Mighty Casey Media: Comedy Health Analyst

Stop screaming. Laughing hurts less.

casey quinlan

Selling my health data? CUT. ME. IN. BITCHES.

by Leave a Comment

keep calm and sell your data imageRemember when American taxpayers spent over $25B(that’s billion) on digitizing medical records? If you don’t … well, we did.

The last time you went to the doctor, how easy was it for you to see your aftercare instructions online, or follow up on your prescriptions, or get your lab results in the online patient portal?

My guess is that it might have been easy-ish to see stuff in your doctor’s patient portal, but sharing that data from, say, your primary care MD with your ob/gyn or your rheumatologist — unless they were in the same system, in the same practice office — would have been a big NOPE. You would have done what all of us did back in the ’80s, and the ’90s, and the ’00s, and still today — you would have printed it out, or paid for a copy, and then lugged that paper with you to the other MD’s office. Where it would have been stuffed into a paper chart, and/or hand-entered into that practice’s EHR (Electronic Health Record). 20% — that’s one in five — MDs still use paper charts (as of 2016).

OK, so now you’re as up to speed as you’ll need to be for the rest of my point here — American taxpayers have shelled out major moolah to digitize medical records. When it comes to those American taxpayers’ benefits from said digitization, that’s YMMV territory, that right there.

Which makes the major moolah that the healthcare system is minting off of de-IDing and selling the data inside those records pretty infuriating. What, you say, you had no idea that was happening? Not surprising, because the healthcare system DOES. NOT. WANT. YOU. TO. KNOW., since if you did know, you might protest. Or even (gasp) ask to be cut in on that moolah.

Have you ever heard of a company called QuintilesIMS [NYSE: Q]? If not, you’re not alone. IMS Health was founded in the 1950s, and built a market for prescription data collected by their field agents in pharmacies across the US, and then the world. Quintiles was founded in the 1980s as a CRO (Contract Research Organization) recruiting for pharmaceutical clinical trials. IMS merged with Quintiles last year (2016), yielding up the new QuintilesIMS.

The company hoovers up petabytes-worth of our health record data every year — not a HIPAA violation, since this data is “de-identified” (just go Google “Latanya Sweeney” for some 411 on how effective that whole de-ID-ing thing really is) — and then sells it to the highest bidder. The revenue from those sales amounts to a significant chunk of the company’s earnings (2016 total revenue $1.953B — major moolah, indeed).

That’s

  • our health data
  • created by our interaction with our healthcare team
  • paid for by us, and our healthcare coverage.

American healthcare cost $3.4 trillion-with-a-T in 2016. American taxpayers ponied up more than $25 billion-with-a-B to make it easier for data brokers like QuintilesIMS to suck up and sell the data in our medical records.

I think it’s long past time for all the players in this little major-moolah circle jerk to recognize just “whose data is it anyway” and start spreading the gelt. Amazon cards; points amassed for vacations or cars or furniture, o my; tuition credits; tax breaks; a partridge in a pear tree, dipped in platinum — any of those would work. Even cold, hard cash.

But first, we gotta rise up, and demand it, in chorus. There’s a rising level of noise about creating a new economy, for/by the people, based on the data created by we-the-people.

The conventional commercial doctrine is that data are proprietary to the companies that collect them. This needs to change profoundly and completely since the playing field can only be leveled by making data available to all potential competitors. One way of achieving this is to ensure data belong to the people who generate the information, i.e., to individuals who drive cars, surf the internet, and buy goods. Enforcing this principle will ensure that data can be accessed by all, but also that individuals are compensated for the activities that generate information, at the same time as receiving a strong degree of privacy protection. ~ Foreign Policy, “It’s Time to Found a New Republic” August 14, 2017

Let’s make it happen. Start the chorus. Three … two … one … SING!

I’d say we start singing in the direction of the FCC, the FTC, and our (totally not doing their jobs these days) Congressional “representatives.” And start singing out about data-brokers like QuintilesIMS.

We MUST pay attention to the man behind the curtain. ’Cause he’s holding on to ALL of the money!

This post originally appeared on my Medium channel

When it comes to healthcare policy, I’m “Occupation: Foole”

by Leave a Comment

From HX Refactored in Boston in June 2017, this – “Jeopardy Meets The Price Is Right, Healthcare Edition”

video still HXRefactored 2017

HXR 2017: Casey Quinlan: Jeopardy + The Price Is Right: Health Care Mashup Edition 

Internet of Things (IoT) + healthcare = what, exactly?

by Leave a Comment

You can’t turn around these days without running into a headline about the Internet of Things (IoT). It seems as if everything from your car to your cardiac pacemaker is talking to everything else on the internet, and we’re all about to

If you’re confused about the whole IoT thing, and what it means to healthcare, you’re not alone.

