Previous 10

Oct. 8th, 2007


Microsoft vs. Google. The quest for world domination. Apple called in sick.

Last week, Microsoft announced HealthVault, their first real public step into the healthcare arena. HealthVault is essentially an online PHR:
Health Vault will store all its customers' health data, ranging from test results to doctors' reports to daily measurements of weight or blood pressure, online. Individuals then have access to those records any time, anywhere, via the internet—a great boon for those who travel a lot. Medical offices and hospitals who sign up for the service could easily send test results in digital form to the vault, and patients could authorise them in turn to have access to various, carefully circumscribed bits of their personal data. (The vault is open, The Economist)

The PHR comes complete with search functionality (courtesy of Microsoft owned MedStory) and search is actually the business model. Microsoft is betting that they can do a better, slicker job than anyone else and that customers will recognize that.

Microsoft isn't jumping into this alone, however. Over the coming weeks, announcements are expected from dozens of partners about HealthVault based products and services. In Bill Gates' op-ed piece in today's Wall Street Journal, he said:

No one company can –or should—hope to provide the single solution that makes all of this possible. That’s why Microsoft is working with a wide range of software and hardware companies, as well as with physicians, hospitals, government organizations, patient advocacy groups and consumers to ensure that, together, we can address critical issues like privacy, security and integration with existing applications. (WSJ online subscriber's only)

I haven't gone out and poked at it yet, but I will. If nothing else, I'm dying of curiousity to see what years of work has created.

More information:

Peter Neupert, VP of Microsoft Health Solutions, talks about HealthVault and its history.
The Consumerist on HealthVault
BusinessWeek: Microsoft Wants Your Health Records

Jul. 25th, 2007


News you can use (maybe)

Note: Both of these articles are in the New York Times. If you don't have a log in, get one. It's worth it and they don't spam you.

Albert Ellis, 93, Influential Psychotherapist, Dies
Albert Ellis, whose innovative straight-talk approach to psychotherapy made him one of the most influential and provocative figures in modern psychology, died yesterday at his home above the institute he founded in Manhattan. He was 93 ...
Albert Ellis was the original straight-talking, foul-mouthed, cigar smoking, in your face therapist. We all owe him a debt of gratitude (not for the cigar smoking). Without him, psychotherapists would have been perpetually warm, fuzzy, and, in many cases, ineffective.
“Do you know why your family is trying to control you?” he asked a volunteer who had joined him in front of the audience. “Because they are out of their f$%#$in' minds!”

Doc Won't Face Charges in Katrina Deaths
Pou (pronounced ''Poe'') and two nurses were arrested last summer after Attorney General Charles Foti concluded they gave ''lethal cocktails'' to four patients after the storm. Pou acknowledged administering medication to the patients but insisted she did so only to relieve their pain.

... The grand jury's decision was a defeat for Foti, who accused the doctor and the nurses. The New Orleans district attorney presented the case to the grand jurors and asked them to bring charges.

"We did our job as the law called for us to do," Foti said at a news conference. He said some of the evidence wasn't presented to the grand jury, but District Attorney Eddie Jordan said he gave the jurors everything he had.

"I feel the grand jury did the right thing," Jordan said.

Jun. 1st, 2007


The perils of blogging

I know that a lot of folks have been voicing concerns about health care professionals blogging. Honestly, I can't say I blame them. It bothers me that folks are posting about their patients online. Whether or not it is a technically direct breach of confidentiality, it looks, smells, acts, and talks like one. Psychologists have client confidentiality and privilege beaten into their brains during training. There is no way, come hell or high water, that I would post anything even closely resembling any information about a client - ever. Ethically, I believe that if it looks and sounds like a duck, it is most probably at least closely related to a duck.

So, why the soapbox?

Recently, a fairly prominent health care blogger - a physician - stopped blogging. It wasn't immediately apparent why exactly, but now it is.

The blogger was unmasked during a malpractice case. Apparently, he, rather unwisely, "ridiculed the plaintiff's case and the plaintiff's lawyer, ...revealed the defense strategy, ... [and] had accused members of the jury of dozing" all in his blog.

