cruise ship

Old and New Ways of Coping with COVID-19: Ethics Matters (Part I)

By Leslie Francis and Margaret Pabst Battin

This post is part I of a two-part series on pandemic control strategies in response to COVID-19.

Your life and the lives of many others may depend now on isolation, quarantine, cordon sanitaire, shelter in place, or physical distancing.

These terms have entered the public consciousness rapidly. Though general awareness has increased, the important practical and ethical differences between these practices require further explanation.

Read More

Gloved hand holding medical rapid test labeled COVID-19 over sheet of paper listing the test result as negative.

Controlling the Novel Coronavirus: Should we have stopped the COVID-19 coronavirus more effectively? Could we still?

By Margaret Battin, Leslie Francis, Jay Jacobson, and Charles Smith

What if, instead of closing airports, shutting down trains and buses, quarantining travelers from China, and enclosing 50 million people inside the city of Wuhan and Hubei province, we had a sophisticated technology that could identify travelers who might spread an emerging infectious disease? This question is not hypothetical. We do have an available technology: polymerase chain reaction (PCR) rapid testing, one among several forms of nucleic acid amplification technology.

But PCR rapid testing has been deployed imperfectly at best, especially in the United States. The initial case of what is thought to have been community transmission in the United States was not tested for several days. The result was preventable exposures to infection of health care workers and potentially others. Testing criteria were set very narrowly. Rapid test kits designed by CDC did not work successfully because of problems with one of the reagents. On February 29, the FDA issued guidance allowing laboratories CLIA-certified for high complexity testing to use tests they had developed and validated before receiving emergency use approval.

Read More

More perils of U.S. sectoral privacy law

By Leslie Francis

A recent unpublished decision of the Minnesota Court of Appeals brings the perils of sectoral privacy law into sharp focus: Furlow v. Madonna Summit of Byron, 2020 WL 413356 (Minn. App. 2020) (unpublished).  Minnesota protects patient health records but not, apparently, photographs of patients posted on social media by health care facility staff.

V.F. was a patient at Madonna Summit of Byron, a senior living facility with independent living, assisted living, and memory care units. Jane Doe was a nursing assistant at Madonna. After V.F. pulled a fire alarm, annoying Jane, Jane snapped a photograph of V.F. and posted it on her personal social media page.  Jane captioned the photo: “This little sh-t just pulled the fire alarm and now I have to call 911!!! Woohoo.” The photo contained no further identifying information.  It didn’t name V.F., say where she lived, or identify Jane Doe or where she worked. It was, however posted on Jane Doe’s personal account, thus identifying Jane Doe to those with access to her account. V.F.’s personal representative sued for damages under the Minnesota Health Records Act. The Minnesota Court of Appeals upheld dismissal of the complaint, concluding that the social media post was not release of a “health record” under Minnesota law. Read More

Picture of doctor neck down using an ipad with digital health graphics superimposed

Practice Fusion: it’s data use, not de-identification, that matters

By Leslie Francis

Practice Fusion, an electronic health record (EHR) vendor, just settled with the Department of Justice to pay a $145 million fine for alleged kickbacks from an unnamed pharmaceutical company.  The DOJ contended that the company had taken kickbacks in exchange for including practice alerts to encourage physicians to prescribe opioids.  But paid-for prescription alerts were not the only practices engaged in by Practice Fusion with de-identified patient data.

Read More

Making “Meaningful Access” Meaningful: Equitable Healthcare for Divisive Times

By Leslie Francis

Another anniversary of President Bush’s signing of the Americans with Disabilities Act (ADA) is coming up in late July, yet the nation remains far from offering even a semblance of equitable societal opportunity to most individuals with disabilities.

For them, full social participation is dismissed as merely an idealistic dream. With its focus on restoration of full functioning for patients, the health care delivery system might be supposed an exception, but a closer look shows the opposite is true.

Physicians’ offices, clinics, and hospitals too often have not been made accessible. Too frequently, these facilities have diagnostic or treatment equipment that some people, due to disability, cannot use. Health care provider staff are not trained to interact with or assess disabled individuals, and may be swayed by implicit biases that target disability, just as are non-medical personnel or laypersons in the population.

disability rights protest sign
Photo by The Leadership Conference on Civil and Human Rights/Flickr

Read More

Privacy and Confidentiality: Bill of Health at Five Years and Beyond

In honor of the occasion of the Fifth Anniversary of Bill of Health, this post reflects on the past five years of what’s generally known as “privacy” with respect to health information.  The topic is really a giant topic area, covering a vast array of questions about the security and confidentiality of health information, the collection and use of health information for public health and research, commercialization and monetization of information, whether and why we care about health privacy, and much more.  Interestingly, Bill of Health has no categorizations for core concepts in this area:  privacy, confidentiality, security, health data, HIPAA, health information technology—the closest is a symposium on the re-identification of information, held in 2013.  Yet arguably these issues may have a significant impact on patients’ willingness to access care, risks they may face from data theft or misuse, assessment of the quality of care they receive, and the ability of public health to detect emergencies.

