the changes represent a threat.
  • Remember patient fears: While practice administrators and IT staff may understand security basics, and why such protections are necessary, patients may not. Bear in mind that if you take a grim tone when discussing security issues, they may be afraid to visit your portal. Keep security explanations professional but pleasant.

Remember your goals

Speaking as a consumer of patient health data, I have to say that many of the health data sites I’ve accessed are a bit tricky to use. (OK, to be honest, many seem to be designed by a committee of 40-something engineers that never saw a gimmicky interface they didn’t like.)

And that isn’t all. Unfortunately, even a highly usable patient data portal or app can become far more difficult to use if necessary security protections are added to the mix. And of course, sometimes that may be how things have to be.

I guess I’m just encouraging providers who read this to remember their long-term goals. Don’t forget that even security measures should be evaluated as part of a patient’s experience, and at least see that they do as little as possible to undercut that experience.

After all, if a girl-geek and e-patient like myself finds the security management aspect of accessing my data to be a bummer, I can only imagine other consumers will just walk away from the keyboard. With any luck, we can find ways to be security-conscious without imposing major barriers to patient engagement.

E-Patient Update: Patients Need Better Care Management Workflows

Posted on March 10, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she’s served as editor in chief of several healthcare B2B sites.

Now and then, I get a little discouraged by the state of my health data. Like providers, I’m frustrated as heck by the number of independent data sources I must access to get a full picture of my medications, care and health status. These include:

* The medication tracker on my retail pharmacy’s site
* My primary care group’s portal
* My hospital’s Epic MyChart portal
* A medication management app to track my compliance with my regimen
* A health tracker app in which I track my blood pressure
* My Google calendar, to keep up with my health appointments
* Email clients to exchange messages with some providers

That’s not all – I’m sure I could think of other tools, interfaces and apps – but it offers a good idea of what I face. And I’m pretty sure I’m not unusual in this regard, so we’re talking about a big issue here.

By the way, bear in mind I’m not just talking about hyperportalotus – a fun term for the state of having too many portals to manage – but rather, a larger problem of data coordination. Even if all of my providers came together and worked through a shared single portal, I’d still have to juggle many tools for tracking and documenting my care.

The bottom line is that given the obstacles I face, my self-care process is very inefficient. And while we spend a lot of time talking about clinician workflow (which, of course, is quite important) we seldom talk about patient/consumer health workflow. But it’s time that we did.

Building a patient workflow

A good initial step in addressing this problem might be to create a patient self-care workflow builder and make it accessible website. Using such a tool, I could list all of the steps I need to take to manage my conditions, and the tool would help me develop a process for doing so effectively.

For example, I could “tell” the software that I need to check the status of my prescriptions once a week, visit certain doctors once a month, check in about future clinical visits on specific days and enter my data in my medication management app twice a day. As I did this, I would enter links to related sites, which would display in turn as needed.

This tool could also display critical web data, such as the site compiling the blood sugar readings from my husband’s connected blood glucose monitor, giving patients like me the ability to review trends at a glance.

I haven’t invented the wheel here, of course. We’re just talking about an alternate approach to a patient portal. Still, even this relatively crude approach – displaying various web-based sources under one “roof” along with an integrated process – could be quite helpful.

Eventually, health IT wizards could build much more sophisticated tools, complete with APIs to major data sources, which would integrate pretty much everything patients need first-hand. This next-gen data wrangler would be able to create charts and graphs and even issue recommendations if the engine behind it was sophisticated enough.

Just get started

All that being said, I may be overstating how easy it would be to make such a solution work. In particular, I’m aware that integrating a tool with such disparate data sources is far, far easier said than done. But why not get started?

After all, it’s hard to overestimate how much such an approach would help patients, at least those who are comfortable working with digital health solutions. Having a coordinated, integrated tool in place to help me manage my care needs would certainly save me a great deal of time, and probably improve my health as well.

I urge providers to consider this approach, which seems like a crying need to me. The truth is, most of the development money is going towards enabling the professionals to coordinate and manage care. And while that’s not a bad thing, don’t forget us!

Is HIPAA Misuse Blocking Patient Use Of Their Data?

Posted on August 18, 2015 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she’s served as editor in chief of several healthcare B2B sites.

Recently, a story in the New York Times told some troubling stories about how HIPAA misunderstandings have crept into both professional and personal settings. These included:

  • A woman getting scolded at a hospital in Boston for “very improper” speech after discussing her husband’s medical situation with a dear friend.
  • Refusal by a Pennsylvania hospital to take a daughter’s information on her mother’s medical history, citing HIPAA, despite the fact that the daughter wasn’t *requesting* any data. The woman’s mother was infirm and couldn’t share medical history — such as her drug allergy — on her own.
  • The announcement, by a minister in California, that he could no longer read the names of sick congregants due to HIPAA.

All of this is bad enough, particularly the case of the Pennsylvania refusing to take information that could have protected a helpless elderly patient, but the effects of this ignorance create even greater ripples, I’d argue.

Let’s face it: our efforts to convince patients to engage with their own medical data haven’t been terribly successful as of yet. According to a study released late last year by Xerox, 64% of patients were not using patient portals, and 31% said that their doctor had never discussed portals with them.

Some of the reasons patients aren’t taking advantage of the medical data available to them include ignorance and fear, I’d argue. Technophobia and a history of just “trusting the doctor” play a role as well. What’s more, pouring through lab results and imaging studies might seem overwhelming to patients who have never done it before.

But that’s not all that’s holding people back. In my opinion, the climate of medical data fear HIPAA misunderstandings have created is playing a major part too.

While I understand why patients have to sign acknowledgements of privacy practices and be taught what HIPAA is intended to do, this doesn’t exactly foster a climate in which patients feel like they own their data. While doctor’s offices and hospitals may not have done this deliberately, the way they administer HIPAA compliance can make medical data seem portentous, scary and dangerous, more like a bomb set to go off than a tool patients can use to manage their care.

I guess what I’m suggesting is that if providers want to see patients engaged and managing their care, they should make sure patients feel comfortable asking for access to and using that data. While some may never feel at ease digging into their test results or correcting their medical history, I believe that there’s a sizable group of patients who would respond well to a reminder that there’s power in doing so.

The truth is that while most providers now give patients the option of logging on to a portal, they typically don’t make it easy. And heaven knows even the best-trained physician office staff rarely take the time to urge patients to log on and learn.

But if providers make the effort to balance stern HIPAA paperwork with encouraging words, patients are more likely to get inspired. Sometimes, all it takes is a little nudge to get people on board with new behavior. And there’s no excuse for letting foolish misinterpretations of HIPAA prevent that from happening.