Did I mention unwise? If I didn't, I probably should again. Seriously, what was he thinking?

This to me is an excellent example of one of the undeniable realities of the internets (Yes, I said internets). People act like jerks online. Blame it on psychological disinhibition or what have you. It's easier to be inappropriate, unethical, and nasty when you have the illusion of anonymity, don't have to look other people in the face, and thus, don't consider any of the consequences of your actions. This is why I am more than a tad concerned about health care professionals blogging about patients.

No one knows who you are online so no one will know who the patient is, who's suing you, or what exactly you're talking about, right? Um, nope. Clearly, that isn't the case as our blogging physician friend so painfully discovered.

Can you imagine how it would feel to be that patient's family and to discover that the doc is writing about you? That's pretty horrible and traumatizing (except in this case where it worked to the benefit of the former patient's family). I would probably sue you, seriously.

Laws about confidentiality for health care providers are pretty clear. You don't talk about it because it isn't your's to talk about. Even if you de-identify the heck out of it, it's still someone else's life you're discussing, not just you. (It's also just plain boneheaded to blog about your malpractice trial and reveal the defense strategy).

I'll get down off my soapbox now because really, I don't need to be up there. Health care professionals know better and if they don't, they shouldn't be seeing patients.

More on the situation, including other points of view:

Risks of anonymous medical blogging
Lots of links on the legal, ethical, medical, and personal issues at Kevin, M.D.

May. 16th, 2007


Yes, I have a high deductible plan

I've done two things quite frequently over the last month. I traveled and I went to the doctor. Both are expensive. One is paid for by my employer (assuming I can get my expense report filled out correctly). The other used to be paid for by my employer, but now, I'm footing the bill.

I signed up for a high deductible plan with a $2500 deductible and I've been putting money in my Health Savings Account (HSA) at around $175 every two weeks (I wanted to max my HSA at a quick enough rate that I wouldn't go broke paying the bills in the interim).

As of last Friday, I burned through my deductible and now, everything is covered at 100%. Granted, I still have nearly $800 of outstanding claims for which I am responsible. Claims that came in faster than my HSA contributions did. The doctor's office was obliging and I'm on a payment plan. At least with the payment plan, I can pay when I get the money from the HSA rather than straight out of my pocket.

Somehow, up until the last month, I managed to spend and accrue at about the same rate. I even managed to earn a dollar or so worth of interest. This is what comes of taking regular medication and actually utilizing healthcare services. I am not the poster child for a high deductible plan. I just happen to have recognized the financial and tax advantage for me to choose this route (I was hoping that I could stay a bit ahead of the expenses, but oh well).

After about 6 months on a high deductible plan, here's my take ...

Do not choose one lightly (unless you're forced to do so).
Make sure you are keenly aware of your expected healthcare expenses before choosing the plan.

I like my HSA. I love the freedom I have to go where I want and need to go. I really appreciate not having to go through the referral and approval nonsense to see a specialist. Unfortunately, a number of specialists still want the referral from a primary care provider even though the health plan doesn't require me to have one. I chose to go somewhere else because I actually have a choice.

Financially, a high deductible plan is a risk that needs to be calculated. I would say that it worked out for me - even though I have outstanding medical bills. The bills aren't enormous and I know that within two months, I'll have that money in my HSA. It's a little scary, but it's manageable.

Am I increasingly more aware of how much healthcare costs? Absolutely.

Was I horrified at how much lab work costs? Um, yeah.

Will I do it again? Absolutely.

Is it for everyone? No, definitely not.

Apr. 27th, 2007


I have a question

There's been a lot of talk over the past few years about physicians and researchers being in bed with the drug companies. A lot of hospitals and educational institutions have created standards limiting the interactions between doctors/researchers and drug reps. Some facilities have banned any freebies whatsoever, including medication sample packs.

I'm curious what other people think about this. Obviously, I have an opinion, but I wonder if anyone else thinks similarly.

So, what do you think? Let's limit this specifically to physicians and hospitals. Freebies from the drup reps? Limit interactions/relationships between physicians and drug companies?

