Data Sharing in Healthcare
I’ll begin with the top concern. That would be data security and privacy. Technologies to share data exist, but as an industry, and from the perspective of technologies, dealing with the privacy issues are much more difficult as they rely less on clear cut technology and on legal, ethical, and moral metrics that are very fuzzy and vary by individual.
The advantages in data sharing are in providing complete longitudinal use of patient health. The challenge here, though, is that this will only apply where patients are compliant. There are more patients who are not compliant. So, the result in population health is gap-filled and incomplete data.
I would like to see hospitals and medical professionals able to share data across the current boundaries of linking the Veterans healthcare system with all other non-veteran healthcare providers. In sharing the data it improves the healthcare delivery in instances where a veteran wins up in the non-veteran system due to accidents or by design where veterans can seek services outside the veteran health network. My dad was often transported to local non-veterans hospital emergency services where knowledge of medical conditions and treatments by the VA would have significantly improved the healthcare he received through the knowledge sharing.
Although that was some time ago, I think there are many instances where VA healthcare services to not communicate with healthcare services outside the confines of the VA network. This situation needs to be corrected.
The technologies and policy mechanisms are already available to facilitate these data sharing events. What appears to be the case is that the organizations apparently do not share because they are afraid of the legal risks that they perceive will be faced by them if they do this. Curiously, HIPAA itself states clearly that all reasonable steps to provide care when necessary, and that there is no intent in the law that such should be denied under any circumstances, It does however require that all reasonable precautions to protect S&P of the information even so.
This tells me that these organizations have not taken the trouble to work out the procedural flows to make that happen. What worries me about this situation is that, sadly, this may mean someone has to die and their survivors must sue for redress to force a change in the rules. Even sadder is that with proper review of how these situations arise and the potential impact on patient well-being, we have the ways available now to prevent such information blackouts and thus better ensure patient care delivery.
In addition to above it’s important to consider the data sources, who is asking or wants to know, what and why they want to know. Too often the data does not support the investigation to provide meaningful or action knowledge in healthcare. Last but as important is the interpretation of the data and information determined.
As a security professional and former executive in healthcare, my concerns regarding data sharing in this arena are less about security and privacy and more about the value and goal of the data sharing. I certainly do not ignore the S&P of the information, but I have found that understanding the goals of the sharing effort contributes greatly to how the S&P must be addressed while still enabling value delivery.
Much of the future success of medicine will depend on data science, data mining and the like to correlate, analyze and model the information wealth already available and to come. Information sources can be anonymized or tokenized to obfuscate individual identity without eliminating the data sought. One of the envisioned functions of an HIE is to facilitate such actions pursuant to effective data aggregation and sharing.
Developing proper de-identification policy to address the sharing requirement will result in improved technical implementations and enforcement of S&P rules. Developing a policy around this will encourage sharing by standardizing the methodology of preserving S&P and giving better technical clarity. I have already worked with organizations on this problem, and with work achieved success in facilitating sharing and preserving S&P by eliminating it as an issue through such methods..
Informing patients that only de-identified forms of their information will be used, if at all satisfies the regulatory requirement. If needed, consent would be obtained. HIPAA's rules on research permit this already, and if done by the existing rules on research (extending them to data science/research devoid of identification factors), S&P becomes a non-issue.
Am not a fan of "non-compliant" myself, although it is what seems to be used. Getting people to take action on their health is a horse of a different color. I think the way it happens (again, from my own observation) is to let people know you care about them. This is not easy work.
I have been in prison cells taking vital signs on prisoners and have had to calm them down in order to get good readings. I have been with 80 year old grandfathers who have refused to take their insulin because their children have not spoken to them in 6 months and they have not seen their grandchildren in years.
The last thing these people care about is taking action on their health. To the contrary, they just want to die.
My approach is to talk with them and attempt to highlight the good even if this is just a small ray of light. People are complex and my fear about technology is that it ignores this whole aspect of the human being. Having spoken at conferences and sat on panels where people make claims about how wonderful certain technologies are, I attempt to bring a little bit of reality back into the conversation by asking about who has observed and spoken with the patient.
Case managers who have access to video as well as vital signs and who make regular calls upon patients is, in my opinion, one approach that is a step in the right direction. My earlier comment about Community Paramedics is another. It is simply necessary to look, listen, and feel the patient. There is no technological substitute for these. Anything (technology, other) that can facilitate the human touch can work a world of good on the patient and help them to become better custodians of their own health.
When a person has a reason to live, they want to live.
John Zaleski, Ph.D., CAP, CPHIMS Great post. What do you mean by patients who are "not compliant'? Not compliant in what regard?
Carolyn C. Tinsley, MHA CLSS GB Great question - but quite broad!! Who would be doing the data sharing? My focus is always on the patient perspective but most data sits with providers, payers. The challenges are different depending on the "who" and the "what".
Non-compliant patients are those who do not follow their prescribed regimens, whether for medications or monitoring. Patients have various reasons for being non-compliant. For instance, they can lack motivation. This can be true of patients who are depressed, suicidal or are suffering from other psychological ailments. Patients who are addicted to drugs or alcohol also represent a cohort who can fall into this category.
I use the word "can" to indicate that everyone is different. But the key message is that patients need to be treated holistically.
There are many great technologies that have come on the market / are coming on the market to assist with remote patient monitoring for the purpose of sharing data with physicians and others. But, these only work for the motivated patient.
In addition to my career role, I am a volunteer emergency medical services first responder and I have seen many patients (and assisted in treatment of many patients) whom I would categorize as being non-compliant. I have also come upon a fraction of patients who are very compliant. In my experience, though, there is a significant population that falls into the non-compliant category. Of course, this varies by geographic location and many other factors. There is not enough space here to go into the details.
VAH patients have already established access to quality affordable healthcare and now can get copies of their charts on an app.
The rest of the non-Veteran Non-Medicare Aged American populous would love to have access to quality affordable healthcare, and couldn’t really give a darn about access to their medical records .
Access to charts is no substitute for access to quality affordable healthcare.
6 months ago
HHS releases long-awaited interoperability rules with new requirements for data sharing for insurers.
HHS just released two proposed rules that requires insurers to provide electronic health records to patients at no cost for certain plans by 2020. The rules proposed requiring healthcare providers and insurers to implement open data sharing technology to ensure data can move from one plan to another.
6 months ago