As buzzphrases go, “Internet of Things” is having its Andy Warhol 15 minutes of fame on an auto-replay loop right now … but what will the actual interconnectedness of the technology we use in our daily lives deliver to us in the way of helping us live better/healthier lives? Will we find ourselves living out a cautionary “I, Robot” sci-fi tale as we become slaves to our IoT robot masters?

The answer is … (wait for it) … “it depends.” And what it depends on is how we humans build and interact with our robot mast … um, the Internet of Things.

The biggest challenge is that healthcare, as an industry, sees the people it serves – we’ll call those people “patients” – as the product, not the customer. Which, I think, goes a long way to explaining why this most human of all industry sectors – the one we seek help from when we get sick – has so resolutely resisted becoming digitally accessible/approachable to its customer base.

If you need a ride, Uber. If you want to shop, Amazon. If you want dinner, Yelp or BlueApron. If you need a doctor’s appointment … well, you can call the office to make an appointment. Or use the portal (if there is one). Or hit up the local urgent care. But there will be plenty of waiting, and it’s unlikely to be a tech-assisted process in any meaningful way.

How could the IoT help you in this situation? Well, if you have an iWatch, or an Android smartwatch (yes, there are such things), you could share your health-related data with your doctor (if s/he has an electronic medical records system that allows for that – pro tip: there ain’t many of those). There are a few consumer-accessible IoT devices that can communicate with clinical teams, like the AliveCor mobile ECG.

The IoT revolution, which allows your refrigerator to alert you if you’re low on milk and your car to text you to remind you it’s time for an oil change, hasn’t really arrived in healthcare. Sure, your iWatch and your Fitbit can send and receive health-related data via the web to you, and to anyone you’ve shared it with, but that “anyone” is unlikely to be your doctor unless s/he is a *very* early-adopter, tech-wise.

For those of us who are early-adopters on the consumer side of tech, this presents an opportunity to be leaders in the healthcare arena by testing and assessing IoT quantified-self and self-tracking tools. When we find something that works well for us – in losing weight, in managing a chronic condition – we can then encourage our healthcare partners (our doctors and nurses) to join in our tech-enabled self-care.

What about the hackers who are lying in wait for all that user-generated data on the Internet of Things? The folks at Arxan sent me the infographic below, which is a great starting place to assess the security of any IoT app or device you’re assessing.

Meanwhile, gotta dash. My Fitbit is reminding me it’s time for a walk.

 

Security vs. access: threading the needle

by Leave a Comment

The annual big-data party known as the HIMSS conference played out in Chicago – and online – last week. During the event, one of the central issues that arose in the social media conversation under the #HIMSS15 tag involved the one facing patients trying to access their health records, either digitally or on old-school paper: the security/access conundrum. Data that’s accessible to a patient could also wind up accessible to Romanian hackers (you’ve heard me on this topic before), and efforts at making patient data “secure” mean that data is often secure from the patient whose data it is. Patients give their forehead some serious keyboard every day over that one.

The folks over at Software Advice released a report on HIPAA breaches on March 12*, which I only caught up with when I returned from my Mighty Mouth 2015 Tour of Info-Sec and Right Care. Full disclosure, I’m quoted in the report, but that’s not why I’m talking about it here.

Here’s my biggest takeaway from the piece: 54% of the patients surveyed for the report would consider ditching a healthcare provider if that provider had a breach.

Most Patients Would Switch Providers After Breach

pie chart of likelihood of switching providers

 

Key findings in the report:

  1. Forty-five percent of patients are “moderately” or “very concerned” about a security breach involving their personal health information.
  2. Nearly one-quarter of patients (21 percent) withhold personal health information from their doctors due to data security concerns.
  3. Only 8 percent of patients “always” read doctors’ privacy and security policies before signing them, and just 10 percent are “very confident” they understand them.
  4. A majority of patients (54 percent) are “moderately” or “very likely” to change doctors as a result of a patient data breach.
  5. Patients are most likely to change doctors if their medical staff caused a data security breach, and least likely to change doctors if hackers were responsible.

Given the rising number of breach reports hitting headlines, including the massive one that impacted 80 million Anthem customers (possibly including me – not 100% confirmed yet) in January, this is not an issue that will go away. From the expert patient perspective, this is doubly frustrating, because the first thing that happens after a breach headline is the throttling of patient access to our records. Additional sign-on protocols, tighter credentialing, or a full-on “no more digital access” from smaller providers, all laid at the door of “because HIPAA.”

