[This Transcript is Unedited]
Hubert H. Humphrey Building
Room 800
200 Independent Ave, SW
Washington, DC 20201
Agenda Item: Introductions and Opening Remarks
MR. HOUSTON: Why don't we plan on getting started here. I know that Harry and Paul aren't here yet, but hopefully by the time we get through the introductions and things they will be. Let me just kick this off.
My name is John Houston. I am the vice president responsible for privacy and security at the University of Pittsburgh Medical School. I along with Dr. Leslie Francis who will introduce herself are the co-chairs of the Subcommittee on Privacy, Confidentiality & Security of NCVHS. NCVHS is a federal advisory committee consisting of private citizens that make recommendations to the Secretary of HHS on matters of health information policy.
On behalf of the subcommittee and staff I want to welcome you to today's hearing on Privacy and Confidentiality and Security of Personal Health Records. We will begin with introductions of the subcommittee staff, witnesses, and guests. Subcommittee members should disclose any conflicts of interest. Others do not need to do so. I will offer that I have no conflicts of interest. Turn the microphone on when you are going to speak. There is a button to do that.
DR. FRANCIS: I am Leslie Francis. As John mentioned, I am co-chair of this subcommittee and I am in the philosophy department and the law school at the University of Utah and I have no conflicts.
MS. BERNSTEIN: Good morning. I am Maya Bernstein. I am the privacy advocacy of the department. I work in the Office of the Assistant Secretary for Planning and Evaluation and I am lead staff to this subcommittee.
MR. REYNOLDS: Harry Reynolds, Blue Cross and Blue Shield of North Carolina. I am a member of the subcommittee and no conflicts.
MS. MILAM: Sallie Milam with the West Virginia Healthcare Authority and the West Virginia Health Information Network. We are a NIN-2 contractor.
MS. KHAN: Hetty Khan. I work for the CDC's National Center for Health Statistics and I am staff to the subcommittee.
MR. COFFIELD: I am Bob Coffield. I am a healthcare attorney from Charleston, West Virginia with a law firm of Flaherty, Sensabaugh & Bonasso.
MS. SARASOHN-KAHN: Jane Sarasohn-Kahn with THINK-Health in suburban Philadelphia.
MR. WEITZNER: Danny Weitzner, computer science and artificial intelligence lab, MIT.
MS. MCANDREW: Sue McAndrew. I am the deputy director of health information privacy in the Office for Civil Rights and I am the privacy liaison to the subcommittee.
MS. GREENBERG: Good morning. I am Marjorie Greenberg from the National Center for Health Statistics CDC and executive secretary to the committee.
DR. SUAREZ: Good morning. I am Walter Suarez for Institute of HIPAA/HIT Education and Research. I am a member of the subcommittee and no conflict.
DR. TANG: Paul Tang, Palo Alto Medical Foundation, member of the committee, no conflict.
(Introductions around the room)
PARTICIPANT: Can we have callers introduce yourselves please?
MS. HORLICK: Gail Horlick, CDC in Atlanta, staff to the subcommittee.
MR. HOUSTON: I guess that is it.
PARTICIPANT: Is there someone else on the phone?
(No response)
MR. HOUSTON: Thank you very much and welcome everybody. I want to open these hearings by giving a brief introduction background on the purpose of the hearings. I think as you are all aware this is being put on improving the quality of care while controlling healthcare costs. Part of these reductions are hoped to occur through the adoption of electronic health records systems and the efficiencies that come from their use. Along with the adoption of electronic health record systems there is a significant interest in the deployment of personal health records systems. Hopes for PHRs include better managing, chronic disease, and greater patient participation by the patient and their care.
At the present these personal health record systems come in a variety of forms. We anticipate more forms in the future including greater integration of PHRs with EHRs, but right now PHRs include PHRs that are tethered to provider-based EHRs. PHRs that are tethered to pair-based claim systems, free-standing PHRs, which may be hosted by such entities as Google, Dossia, Microsoft and others, and general use PHRs and PHRs that are tailored toward chronic disease management.
But it is likely that there will be significant change in consumer facing health IT over the next 5 to 10 years and these changes will continue to raise important issues of privacy and security. These hearings are intended to explore the privacy, confidentiality, and security requirements of PHRs in consumer facing health IT today and in the future.
We will start by hearing from a panel of futurists. We hope that this panel will be able to allow us to better understand what the health IT landscape will be in the next 5 to 10 years particularly as it applies to consumer facing use. The next three panels will speak to various kinds of PHRs and the privacy and security issues that they have encountered. The fifth panel will discuss privacy related to federal PHR demonstration projects while the final panel will be comprised of consumer advocates.
This afternoon from 3:15 to 3:45, members of the public may testify for up to five minutes on issues related to the topics of today's hearing. There will be no public testimony tomorrow. If you want to testify please sign up at the registration table in the rear. Invited witnesses have been asked to limit their remarks to five minutes. After witnesses on each panel have testified, we should have ample time for questions and discussion. Witnesses may submit additional written testimony to Marietta Squire within two weeks of the hearing.
At this time if anyone has their cell phone in the on position or any other electronic device that would interfere with navigation or hearing, please turn it off or turn it to vibrate.
Additionally we will be broadcasting by the Internet today so welcome to those who are listening on the Internet. We are also being recorded and we are being sent by telephone to people who are calling in. I would ask you to please speak clearly and at a level that you could be heard. Speak in the microphone.
With that I guess Mr. Coffield will go first if you want to.
Agenda Item: Panel I What Will Consumer-Facing Health IT Look Like in 5 or 10 Years?
MR. COFFIELD: I want to thank the co-chairs and the committee and the staff for inviting me along with I think the other panelists to come talk to you today on what I view as the future of PHRs and the future of consumer driven healthcare.
I have provided you with my written comments and I want to give a little summary of what those comments are and take you on a little tour. When I saw the agenda that I was going to first instead of putting on my lawyer hat and taking to you about a lot of legal issues, I thought I would take you on a historical tour and I am a true believe in the adage of history repeats itself. I am also a believer that personal stories are a wonderful way to convey messages.
What I tried to do is to put into perspective my view on where we sit right now with regard PHRs. We need to look at the past. We need to look at currently where we are so that we can determine where we are going to go. What I tried to do in my written comments is outline for you a story or tell you a story, and a comparison with the transportation system in the United States. What I wrote about is talking about the early days of the railway system in the 1800s and where the railway system started and created a transportation system for the United States that grew throughout the 1800s.
With that transportation system we then saw in the early 1900s a significant change with a young engineer by the name of Henry Ford, who came along in 1908 and created the Model T. That Model T became a game changer at that time and became a new vehicle for personal transportation in the United States. I draw the analogy between that Model T and where I think we sit with health information currently.
Health information technology as we look at it historically we go from the standpoint of the early days of documentation, medical record documentation leading up through let's say the 50's or 60's. Little documentation was done. There was no legal reason to document records and that was something new over the last 30 years. We saw in the 1970s really the first addition of the electronic health record and really the first mention of PHRs that I am aware of one of the early mentions of it was through the NCVHS in 2001.
With that background we now are leading up and over the last year or so we now have seen over the last year really the continued growth of PHRs and the interest of PHRs.
The other story I want to share with you is a personal story. It is a story about that same Model T that occurred. I wrote about this in the context of my own family from West Virginia, who came to West Virginia in the 1700s. For approximately 150 years they lived there in the hills of West Virginia in the Northern part near Pittsburgh where John is from, and there was little change. My great grandfather had two children, both boys, who then went on they were teens in the 1890s and with the change in the industrial revolution one went on to law school and one at that point taught for a few years, went to undergraduate, taught for a few years, and then went to Cincinnati to medical school. He came back to practice and starting his practice in 1911 that led up through 1936. When he started in 1911, he started as a rural medical provider making house calls by horse and we actually still have his saddlebag that he used at that stage.
In 1915, a huge change came about. He decided to take a trip to Pittsburgh and he got on his horse, rode it to Wheeling, he got on the train, and went to Pittsburgh and went and bought a Model T at that point. He had driven one. They gave him lessons around the parking lot and sent his on his way. He drove back into the hills of West Virginia and his life forever changed.
I draw some comparisons between my grandfather and Dave deBronkart, who I think you have on your agenda for next month, and I think Dave's experience with PHRs there are a lot of comparisons and similarities that can be drawn between those. Both of them were given a new personal device, didn't know how to drive it. There were a lot of problems. There were no roads to drive on. There were no repair shops to fix it so you had to fix it yourself. Both of those individuals it changed the way and the future.
In closing my remarks I just want to say where I think we are and I will put forward this in the PHR world right now as we are at the Model T stage and if we look at the golden era of the automobile over the next 30 to 40 years that occurred after the early 1900s, that is where this committee needs to focus its attention and envision what the future may hold. With that I will go ahead and turn it over to Jane.
MS. SARASOHN-KAHN: Can I ask you to drive my slides for me? As Bob gets my slides up you have access to a paper PowerPoint and the one I am going to show you has one addition to it and it is now on the hard drive here so you can get access to the new deck. I am very thankful that you invited me to share my perspective, as Bob echoed earlier with his perspective. I want to focus on the P in personal health records today that is the patient, the person, and privacy of course. My objective is to provide some context around that P as we think about privacy in PHRs in the next day and a half and then as you ponder more in June.
In December 2006, some of you saw this Time Magazine cover ushering in the person of the year which is you. That's me too. This represented the focus on the individual as a project manager of our own lives empowered by information.
Being born in Detroit I often refer to the songs of Aretha Franklin. So if I were to play a song at this juncture of this talk it would be her song with Annie Lennox that when sisters are doing it for themselves and in fact sisters and brothers are doing it for themselves in healthcare as we see the healthcare world morphing toward DIY, doing it yourself as people are DIYing it and other aspects of our lives. To engage in a DIY world in health there are enablers that help people do that. We need to lubricate markets. I am a health economist. That is my lens here so to lubricate this market of DIY health we need transparency and information and that leads to knowledge and empowerment.
There are signposts that we all see. You might not realize that you are seeing them but they are out there telling us we are on this journey to DIY and health already. In this recession retailers especially grocers are seeing increase sales of vitamins, minerals, and supplements along with by the way canning supplies so people can buy big things and shrink them down and save them when they are cheap and wine. You can decide for yourself whether the wine purchasers are related to health and lack of sleep and depression. That is up to you. But wine, vitamin, minerals, supplements, canning supplies are the three fastest growing items in grocery stores in the last two quarters, late 2008 first quarter 2009.
The role of the Internet in health DIY is here. You know this. You will hear from Jamie Heywood in a little while from PatientsLikeMe. He will share his insights as one of the most trusted portals in health DIY on the planet.
I am going to be using the phrase health citizen throughout my remarks as code for what some of you call a patient, some of you call a health consumer, or a caregiver. I adopted this phrase health citizen several years ago when I worked on a project in the European community with Jean Claude Healey not Kealey but Healey. Jean Claude Healey was an eHealth pioneer in Europe and he used the word health citizen many years ago and I adopted it then and I know Microsoft often uses the phrase health citizen. I think it works with what I am talking about here.
Most Americans are being cajoled and incentivized, nudged, pushed, sometimes forced into the role of being a health citizen, a health consumer today through health plan designs, increase copays, the loss of jobs and insurance, and the search for value in healthcare as our out-of-pocket costs increase and to that point my blog this morning on Health Populi talks about the new Milliman Medical Index that came out yesterday saying that for 2009 the cost for a family of four in a PPO in the US in health in $16,771, 59 percent of which is shouldered by the employer, 41 percent paid out of pocket by the employee in premium and copays. That is about $9,000 to $10,000 for the average American family of four going into a PPO this year Milliman says.
