Wednesday, January 16, 2013

Some Thoughtful Points On Why It Is Patient Health Information Privacy Matters.

The appeared over the break.

Q&A: Privacy maven Deborah Peel, MD

By Anthony Brino, Associate Editor, Healthcare Payer News and Government Health IT
Created 01/03/2013
Deborah Peel, MD, was trained as a Freudian psychoanalyst and worked as a psychiatrist in Austin, Texas, for nearly three decades before becoming a privacy activist, founding the group Patient Privacy Rights in 2006 after being appalled by HIPAA’s evolution into what she sees as a weak baseline for privacy and security.
Equally skeptical of both private industry and the government, Peel’s views and policy proposals diverge sharply from myriad health IT leaders in a lot of ways. But she shares many of their goals, and the optimism that technology and patient engagement can improve American healthcare systems.
Recently, Patient Privacy Rights urged the Department of Health and Human Services to regulate cloud computing as hosted data services grow and data breaches continue to plague health organizations. In a wide-ranging iinterview, Peel talked about her background as a mental health provider, how healthcare organizations can build patient trust, her ideal model for information sharing consent and more.
Q: How did your view of privacy and patient rights develop?
A: It really grew out of my long-term practice as a boarded psychiatrist and a Freudian psychoanalyst. Literally the first week I hung out my shingle in the late ‘70s, people came in and they said “If we pay you cash, will you keep our records private?” This is a problem that predates electronic health records. Health information doesn’t stay in the doctor’s office. What happened then was information on paper would get sent to pay claims, and it was very detailed and the claims information would many times be shared with employers. That can happen because under ERISA (the Employee Retirement and Income Security Act), if you’re in an ERISA employer-based health plan, they frankly have the right to see your information. Many companies say they don’t do that but it’s a widespread practice. I learned from my patients that if you use any third parties then the privacy of your sensitive information is at risk.
I really learned that there were significant numbers of people who will not get treatment unless they know it’s private.This is long-standing problem that predated electronic health records, but if you think about the scale of things, it’s very different.
Q: Did you know of mental health patients whose employers learned of their conditions and discriminated against them?
A: Absolutely, not only discriminating against them. Another very common complaint would be, “I applied for life insurance or long-term disability insurance, and I’ve been denied.” They would look into it and it would be because of psychiatric records. I wrote many a letter that said, “This person has never been suicidal. This person has not been on medication. They’ve been in therapy; they’ve managed their problems very well.”
It’s my opinion that insurers have long discriminated against anyone with mental health diagnosis, and I don’t believe it’s actually accurate actuarially. I don’t actuarially believe that there’s a basis for discriminating against anyone who has any mental illness or addiction diagnosis. If you think about it, the ones that do well are actually the ones that come in for treatment. These are people that are going to do well and get better, not create major burdens for the insurance industry.
I do have a pretty negative view of the insurance industry and the managed care industry. Insurers, when we had an indemnity model, all they got to pay claims was the diagnosis, the date of treatment, the place of treatment, the type of treatment and the cost — five elements. Their corporate mandate is to return money to shareholders. So they began to think of ways to ratchet down what they were paying out. Insurers began to demand copies of records as a condition for paying claims, and then they would use whatever they found to collect more information about individuals, and also to find ways to deny and limit payments and claims. Insurers began to require that you sign every year a blanket advance consent that in order to pay a claim that your doctor would send records of the treatment to them. They now pore over people’s records to look for ways to take back payments that have already been made, to claim that something was not revealed earlier that would’ve caused you to be denied.
Much more of the interview found here:
I think this is a very useful summary of a considered view of what harms can come from breeches (or breaches - grin) and what might be done about it.
Well worth a read.