February 4, 2020
Only What Matters on Health Information Policy
CMS sent out a note reminding Medicare-contracting hospitals what they need to know about 2020 Medicare Promoting Interoperability Program rules.
Department of Veterans Affairs dep sec James Byrne, who oversaw the department's electronic health record modernization effort, was fired on February 3rd.
How dominant is UnitedHealth’s Optum (self-described “health services innovation company”) in the health care space? Sit down, and then see here. And remember that Optum bought the Advisory Board Company in 2017. And Optum provides IT services to the federal government. And. And. And. Plus, NAIC named UnitedHealth as the top grossing health insurer, but basically because of Optum’s “information and technology-enabled health services” -- a detail that was not included in the descriptions of any of the other top 9 health insurance companies.
You can tell things are getting serious with health data and technology policy when the law firms start chiming in. Pepper Hamilton provides a helpful overview of Google health data partnerships (and invokes Deven McGraw’s artful phrase “Goldilocks Dilemma” to describe the modern conundrum of data sharing and privacy). Sheppard Mullin discusses why the health care industry should notice that the latest bill to fund the Department of Defense forbids certain technology from certain China manufacturers. ArentFox explains the big fine that Practice Fusion paid for allegedly violating antikickback laws with its electronic health record design to increase certain drug prescriptions. Baker Donelson gives a little advice on what HIPAA covered entities should do about fee limitations post-Ciox court decision. Manatt is offering a webinar on Feb 27, in part about data infrastructure needed for the integration of social determinants of health.
One Thoughtful Paragraph
“Anonymized Data is Meaningless Bullshit” is the title of an article that describes one of the issues with health data privacy: even when personally-identifying information has been scrubbed from data, there are still ways to identify whose data is whose. This is not news, it has been discussed for quite some time (see here, here, and here). But precision medicine and the momentum of genetic testing makes this issue more pressing, as evidenced by the recent discussion at the Precision Medicine World Conference. General data privacy laws rarely keep up with tech advances -- even the newly-implemented California Privacy Act does not regulate HIPAA-blessed de-identified data. Perhaps less worrying than what will happen with de-identified, aggregated data in the name of health care research (e.g., the NIH All of Us program is immensely important and exciting work that seems poised to improve health care for everyone), is how our data-mining expert friends can cull sellable information from everyday items that are not necessarily identified as health data -- but they are. For parents of current and future college students, there was a particularly terrifying article in the MIT Technology Review (see “Hall Monitor” in Jan/Feb 2020 hard copy issue or “Should Colleges Really Be Putting Smart Speakers in Dorms?” online, they are slightly different versions of the same article) about the new era of smart speakers on college campuses and how any university’s restrictions on student information isn’t going to stop voice recognition platforms from noticing when a student asks about STD testing or mental health prescriptions or what happens when OTC prescriptions are mixed with alcohol. And then what?