Illustration of multicolored profiles. An overlay of strings of ones and zeroes is visible

We Need to Do More with Hospitals’ Data, But There Are Better Ways

By Wendy Netter Epstein and Charlotte Tschider

This May, Google announced a new partnership with national hospital chain HCA Healthcare to consolidate HCA’s digital health data from electronic medical records and medical devices and store it in Google Cloud.

This move is the just the latest of a growing trend — in the first half of this year alone, there have been at least 38 partnerships announced between providers and big tech. Health systems are hoping to leverage the know-how of tech titans to unlock the potential of their treasure troves of data.

Health systems have faltered in achieving this on their own, facing, on the one hand, technical and practical challenges, and, on the other, political and ethical concerns.

Read More

Illustration of a man and a woman standing in front of a DNA helix

A Proposal for Localized Review to Safeguard Genetic Database Privacy

By Robert I. Field, Anthony W. Orlando, and Arnold J. Rosoff

Large genetic databases pose well-known privacy risks. Unauthorized disclosure of an individual’s data can lead to discrimination, public embarrassment, and unwanted revelation of family secrets. Data leaks are of increasing concern as technology for reidentifying anonymous genomes continues to advance.

Yet, with the exception of California and Virginia, state legislative attempts to protect data privacy, most recently in Florida, Oklahoma, and Wisconsin, have failed to garner widespread support. Political resistance is particularly stiff with respect to a private right of action. Therefore, we propose a federal regulatory approach, which we describe below.

Read More

Apple watch and fit bit.

Beyond HIPAA: A Proposed Self-Policing Framework for Digital Health Products

By Vrushab Gowda

As digital health products proliferate, app developers, hardware manufacturers, and other entities that fall outside Health Insurance Portability and Accountability Act (HIPAA) regulation are collecting vast amounts of biometric information. This burgeoning market has spurred patient privacy and data stewardship concerns.

To this end, two policy nonprofits – the Center for Democracy and Technology (CDT) and the eHealth Initiative (eHI) – earlier this month jointly published a document detailing self-regulatory guidelines for industry. The following piece traces the development of the “Proposed Consumer Privacy Framework for Health Data,” provides an overview of its provisions, and offers critical analysis.

Read More

Person typing on computer.

Lessons Learned from Deep Phenotyping Patients with Rare Psychiatric Disorders

By Catherine A Brownstein and Joseph Gonzalez-Heydrich

Given the potential sensitivities associated with describing (i.e., phenotyping) patients with potentially stigmatizing psychiatric diagnoses, it is important to acknowledge and respect the wishes of the various parties involved.

The phenotypic description and depiction of a patient in the literature, although deidentified, may still be of great impact to a family.

By way of example, a novel genetic variant was identified as a likely explanation for the clinical presentation of a patient in a large cohort of individuals with neurodevelopmental and/or psychiatric phenotypes, a finding of great medical interest. The research team elected to further study this candidate and collected samples for functional evaluation of the gene variant and preparation of a case report.

Because the patient had a complicated phenotype, several physicians from various specialties were involved in the patient’s care. The paper draft was circulated amongst the collaborating clinicians and researchers and ultimately shared with the patient’s family by one of their involved caregivers. This is typically not a requirement of such studies, as the informed consent process includes the subjects’ understanding and consent for dissemination of deidentified results in the scientific literature. But as a general practice, families are informed about manuscripts in process, and in this case the family had requested to be kept abreast of ongoing developments.

Read More

Medicine doctor and stethoscope in hand touching icon medical network connection with modern virtual screen interface, medical technology network concept

Data Talking to Machines: The Intersection of Deep Phenotyping and Artificial Intelligence

By Carmel Shachar

As digital phenotyping technology is developed and deployed, clinical teams will need to carefully consider when it is appropriate to leverage artificial intelligence or machine learning, versus when a more human touch is needed.

Digital phenotyping seeks to utilize the rivers of data we generate to better diagnose and treat medical conditions, especially mental health ones, such as bipolar disorder and schizophrenia. The amount of data potentially available, however, is at once both digital phenotyping’s greatest strength and a significant challenge.