A number of us who are active at this intersection of the Internet and health have adopted the term participatory health or participatory medicine and we call out this phenomenon of people engaged and activated with their own health. People engaging in participatory health look for tools and information on and off line. Online increasingly helps citizens are using Web 2.0 tools, logs, Wiki, social networks, shared videos.
As a health economist I will put out that during the current recession more people are increasingly looking for these tools to help themselves. Survey data from Kaiser Family Foundation, Spectrum and other sources point out that in the first quarter of 2009 a growing cohort of Americans are postponing visits to physicians and not filling prescriptions due to cost. Furthermore people are looking for more home remedies using the over-the-counter drugs and other DIY solutions to personal health problems and they are looking for sources they can trust to help them manage their health. As I showed Bob earlier today in my mailbox yesterday was the latest issue of Howard Business Review, half of which is about trust. I feel like Ross Perot. Trust is a new and important currency in health. It always was but it is now more than ever in this era of participatory health.
In 2005, Edelman, the global communications firm who is a client of mine, surveyed citizens the world over to find that the level, citizen's level of trust with institutions, governments, corporations was receding and there was one cohort that was increasing in trust and it was people like me. They titled that study Trust Media. That was 2005. That was a real shift in consumers and this was global, America and overseas. People trusting people like me more than institutions.
We looked earlier this year at Deloitte's survey. They are my old employer before I started my business. Deloitte's survey healthcare consumers. This was the second year they did this and they segmented the health citizen marketed six ways. The one that will point to for today's purposes is the online and on board. It is about 22 percent of Americans so one in five is online, engaged, activated, the most activated cohort of the six here, but important there are two others that I banded here that I believe are also more engaged than others as well. At least half of Americans are very much engaged in some way in their health. I know I am going fast because of limited time but you have the slides.
Here is the new slide you don't have. The point here is that 9 percent of Americans Deloitte found are using some PHR. We don't know what kind. We don't know if it is tethered, untethered, if it is Microsoft, Google, Dossia, whatever, nine percent of Americans about. A lot of that I think is driven by Kaiser Permanente's heavy use of personal health records, et cetera.
And then the next slide just the only number I want you to look at on here because it's busy is the last one and that is the 37 percent of Americans Deloitte found are looking for online tools to manage health not just information online, but tools online.
It is this next slide that is the new one and it is new because the study only came to me on Tuesday. It is actually a study published in the June or that will be published in the June issue of the Journal of General Internal Medicine. It was a study based on eight focus groups and four US metropolitan areas. You might say well eight focus groups, what good is that? This is an indicator and I think it is an important one. The title of the report is very interesting. They said, "I want the computer to know who I am." That is a quote from one of the participants in a focus group in Boston. The point here is that a lot of citizens don't understand why on a screen that looks like say your Google screen where you have your weather and your money and your this, and your that, whatever you want. Why can't I get that in health right now? Why can't I see my labs, my blood pressure trends, whatever? You might find that if you are a patient like me and saving a personal health record, but in the main these were main street Americans from all socioeconomic strata across the two genders and income and most people want to be able to see the computer serving me, my personal information. So that is a really neat study and I blogged about it yesterday if you want to read it on Health Populi. I'm not trying to sell you Health Populi. I did write about it yesterday.
This is part of a key point from the Edelman health engagement barometer that came out in October and the key point here is the top one. In the blue area showing that the most important trusted source or touch point for my health engagement going forward people say is conversations with my doctor not a lecture from my doctor, not a prescription from my doctor, conversations with my doctor becoming increasingly important as I health engage as an individual.
The sources that are going to be less important to people are those green bars going to the left. Traditional media like TV advertising, drug-branded websites, et cetera. Remember here I am all about trust. Where do people trust? They trust these conversations, the back and forth with my doctor, and on the next slide you will see how this works.
Most people when they get information from their doctor will go home and validate on the Internet and then if people find information on the Internet, most of them go to their doctor and validate it with their doctor and we call in the health engagement barometer the new second opinion because this is what most people do. This isn't just the health engaged. This is what people do in real life.
We are going to skip this one for time. Just another data point that bolsters the fact that people trust their providers especially doctors. In the BBC America Harris Poll that was done in March most people said I trust health provider's number one, as a data steward for my health information not my email provider, not banks and brokerage companies, health providers. I think that is kind of interesting to keep in mind as you look to the future of PHRs and in general just electronic health information.
Now let's drive down to health records and privacy. In the December 2007 Wall Street Harris Poll, which focused on physicians and just electronic health information, Americans wanted access to EHRs but they are continuing to wrestle with privacy and security. People are starting to identify benefits of electronic health information and at the same time recognize there are security and privacy issues around them. So there continues to be value and recognition of risks here and these are the things that have to be balanced.
This is another survey some of you probably heard this in drive time either morning or afternoon if you listen to NPR last month. They did a survey and asked people about electronic health records and how you felt about them in terms of security and NPR found that three in four Americans thought it would be likely that an unauthorized person would have access to an electronic medical record. Just matter of fact it would happen. It is likely that that would happen. So people are really starting to think about these things. From that same survey then the circle chart following that data point a majority of Americans are not confident in the confidentiality of electronic health records.
Finally, from a Harris Poll taken in July last year, you can tell I'm a data junkie, about one half of Americans believe a computerized health record would be much more likely lost or stolen versus a paper record. That is the perception of Americans. We have to look at this and understand we are painting a picture and how of what people perceive.
So in summary, let me just tell you what I just told you and what I want you to think about in this issue of PHRs and privacy. First, we have entered already a new era of participatory health where people are project managing their health more and more and I believe the recession is driving more and more people to do this as they are opting out of seeing physicians, following up with lab tests that are recommended, et cetera, people taking things into their own hands. Americans are driven by trust in these health journeys as I talked about with physicians and with people like me, patients like me.
My bottom line here is I have done a lot of work with HIPAA when HIPAA first came in HIPAA with IT companies and educating providers about it. I don't believe HIPAA as it is right now is the solution to slap on PHRs. I think this is a new era where we are looking at participatory health and in participatory people are looking for control and empowerment. People who engage in participatory health based on some of this research and research that I have had access to with other client work people want to control who can access PHRs, the PHR, and what level of granularity they choose to share from that PHR. There are already too many areas in health where people are not empowered and don't feel empowered. This is a place we can be proactive and ensure people do have power control and empowerment with PHRs. Thank you for giving me this opportunity and I am looking forward to dialoguing with you the rest of the morning.
MR. WEITZNER: Good morning. My name is Danny Weitzner. Thanks very much to the committee and the staff for inviting me. I teach computer science and law at MIT. I run the decentralized information group there. Our research is focused on advanced web technology and public policy issues related to those new technologies. I should just say by way of background that I had the privilege of speaking with some of you during my role in the Obama transition effort. What I have to say here has absolutely nothing to do with that and is in no way official whatsoever. I should also say that I am decidedly not a futurist and I would never claim that title except maybe at some point in the future when everything I say ends up having been accurate.
I want to just say that the remarks that I want to make are based on both the technical research and the public policy activities I have been involved with over the years in the design and deployment and regulation are very large-scale information systems such as the Internet and the web. I think you all know well that probably the most striking thing about the overall health information technology challenge we face is that we are talking about an effort that seeks to instrument roughly 20 percent of our economy. I think it is fair to say that we are at the Model T. Maybe it is the Model A. I suppose I think of where we are in this process as a sort of a phase two effort.
I think you are all aware far better than I, of the history beginning 2004/2005 in which the previous administration I think set a series of goals that were important ones but they were goals that were largely based on software deployment, metrics, technology, design, goals. I think that the phase that we are in now, which we might call phase two or maybe it is seven or eight, I don't know, but the next phase. I would characterize as one that is much more focused on health quality outcomes, on health policy outcomes, and our expectations of information systems I think are really changing and focused I think appropriately on health outcomes.
I want to talk with you about what I think are the implications of this period of flux and of the fact that I think we have I think it's hoped at least a very substantial reorientation in the public policy communities interaction with the development of health information technology.
I want to highlight what I think are three important dynamics in this current phase of health information technology policy efforts and talk about what I think are the implications for privacy and security considerations in particular.
Number one. I think that the last couple of years have been focused -- the design efforts I think have been focused at a decidedly national effort. The goal has been to develop a national health information network, to develop nationwide standards, nationwide interchange of data. I think we are seeing somewhat of a reorientation towards local efforts. What we have seen is that overall progress in EMR deployment in particular has been slow. I don't think that is necessarily anyone's fault or a result of any grand error, but it has been slow and in the context of that slowness we have nevertheless seen very successful local experiments with health information technology deployments.
You are all aware of the efforts in New York City and in Eastern Massachusetts, Tennessee, Indiana, and a couple other areas around the country where what we see a particular kind of focus of what I think is a more holistic focus on how to use health information effectively and build systems both technical systems and also practice management processes, local environments in which we can actually leverage health information principally at the primary care provider level and the local level to improve health quality.
What I think you see reflected then in the high-tech act in the health information technology component of the recovery act passed earlier this year is an effort to encourage more experimentation like that to learn more from those local experiments and to propagate those experiments. I think this presents a particularly compelling opportunity for those of us who are concerned about privacy and security issues in the broad range of health information technology, PHRs, and otherwise. I think the opportunity is to get involved to roll up our sleeves as it were in some of these experiments that as you know now under the high-tech act are able to be funded at an expanded level by the ONC in order specifically to develop HIT solutions broadly that meet health policy goals, that meet the soon to be announced hopefully meaningful use requirements. I think as part of that development there is as I said a real opportunity to make sure that privacy and security considerations are addressed practically and tangibly so that as those models are developed around the country they can be propagated.
The whole goals of the regional health information technology extension centers that are funded under the recovery act is to develop models and certainly privacy and security ought to be part of that development exercise. I don't think this will happen automatically. I don't think it will happen frankly by pronouncing privacy and security goals from here in Washington. I think it will happen by that is important but it's not efficient. I think it will happen when we have people with privacy and security expertise involved in those experiments and actually building them into both technology and business practices that are developed there.
Secondly, I think that this is more an aspiration than a description or a prediction. I think that we are going to see a gradual shift in the way the technical standards and certification processes are viewed in the evolving health information environment. I think that again with the priority on developing health information technology that meets health policy goals we will see I think somewhat of a loosening of a single nationwide design for all health information technology for all the EMRs and we will see a real diversity of system designs based on a much more lightweight set of common standards. I think this poses a particular challenge for privacy and security as systems become more decentralized, as designs become more diverse. We are not going to be able to just pick technological silver bullets to solve privacy and security problems. We are not going to be able to just say here use this technology, use it everywhere, and that will carry our public policy goals with it. I think we are going to have to learn to articulate privacy and security goals much more in functional terms in much more generic terms. That is not in any way to say that we should reduce our expectations of privacy and security, but I think the hope that we can carry all of our security goals, for example, through a particular smart card technology that everyone around the country is going to use. If it was ever true it certainly no longer true.
Finally, as I suggested and as you well know the entire emphasis, well I don't want to say the entire, a significant part of the public policy goals are articulated in the recovery act with respect to health information technology are centered around assuring that the HIT that is deployed and is funded federally or at state levels meet these is yet to be defined meaningful use requirements. I think that that process is going to have an important connection over time to the overall health policy reform efforts. I think what is now more or less an article of faith and what I think you have already heard testimony about as a full committee, is that the gaps that we have in health information technology deployment and EMR deployment are really not gaps driven by any particular technical problem or by any failure to find the magic EMR or PHR or any other kind of system design.
The gaps that we see, the slow deployment that we see as any number of observers have pointed out. Markle Foundation I think you are hearing from them later work at the Center for American Progress, any number of other observers have pointed out that we are not seeing strong health information technology deployment because the healthcare system does not have the financial incentives to actually use health information towards either quality or cost results.