This doesn’t just affect access, it can have an impact on care. Here are the report’s stats on patients withholding information from their medical providers due to breach concerns:

Security Concerns Can Stifle Communication With Doctor

pie chart on patient withholding info

Quoting from the report:

“Health care lawyer and blogger David Harlow is also troubled by our results. Doctors need to get a full picture of a patient’s health history, he explains. If they don’t, the effectiveness of treatment could suffer—or worse, the patient could be harmed. For example, if a doctor is not told about a patient’s current prescriptions, the doctor could inadvertently prescribe a second medication that has adverse interactions with the first drug.

“That’s an invitation for disaster,” Harlow says. “It means we have a lot of work to do to convince people of the safety and importance of sharing information with physicians.”

My thinking on this topic can be summed up in the closing quote from the report, from yours truly:

Concerns over digital privacy and security have obscured the real conversation, which is, ‘How can we make health care more accessible, frictionless and safe with the data we collect about patients?’”

*Source: Practice Management systems consultancy Software Advice

 

EHR technology: Match.com without a happy ending?

by 3 Comments

My last two posts explored the question of the doctor/patient relationship in the context of romantic relationships. The first one asked if we were anywhere close to getting engaged, the second looked at the possibility that the whole enchilada needed some intervention-level relationship counseling.

In the couple of weeks since, I’ve had some interesting digital and face to face conversations about digital communication tools, patient engagement, and the doctor/patient relationship that have led me to ask if the crop of EHR (Electronic Health Record) systems in current use across the land, as part of Obamacare’s drive toward healthcare system quality, safety, and access (or, as I like to put it, to the tune of “Old McDonald Had a Farm,” EHR, HIE, E-I-E-I-O!), aren’t analogous to online dating sites like Match.com.

healthcare cupid imageWhich leads me to the observation that the EHR tech I see – all of it, from Epic to Practice Fusion to athenahealth to NextGen to Cerner – can in many ways be compared to Match.com. You put in personal data – name, personal details, outcome goals – and the technology (supposedly) helps you toward your goal. With EHR, that’s best-health, with Match.com, it’s a romantic relationship, but both take data input, digitize it, and claim to provide solutions based on that input.

And I have to say that my observed success ratio on both EHR technology and online dating is similar. As in: mostly it feels like “failure to launch.”

So … go grab a cup of coffee, or a bottle of water. This will be a lengthy look at that question, but I promise to bring it home with at least a couple of laughs along with my pointed observations.

The leading lights of healthcare IT haven’t made the doctor-patient relationship any easier to create and maintain than Match.com has for romatic relationships. For every success story, there are hundreds (thousands? millions?) of examples of bitter frustration. With the billions (yes, with a B) spent on buying and implementing EHR systems, the phrase “meaningful use” – which was supposed to be the demonstration of clinical and patient communication tools to enable better quality healthcare – has become a punchline.

A couple of weeks ago, I shared a post from The Health Care Blog by Bob Wachter, an interview with Beth Israel Deaconess Medical Center CIO John Halamka, on my social media channels. In it, Halamka said that only 3% of patients wanted their health records kept locked up tight behind virtual doors, so he had to lock up the data of the other 97% to keep the 3% happy. When I shared that post on my LinkedIn profile, it opened a conversation about that statement, such as what the heck the underlying facts to support it were.

“It’s interesting that the 3% figure was not referenced. I am not in the health informatics field, nor do I have time to do an in depth literature review for discussion. However, a quick Google search yields several informative studies. One small study (n=30) of patient preferences found that patients wanted granularity in terms of what they want to share, or not share. No participant wanted to universally share ALL information. Another study (n=105) reported that 1 in 2 patients hid medical information from their own doctors.”

In other words, is that 3%/97% statement the equivalent of creating convenient details about yourself on an online dating profile? When I asked a few people in the e-patient zone about this, I heard this story about how a major health records system in Boston [spoiler alert: Halamka’s IT system] basically spewed garbage instead of useful patient health history data when they opened the data taps to the now-dead Google Health. So, apparently it’s exactly like confabulating facts on an online dating profile. Also, some additional reading led me to a story on CIO about an epic system failure, also in Boston [spoiler alert: I’ll let you figure out what/why], that tied up an entire hospital network’s system for five long days in November 2002.

Back to my metaphor, of EHR tech being analogous to online dating. If the communication partner you’re talking to says they’re a 42 year old architect in Cambridge, or the lab that’s just completed the path report on your biopsy, can you trust what they’re saying? Is there accessible, verifiable information to support the claim? Can you believe what you’re seeing? Can you even SEE what’s really there?

