Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Drug Mailings and Patient Privacy

Posted on June 1, 2011 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Many of you have quickly realized that I find it a lot more interesting to write about EMR than I do about HIPAA. Seems like most people prefer to read about EMR than they do HIPAA as well (except for this popular HIPAA Lawsuits post I did eons ago). However, I’m sure that many of you will find this article I found about privacy of medical data quite interesting. Here’s a quote from the beginning of the article which prefaces the health privacy situation quite well.

A pharmaceutical company, Bristol-Myers Squibb Co., sent him an eight-page brochure pitching another medicine, Abilify, used to treat patients “when an antidepressant alone isn’t enough.”

Lexapro was plenty for Spencer, but the mailing stuck in his craw. He has followed the recent debate over the utterly porous privacy of consumer data. But he thought his medical history, at least, was guarded by the special privacy protections of HIPAA, 1996’s Health Insurance Portability and Accountability Act.

Spencer asked a simple question: How did Bristol-Myers Squibb – or the “third-party list company” that the brochure said was the source of his name – know enough to send him that mailing?

The article goes through all the places that had the information that he was on the antidepressant Lexapro: the insurance company, his doctor, the pharmacy. Each of course denied having sold his information. After some digging, Bristol-Myers Squibb gave the actual way they got Spencer’s health information to be able to do a targeted mailing:

Maybe Spencer bought an over-the-counter depression remedy at a store where he has “frequent shopper” card? Maybe he called an 800 number for information? Maybe he answered a survey on health concerns?

I ran all these ideas by Spencer, and he rejected each.

On Friday afternoon, Bristol-Myers Squibb delivered a “gotcha.” Yes, Spencer was the source of his own privacy breach, according to spokeswoman Laura Hortas.

Hortas says Bristol-Myers Squibb bought the list in question from a reliable list broker. “We only work with list vendors that we know commit to observing U.S. privacy law,” she told me.

And how did the list vendor get Spencer’s name? Hortas says Spencer visited a site called at 9:25 p.m. on Dec. 14 and replied to a prompt that said: “Please provide relevant information to me on the following ailments.”

“He selected depression,” Hortas says.

Of course, Spencer denies every having visited that site. The problem is that I bet Spencer is like most Americans and doesn’t really know what sites they’re visiting anyway. I’m still surprised how many people I talk to don’t know the difference between going to and typing emrandhipaa in Google to find the site. I see the stats on my blog that show how many people don’t know the difference. I wouldn’t be surprised if Spencer is one of these people.

I’m not trying to defend sites like There’s a lot of JUNK on the internet that is absolutely terrible, deceptive and in many cases dishonest. It’s really easy to trap someone into providing their personal information to you online (although I don’t agree or use these methods). Many times without people even realizing they’ve done it. Is that a breach of someone’s privacy if they were deceived into giving up their information to win an iPad?

I’m also not saying that companies shouldn’t be held responsible for using health information inappropriately. They should be held accountable according to the laws. I just don’t see any violation of HIPAA laws in this case.

I do love the irony that someone so concerned about privacy of his health information now has an article on with his name and his health information. That leads me to believe that Spencer isn’t as concerned about the privacy of his information as he puts on. Maybe he’s just mad that he didn’t have a winning survey. I wonder if he’d won an iPad from the survey if he’d be as concerned about the mailings.

Meaningful Use and the HITECH Act: More Things You Need to Know

Posted on I Written By

This follow-up presentation digs deeper with updated information for eligible providers about how to receive the incentive payments from the Centers for Medicare and Medicaid Services (CMS).  We discuss the latest details about payment timelines, review what you need to know about choosing an ONC-ATCB certified system to entitle you to payments, and review what is expected from the government in Phase 2.  Tune in to learn more.
Steve Rogers, Director of Product Management at Nuesoft Technologies, Inc.



Watch the video.

Watch part 1 here.

Meaningful Use and the HITECH Act: Top Five Things to Know

Posted on I Written By

What does it mean to show meaningful use? What criteria were included in the final rule? What is the implementation timeline to receive the maximum payments under both the Medicare and Medicaid incentive programs? Tune in to Nuesoft’s podcast that covers the recent changes announced by the Office of the National Coordinator for Health Information Technology (ONC) and Centers for Medicare and Medicaid Services (CMS) in the meaningful use final rule.
Steve Rogers, Director of Product Management at Nuesoft Technologies, Inc.



Watch the video.

Watch part 2 here.

ChampionVillage Delivers a Unique Hybrid Between Online Gaming and Fitness

Posted on I Written By

If there is any single way of lowering the number of obese people in this country it has to be through educating kids when they are young so that they will lead healthy lives from the very beginning.  One group that is trying to teach those healthy habits early is ChampionVillage.

From their website, their mission is:

Knowledge is Power! Knowing is a large part of doing. Our site will expose your child to hundreds of fun exercises as well as nutrition tips that will provide a solid foundation for their life. Most importantly, they will learn that health and nutrition are both manageable and fun.

This is really getting at the heart of the problem, and going about it in a great way.  Just like everything else in life, kids need to be educated about being healthy.  They need to know what eating healthy really is.  They need to know how they can exercise as a kid.  Maybe most importantly, they need to realize it is fun.  Kids want to do what is fun, period.  They don’t care if it is work, or healthy, or exercise as long as it is fun.

I have seen it a hundred times with kids of all ages, including my own: if I make it fun, they will do it.  No one likes to clean up, but if you turn it into a game, kids will do it.  What do we do when a kid doesn’t want to eat?  Turn the spoon into an airplane and all of a sudden it is fun and many kids will eat it.

ChampionVillage follows the model of many social networking games by rewarding the player for exercising with virtual tokens.  These tokens can then be redeemed for a variety of online rewards.  What makes this especially great is the more they exercise they more points they earn so they will be motivated to do even more.

When you talk to people who are fit it is generally because they really enjoy what they are doing.  Whether it is running, dancing, hiking, or skiing, people will do the things they enjoy.  If we can make the connection in kids that exercising is fun, then they will be far more likely to continue that pattern for the rest of their lives.