What we will see I think, is an increasingly tight relationship between the developments of health information technology and overall health policy reform discussions. Health information technology won't succeed, won't be widely deployed, and frankly won't be very useful without payment reform. This is not controversial. This is obvious but I think to people who look at it it wasn't to me but it was explained to me - but I think that again poses a set of privacy and security challenges because the priority really is going to be on looking in greater and greater detail at the personal health information in these systems. We are going to want to know a lot not, just at a gross aggregated level but at a much more detailed level about how the various parts of the healthcare system are performing. That is going to put pressure from a privacy perspective on the way these systems are designed. I think as much attention as privacy got as the first title in the High Tech Act I think the hard part is yet to come because of the extreme demands that are going to be placed on this information for reforming the healthcare system overall.
With that I thank you all and look forward to the discussion.
MR. HOUSTON: Thank you all very much. I think it is an excellent testimony. Next part of this is going to be the NCVHS subcommittee asking questions. I will start off with a question I have, again, looking forward, I think one of my biggest concerns relates to the management and control of patient information and obviously a strong reoccurring theme is data integration. Everybody sees all data coming together. Today we have islands of information and each provider typically trusts its information and decisions that are made by provider are typically based on information that is within its control. In five to ten to 10 years, how integrated is patient information and who are the custodians or who is the custodian? I don't even know. Maybe it is an is or an are. I think maybe is one is maybe many. It seems like the more I read about the testimony about where PHRs are going it seems to me the reoccurring theme is what is the source of truth, who owns the data, who controls the data, how integrated is it? I would open that up as a sort of an initial question.
MR. COFFIELD: I talk a little bit about and I will put on my lawyer hat now and talk a little bit about ownership issues. Traditionally the records are owned by the provider and I view those as a bundle of rights. There are patient rights in there. There are other payor rights that come together.
One question I have I think leading forward is whether we are going to see a shift from provider-owned records to consumer-owned records and whether or not either the government or other factors will play into helping that shift occur, whether it should occur, and whether the patient now becomes the hub of that data rather than distinct providers who are siloing data who are in large part, competitive in a lot of ways. We are trying to build currently a system of linking up all of those unique siloed information and we may see a shift over the coming years to a model where I as the patient center my data and it travels with me and I provide access to provider. I provide access to payor and those sorts of things.
MR. HOUSTON: As an attorney myself, can I ask one follow up question? One of the things I guess that concerns me is if I am a provider and I make a medical decision based upon data that is within my control or at least I have access to. If that data is no longer if I no longer have access to it or control of it, isn't there an inherent risk to somebody coming back
MR. COFFIELD: I think that risk is there now. Most providers trust their own records. They don't necessarily trust other providers. They may trust another physician that they know but there are physicians that I know will say I don't trust this physician so I am going to redo everything that has been done. I think that exists within the current system on top of that. I don't think that data is all available currently and we have distinct separate data that is not necessarily accurate across the many siloed pieces that are out there once we bring that all together.
MS. SARASOHN-KAHN: Can I follow that up? So we know that to be true from the e-Patient Dave, Dave deBronkart experience, where claims data was brought into his personal health record and there was some stuff that was really wrong and not at all corresponding to what he was dealing with in his own situation. But if you look at the 10-year period, which is what you posed, there is another source of data that will be very real and in the consumer's hands. I can download stuff already on my iPhone and I have health medical applications on my iPhone now. There are hundreds of medical applications. At the iTune store the people are already using for tracking blood pressure, glucose monitoring, et cetera.
There is other health data that is important in managing chronic conditions and that data has to do with how many steps did I take today, if I am doing diabesity, metabolic syndrome management. What did I eat today? What is in my grocery cart? Grocery stores have a lot of great data on nutrition and health that we need consumers to have access to so they understand that a portion isn't a portion the way they eat. We will have nutrition, exercise data. We will have body sensor data that is populating personal health records.
And to Bob's point, I think increasingly so much of that data will be generated and born and housed in consumer records, which complicates this situation and I think bolsters Bob's argument for more consumer triage of a control of health information.
MR. WEITZNER: I guess I don't really think there is a categorical answer to this question. I would sort of add to the ownership perspective, which is clearly one of the dynamics here. What I think is kind of the reliance perspective. Who depends on any given piece of data to be accurate and reliable? I think you look at the experience of the web and what you see or any large information system, data quality is a dynamic process. If you don't depend on the data, if you don't use the data, it rots. We don't have a feeling of trust in it and we probably shouldn't trust it.
I think that the ownership questions are important for dispute resolution, but I don't think tell us very much about reliance or reliability. I think we will learn about reliability or we can affect reliability by being very clear about who has responsibility and who needs to be dependent. I don't think there is any free lunch when it comes to data quality. Ultimately someone has to invest effort in maintaining data quality. Obviously providers have a real incentive to do that for both ethical and legal reasons.
Obviously there are cases where users will have an incentive to do it and will in some cases do it and third parties can contribute to data quality as well but they don't do that for free either whether it is going to be add supported or supported by payors who decide that it is actually good to invest in data quality, but again they won't do that unless we have payment reform in the healthcare system. I think all these questions really come back to who has the incentive and the ability to create quality data and rely on it. I tend to think of the ownership questions as falling out of that process sort of at the back end. We need to understand what they are but we don't fix this problem by defining ownership in my opinion.
DR. FRANCIS: If you think about a kind of general way you are describing things and the direction in which they are likely to be going, your suggestion, Daniel, was that the place of control where we are going to try to get the best quality and completeness of data is going to start at the local system level not at the national level. In some respects I took Jane to be saying it is at the individual because at least in the very last thing that you said about HIPAA is not going to do it. We need to put it in the hands of the individual. As we think about the balance between accurate and complete data and trust and control if you want to kind of put it that way, as I understand it what we then need to be thinking about is how do we make sure we have good privacy and security thoughts at the individual control level and at the local system level that those are the two touch points within a kind of a vanilla national framework or something like that. I want to know if I got that essentially right and if so what you think those ought to be looking like if you could talk to us about. Our ultimate goal here is to think about what kinds of recommendations as these data flows develop would be appropriate about security and privacy. I take Bob to be more on the same side as Jane. I'm not sure about that where you see the locus of control and what you think it ought to be looking like and what that says about privacy and security.
MR. WEITZNER: I think there is an important relationship between trust in the quality or reliability of information and trust in one's privacy rights with respect to that information. I think one of the really interesting developments in the high-tech act is this new right of access to audit information. Bob and I were talking about this before. I don't know where that came from and I don't know what was intended by it, but I think it actually creates the opportunity to create a more dynamic sense of trust in compliance with whatever the privacy rules are. I have had Jane's survey data on lack of trust really in essentially any health information technology systems whether it was PHRs or EHRs or anything else. I found that really striking and I think that we might explain that lack of trust by the fact that people have no basis for understanding whether there is anyone or anything that is actually monitoring compliance with these privacy rules and that in fact people probably didn't know what their rights or what the rules are.
I think that if we want to increase the sense of trust that I think will by definition occur at a local level because that is where people interact with the information and interact with the rules. I think we have to look to a more dynamic process by which people are able, for example, to look at who has seen their records and whether those access events were consistent with some set of rules or not. I have always taken a very important lesson from one of the pioneers in human computer action field.
Ben Schneiderman who describes user interface design principles, and one of his principles is if you can't see it, you won't use it. That is you think about the way you use your computer systems. If there is a function there and it is not visible to you either on the screen or somewhere close by, you are not going to use and I think we really ought to apply that principle to these general questions of trust in the information quality and trust in privacy compliance. People have to see that it is happening otherwise I think rightly continue to feel an absence of trust and security.
MS. SARASOHN-KAHN: Everything he said and I would like you to think about this word local for a minute when it comes to health expertise and where people find health information and tools because in that 10-year period we are going to see more and more people looking outside of the physical locus to a patient like me in Switzerland who is giving me advice, a doctor. I mean think of Farrah Fawcett. Hopefully she is doing well. She consulted with a doctor in Germany for many months and gallops that came out last month said 24 percent of people because of cost are now considering going overseas for cancer treatment, 24 percent. This was three weeks ago this poll was taken. So the idea of local is what is local to me? What is my locus of my - what is my healthcare community?
So I would think about all those folks as being again centered - we are talking about patient centric healthcare, health citizens centric. So as we think about these controls, I am with Daniel 100 percent on it if I can see it, and I can audit it. It's real.
Since HIPAA came into the market people sign those forms and they don't understand what is on there and that is a fact. I'm talking in the main, probably 80 percent of people. I don't have the statistics. You go to see your doc, you want the service, and you sign the form. You are in and out. There is an attention deficit problem when it comes to understanding health plan literacy. We know people don't know how to use health plans who are blessed to be insured. There is health literacy, health plan literacy, but the concept of the fact that local is with local to the consumer, and so ensure all those touch points are part of whatever policy is developed. I think that's a good construct.
MR. COFFIELD: I will just add. I like the concept local is global. The new local is global. What was local years ago and what it is now, are totally different things.
The other thing that I will follow up on is the right to audit and the right to receive as you and I as a patient to obtain an audit of our records whose access those records. That has been in place since 2000 under HIPAA as a patient-consumer right. It is interesting that over that time period, and I have talked with some other people that do a lot of HIPAA privacy work, lawyers, we rarely see requests from patients to obtain an accounting of their disclosures. It is just very uncommon. Whether that engagement is going to occur and one of the big questions I have with PHR is how is the consumer going to be engaged and whether or not the provider is going to use this new process, this new procedure to improve patient care, to improve patient communication. I think those are a couple of additional points that I make.
DR. SUAREZ: Thank you for the testimony. A couple of comments on the accounting of the disclosure point. I think part of the issue with that is that when people started asking for accounting of the disclosure they found out their accounting wasn't the one that they were looking for. I wanted to know if my provider disclosed this to my health plan not if my provider disclosed to a public health agency for research purposes or some of those things. The account of disclosure is only a fraction of .1 percent of 100 percent of the disclosures, but now with the new high tech and requirements for accounting for all of these disclosures to health record is going to be good.
John mentioned his big issue was management and control. My big issue is granularity and complexity. Granularity and complexity in the context of the ability of consumers to control several factors about the disclosure of their health information. Who discloses the information? What information is disclosed? To whom that information is disclosed? For what purpose? For how long? All those factors have created a growing expectation that because we are now moving into an electronic world in the healthcare field with electronic health records and more information in electronic form. The system will be able to afford or to provide the consumer with the ability to control those factors. The reality is so complex that it is too expensive when you go down into granular levels of control of health information and then it unravels into a complexity for the consumer to be able to actually do those controls, a complexity and very expensive system development to allow for that to happen. Then a question about the reliability of information at the end of the day when a provider sees only fractions or sections or whomever is going to receive that information might see only fractions of it.
Five years from now or ten years from now, how do you see the resolution of granularity of control on consumer consent being addressed?
MS. SARASOHN-KAHN: For people who are managing chronic conditions who want to wrestle them down, who want to deal, we are starting to see people saying I am willing to trade off levels of privacy so that I can get help to manage this. I am hopeful there is a cadre of people who will be early adopters to say I am going to give away people who are managing things that they want to. There will always be a portion of people who will be disengaged and what do we do them. We will deal with that in another session. We know there are people who won't be engaged. C'est la vie.
I do think we are going to see and we are starting to see that people are willing to trade off. We are seeing it in the patient-to-patient portals online where people can adopt private avatars or identities, but get access to the richness of the wisdom of patients, the wisdom of crowds there. I think we could see the same where clinicians enter and trusted infomediaries can enter in with patients in that. I could see a trust infomediary between the patient and the system to help navigate that balance of the granularity and the value we get if we are chronically ill on managing something to give away some of that.
