iht2 health it summit in austin 2012 – deborah c. peel, md, founder and chair, patient privacy...
TRANSCRIPT
IHT2 Summit
Considerations and Opportunities: Will Digital Health Data and Patient Altruism Transform
Healthcare Research?
Deborah C. Peel, MD
December 6, 2012
IOM Survey: People Won’t Participate in Research Without Privacy
• Only 1% agreed that researchers would be free to use
personal medical and health information without consent
• Only 19% agreed that personal medical and health information could be used as long as the study “never revealed my personal identity” and it was supervised by an Institutional Review Board.http://patientprivacyrights.org/media/WestinIOMSrvyRept.pdf?docID=2501
National Survey Commissioned by the IOM Committee on “Health Research and the Privacy of Health Information: The HIPAA Privacy Rule”
key privacy problem No map of where health data flows, no ‘chain of custody’ for PHI see: theDataMap.org
http://www.healthprivacysummit.org/events/2012-health-privacy-summit/custom13ec40d08a35f947e487f68a5f534a9e82.aspx
what does privacy mean?According to NCVHS, health information privacy =
an individual’s right to control the acquisition, uses, or disclosures of his or her identifiable health data
(June 2006, NCVHS Report to Sec. Leavitt, definition originally from the IOM)
U.S. divides into three groups:--The Privacy Intense ….. about 35-40%-- The Privacy Pragmatic ……………. about 50-55%-- The Privacy Unconcerned ……….. about 10-15%
http://patientprivacyrights.org/wp-content/uploads/2011/06/AFW-SUMMIT-6-13-11.pdf
who are the Privacy Intense?
• distrust govt and business IT• worry about 2ndary use of PHI• don’t want research access without
consent, strongest concern is discrimination
• want legal controls and strong enforcement
Myths and Fallacies of “Personally Identifiable Information”by Arvind Narayanan and Vitaly Shmatikov june 2010 | vol. 53 | no. 6 | communications of the acm
Powerful re-identification algorithms demonstrate not just a flaw in a specific anonymization technique(s), but the fundamental inadequacy of the entire privacy protection paradigm based on “de-identifying” the data.
Any information that distinguishes one person from another can be used for re-identifying data.Privacy protection has to be built and reasoned about on a case-by-case basis. http://www.cs.utexas.edu/~shmat/shmat_cacm10.pdf
HIPAA “Research loopholes”
• The term “research” is defined at 45 C.F.R. 164.501 as “systematic investigation, including research development, testing, and evaluation, designed to develop or contribute to generalizable knowledge.”
• Information is not PHI and not subject to the HIPAA Privacy Rule if it is “de-identified” as provided in 45 C.F.R. 164.514(b). An organization can use a “limited data set” for research if they strip out certain identifiers and enter into a “data use agreement” under 164.514(e).
Clinical Data Services The CDS Advantage
Disease Counts in Database Hypertension 2,284,249 Hyperlipidemia 2,212,629 Depression 1,185,828 Cardiovascular Disease 1,004,214 GERD 984,864 Diabetes 922,169 Asthma 750,963 Osteoarthritis 602,043 COPD 319,310 ADD/ADHD/HKD 188,424 Rheumatoid Arthritis 85,757 Alzheimer's 35,790 Parkinson's 22,017
Note: Data reported as of February 28th, 2010 Codified Medical ProblemsPrescriptions/Historical MedsPatient Allergies, Medical Orders and EventsVital Signs and Physical FindingsLab Values
https://www2.gehealthcare.com/portal/site/usen/menuitem.b399d8492e44a6765c09cbd58c829330/?vgnextoid=ae0f4fb9efff5210VgnVCM100000382b3903RCRD&fromChannel=7e0f4fb9efff5210VgnVCM100000382b3903____
PrimeResearch part of an EHR/Practice Management Suite
Key Benefits for Physicians:
“Make clinical research participation a revenue source” -ie, doctors sell access to their patients and patients’ records
The result – increased practice revenues and access to patient care improvements.”
GREENWAY HELPS PHYSICIANS SELL:• “de-identified” clinical data• “de-identified” financial data • population data • data on 19 M patients • 8 million prescriptions/yr• data on 8,000 providers
http://www.greenwaymedical.com/solutionprime-research/
What is BHI® (Blue Health Intelligence)? shares critical health information with employerspremier health intelligence resourceBHI sets the new standard for healthcare data aggregation, reporting and analysis
Size and Value of data for sale1) longitudinal data on 54 million BCBS members [without consent]2) reporting not only by MSA, industry and product type, but by Diagnosis Related Groups (DRGs) code, age group and gender [allows re-identification]
How does BHI ensure the privacy and security of members’ healthcare information? 1) adheres to HIPAA regs = no consent for use and sale of data2) Use a system-generated identifier, allowing longitudinal analysis [allows re-identification]3) fully de-identified in accordance with HIPAA [17 identifiers removed, still allows re- identification of .04%]
http://www.bcbs.com/innovations/bhi/bhi-faqs-1-12-09.pdf
Health Research Data for the Real World: the MarketScan Data Bases
David M. Adamson, PhDStella Chang, MPHLeigh G. Hanson, MS, MBA
Research and Pharmaceutical Division Thomson Medstat, now THOMSON REUTERSJanuary 2006
KEY QUOTE: “Data from individual patients are integrated from all providers of care, maintaining all healthcare utilization and cost record connections at the patient level.