Over the past five years, Bill of Health has kept up a steady stream of commentary on privacy and privacy-related topics.  Here, I note just a few of the highlights (with apologies to those I might have missed—there were a lot!) There have been important symposia:  a 2016 set of critical commentaries on the proposed revisions of the Common Rule governing research ethics and a 2013 symposium on re-identification attacks.  There have been reports on the privacy implications of recent or proposed legislation: the 21st Century Cures Act, the 2015 proposal for a Consumer Privacy Bill of Rights, and the proposed Workplace Wellness Bill’s implications for genetic information privacy.  Many comments have addressed big data in health care and the possible implications for privacy.  Other comments have been highly speculative, such as scoping out the territory of what it might mean for Amazon to get into the health care business. There have also been reports of research about privacy attitudes, such as the survey of participants in instruments for sharing genomic data online.  But there have been major gaps, too, such as a dearth of writing about the potential privacy implications of the precision medicine and million lives initiative and only a couple of short pieces about the problem of data security.

Here are a few quick sketches of the major current themes in health privacy and data use, that I hope writers and readers and researchers and most importantly policy makers will continue to monitor over the next five years (spoiler alert: I plan to keep writing about lots of them, and I hope others will too): Read More

ERISA and Graham-Cassidy: A Disaster in Waiting for Employee Health Benefits and for Dependents under 26 on their Parents’ Plans

Graham Cassidy § 105 would repeal the ACA “employer mandate”.  Although its sponsors claim that the bill will give states a great deal of flexibility, it will do nothing to help states ensure that employers provide their employees with decent health insurance; quite the reverse.  It will also give employers the freedom to ignore the popular ACA requirement that allows children up to age 26 to receive coverage through their parent’ plans, at least when their parents get health insurance from their employers.  Here’s why.

The Affordable Care Act (ACA) was designed to foster and build on health insurance plans that employers in the US provide to their employees.  With limited exceptions such as provisions about wellness plans, it left in place the Employee Retirement Income Security Act of 1974 (ERISA), the federal statute that governs benefits that employers offer their employees.  Rather than amending ERISA to place new federal requirements on employer-provided plans, ACA imposed a tax penalty (called a “shared responsibility payment”) on employers (with at least 50 full-time equivalent employees) with employees who receive tax credits for purchasing insurance through the ACA exchanges.  This is the ACA “employer mandate,” aimed to deter employers from dumping their existing health care plans.  It is the ACA provision that supported the mantra: “you’ll get to keep the insurance you have.” This mandate is imposed through a tax and otherwise leaves in place the regulatory vacuum created by ERISA.  Let me explain how.

ERISA, enacted in 1974, is the federal statute that governs employee “welfare” plans: benefits, including health benefits, that employers offer their employees.  Although ERISA imposes quite substantial requirements on pension plans, it imposes only disclosure and fiduciary responsibilities on welfare plans.  Employers must state clearly for their employees what they are given—but may also reserve the right to change plans, as long as they tell their employees that they might do this.  Employers also must manage their plans as a good fiduciary would, but this does not mean that employers must offer minimum benefits to their employees, or indeed any benefits at all. Read More

Is There a Fourth Amendment Expectation of Privacy in Prescription Records? According to the Utah District Court, Maybe Not

It might come as a surprise to many in the United States that they may have no Fourth Amendment reasonable expectation of privacy in their physicians’ records when their physicians transfer these records to state agencies under state public health laws. Yet on July 27, the federal district court for the state of Utah said exactly this for records of controlled substance prescriptions—and perhaps for medical records more generally. (United States Department of Justice, Drug Enforcement Administration v. Utah Department of Commerce, 2017 WL 3189868 (D. Utah July 27)). Patients should know that their physicians are required by law to make reports of these prescriptions to state health departments, the court said. Because patients should know about these reports, they have no expectation of privacy in them as far as the Fourth Amendment is concerned.  And, so, warrantless searches by the Drug Enforcement Administration (DEA) are constitutionally permissible at least so far as the district of Utah is concerned.  Physicians are by law required to make many kinds of reports to state agencies: abuse, various infectious diseases, possible instances of bioterrorism, tumors, abortions, birth defects—and, in most states, controlled substance prescriptions.  The Utah court’s reasoning potentially throws into question the extent to which any of these reports may receive Fourth Amendment protection.

Read More

The Precision Medicine Initiative and Access

By Leslie Francis

Persistent differences in participation in clinical trials by race and ethnicity are well known; for example, the 2015 Report of the Working Group on Precision Medicine (PMI) relies on statistics that only 5% of clinical trial participants are African-American and only 1% are Hispanic. A recently-launched website of the FDA, “Drug Trials Snapshots,” confirms this dismal picture.

Designed to “make demographic data more available and transparent,” and to “highlight whether there were any differences in the benefits and side effects among sex, race and age groups,” the website reveals instead an impressive lack of information. Reported on the website are 70 new drug approvals for 78 different indications. These data report only evidence about differences by the census categories for race (White, Black or African-American, Asian, American Indian or Alaska Native, Native Hawaiian or Other Pacific Islander, and Unknown). In nine of the reported trials data were considered sufficient to report detected differences in efficacy or side-effects in all racial categories, in two data were considered sufficient to report these differences for African-Americans and Asians, in seven data were considered sufficient to report these differences for Asians, and in two data were considered sufficient to report these differences only for African-Americans. No data are reported about ethnicity, socioeconomic status, disability, or other categories that might be important to the PMI and the benefits data about the planned cohort might bring. Read More