I think there needs to be major education of people to really understand and by written testimony that is longer I couldn't talk about I suggested a couple of tactics where you can start to educate people in social networks online, women on iVillage, which is getting very health oriented. That one site not a client but we have to use these new media cleverly and we can to start engaging people into the educational aspects of privacy and security and health information because HIPAA didn't do it. It was boring. It wasn't fun and we need to get people's attention we need to grab people in YouTube videos.
I really like what I am seeing now in the Ask Me campaign that the CDC has, in terms of having dialogue with your doctor. If we can start to use engaging ways to engage people, sorry about the two engages, that is going to help educate people to understand the value of opening a personal kimono. I see education as being important and the use of the new media.
MR. WEITZNER: I think it is an important question. I suppose I'm going to disagree a little bit with Jane, as much as I have agreed with everything else she has said. I think that the experience that we have in dealing with privacy on the web in general, is that there are real weaknesses in what is known in general privacy terms as the notice and choice model. There are real weaknesses in expecting people as Jane said, to be able to read these long privacy statements, understand them, and then make a choice at the point of information collection or dissemination.
I think the healthcare context puts further pressure for all the obvious reasons on those choices. But fundamentally I think that you began with I think the most important point, which is that we are dealing with tremendous granularity, tremendous complexity, and if you think about this from a kind of a system's perspective you can try to exercise control over how personal information is managed at the point of collection or at the point of use. I think what we are learning from the web is that there is too much complexity at the point of collection and intermediate dissemination. I would say beyond that, it is probably not fair from a consumer or citizen perspective to expect those individuals to make all those choices, to manage that detailed flow that instead I think that we have better models that are emerging, for example, GINA, the Genetic Information Nondiscrimination Act, has some issues, Bob is rolling his eyes, but that as you know a new set of rules which assumes that very sensitive personal information will flow around quite freely in a variety of context but instead protects privacy through limitations on how that information can be used.
If you ask me where we are going to go in 5 to 10 years, I hope in 5 to 10 years if not sooner, we will realize that putting the burden of privacy protection on individual choice is a mistake, that it decreases trust in the system, and that we have to have broader social agreements ultimately in trying in regulation and law about what are appropriate and inappropriate uses. Then we have to deploy these audit capabilities that as you both pointed out we have but don't use. I would submit that we don't use them because they don't produce interesting results for anyone. As you pointed out the thousand disclosures, the thousand movements of my health information around the system are really uninteresting to me. What is interesting to me is if I lost a job because of one of those movements or I was denied coverage. In order to get a system to reveal that information to us technically and functionally we have to get consumer's rights to be able to act on those kinds of harms.
DR. TANG: Thanks for an interesting testimony. I think everybody here as well as the panelists would agree that the value of the PHRs and their tools is an empowerment in participation and this will evolve over time.
I don't know and I think this relates to the last question whether people actually know how many people and what kinds actually do have access to your record. HI may I think studied and showed about an average of 78 people in hospital admission. Don can correct me later. Trust clearly at the heart of it. One of your slides, Jane, was very interesting. It showed physicians you pointed out where the most trusted data steward and interestingly social networks were the least trusted. While it may be interesting and they being useful, there is still a perception that that's not exactly where you would necessarily want all your information to go.
So the question is, is the status quo good enough and if not, I really liked Danny's discussion about how we are going - well, healthcare is local - what you said about local is your own definition, but it allows us to experiment and I like the way you described it. You really need to incorporate the policies of privacy and security in your health IT innovation. In you minds what experiments should be conduct? We have some examples and asked questions about some of the existing regs and are they useful or not. In your mind what experiments should we do in these local innovations in the policy area surrounding privacy and security?
MR. WEITZNER: Well I will start. We touched on one. I think that really exploring how to provide useful audits to patients would be tremendously valuable. Again in my mind in the end of the day that will happen or not because of legal rights that patients have, but I think we can my assumption about these local experiments is that that policymakers will be looking to them to understand what rules both what technologies but also what rules make for a healthy health information environment if you will. I think that experimenting with audit, what audits are meaningful, what are not meaningful, how do we get to this line that Dr. Suarez' is trying to define? I think that would be one that would be quite valuable.
MS. SARASOHN-KAHN: One thing I am getting more passionate about is the concept of the medical home. I know talk about people going far field for information and such, but I still believe in having a place where every citizen can go to help manage the constellation of everything about me and health and then from there refer me on when I want to be referred. If you can bundle bundle is a loaded word today. If you can integrate a line payment as Daniel was talking about. I totally agree as a health economist to align payment with equality outcomes policies and where the medical home is electronic and it should be and it will be and it is in your neck of the woods at Palo Alto Medical Foundation where patients are then empowered with data. Pick a chronic condition or at a tough one because you can do it in your shop, but I can see marrying the medical home, the payment model, managing a chronic condition or a set of them. Metabolic syndrome is one to point out because it is several things, and we can get a good handle on that, and start monitoring how people bring the citizens into the design of the policies because we can't really talk about PHRs without getting that kind of input I think. How people want to use the information.
I would like to see that kind of pilot done in a context of a medical home because I do believe that is where opinion we should go, and that is where we will go. Again, I'm the optimist up here, I think. I think that could be a powerful thing because then you are empowering people, you are partnering, you are co-creating health and the incentives are aligned and people will be nudged through other incentives you can incorporate and again showing them as Daniel pointed out, and you said, if you can see the information in front of you and it's an engaging format, then everybody wins and we reduce costs. That's a good thing.
MR. COFFIELD: The only other thing. At that local level to educate the patients and to spend time and efforts to educate the patients of what their rights are, what their consumer rights are. I think we have had a healthcare system that in large part has been disconnected from the consumer process that most Americans are familiar with. It is employer-based health insurance. Cost issues are in large part until recently, have not been an issue because my employer took care of those costs. I didn't compare costs between doctor A and doctor B. I had no reason to manage a lot of that unless I had a chronic condition. I think focusing in at that local level in trying to understand what consumers and what patients currently view their rights and their abilities with regard to their records, that will help understand maybe what the policies and the laws that need to be created around that.
From the standpoint of the HIPAA privacy rule, I think it has done a very good - I will take the other side - I think it has done a very good job to frame over the last 10 years when it went into place how we have traditionally used medical information. We now need to take that model which has been standardized to some extent across the country, treatment payment and healthcare operations. Those are uses that most of us as patients believe our records either should be used for without consent or have some ability to access that data. We need to now move that and those rules were set up really with the view of a paper world. We now have a changing world and we start to see some of those changes with the new rights that come out under High Tech and I think we need to take that to the next level. Part of that needs to be a modification of those patient rights to fit the new models moving forward.
DR. TANG: I think Danny hit the nail on the head when he said that the audit trails are uninteresting until you lose the job. I wonder if one of the experiments could be it is almost a black box - it is not interesting until the plane crashes. So if there is some bad outcome, I didn't get insurance, I didn't get a job or something, you could then peer into the black box, i.e., the audit trails and presumably we could actually do the cross correlation and figure out it was there something that contributed to that outcome.
That might be an interesting technical application to generate a policy that is we do have black boxes. They really are uninteresting. People don't ask for them but let's look when something you think may have happened to that.
MR. REYNOLDS: Thank you very much. Excellent things to consider. We are in a period of very fast change right now. We are talking about 5 to 10 years but we are also talking about today. I like the DIY. I like that but we are also all facing BHA, which is better health for all, and so that's right in the face of everybody right now and right now things are happening. We have said this as a committee and we have talked immensely as a committee about the fact that privacy seems to be walking along beside. You used the term HIPAA. Everybody kind of says well HIPAA is okay, or you here unduly restrictive or things are kind of spinning. If we are moving towards this whole thing of meaningful use, improved health, coordinated care, sharing of information, having your information being able to be shared.
Mr. Weitzner, I thought you made an excellent point where what I don't think we have right now and you guys can play on this, we don't have a set of things that are okay that you can take off the table. Everybody says public health. Well, the layman doesn't understand what public health means. They might not understand what better quality why would my information be used for better quality on a physician? Give us any words that you have because that is going to be something I am listening for over these next two days because many of us back in our states are figuring out how to implement ARRA, and start HIEs and do this and do that. Oh by the way we are sitting here now chatting about privacy.
Well, when those things start happening privacy is going to have to be there in some way, shape, or form now and for the next 10 years. I like your philosophies but if you could add a little more on how do we get some of the discussion to be pragmatic enough that we can go fast now and not wish we had not gone there 5 to 10 years from now?
MR. WEITZNER: I take Bob's point to heart that we have a set of rules that presumably we have very high opt in rates. As far as I can tell it seems to be about 99.5 percent. I think no one opts out.
MR. REYNOLDS: Is that because of lack of understanding?
MR. WEITZNER: I don't know. I think privacy surveys are notoriously terrible and I would be really prepared to believe Bob's view to a large extent that HIPAA sets a floor that people are not panicked about at least. But I think to Paul's point we don't know what we don't know and perhaps a way to use these experimental platforms that we have through the recovery act and in this kind of interim period of time between now and 24 team and all of a sudden everything will work. Perhaps efforts to analyze some of these voluminous audit trails that are created by the systems we build anyway. To me one of the great privacy ironies beyond health privacy, general privacy ironies online is that we have in the form of transaction logs, database access logs, email server logs, web server logs. We have this enormous amount of data about how personal information actually is being used. Marketers all sorts of interesting analysts, businesses, intelligence agencies and governments are great at looking at that sort of data in order to find criminal activity in order to figure out what people's preferences are as to toilet paper, but we are not very good at looking at that data analytically using the incredible data mining power that we have that is really pretty cheap these days to understand what the range of uses of personal information is.
I am certainly not able to sit here and tell you here is what the usage rules ought to be. Here is what ought to be in bounds and here is what ought to be out of bounds, but I think we can build these experiments. We can look into that black box a little bit. Data miners love to do this thing and they are really pretty cheap these days. We can learn a lot about the flows of health information and then start to have what I think has to be kind of a community and a nationwide dialogue about what uses we consider acceptable and what we don't. There is not a quick answer. At least I don't have one, but I think we can work on the problem in a sort of a deliberative, evidence-based way by looking into the systems that we are actually running.
MR. COFFIELD: We are at a time now that I see where that definition of privacy is changing. I think with the increase social networking that is going on with the younger generations and even the older generations what we define as private has completely changed. I was fascinated during the election process on Facebook how many people put up their political affiliation. Everybody enters that data. It is there. Ten years ago people would not have done that in large part and it was pro forma. It is out there and it is available on - I know what Jane's political affiliation is because I'm a Facebook friend with her and along with everyone else.
I think over this next 5 to 10 years the other thing we need to look at is where is that privacy level. Is it going to move up? Is it going to move down? Then is there going to be a backlash where it's going to move back up again?
The other point on, I think, the privacy issue is we need to look at what are the reasons that consumers and patients want privacy. I suspect and Jane probably has facts on this and statistics I suspect in large part it is driven by employment-related issues. That's probably one. Two is just general embarrassment of release of health information and three is probably government oversight. I don't know where those sit in the stream of top 10 reasons why you and I have an interest to keep our health data private but those are the issues that I see that come up when I deal with client issues.
MS. MILAM: A lot of mention has been made of the high-tech act and the billions of dollars that are poised to start flowing across the country to governments in the form of incentives to physicians. We are going to see a surge in health information technology as you have spoken to. We are going to see vendors, developers new businesses. We are going to see just a huge amount of attention, money, and effort placed and is happening everywhere all at once. You have spoken to HIPAA as the floor but also Danny you mentioned that privacy would be grown organically and each of these microcosms. What needs to be in place to make sure that one provider can talk to provider across the street, across the state, across the country? When you look at what is out there today, is there a vision, a framework, a model that works to help guide all of the organic privacy development or does something need to be built to make sure that we can get to the ultimate vision?