Both of those scenarios rely on trust, and a sense of security. And the ability to actually SEE. WHAT’S. GOING. ON. As Mordac, the “preventer of information services” in the Dilbert comic strip, says, “Security is more important than usability. In a perfect world, no one would be able to use anything.”

I had the opportunity last week to be part of the Health Information and Management Systems Society (HIMSS)’s first Patient Engagement Summit in Orlando. Yep, more acronyms – E-I-E-I-O. The two panels I was part of talked about the current state of the doctor/patient relationship, and the overall event was all about how technology can either support, or hinder, that relationship. The crazy part is that both the clinical side of healthcare – doctors, nurses, researchers – and the patient side – the rest of us – are desperately determined to get engaged (with each other), get married (create the best possible outcomes), and live happily ever after (better community health for EVERYBODY!).

The trouble is, I’m afraid, that the tools that are supposed to be the grease on the rails to making that happen – the digital communication systems that hold our care data – are set up by Mordac. Screaming headlines about stuff like the recent Anthem breach are like screaming headlines about sharp rises in sexual assault figures – they’re a real buzz-kill for trust between possible relationship partners.

If you actually know me, you know I’ve taken a rather extreme step toward fostering relationship clarity, doctor/patient-wise. It’s the image that is my Twitter avatar (click that link to see it), and it is a real 3×3″ QR code tattooed on my chest. I can’t say that it has any effect on my dating profile (I bailed on online dating years ago), but it has made many of my healthcare-relationship interactions … interesting.

Can I, or any of us, trust health IT and EHRs to help make our healthcare relationships happy and successful? Or are we stuck in the slough of despond that is Match.com?

Give me your thoughts in the comments …

Does the doctor-patient relationship need marriage counseling?

by 2 Comments

The healthcare system is all about building patient engagement lately. Which makes me ask: if we get to engagement, will we ever get married? And if we do … will we wind up needing marriage counseling?

patient engagement cartoonShort answer: we already need marriage counseling, and we’re not even officially engaged yet.

Herewith is the evidence that the doctor (and health system)-patient relationship needs marriage counseling, stolen adapted from a post on YourTango.com.

  1. You aren’t talking – Given the state of digital, or even analog, communication in healthcare, how can doctors and patients talk? Even when we’re in the same room, it’s conversation-us interruptus, given the whole 10 minutes we have for face to face interaction. And remember the last time you emailed your doctor with a question, and got an answer that day? Oh, right. That was the 14th of Never. Thank you, health IT infrastructure of doom, which is so dedicated to the security of our medical data that NO. ONE. CAN. SEE. IT.
  2. You see your partner as an antagonist – The healthcare system seems dedicated to keeping doctors and patients in an adversarial relationship. Doctors rat us out for our poor compliance in medication regimens without asking if we can afford said meds. Patients worry that their insurance premiums will go up if they tell the truth about stuff like smoking, or eating habits. Neither side seems capable of climbing off the “forces set in opposition” ledge. And the band plays on … getting less and less healthy in the process.
  3. You’re keeping secrets – See #2, and know that antagonists don’t share information well with each other. Doctors keep secrets from patients, i.e. how much treatment options will cost, with payers being fully indicted co-conspirators on that secret-stashing. Patients keep secrets, too, on stuff like cutting pills in half so that fiercely expensive medication will last twice as long. So we’re not talking, we’re forces set in opposition, and we’re keeping secrets. Next up, Divorce Court.
  4. You’re financially unfaithful – Doctors are keeping costs a secret (see #3, and it’s not really their fault, but still …), and patients aren’t being truthful about what treatment options they can afford, so they’re buying snake oil that Dr. Oz is pushing in the hope that it will work as well as the medication they can’t afford for their [insert condition here]. Which only guarantees bigger bills down the road. Everybody loses – money, health, lives – here.
  5. You’re living separate lives – No talking. Walled barricades. Secrets and lies. Money trouble. This relationship might as well be the Hatfields and the McCoys, or even the Russians and the Ukrainians. With 10 minute forced-march conversations, and little chance for touch-points in between, this isn’t a relationship, it’s armed camps on opposite banks of a wide river. Who speak different languages.

Can this marriage be saved?

I – and a whole host of other folks – think it can, but it’s going to take some serious work. And, most importantly, a whole lot of support from the village we all – all of us, humanity at large – live in. We need to flip the entire relationship paradigm of healthcare on its head, and put patients and their doctors in charge of deciding what our relationship/marriage means.

We have to be honest and transparent with each other. Lay down our arms, knock down the barricades, and reach out to each other for help and comfort. Let’s recommit to our relationship, shall we?