Podcast: Play in new window | Download (Duration: 11:15 — 11.3MB) | Embed
Subscribe to the Healthcare Beans Podcast: Apple Podcasts | Spotify | RSS | Subscribe via..
Episode #4 of the Healthcare Beans podcast
In the United States, privacy protections for health data are not as restrictive as most people think. Your doctor is not the only person who can access your data.
In this episode I talk about: (1) how health data is used, (2) who has access to our health data, and (3) who benefits from sharing health data.
Check out these links for background content on health data privacy laws and value-based healthcare.
~ James
Transcript
Hello friends and welcome to the Healthcare Beans podcast, I’m your host James Haven. Today I want to talk about issues involving your health data; so questions like how’s your data being used; who exactly is benefiting from your data; the types of people and entities who can access your data, and of course – why you should care about how your data is being used.
When it comes to health data sharing, the first thing you should understand is that you actually do not have much control over your data (when you have a medical event, be it a basic checkup or emergency care or something else, there’s a host of entities that have legal access to your data, for the purpose of providing good care to you) – and I know (from a privacy perspective) that’s not a very comforting thought, but for the most part, your data is being handled in a way that is aligned with your overall health interests.
Now, there are folks out there who might disagree and think your health data is being used to expose you or harm you in some way, but I want to share my experiences working in healthcare data operations, including my work with health data under federal and state programs – and after hearing that I hope to (alleviate some of your concerns on data privacy) persuade you about the benefits of sharing your health data, because there are benefits.
Once you receive any type of medical care – your diagnoses, the procedures and tests you went through, and your demographic data, that can all be accessed by several types of entities. And these entities include your doctor (of course), your doctor’s health network (which could be a small group of providers, or could be thousands of providers in your state or region), your insurance company (we refer to these groups as payors) so thinking about Medicare, Medicare Advantage, Medicaid, and also technology companies that contract with your healthcare provider – so companies providing data management services (like EMRs) or some number-crunching analytics or whatnot. And to be clear, that means a lot of different people have access to your data.
When I was working as a data analyst, I had access to tons of data, and that includes people’s names, addresses and health conditions. Now, did I personally know any of these people – absolutely not. Do I recall these data? – to be perfectly honest, no, I do not. The reason is that when analyzing the data, I almost always used some sort of alpha-numeric IDs, not patient names. So if my job was to find people with diabetes, who visited the ER in the past 6 months, and have not had a wellness checkup this year – I’d dig through the data, pull that list together, and it would be filled with IDs like “patient: NZ8211560” and I would send that info off to folks on the care management team (nurses, social workers, and doctors).
By and large, the people who actually witness your personal data (like your name, gender, address) & your medical data are the clinical folks you interact with. Now, that doesn’t mean other people cannot access personal information and medical conditions, but there’s really no reason (incentive) for people outside your care team to do this. Again, I’m not quoting hard-n-fast rules here; I’m just sharing my experience in healthcare data operations – nobody digs through personal-level data because you probably have to jump through some hoops to do that (which means getting actual names behind these obscure IDs) and there’s just no reason to do it, outside of improving care delivery to the patient. So I hope this gives some level of comfort to people who feel very guarded about their personal health data.
That said, there are additional protections (state & federal) for data on certain conditions like substance use. And in these cases, medical encounters or diagnoses that show any sort of drug use (so anything opioid-related, heroin / oxycontin); that information cannot be easily shared between healthcare providers unless you (the patient) give explicit permission to do so.
Now, there are many doctors and other public health folks who are not happy about this. These folks believe that strict data privacy laws applied to substance use actually prevent local health systems from delivering good care to people who suffer with addiction.
This question of data sharing is VERY impactful for the opioid epidemic. In order to deliver good care to people struggling with addiction, doctors must often coordinate with other doctors and other healthcare and social service providers, both inside and outside the local health system. Let’s say you have diabetes and you check-in with your primary care doctor once in a while; but you recently developed a drug habit, you haven’t shared this information with anyone, and you end up in the emergency room on the other side of town. It’s totally possible, and likely, that your doctor will not find out about that event or not discover that this medical event was drug-related. Unless you give permission for that information to be shared. Now with that risk profile – a chronic illness like diabetes plus a growing drug habit that leads to emergency care – the health system and your doctor will absolutely want to intervene and get you connected to the health resources you need, maybe it’s counseling or an outpatient drug rehab program, or something else. But due to strict data privacy laws, you can easily fall through the cracks and not be identified for a clinical intervention.
Now let’s zoom out and think about how this connects to value-based healthcare. In the 1st episode of Healthcare Beans, I describe value-based healthcare and how doctors get financially penalized for delivering poor quality healthcare. Now, if doctors have patients suffering from drug or alcohol addiction, and the data that identifies these patients is not easily seen, then the health system is less able to intervene and support these patients, and… the health system will probably lose money on these patients; and that’s a big reason why a lot of doctors are not happy with data privacy laws for substance use disorder.
To recap these points – when thinking about how the patient benefits from sharing data on drug/alcohol use, you are positioning yourself for better healthcare when you elect to share your data. You’re giving the local health system a better chance to identify you, organize the services you need, and keep you healthy.
And on the health system side – the health system has a better opportunity to save money when you elect to share your data, because bad care (the type of care that drug users receive when their data is not visible) – that bad care is really expensive care (if you’re struggling with addiction and the health system doesn’t know that, you’re more likely to end up in the ER, repeatedly, getting admitted for inpatient care and at the end of the day, that costs a lot of money). So in terms of good healthcare, the interests of the patient and the health system are aligned on the issue of sharing data.
I want to make one final point because I’ve heard of cases where people travel far away to get some level of anonymity – if for any reason you’re looking to keep certain aspects of your health status private, going to a different health system in the same state, or in a different state, is not sufficient. Your health insurance carrier will have full access to that data, and they can share that data with a range of entities. Now, if you travel to some far-off health system, you use a fake name & address, and you pay cash, then that should give you the anonymity you’re looking for.
Okay, well that wraps up today’s episode, please leave a comment and share your reactions, or visit www.healthcarebeans.com to check out related content on my blog. I’m your host James Haven. God bless.