MR. WEITZNER: I think you have asked two important questions. One is is there a way that different components in a local healthcare environment can share information and do they know what the rules are? My view is that as a technical matter there are adequate standards. There is adequate understanding in building information systems in general about how to enable people who want to share to share. Paul does this. A lot of you do this. You see this happening and I think what prevents it from happening when it doesn't happen, it doesn't happen.
The reason it doesn't happen is not a technical barrier, but either it's an administrative barrier or a failure or mismatch of incentives. The provider of one sort of information has a proprietary system they would like to use so they don't want to inter-operate based on the open standards that exist. I don't think we solve that problem by developing more standards. I think we solve that problem by making it clear who is required to share with whom and who has an incentive, who ought to have an incentive to share with whom.
Getting the privacy rules right. I think HIPAA is a pretty low barrier to all this for better or for worse. I think anyone who suggests that we don't have information sharing because of privacy barriers is really got a different problem.
I think that the second part of your question is really to Mr. Reynolds' point. How are we going to evolve privacy practices that people feel comfortable with? I don't think there is really much of a short cut there. I think that we are going to have to study what we are doing and study the kinds of information flows that there actually are and come to a reasonable agreement on rules. I think if all goes well those rules will bubble up to state and nationwide laws. Right now I think there is a lot of maneuvering room. I know that some privacy advocates have concern about that and I understand that concern. I think there are tremendously valuable frameworks that are out there.
I think the Markle framework on privacy agreements is a great starting point for all this and I hope also to your question, Paul, again about I hope that a lot of the experiments include that framework or those kinds of frameworks so that people are reinventing the wheel. Probably the biggest risk in these experiments is that you have 20 well-funded innovative activities that somehow start from scratch on these questions and hopefully most won't, but that's also why I think this could have an important role in the health information technology professionals who have privacy expertise I think really have a huge amount to contribute to these experiments just to make sure that we are starting from current understanding as opposed to somewhere back there.
MS. WATTENBERG: Sarah Wattenberg from the Substance Abuse and Mental Health Services Administration. So there are a lot of different ideas about how to address the cause of privacy, different opinions about is it technically possible expense of easy, not, so forth and so on.
Mr. Coffield, I think that you mentioned briefly the idea one that is out there is the idea of using the personal health records as a way of disclosing, providing patient control over disclosure of information. SAMHSA has been actually working on for the past few years some technology that allows for the patient to consent or not as they enter into the system. Who can get what kind of information at what point in time and whether or not this is the wave of the future where consumers really control things, whether or not this is really the hub through which data will be better managed and corrected and so forth remains to be seen. But in the meantime it could certainly be used as sort of an interim kind of method while everybody else is sort of working things out. I mean if I have to get an immunization record one more time for my daughter I think I'm just going to scream.
The question is this is something I would really like to that we are working on piloting. One question is what advice, right, because our job here is to develop recommendations on how we can in a fast-changing environment start moving systems so the experimentation can begin. We can get some broad lessons and sort of quicken our response to the need.
What would you do in this kind of pilot and experiment and it would seem to me that as we conceptualize this how you build in decision supports to patients? What are the risks and benefits and risk to sharing information about substance use disorders with your primary care physicians or not? What kinds of decision supports do you think would be interesting and necessary so that if a consumer is in control they are an informed consumer? For instance just to give as an example you know the Facebook generation I sort of heard this before. People have looser boundaries. It is not so important. You know the Facebook generation is young. They don't have a lot of wisdom about how that information eventually might be used against them. So we may see those boundaries kind of changing a little bit as they age. It is just sort of throwing kind of this out there. What would somebody need to know?
MR. COFFIELD: I think something would be interesting as you kind of phrased your question. One of the questions in the medical home model is to have a health data advocate who is going to serve some capacity and whether that's the primary care physician who you trust or whether that be someone else in a different role who can walk through with the patient the importance of either releasing information or not releasing information. What the pros and cons of doing that may be. We all have and I am a little struck by why patients would not want to release data and withhold data especially when it comes to those issues like treatment. I want my provider to know everything about me historically from the time I was a child up until this age. I think maybe something, a model or a pilot along the lines of some health data advocate who can serve that role in working through those issues of when to release data and when not to.
MS. SARASOHN-KAHN: You said that Facebook is for the young, but the fastest growing group in Facebook are women over 45 and what would be interesting to a lot of us - Daniel said earlier there has never been a good privacy survey done. So what I would do with a tool that you have that is real and touchable and deployable is to deploy it and pilot with different generations and genders and socioeconomic groups and try to get some measures down on perceptions of what people - track what people share, what they don't share, a level of granularity because we don't have great data. I threw very general polls at you and I have seen some specific data that specific companies do that is proprietary but you have a tool you can put out there. Substance abuse crosses everybody. It would be great to test that with some good standardized questions across these different cohorts so we can actually see the there there because it is very hard to judge and that would help from the pragmatic point of view figuring out what will work with who because people will behave differently as we know Deloitte has six cohorts. Name your cohorts. It doesn't really matter. There will be different behaviors and we will not crack chronic disease until we understand how different cohorts will respond and how they value privacy versus the giving up.
MR. WEITZNER: Can I make just two observations about the so-called Facebook generation? We now know it is more than just a generation. I am glad to know. I think that Facebook used as this symbol of increased transparency in the world and there is no question it is true. It is a vivid illustration of that. I have seen survey data which is not yet public which suggests that Facebook users particularly the ones we think of, the stereotypical ones who are 18 to 32, in fact, don't have a very different idea about privacy than older generations do. They think about privacy in different terms, but they ultimately have very similar expectations. They are aware that they are living in a much more transparent environment. They don't mind that. They have obviously chosen to accept that and participate in it, but that does not imply that their expectations of privacy that their concerns about abuse ultimately are any different.
I think that it is sometimes nearly sort of condescending attitude on the part of some privacy advocates who say that if those Facebook users only knew, if we could only educate them then they wouldn't do X, Y, or Z thing. It is a real mistake to assume that people's behavior indicates everything about their privacy expectations. I think we have drawn some of the wrong conclusions. I know teaching a lot of these sorts of canonical young Facebook users they understand that they are more exposed. It doesn't mean that they don't care about how their personal information is used. I think that in fact what they reflect is in some ways probably a more sophisticated attitude about privacy than some of us in kind of the email generation had which is that if the data is out there it must be that we don't care what happens to it. I think that we could actually learn a lot from the Facebook generation. They want to interact. They want to share a lot but it doesn't mean that they want to be taken advantage of. It is very hard to study these things but I think we should look subtly at the relationship between those behaviors and what actual privacy expectations are and beyond that just what kind of privacy rules we want to live with regardless of how indiscrete people behave.
MR. HOUSTON: Time for one more, Walter.
DR. SUAREZ: This is a very quick one and I might put you on the spot a little more. We have this sort of framework around these developing on EHRs. We have some state laws now that are requiring within the next five years, to adopt EHRs by providers and then federal legislation is going already in that direction. We have certification processes to ensure that the products are certified. We have now in the development a way to measure the meaningful use of that. Should we have something like that for PHRs and particularly on the privacy and security side, should we have a mechanism to ensure the products are somewhat defined and certified or whatever we call it and they are measured in terms of its meaningful use of that? Is that something we should consider?
MS. SARASOHN-KAHN: I would say at this Wild West period of new development of this stuff you should not in my opinion because we don't know what these things are going to do be whatever. A year and a half ago I wouldn't have imagined iTunes selling health aps 18 months later and with the trajectory of growth that is tremendous. I am hearing big companies developing some applications that are going to blow our minds and they will be out in 12 or 18 months. So the change is happening so fast as you have pointed out some PHR models will be attractive to some consumers because they are tightly tethered and my docs involved and I want that and there will be other consumers that want to be untethered and alone and dealing with social networks where people will tell everything to that social network and not a whole lot to their doc and that is their choice whether that is a good clinical choice is between them and them. I think right now to sort of certify what a PHR is there is enough aggravation right now looking at certification and EHRs out there that we should listen and watch and PHRs right now I think are unbound and open sourced and let's wait and see would be sort of a watchful waiting would be my advice on that.
MR. COFFIELD: I take the same perspective from a standpoint of we are in this whole information age that we are now 15 years into. It is a constant time of disruption and I think the reaction that either from the legal side, from the law side, the development of law and the government side is reactionary in large part or I think it will continue to be involved in that process. I think the process we should take and I will go back to the analogy of the transportation and the development of the automobile. I cite in there some examples seatbelts coming around, guardrails. The development of those processes that came as a result of the growth of more automobiles on the road, faster speeds, and as PHRs develop I think you will see those items grow up. I don't think we want to though put up the barriers immediately to say here is what a PHR needs to look like. This is the automobile and that's it. We are going to allow that innovation to occur and then be responsive and reactionary on a quicker pace than we have been in the past.
MR. WEITZNER: I agree with the two previous points. I think the name of the game is meaningful use and a reformed payment system. I think when we focus on those things we will get the right flow of health information period end of story. The next HR acronym that is going to come along I don't know what it is and we shouldn't really be too worried about that in my opinion. We should regard that as a good thing. I see plenty of EHRs that start looking more and more like PHRs and that is a good thing. That seems like the result we want certainly in the medical home context. I think we should focus on outcomes and we will get to the right place both with respect to the information flow and the privacy and security requirements.
MR. HOUSTON: I appreciate what was incredibly stimulating conversation. We are going to take a 15-minute break and start back at about 11 a.m. and again thank you very much.
(Break)
Agenda Item: Panel II What Will Consumer-Facing Health IT Look Like in 5 or 10 Years?
MR. HOUSTON: Why don't we try and get started here. The first panel I thought was really interesting and we have a second panel is going to speak to similar things. We had so many people we wanted to talk to we split it up into two separate panels. The second panel we have Josh Lemieux, who is the director of Personal Health Technology for Connecting for Health, Markle Foundation. Don Mon, who is VP for Practice Leadership for American Health Information Management Association. James Allen Heywood, who is the co-founder and chairman of PatientsLikeMe.
I don't know who has a preference of going first, but if not, Don, would you mind going first? Great. Thank you.
DR. MON: Members of the Privacy, Confidentiality and Security Subcommittee and participants my name is Don Mon and I am vice president of Practice Leadership at the American Health Information Management Association. We are a professional society of 53,000 members in various settings in healthcare. The dual mission of advancing the AHIMA profession through leadership and advocacy, education, certification, and lifelong learning, but I am here to talk to you about our other mission which is what I am responsible for at AHIMA which is advancing HIM and HIT standards and policy.
Our testimony today is based on our core health information management and experience as well as the experience that we have gained from talking with consumers and working in standards development. With respect to consumers if you turn to page 10 of the testimony you will see that we have had a consumer-oriented web site called myphr.com which gets over 850,000 hits a month or excuse me. It averages about 24,000 hits a month with a monthly high of back in February of 850,000. We have done education with consumers regarding the PHRs. We have had a number of radio spots. The Nielsen ratings company estimated that we have reached 24 million viewers and listeners. We have placed media placements in a number of high market areas like the Chicago Tribune, USA Today, and so on.
Lastly, we have trained a number of AHIMA numbers to be consumer educators where they in their local communities do town halls and patient education sessions and thus far we have trained over 750 presenters who have reached literally thousands of consumers.