Mar. 30th, 2007


History & Health Policy

A few weeks ago, I ordered the book, History and Health Policy in the United States: Putting the Past Back In Edited by Rosemary A. Stevens, Charles E. Rosenberg, & Lawton R. Burns. Mostly, I got the book because of a chapter written by Nancy Tomes on the history of using the term 'consumer' vs. patient. Two of the chapter's most intriguing quotes were right in the first paragraph, "Every time a patient is referred to as a health-care consumer, another angel dies" (courtesy of a physician quoted by columnist Ellen Goodman) and "The managed-care organizations call people consumers so they don't have to think of them as patients" (another physician quoted by William Safire).

After being pleasantly surprised by that particular chapter, I decided to go ahead and work my way through the rest of the book. I very intentionally use the word 'work' here because the book is one of those that makes you use your brain. It's one of those books that professors would love to use for graduate students.

Anyway, let's go back to the chapter on the word 'consumers.'

One of the reasons I like the chapter so well is because I firmly believe in the ideal of the health care consumer. I think we should be out there making value-based choices in health care just like we do for nearly everything else we buy. I also think we should know how much our health care costs.

I am one of those wacky people who actually chose a high deductible health plan complete with a Health Savings Account (HSA). I'm three months in now and so far, things have gone very smoothly. I'm pleased with my HSA and pleased with my much less expensive health plan. I have made some health care decisions based on price/quality and I have made some decisions based on my personal preferences. It's been a good experiment. Thus far, nothing has exceeded the amount that I had on hand in my HSA. When that happens, I may like the plan less. I'm expecting that when I go in for blood work and labs on Monday morning that may be when it happens. The good news is that since the bill comes about a month later, I have some time for my HSA to grow a little between now and then.

Tomes argues that it is misleading to refer to patients as health care consumers simply because patients aren't behaving like health care consumers and, realistically, they can't. Currently, the information that consumers actually need is not fully present. You can find pockets of information (this is one of the ways in which I'm lucky since I have Healthcare Facts giving me both price and quality information). There isn't a Consumer Reports or Car and Driver for health care. We don't know how much things 'cost' versus how much they are actually worth. Honestly, a lot of folks may not really know the difference between a good doctor and a bad doctor beyond their own personal experience of care. Do you know where to even find that information?

Tomes is not wrong here. We aren't health care consumers. I would like to think that we aren't health care consumers yet. I think we *can* actually get there and that the health care industry is slowly, very slowly moving that direction. The move to true consumerism in health care is excruciatingly painful for everyone involved; it's the opposite of how we've been running things for so long. Managed care was all about someone else making the decisions for you. Could this be any more different?

I'm done soap-boxing for the moment. I'll probably have more to say as I make my way through the book. In the meantime, try and figure out how much an MRI costs.

Mar. 16th, 2007


Electronic Medical Records, brought to you by Google

Practice Fusion announced a partnership with Google today. What makes this partnership particularly interesting is that Practice Fusion is partnering with Google to provide free electronic medical record systems to healthcare providers. The service is provided free complete with Google AdSense advertising that recognizes keywords in the medical records like asthma and diabetes.*

I'll give you a second to think about that.

Basically, Google is using your medical record to sell things to your doctor. It's darn clever. This doesn't mean that I think it's a good idea, but practically speaking, there are lots of small practices out there who can't afford to implement electronic medical record systems. This at least makes the system accessible ... complete with random ads like, "FIND CHRONIC HALITOSIS ON EBAY!"

According to Practice Fusion, the keywords are limited to a patient's condition, diagnosis or treatment, and advertising is intended to be discreet

Still, I'm torn on this one. I really don't like the feel of it. Honestly, it feels kind of slimy. But on the other hand, it makes a needed service accessible to a group that may not have been able to take advantage of it otherwise.

To be fair, you can upgrade your account to opt out of ads (just like on LiveJournal) for $250 per month. That doesn't make it feel different though.

Anybody have any thoughts on this one?

*According to Practice Fusion, Google will not have access to any personally identifying information contained in the medical record and will only have basic demographic information about the healthcare providers. I'm not going to spend time digging through this part of it because frankly, I can't imagine Google's lawyers would let them touch this one if all of the ducks weren't in a row.