For example, the average smartphone user spends 2.25 hours a day using the 60-90 apps that he or she has installed on their phone. Setting aside all other data streams, such as medical scans, how should clinicians sort through the data generated by smartphone use to arrive at something meaningful? When dealing with this quantity of data generated by each patient or research subject, how does the care team ensure that they do not miss important predictors of health?

Read More

USB drive

The False Dilemmas of the Fifth Circuit’s HIPAA Ruling

By Leslie Francis

In a caustic opinion issued on January 14, the Fifth Circuit vacated penalties assessed by the U.S. Department of Health and Human Services (HHS) against the University of Texas M.D. Anderson Cancer Center for HIPAA security breaches.

As has happened to many other health care entities, M.D. Anderson had employees who were not careful with their laptops and thumb drives (and the data therein). A laptop with the unencrypted protected health care information of nearly 30,000 patients was stolen. Unencrypted thumb drives with information on another almost 6,000 patients were lost. M.D. Anderson disclosed the security breaches to HHS, which assessed civil monetary penalties for violation of HIPAA’s encryption and disclosure rules. M.D. Anderson then filed a petition for review, which resulted in the Fifth Circuit holding that the agency action was arbitrary and capricious for failure to consider an important aspect of the problem.

Commentators have already pointed out that this decision will reverberate throughout the HIPAA enforcement world. As it does, I hope it is met with scorn, for it trades on the informal logical fallacy of the false dilemma in two noteworthy ways.

Read More

Person typing on computer.

Telehealth Policy Brought to the Fore in the COVID-19 Pandemic

By Vrushab Gowda

The COVID-19 pandemic has highlighted the value of telehealth as both a tool of necessity (e.g., minimizing infection risk, conserving thinly stretched healthcare resources, reducing cost) as well as of innovation.

Telehealth services have surged in recent months; in April alone, they constituted over 40 percent of primary care visits nationwide and over 73 percent of those in Boston. “Increasing Access to Care: Telehealth during COVID-19,” a recent publication in the Journal of Law and the Biosciences, dissects the issues that have accompanied the growth of telehealth and identifies further areas of potential reform.

Read More

A frustrated woman sits at her desk, staring at her computer. Her head is resting in her hand

Patient-Directed Uses vs. The Platform

By Adrian Gropper, MD

This post originally appeared on The Health Care Blog.

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

It’s 2023. Alice, a patient at Ascension Seton Medical Center Austin, decides to get a second opinion at Mayo Clinic. She’s heard great things about Mayo’s collaboration with Google that everyone calls “The Platform”. Alice is worried, and hoping Mayo’s version of Dr. Google says something more than Ascension’s version of Dr. Google. Is her Ascension doctor also using The Platform?

Alice makes an appointment in the breast cancer practice using the Mayo patient portal. Mayo asks permission to access her health records. Alice is offered two choices, one uses HIPAA without her consent and the other is under her control. Her choice is: Read More

Doctor types on a laptop

A Delicate Balance: Proposed Regulations May Upset the Tension between Accessibility and Privacy of Health Information

This piece was part of a symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. The symposium was originally posted through the Northeastern University Law Review Online Forum.

Promises and Perils of Emerging Health Innovations Blog Symposium

We are pleased to present this symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. Throughout the two-day conference, speakers and attendees discussed how innovations, including artificial intelligence, robotics, mobile technology, gene therapies, pharmaceuticals, big data analytics, tele- and virtual health care delivery, and new models of delivery, such as accountable care organizations (ACOs), retail clinics, and medical-legal partnerships (MLPs), have entered and changed the healthcare market. More dramatic innovations and market disruptions are likely in the years to come. These new technologies and market disruptions offer immense promise to advance health care quality and efficiency, and improve provider and patient engagement. Success will depend, however, on careful consideration of potential perils and well-planned interventions to ensure new methods ultimately further, rather than diminish, the health of patients, especially those who are the most vulnerable.

In his piece for the Promises and Perils of Emerging Health Innovations blog symposium, Oliver Kim emphasizes the important role trust plays in the provider-patient relationship. Kim unpacks the challenges that come with the introduction and incorporation of new health technology, and further cautions against the potential for erosion of trust when introducing third-parties into the relationship.

A Delicate Balance: Proposed Regulations May Upset the Tension between Accessibility and Privacy of Health Information

Read More