In our testimony we want to thank the staff for providing us with the key questions. We are not going to be able to address all of the questions so I would like to focus on a vision of PHRs and patient facing online services and some of the key differentiators in PHRs models but spend most of the time addressing the top privacy question which is the consumer's ability to modify professionally sourced information. We won't be able to address every PHR model in this testimony. While we can address things at the policy level, today we would like to focus on more pragmatic and practical aspects of implementing PHRs and PHR systems. Some of the points that we are going to bring out today are points that are not in many people's radar screens that we would like to bring into their radar screens.
As to the first question let me just take a few minutes to provide the set up for getting to the privacy issues. The problems that the PHRs are trying to solve are well documented and real. You know them well. They are reported in the literature. AHIMA supports the consumer empowerment principle resulting where PHRs can help with increase in quality of care, reducing costs, and providing a better healthcare experience.
The issue in our estimation isn't so much that of what is a PHR it is more that the role of the PHR as one of many and sometimes overlapping health information technologies that are involved in the solutions to the same problem. So you hear a lot of people who are saying one of the things that we have to do is exchange health information and you will find that the EHR vendors will say well we can do not just the vendors but health information exchange can be done from EHR to EHR without the PHR in between, and some will say that it is probably more efficient to not build a nationwide health information network when if we gave everybody PHRs we would have the ability to provide information to the practitioner.
We at AHIMA and the standards development community are hearing a variety of perspectives and what I hope to talk to you about what are some of the insights that we have gained from listening to those perspectives.
Our feeling is that health information technologies will continue to overlap because all of them strive to be patient centric and they all have the same health information as their base, but yet there are key characteristics on which they differ that will help set them apart in the upcoming years and define their evolving yet interrelated roles.
One of the first questions that we have had to grapple with at least in the standards community is where is the primary purpose of PHRs? Is it to facilitate health information exchange between patients and physicians or is it nearly to serve as a record that consumers keep for themselves. Now that may seem like a naïve question but in the granular world of records management and standards development these answers aren't as naïve as they may appear.
The questions relating to the PHR's purpose and incorporating individual participation and uptake are very much intertwined. As to the point about incorporating individual participation we are still finding that privacy, confidentiality, and security is the top issue that must be grappled with and as I mentioned I will spend the bulk of this testimony discussing that.
But there are other things that need to be grappled with and these factors also increase uptake and that is making the interaction with the PHR, another patient facing HIT and engaging experience. You have heard that from our first panel so I won't need to reiterate that. Responding to an emotional need and you will hear that from Jamie regarding PatientsLikeMe. But two other factors that we are hearing a lot about is convenience and the easiest example to explain there is the auto population. Being able to populate a PHR with data so that the consumer isn't encumbered with populating the data and that speaks to some of the models out there, the provider-sponsored model or the payor-sponsored model where auto population is a key feature. It may be an attraction for those particular models.
But interestingly as we are talking with a number of consumers and those within the standards industry the panel talked before us talked about this but let me add a couple other things. We called it increased value added administrative functionality that is going to capitalize on the advances that we are seeing in technology.
Last week at HL7, health level 7, where I chair the electronic health records work group we were approached by a manufacturer who manufactures micro disks and what this manufacturer was saying was that in two years it is going to be possible to put two terabytes on a micro disk this size that fits in this adaptor that will go into my cell phone. Two years from now it is going to be possible with that kind of storage to be able to put PHRs on devices. It may not be cost effective for consumers at that time. Cost effectiveness as the cost of technology goes down will probably make it affordable in about four years. But if we think that we have about a four-year horizon where this could possibly be somebody's PHR look at the various options that this now affords us. Yesterday in computer world there was an article that said smart phone meet net book where you will be able to have on a device like this not just a phone but also a net book.
Today I get text messages from my dentist that asks me to schedule my appointment and when I respond with a C it goes into his scheduling system. Right now that is the existing functionality. In a couple of years what I am hearing patients saying is that wouldn't it be cool that when I also hit C and it goes into a scheduling system that it goes into my outlook and puts it into outlook for me. That is convenience. That is increasing this value added functionality. That is making the experience with the PHR an engaging one.
Here is another interesting thing that we have heard from some consumers. You know when I have data that is coming from either a claim or directly when I get a bill from the provider, wouldn't it be nice if that just went straight to my medical flex spending account so I wouldn't have the hassle of having to take this EOB, filling out a form, sending it to my medical flex spending. Why couldn't that all be automated and so the next thing I see is money in my bank account because it was that convenient. So convenience, making it an engaging experience, and having value added administrative functionality are many of the things that we are hearing.
We have also had the opportunity to talk with some of the pharmaceutical companies who would like to use PHRs as a way of doing case finding. They obviously for privacy reasons wouldn't have the ability to go into everybody's PHR but if they could expose their eligibility criteria for clinical trials and the consumer on his own volition access that and compare it to the data that is in the PHR that might be a way for the consumers to find out something about an investigational drug or device or whatever and it's a win for the pharmaceutical companies as well because they have a more efficient means of case finding. Those are some of the more innovative things that we have heard from both consumers and others who have approached us in standards development.
These factors as I mentioned in the previous slide will help with the increase of uptake, but unless some of these factors are addressed we at AHIMA believe as we have seen other reports including Paul's that PHRs may still have a low rate of adoption over the next three years at least because of many reasons that have been cited in the literature, but I also wanted to bring out a couple of more in addition to them.
One is the fact that we currently have low rates of adoption within the PHR. In the previous panel we saw that it was something like 8 percent and Dr. Blumenthal's studies on the EHR showed that they were 8 and 15 percent for hospitals and doctor's offices. But this low rate of adoption also gives us an opportunity that I think we can capitalize on over the next five years or so where if we do this well we can actually help all these technologies grow in concert with each other. An example of that is some of the legacy EHR systems where not all of them have patient portals and because not all of them patient portals that are keeping the number of providers sponsored PHRs artificially low and it may give an opportunity for other PHR models to grow. In addition to that some of the legacy EHR systems are not able to exchange with data with PHRs. One of the things that we have to do, or at least we recommend whether it through the certification process or through other kinds of monetary incentives, is to build this kind of functionality into legacy EHR systems over the next few years. If we don't do that then we may have a growth in PHRs where the PHR has nothing on the EHR side to exchange data with. So we have to try to grow those two capabilities together and the thing that is holding it back are some of the legacy EHR systems.
Another factor is the desire for the longitudinal record and record retention policies. Currently provider-sponsored PHRs are longitudinal to the degree that consumers received care from their provider over a period of time, but it is not birth to death. Not everybody is a Beth Israel Deaconess or a Palo Alto Medical Foundation or a Kaiser that is going to keep their data for an extended period of time that is 20 years or in some cases they are saying even longer. The industry currently does not have the experience to know how long a small or medium community hospital or a small doctor's office is going to keep their patient data because they will abide by their risk assessment practices which then dictate their record retention policies. In some of these policies and even according to some state statutes they can destroy records within a seven-year's timeframe or whatever, but in doing so that means then that that data is not available any longer in that PHR. Again this may be focused more towards the small doctors and the community hospitals than it is for the larger providers. But that situation is then going to place more importance on nonsponsored PHRs to act as the longitudinal record and perhaps be the birth to death record and that health information is going to need to be exchanged either at the end of every visit or soon thereafter because it may be too late when the consumer finds out that he wants the record and the record has been destroyed.
I am putting up this slide here just as a mental picture that I am going to use to talk about the next few slides. What we have here is in the lower row the provider-sponsored PHRs with a patient portal and in the upper bar what we have called the nonsponsored PHRs and those might be things like the ones that you can put on your laptop at home or over the web and so on.
There is another concept of a PHR model that is floating around out there. It hasn't received much traction yet as a model that has been fully implemented, but it is being talked about and that is the PHR as a pointer and again the record retention policy that is -
Let me then go to this thing here. The privacy aspect is the consumer's ability to modify data and it depends on the type of data. It depends on the source and the PHR model. When people are talking about PHRs and the ability to modify data, it is as if they are talking about all of the data and when you look at the data that can be modified as in this next slide there are data that can be added to where you can add appropriate administrative data, data that is in a journal or a diary, or to externally source data which is from devices or professionally from providers through annotation and that the recommendation is that the best way to ask for a correction of the data is to go back to the provider to correct the data at the source and then send an update to the consumer's PHR.
The issue of modifying the data goes to the notion of withholding data and I'm going to back up to this previous slide to make a key point. Here is where this depends on the PHR model because this is not a one size fits all when you look at this consumer's ability to modify professionally sourced data. In a provider-sponsored PHR the underlying record is the EHR which acts as that person's record for legal and business disclosure purposes but the nonprovider sponsored is not a legal record and so look at how that plays into many of the things that have been discussed.
In terms of granularity these are the actions that are currently included or under discussion in the HL7 personal health system functional model. This comes from the input of multiple countries, consumers, providers, and vendors. But notice that when we take a look at these when I say not one size fits all some of these functions cannot be done in provider-sponsored PHRs.
Let me just quickly go down these 9 to 11 here. One of the ways is the consumer doesn't even enter the data into the record into the first place, doesn't accept an import from an EHR. Another way is to select only certain portions of the data. I will take this from that EHR but not that. Another way is to limit or revoke the system access to certain individuals including the physician. A fourth way is to mask the data. So what the physician will see on the screen is there is data behind this mask. I know that there is something present but it has a mask over it which is different from the fifth one and that is hiding the data. The data is in the record but the physician doesn't even know that it is there. The sixth and seventh is deleting professionally sourced data with or without audit traceability. Seventh is modifying it, which is different. Deleting it means taking it out. Modifying is I am making a change to this lab value with or without audit traceability. Then the tenth one is modifying professionally sourced data with change in attribution and I'm going to spend one last minute talking about that and then the eleventh is controlling the export of health information so I don't even export it to the PHR.
Now these are system functions that are included in the PHR system functional model either now in the draft standard for trial use or are being discussed in the fully accredited version, which is being worked on. This does not talk about the consumer's behavior of not even bringing a PHR at all to the physician's office because he or she may be that concerned about what is the data that is in there to be shared with the clinician.
Lastly, this is a point that is being discussed much in the standards world but we don't hear discussed very clearly elsewhere and that is this change in attribution. In this model the professionally sourced data is imported into the consumer's PHR. So the EHR sends data to the PHR. It is accepted. When it is accepted it is explicitly fabled as having come from that doctor with this content on this date and so on. However, when the patient modifies his professional sourced data, the data is immediately attributable to the patient not the professional. So what appears to the physician then is that it is John Q. Public who is providing this data on this date. All that traceability of the original data and the date and time is changed to the patient. The reason for that for no audit trail modification is the concern that we have heard from some of the consumer advocates that even having an audit trail will then disclose to the physician that which the consumer wished to be withheld. One perhaps viable way of handling that is this change in attribution but in order to do this we have to absolutely maintain the truth of source. There can be no way that the patient can modify it and change it back to say oh I modified this data and I am also changing the attribution and saying that it is my doctor who said this. The truth of source must be absolutely protected.
The closing comment here is that when people are looking at PHRs as the source of truth it is sometimes attenuated by all of these different aspects and desires of consumers which are now manifested in these kind of criteria within the system functional model. Truth of source absolutely must be maintained or else the PHR will never become the source of truth.
In conclusion there are definite problems in which the PHR can solve. Privacy and confidentiality and in particular this issue remains one of the top issues preventing uptake. The PHRs and other HIT will evolve together. They may need to have some factors addressed such as convenience, making the interaction between the PHR an engaging one, but it will take time and investment. Thank you.