Mar. 8th, 2007


A response to yesterday's post from Revolution Health (and my comments, of course)

Apparently, Revolution Health is paying attention to the blogosphere. I received the following reply to yesterday's post.
My name is Anna Slomovic, and I am the Chief Privacy Officer of Revolution Health. I would like to clarify an important point you make regarding HIPAA and personal health information. You are correct in that Revolution Health and WebMD are not "covered entities" under HIPAA. However, the real issue is how their policies and practices compare to what is permitted under HIPAA and whether or not you can trust them to follow those policies. Revolution Health web site is advertising-supported and, therefore, free to consumers. Our privacy policy states that we will not use or disclose personally identifiable information without explicit consent except in limited circumstances, and we work hard to make sure that consumers understand what choices they are making when they choose to disclose their personal information.

Compare our stated uses and disclosures with those allowed under HIPAA for “covered entities.” Unfortunately, it is not correct that “providers, health insurance plans, and employers aren't allowed to share my personal health-related information with anyone without explicit permission from me.” HIPAA “covered entities” are permitted to release personal information without your consent for a wide variety of purposes. The uses include:
• Treatment,
• Payment for treatment,
• Health care operations (their own and those of other entities),
• Public health,
• As required by any other state or federal law,
• For health system oversight,
• For reporting victims of abuse and neglect,
• To law enforcement, judicial and administrative proceedings, and specialized government functions (e.g., national security), and,
• With some restrictions, for research.

The above are broad categories that include multiple sub-categories. Health care operations, for example, includes
• Legal, accounting, and auditing services
• General administration,
• Outcomes evaluation
• Clinical guidelines development
• Accreditation of professionals
• Training of health care and non-health care workers
• Fundraising for the health care entity
• Data analysis for health plan sponsors or customers, and
• Detection of “fraud, waste and abuse.”

All these tasks are performed by a variety of companies, none of them regulated under HIPAA, not all of them located in the United States, and operating under contract to “covered entities.” These companies include:

• Consultants
• Lawyers
• Accountants
• Medical transcription companies
• Software development and maintenance contractors
• Medical equipment manufacturers and service companies
• Pharmacy benefits managers
• Document scanning or data input companies
• Offsite records storage companies
• Document destruction companies
• Credentialing organizations
• Accreditation agencies
• Licensing agencies
• Medical schools
• Training companies
• Banks
• External fundraising agents
• Collection agencies

Until the United States has a comprehensive data protection regime, keeping our promises about responsible handling of consumer data is the best way I know to earn consumer trust, whether or not my company is covered by HIPAA.

I very much appreciate the time Ms. Slomovic has taken in addressing some very realistic concerns and now, I shall address some of her points.

First, I am very well aware of the limitations of HIPAA and the circumstances under which personal information can be shared. I'm a psychologist, a researcher, and I've worked for a health plan. Each one of those roles has very strict regulations and requirements regarding protection of personal information. When I stated that information cannot be shared without explicit permission, I didn't go into all of the ways that you grant permission when you buy health insurance or agree to services and are handed the almighty HIPAA brochure. Most people have no idea how far their information travels. I actually do because I've served at various places in the chain and I’m very cautious with my own personal information.

The basic HIPAA rule of thumb is that if the information needs to be shared as part of the regular course of business activities, it is allowable - with the provision that only the information necessary for completing that business activity should be provided and accessible. If the function does not require your name as part of the process, your name isn't included and the same goes for any other information. I'm not going to go into the particulars because that's not really the point.

HIPAA isn’t perfect, but it is a necessary protection which is unfortunately not truly sufficient. It is, however, more binding than a privacy policy that may be changed by the organization itself. I am definitely not saying that HIPAA has more teeth, it doesn’t. However, there are consequences to data disclosure beyond what a privacy policy can and does provide. Ms. Slomovic is absolutely correct when she says, "... the real issue is how their policies and practices compare to what is permitted under HIPAA and whether or not you can trust them to follow those policies." That's perfectly stated.