Businessweek July 23, 2008: “They Know What's in Your Medicine Cabinet, How insurance companies dig up applicants' prescriptions—and use them to deny coverage" http://www.businessweek.com/magazine/content/08_31/b4094000643943.htm?chan=magazine+channel_in+depth
Austin BulldogHospital Patient Privacy Sacrificed as State Agency Sells or Gives Away Data
Technology Used by For-Profit CompaniesStrips Away Inadequate Layers of Securityby Suzanne Batchelor
http://www.theaustinbulldog.org/index.php/Main -Articles/Main-Articles/department-of-state-health-services.html
DSHS collects , sells, and gives away inpatient hospital data without consent for:
• public-health, medical research, trade groups, lobbyists, businesses, anonymous downloaders
simple cheap patient-centered solutions
• patient and physician portals• OAuth—strong ID• Direct Project• Blue button• RHEx
Overview of White House research project
• We are designing and executing a experiential research pilot to quantify what factors impact patient data flow to research
• Phase 1: Identify initial participants• Phase 2: Design Experiment• Phase 3: Build Experiment components• Phase 4: Run Experiment• Phase 5: Analyze and publish results
Goal• Test a spectrum of options from open consent
to giving data away to limited sharing with high control from patients and models in between.
• Participants– Patient data stakeholders– Patient services – custodians of patient data– Research service– Research stakeholders – Combinations
Research Pilot for patient->research data flow
• Each data holder/research participant will test one or a few factors they think might influence data donation
• Filter to a manageable set of factors – Do people trust researchers?– Do people trust the technologies?– Will Certification mitigate trust issues?– What other options might enable data flow?
• Small team designs and manages pilot overall– Use A/B model
PPR’s Trust Framework15 Principles, 75 auditable criteria
1 Easily find and understand privacy policy. 2 Policy discloses how info used and not used.3 Requires explicit permission for data shared or sold.4 Able to decide to participate or not.5 Warned if data goes to non-compliant 3rd party.6 Must agree to be contacted, profiled, tracked or targeted.7 Able to make field-level decisions about sharing.8 Abe to change any self-reported info.9 Decides who has access to info.10 Participation accessible to those with disabilities.11 Easily find who accessed or used information.12 Notified if info lost, stolen, or breached.13 Can easily report concerns and get questions answered.14 Expect organization to punish misusers of info.15 Expect data security.
1 Easily find and understand privacy policy
a) Includes short summary describing personal access and control. b) Easily accessible from the home page.c) List organizational personnel (by role) that accesses data.d) Not use passive voice or structures. e) Use plain language topic headings.f) Attain a Flesch Reading Ease score of 45 or higher..g) Attain a Flesch-Kincaid Grade level score of 12 or lower.h) Use a minimum 9 point font.i) Use native language of significant engaged populations.j) Provides easy access to definitions of technical and art terms.k) Allows a defined timeline to opt out prior to policy changes.
Deborah C. Peel, MDFounder and Chair (O) 512-732-0033
patients refuse diagnosis and treatment
• HHS estimated that 586,000 Americans did not seek earlier cancer treatment due to privacy concerns.
65 Fed. Reg. at 82,779
• HHS estimated that 2,000,000 Americans did not seek treatment for mental illness due to privacy concerns.
65 Fed. Reg. at 82,777
• Millions of young Americans suffering from sexually transmitted diseases do not seek treatment due to privacy concerns.
65 Fed. Reg. at 82,778
• The Rand Corporation found that 150,000 soldiers suffering from PTSD do not seek treatment because of privacy concerns
• The lack of privacy contributes to the highest rate of suicide among active duty soldiers in 30 years
“Invisible Wounds of War”, the RAND Corp., p. 436, (2008)
soldiers refuse diagnosis and treatment
The California Health Care Foundation found 1 in 8 Americans have put their health at risk because of privacy concerns:• Avoid seeing their regular doctor• Ask doctor to alter diagnosis• Pay for a test out-of-pocket• Avoid testshttp://patientprivacyrights.org/2005/11/national-consumer-health-privacy-survey-2005/
patients act to protect privacy