MR. LEMIEUX: I want to thank the subcommittee for asking us to look ahead 5 to 10 years. I thought about it at first and thought let's look back 5 to 10 years very quickly. If you look back 5 to 10 years, the concept that consumers could benefit from health information technology was pretty obscure. It wasn't a mainstream. It has moved basically a mainstream goal of national leaders. It has moved from kind of an afterthought in the dotcom bubble burst to now being embraced as a major initiative of the largest global Internet brands that exist. If you also look outside of healthcare you see consumers adopting technologies at an astonishing pace, blogging, social networking, online banking. Some of this stuff goes back more than a decade but the real growth curve is quite astonishing. If you take a look at some of the common elements of these rapid technology adoptions you see that they are very convenient as Don said. Also they are connected to networks. For example, the phone that he showed and all these great things is it's much more useful if it's getting real time data if it is connecting to multiple sources and it has network connections that allow for that convenience. Because if it is just the device or just the application but it's not connected to anything then it doesn't have that potential for rapid consumer adoption.
Also, consumers like things that are free much to the dismay of some of the people working on personal health applications, but the potential here is that there is consumer participation and networks that are enabled by connections. So I will talk very quickly about what makes those connections possible in the personal health information space. What are some of the immediate opportunities under the new law? What is a brief vision for why we believe that personal health records have a great deal of potential to help people prevent illness, to manage their health-related transactions and information to coordinate care, to communicate better with clinicians, to understand healthcare options and costs, and to take better care of loved ones.
We will start with common sense information policies. That is something that many of you in the room have worked with the Markle Foundation on. Markle Foundation has invested in this area of personal health applications since 2001 and tried to do some research and some convening of large groups of people from lots of different interests and perspectives in order to come up with practical solutions in order to accelerate the potential of health IT in general and personal health applications in particular.
What we see in recent years as the idea of personal records has become more mainstream in the leadership goal is that there has been proliferating options for consumers to have copies of electronic information, to manage their health information online, and those options come from health insurers. They come from start-ups. They come from global Internet brands. They come from lots of providers as Paul has a very significant success story in Palo Alto. Then there are start-ups and new people like Jamie who will have better ideas that we can't even imagine I think. That is very important.
What we have done though is said that this area is evolving without a common set of information policies and practices and that maybe we need some common policy expectations or at least have a good list of the things that any health IT personal health application should address in a sound public way. Maybe they don't address it in exactly the same way but they should address a common set of information expectations. When we get groups together we have often some disagreements at first, but as we talk through things we find that there are practical solutions and that is what we have tried to offer through what is called the common framework for network personal health information released in June of last year. It puts together sets of policies that we think provide an environment of trust and it is not at the level of specificity of say an implementation guide or a legal contract, but it does provide some guidance and we were able to obtain through the participation of many groups a great deal of endorsements from health insurers, from provider groups, from consumer organizations, privacy advocates, academics, a large array and that's what we try to bring to the table and offer to the public domain as a starting point for these types of things.
Secondly I would like to talk about the opportunities under the American Recovery and Reinvestment Act. There are as the first panel talked about a lot of things that could apply to personal health information services in a way that benefits consumers. I thought the panel before this one did a good job of laying those out so I won't go into any detail here other than to say that HHS has an opportunity to provide guidance and regulations under this new law in particular with the privacy provisions that set the foundation for an environment of trust that we just talked about. So that people like these network connections. They can get conveniences and that the people developing those new technologies and new services have a stable platform of information policies upon which to build. Uncertainty in policy is as harmful to product roadmaps or service roadmaps as this worry about too much regulation.
In my statement here starting on page three there are several bullet points for the areas the HHS will be issuing guidance or regulation under the new law and we want that to be in the spirit of consumer control at least the consumer's ability to understand the policies. I totally agree with the first panel about the limitations particularly Danny's talking about the limitations of the consent model. I decide everything up front. One of the important parts of the common framework is no one policy or practice provides the overall environment of trust. There are several that have to be approached comprehensively and addressed in a sound of public way by the people that are creating these types of services.
We took the same approach to the idea of meaningful use by getting together very broad group of stakeholders and some of them who disagreed quite vehemently about what meaningful you should be, what qualified and certified EHR technology should be under the new law and those definitions of those two things will govern in a lot of ways how the money is paid out under the entitlement sections of ARRA. Obviously a lot at stake.
We brought a lot of interest to the table and issued a document a couple of weeks ago that we distributed and urged you to take a look at as a starting point for considering how HHS can have a productive definition of meaningful use and qualified/certified EHR technology that keeps us open to the potential in the future that we want to see of consumer engagement and participation in these types of things so I won't go through those principles, but they are here.
I will say that the final one, the seventh one, talks about consumer access to electronic information encoded in this new law as also something that we should put in the definition of meaningful use. In other words, a form of meaningful use is for providers to fulfill this right of consumers to access their information electronically and not just on paper and we think that that could be an accelerator for what we want to see with consumer access information.
Very quickly because you won't want to miss what Jamie says. The vision for the future I don't know and I don't think anybody is really smart enough to know to exactly what the applications will be. The point that we want to underscore is that we want to be open to consumer participation. That consumers to be able to learn from themselves, from the industry to be able to learn from consumers, for there to be connections for the individual to connect to the many of different services where they get care and that we don't want too rigid of software definition or we don't want certification to essentially lock in applications that we see today as the only thing that should be rewarded by incentives that the Federal Government is providing a boost to for this industry. We also want those incentives to reward, as Danny said very well earlier, the flow of information because it is the use of information. It's not the application. It's not the aggregation of information that provides the transformative effect. It is the actual use of information so we want consumers and clinicians to be incentivized to use information for the outcomes that we want and those are also clearly stated in our documents. We want better healthcare. We want protection of privacy and we want to be open to innovation so that the tools that we will see over the next 5 to 10 years have the ability to flourish. I think Jamie has a new paradigm for a lot of things and so I think it is important that we listen to his ideas as well. Thank you.
MR. HEYWOOD: I am going to sort of do a little bit of a mixture of - a lot of our formal thoughts are in the testimony, so I just want to do a little bit of a dialogue about where that future is going and some of the hope and potential we see and then maybe a little bit of what I think needs to be a shift in the frame for this information.
I will tell a quick story from a recent negotiation we were having with one of our major pharmaceutical partners around a large contract and there were some disagreements about information and how it was flowing and what would be allowed. My brother, Ben, wrote this email. You need to understand you should write this contract so that the patient will read it because that is how it will be deployed into the world. Sometimes when I listen to this dialogue and I think about the context of my brother and the illness that he dealt with in going through ALS for nine years and all the patients I know, I think I deal with a different kind of patient than the average consumer that you think about in general.
The dialogue always feels very alien in my mind to their words. They just listen to the issues that we talk about, the concepts of theoretical harm, these points of contention and they say when are actually going to solve the problem for me. It is really the end of day and I think that that is missing which is what problem are you solving for me as a consumer in an effective way. Are you helping to treat my disease? Are you helping to manage my illness? I think that this dialogue around records and components and information really have stepped back from that. Show me the direct benefit to me as a consumer.
At some level I think what is interesting about PatientsLikeMe is that we shouldn't actually exist. The idea that patients should be building a health information framework to manage their illness in a health concept because the system has failed to do so is sort of absurd but it is one level - it came down to the fact that we went to the only people in the system that were really motivated to develop a build a health information framework. So we are working towards this idealized model in the future and we call it the network patient. They have two concepts to that. They have full information. They know everything that can be known when they need to know and they have the power to act on that information, the ability to find the right resource to implement that and use that information.
This is not public health solution. This might not even be a majority consumer solution but it is a way of using an innovative empowered consumer to drive change and behavior into our healthcare system and I think it impacts discovery. It impacts the quality of care. It impacts deployment of new resources and standards across the whole system, but only when the system works well. We have worked to build that.
Basically what we do with PatientsLikeMe is that we take three solutions. We want to understand from a clinical research perspective whether a change in health outcome can be measured against an intervention. So essentially clinical trial framework whether it means higher concept of the patient disease. The clinical care framework, which is that, everything that a patient and a doctor should need to make an effective exchange collaboratively about a decision should be on a two-page summary. It is the goal. The patient should understand everything in those two frameworks. If we work on that not as competing restrictions but as collaborative restrictions and you iterate to say and it turns out when you do that, you actually build a very powerful framework within each disease for how to optimize health outcomes and I will talk about that in a second.
The two other key things that we do in our platform is that it is required that it is open. Everyone in our system is sharing every piece of data with everyone else with their disease in the system. It means if you are discussing sexual dysfunction, if you are discussing constipation, if you are discussing some component of your health, you are sharing that quantitatively measured phenotype with every other patient in our system. That is the price of admission. We talk about it on the website and it is clear the value to us is that the openness makes the summarized data meaningful. As a scientist whenever I read information or papers, I always struggled with wondering where did that mean come from? Where did that average come from? How do I compare those statistics? On PatientsLikeMe you can drill every number down to the individual to see where it came from and that builds a new thing.
This is my brother's profile. It shows his dying year of progression with the disease from his first symptom, the very beginning here where he was healthy against to the end where he actually lived in a ventilator for a number of years. You will see in here a couple of things that are interesting. One is the background curves that show's Stephen's progression against every other patient in our system in ALS. It showed that he was in the 75th percentile. That information alone change the way people think about their illness. It changes the way they understand this came from a desire for us to understand as a family how do we know if Stephen is getting better? How do we know if it is changing? It was a question asked by a doctor. Against that was Gantt charted all of his treatments and everything that he did to stem cell transplants early on, experimental trials he did, both formal clinical trials and ones that we did as a family collaboratively with the medical system, all the nutraceuticals and other supplements. And then his symptoms throughout the illness: fatigue, anxiety, things that he dealt with that are components of the disease.
To give you a sense of just how going back five years we did a patent search and we didn't apply for patent in this area, but we did a patent search on the concept of Gantt charting information and health. Our fairly comprehensive patent search turned up one example in the history of healthcare of an individual patient's outcome being Gantt charted against their interventions. As an engineer and as a project manager that spoke so clearly at the disinterest between the relationship between interventions and outcomes in the real world to the world I couldn't have said it more better and effectively. I think we are trying to figure out how to change that by giving the patients some things.
Here are all the patients in the world like Stephen, male ALS patients in the United States. Here is the overlay of the census. Actually, kind of cool. They actually match up very tightly. Here is another data on our system. We have about 35,000 active patients right now. Just for relative numbers we have about 200,000 site visits a month on 35,000 active members.
Here is what you can do when you aggregate the data. This is current data on fatigue. So in the last 90 days reports on fatigue level on 14,000 patients in our database and you can click on any of those numbers, the severe one, moderate, mild, and find all the patients in that category status. You can also look at all the treatments patients take for fatigue and that would include Provigil and other treatments.
But interestingly, at the bottom you will find here is a treatment where we are using Prozac to manage fatigue. Now Prozac is not indicated for fatigue but when you look at this you discover that when you go down to the Prozac level and you look at it while we have data on hundreds of patients. I think the number is about 700 patients taking Prozac. And we have data on the side effects of Prozac as reported by the patients.
There have been several large independent studies of sexual side effects of SSRIs. Now understand this is all patient language of patient words, sexual side effects, sexual dysfunction. That's not our terminology. That is the patient terminology that has been aggregated up in a quantitative way. They are being coded back to Medra and we are actually streaming adverse events now to the FDA prepopulated med watch information. What this information does it actually matches exactly the independent studies of the side effect indications of this drug that are actually five times higher than were indicated by the large scale clinical trials run by the pharmaceutical industry.
In our customer survey we have actually analyzed what parts of our site patients use and find the most valuable. The part that patients have found most valuable is this side effect, this experience on being on a drug and in fact they have said that we are essentially the trusted information source. There actually have been several analysis of some of our drug information and we now have more data from patients on the efficacy, self-reported, or computed against outcomes and side effects and other effects burden and difficulties in dealing with drug and cost that are on the labels of those drugs then we used to get them approved in the first place.