With all that said, let me say that when I wrote my entry yesterday, I almost included a postscript specifically addressing my perception of Revolution Health and its practices. I am a member of the site and I have used the services. I also am extremely familiar with one of the companies providing vendor services. I know for a fact that this particular company would not do business with RH if they did not believe the company was not committed to and operating fully in the best interest of its customers. I can’t be more specific than that, but I can say that my knowledge of that business relationship causes me to have more faith in RH than I do in the other sites out there.

I do not feel that RH is the answer to the woes of the healthcare system; I do think the site has a lot to offer and they have done nothing to cause me to not trust them. However, I still read the entire privacy policy and the full text of the terms and conditions (both documents are very clearly and simply written - some of the best I've ever seen). I don’t believe that RH is going to go around selling people’s personal health-related information if for no other reason than that would be commercial suicide. I honestly believe that RH is out to do some good in the space. However, I believe that people need to think long and hard about the fact that there are no guarantees when it comes to the protection of their personal information - in all areas of life, not just healthcare. When you share information, the only protection that is being offered is that company’s word – nothing else. Depending on the company, that may be good enough.

The bottom line in all of this is that HIPAA offers some basic mandated protection of personal, medical information that is not regulated or mandated elsewhere. If an individual is providing a business with any kind of information, it needs to be done thoughtfully – especially, if that information is as extraordinarily personal as health information can be. Many people have the delusion that the web provides some sort of protective anonymity and they can share their innermost secrets and no one will know. Please don’t be that naïve when it comes to something as important as this.

Mar. 6th, 2007


A slight complication

The Health Insurance Portability and Accountability Act (HIPAA). We know it. We love it. We get tons of paperwork every time we see a new doctor because of it.

Seriously though, HIPAA is, for the most part, a reasonably good thing. Providers, health insurance plans, and employers aren't allowed to share my personal health-related information with anyone without explicit permission from me. More specifically, anyone defined as a "covered entity" isn't allowed to share my personal health information. Let's look at the list of covered entities, shall we?

I looked in a couple of places, but I think the CMS website gave me the easiest batch of information.
- a health care provider that conducts certain transactions in electronic form (called here a "covered health care provider").
- a health care clearinghouse.
- a health plan

An entity that is one or more of these types of entities is referred to as a "covered entity" in the Administrative Simplification regulations.

Okay, class, it's a pop quiz! Please determine where Revolution Health and WebMD are included as covered entities.

Give up? Well, according to several industry experts, they aren't. "Existing regulations do not cover personal health-record firms unless they also are health-care providers or health plans. Once a consumer consents to the disclosure of medical records to a personal health records company, those records lose the protection of federal health privacy rules." (Why marketers want inside your medicine cabinet, San Francisco Chronicle).

So, if you're using a PHR provided by your health plan or through your clinic or physician, that information is still protected. Otherwise, buyer beware.

This bothers me more than a little. I think the part that bothers me the most is that someone didn't say something earlier and nothing is being done to address it (probably because no one said anything). You know the PHR companies thought of it. Their sites depend on advertising revenue and you are their funding stream.

The bottom line is be careful where and with whom you share any personal information. Before you use a PHR service, ask if they abide by HIPAA regulations and if they are a covered entity.

Just be careful.

Feb. 27th, 2007


Office of Women's Health Funding Withheld by FDA

Women's Health Office Funds Cut

The FDA announced that it will withhold $1.2 million of the $4 million Congress allocated for the agency's Office of Women's Health (OWH) in fiscal year 2007. As the OWH has already allocated or spent the remaining $2.8 million, the Washington Post reports, the women's health office effectively must stop further projects this year.

According to the Post, some women's health advocates feel that the funding issue is a "long-anticipated payback" for the OWH's work around nonprescription sales of the Plan B emergency contraceptive. There is also concern that this is the first step toward eliminating the office in its entirety. The OWH was created in 1994 "amid growing evidence that some sex-based differences in biology warranted special regulatory attention -- and a recognition that other offices within the FDA did not have the time, money or expertise to focus on women's special needs."

Previous 10

October 2007



RSS Atom
Powered by