A few weeks ago, Google announced it was getting into the “storing your health records” business, which I am against for the simple reason that Google, and Microsoft (who is also venturing into the health records storage business, do not have to adhere to HIPPA rules.
So, it was even more disturbing for me, when I read this NY Times piece on a emerging company that will place ads on doctors office computer screens based on your health records.
As we consider the entry by Google and Microsoft into the medical records business, a vision of where this may all be going is presented by a San Francisco startup called Practice Fusion.
The company’s concept: Give doctors a free service that will automate their offices — both administrative functions, like appointments, and patient medical records. The catch: The software displays advertising aimed at the doctors and their staff.
Here is where it really gets dicey: The ads shown are related to the content of the medical records. So when the doctor reviews your cholesterol test results, he may see an ad for Lipitor.
Supposedly Practice Fusion does not collect patient identifying information such as name, address, SS#, etc., but only collects medical history. But, let’s be realistic here. If this company has accesss to your medical history, they also have access to your personal identifying information.
The other disturbing thing about this, is that doctors and the doctors staff are further being inundated by the pharmaceuticals pushing their blockbuster drugs.
To the doctors, however, this may not be any more intrusive than the myriad other ways that drug companies vie for their attention: hiring attractive sales representatives who hand out sticky notepads, catered lunches and trips to educational seminars at lush resorts.
As some of these giveaways are being cut back, there is all the more interest among drug companies in finding new ways to get their messages to doctors. Mr. Howard suggested that he may have found the perfect advertising medium for them.
From a cynical point of view, I imagine there will be some doctors that might end up using the “suggestions” of these ads, neglecting actual patient needs, which to me is truly scary. The amount of influence pharmaceuticals have over doctors has increased tremendously over the years. While these ads are being paid for by the pharmaceuticals, the drug that may be best for the patient may not be shown to the doctor as the best suggestion.
What are the legal implications of doctors depending on ads associated with your medical history, and can it be proved that a doctor depended on a particular ad in relation to a patient’s medical history, should a patient not be helped by a blockbuster drug?
I did some light reading looking at the HIPAA regs. last night. It’s amazing the loopholes that were built in regarding third-party business associates. The drafters sure seemed to know what they were doing.
HIPPA rules is light reading??? LOL!
I imagine those loopholes will likely not get closed and protects business over the people.
I could go on and on and on about the Health Insurance Portability and Accountability Act — hey, anybody notice the word “privacy” is missing? me too! — but I won’t. It sounds to me like they are getting around a lot of stuff by deliberately disaggregating the “personally identifyable” part of the data. But I am very curious about the workings of this: is data hosted in the doctor’s office, at the service provider’s site, or at a third location? At this point there is a lot to be said for offsite-backup at the very least. Are the ads uploaded at launch and displayed contextually, or served on the fly (in which case yes, that’s a privacy concern)?
As soemone who has had to write HIPAA policies for a business, I think Microsoft and Google may yet find they have HIPAA problems. Then again, I think Windows is inherently not HIPAA compliant.