We were looking earlier at the level of data. This was a mood patient I found yesterday and you will see here their function over the last year, their distress over the last year, which is really an expanded version of the K6, a standard question to the index.
MS. BERNSTEIN: This is self-reported information, right?
MR. HEYWOOD: It is all self-reported information. Well, I will go through that in a minute. We can talk about that specifically. Here is their depression level over a year, their mania level. These are variations. This is essentially Myers-Briggs of mood. How do we understand the component analysis of your mood disorder over time and how it changes. You will see this is a compulsive depressive that is very different than other kinds of depressives in our system.
But there is a lot more information. This is their sex drive, appetite, energy, sleep, back pain, dizziness, and hyperventilation over the last year. These are full large-scale batteries taken weekly. We actually have a daily summary from every single patient, by the way, how they are doing as well that we can coordinate against this, track against sunlight location and all these other variables.
Then there is the part that we don't track. This is what they tell us they add on their own. This is not an incredibly unusual patient. This is the level of data that mood patients are sharing or any patient who is sharing. This is an incredibly engaged community.
When I find interesting is we think about what we are and where we are going to go and this is a favorite quote from one of my hero's, Einstein. I think we actually have the opportunity here to invent a new way of thinking about medical care and clinical research. These are integrated functions and rather than being a process where we define incredibly expensive, time-consuming, single-point decisions abstracted from all of their context and information in the real world, the tempt to build evidence-based architectures that are deployed out of that context in the real world and make good decisions.
One could imagine monitoring and measuring everything that everyone is doing when the rest of medicine decides to do this or at least the volunteers now, that are willing to share everything that are happening so we can look at the consequence of intervention and outcomes in the context of disease.
This is an analysis for doing lithium in ALS. There was a publication in PNAS on 16 patients on drug that showed the 60 to 70 percent reduction of the progression of disease, a huge story in the syndication. There is data on 400 patients who have voluntarily reported the use of their lithium in ALS on our system. That is 20 times the number of patients in the clinical trial published in PNAS before the first trial to confirm that has been started. So we have data realistically on a hundred plus patients at incredible risk level to begin to analyze this. We are building to develop the tools to do this. We don't know how to do it right. We haven't published the result yet. We don't know the power of this approach. We don't have biases. There are problems. There were immense issues, but the quantity of data is so huge it begins to wash that out.
I will report one interesting thing. There is no placebo effect on any experimental treatment we have observed using a psychoactive drug where patients know they are on it and the subjective reporting scale. That is pretty cool.
I think the other change that is happening here that is not just about health information is this information revolution happening at the biological - my background is drug discovery. The tools of this information revolution have not even begun to be understood, but it is an information revolution. It is not a discover resolution. This information revolution allows us to begin to interact with the human body at a molecular level on a daily rapid process, and when you combine that with an open recursive measure network you begin to change the entire way of thinking about medicine.
To our mind and I listen to the dialogue about health records and the dialogue about information exchange, and I have this primary observation as someone who has cared for several patients and hundreds of patients with significant illness going through this disease. There is very little information about health or about cost or about value in our health system. We just don't measure them. We have liability reduction issues. We have billing but there is very little information about the primary health framework that matters to patients.
People talk to us about portability and all these questions. We actually haven't found any need to take any information out of health records because there does not seem to be any information in those health records of value to patients. When we have that problem we look forward to working with people that have valuable health information. But I think in this context the question is how do we define and measure health in the context of patients in the health and the context of illness. That problem requires that we sit down as engineers, as clinicians and solve the problem in each space collaboratively with patients about what health means to the patient, define that information framework, deploy it in the world, and begin to see what we can learn.
Going to this last question for a second about how privacy impacts and what this means in our context. I have really been struggling with what I want out of this dialogue. I was on the panel yesterday with Ken Buto(?) at Bio, and he started out with his great I'm here from the government and we want to help. I keep thinking please don't help right now. I know it is sort of a joke and it's not a joke, but I will go back to my question. I think about the 35,000 patients in our system and they are all volunteers. We don't pay them. They don't pay us. It is an environment where they are volunteers. The only value our company has is their trust. That is it. If we lose their trust our business has zero value. It is funny the Markle Foundation's framework when we really looked at after we built our way of thinking about information. It turns out we basically met every criteria not because we had actually read the criteria but because the only thing that mattered to us was the patient's trust and we had to figure out how to use that to succeed in making a successful business. That is a primary value driver for us and how we proceed forward and how we make deals with pharmaceutical companies, with insurance companies, with actually government agencies and begin to flow this whole of information about the real world environment of what is happening backwards. We have to live by these values of trust, openness and transparency.
Thinking forward I wrote a little bit about idealized medicine in the - I am going to read something that came to me yesterday right after our panel. We have this thing internally where we watch for dialogue in the forums about where people are using our system and how to optimize, how to make it better, how to improve to health information frameworks. I'm just going to read this. This is from the mood community. After nearly 10 months on PLM, this morning I did my first ever mood map. It showed that function level of high and a distress level of low. Ten months ago when I joined PLM, I never thought that would happen in a million years, but with the help of PLM, my therapist, my psychiatrist, the treatment team in my partial hospitalization treatment now down to their intensive outpatient program, and a rainbow of different medications I have made some huge changes. Ten months ago I drove headfirst and figure out how to get better. The resources here at PLM and the forums to the tracking tools on my profile have certainly played a big part in helping me to get to the place I am now. Posting here organized my thoughts and different treatments and the things that I have struggled with. Tracking medications and symptoms and mood maps on my profile page helped keep me organized and helped me to see the patterns and even just to remember how I felt two weeks back to give me perspective. Talking with other patients here via private message gave me contact with people when I had severely isolated myself. Even the interactions in the forum versus via private messages that are ever patient moderator, this is patient as in the other patient, Maureen Oaks helped me remember how to work with and talk to authority figures, professionals which helped me in a side way's way to be able to return to work after taking medical leave. Writing this is starting to sound a little bit like an acceptance speech and an awards ceremony. I love this. It is a great talk.
What I loved about it is it hit every value point that we design for and there are more that we have not even done yet. Can we tell her whether the pollen she is exposed to changes her mood? Can we tell her whether the amount of sunlight changes her mood? Can we tell her whether her stock market portfolio changes her mood?
I am happy to take questions. Thank you.
MR. HOUSTON: Very interesting testimony and before we go around and ask some questions I want to make two points that I think is important. It is interesting that privacy may be a surrogate for trust because trust is probably the most important thing. I think we can lose sight of that. We try to put privacy in place when the reality is what the most important thing is with the patient that there is a trust component.
I think the second thing is a quote from Ronald Reagan who said, don't be afraid of what you might see. I think that is applicable in the case of your testimony.
MR. HEYWOOD: Can I comment on that trust issue? I think it is a really important one. Any patient that experiences a significant medical problem that engages with a medical system loses trust. I mean there is no part of this system that actually delivers effective value in the mind of a patient that really begins to understand the information failures that it operates within. I do think that privacy has become a proxy for a failed healthcare system to address the primary issue of trust. I didn't mean to be that dramatic because I think patients just want their problems solved. They don't really want to hear about all the philosophical components of that. It is an important transition.
MR. LEMIEUX: I would add that trust is really what makes networks work. Yes, you need technology for information to move around but trust is really the core. We saw in the credit markets what happens when trust breaks down entity to entity across networks. I think that was a very good observation.
MR. HOUSTON: We are going to start from Sally's end and work around the table. Sallie, if you have a question feel free otherwise we will move forward but I want to start that side first this time.
MS. MILAM: Thanks. In thinking about privacy and personal health records, as you all have indicated it is important to look to the type of personal health record that is being designed and why it is being designed in its business model. With respect to the type of personal health record that would be anticipated and built to be utilized by clinicians at least in part or to be trusted by clinicians. Don, when I looked to your slides, and on this side it is entitled consumer can withhold data by and it's all in the different types of granular privacy options. Do we have any research that indicates physicians' reactions to this sort of granular --
(Phone interruption)
DR. MON: -- opportunity to do some research.
DR. FRANCIS: I want to ask a couple of related questions. The first is about patients altering and this mostly for Don Mon. There is a distinction between masking and changing and I think one of the questions we have had in terms of thinking about privacy protection has been on the side of the patient being able to mask certain forms of sensitive information and I wonder whether your slides put them together and I wonder whether he meant things particularly from the side of provider trust whether it looks different and whether those two ought to be separated out.
Related to that the other side of the question that I wanted to ask is that to say that as high tech does that consumers ought to have access to their electronic health records is not the same as saying that they ought to be able to download them. To be able to go in and look at something is different from being able to get an electronic copy. What I wonder actually is whether the PatientsLikeMe model as I understand it is patient-entered data. Do you envision the possibility? I realize you don't think there is much useful in but hopefully there might be more at some point useful and provider kept. Do you envision the idea that eventually what you might require by way of sharing is that there be a straight out portal downloading from electronic health from EHRs into PatientsLikeMe?
More generally on that front you sort of half answered this with saying you agree with the Markle framework, but are there things you won't let be done with your data that you think it is especially important to patients that you don't let be done?
DR. MON: Let me answer your questions. Regarding the masking versus modifying. First let me back up and say that the slide says on your copy consumers can withhold data and you will notice that I had changed it to what we are hearing on the actual presentation because I didn't want to represent that this AHIMA's views. These are what we are hearing in the industry from consumers as well as within the standards community.
AHIMA's stance on this is that we encourage consumers to disclose as much as they are comfortable with to their providers and trust that the providers are going to keep that health information confidential. One of the issues and I will come to your answer in a second here, but to address a previous point along that same line. One of the issues is the fact that the consumers' trust has the higher level of trust with their direct provider. It is the unauthorized users that who can access the system that they are concerned with. You take a well-known case where a celebrity's records have been hacked into by 15 different users because it is a celebrity. That is what they are concerned about is that other people are going to know about that kind of health information.
As to your question about masking versus modifying, the interestingly as we have talked with other countries masking came up from France and Canada because in their model, their national model, their underlying record is an underlying EHR and so that is serving as their record for legal and business disclosure purposes. They are enforcing the masking as opposed to any kind of direct modification. AHIMA supports the notion that consumers can add to data with annotation and may mask. We prefer that consumers do not delete or modify data without an audit traceability. We are currently from AHIMA standpoint thinking about this change in attribution discussion that I had talked about at the end but the standards community is definitely considering that as a viable option. There are many controversies related to that because some of the vendors are saying how can we ever stop consumers from modifying data when it is that bar in that diagram where it is a record that consumers keep for themselves. They certainly won't have that capability when the underlying record is the EHR and that is why I was saying that it is one size does not fit all.
As to your question about the difference between access and download, we agree that there are distinct differences. We are hearing that there is uptake on the provider-sponsored PHRs simply because it provides them that access convenience as well as the auto population whereas being able to download that data into a PHR has become somewhat of a strain. Currently we agree with the Gartner reports that there just isn't universal interoperability. You can't take every PHR and every EHR and exchange information across one or to each other and that issue has prevented much of the download issues.
MR. HEYWOOD: You actually hit two really great questions. On the download question there are two current barriers to us doing that. One is that HIPAA does not apply to us because we are not dealing with healthcare source data. Beginning to change that changes are legal status environment. It's not that we don't comply with it. We essentially follow the same framework and then we can talk about the issues or advantages to that later on, but it doesn't currently. That might change that status
The second one is it has really more to do with transparency and surprises. One of the great things about our community is that when you type in the words Acyclovir, you are clearly communicating to the world that you are taking an anti-herpes medication whether it be for cold sores or whatever and so therefore you are actively pushing that information. You are writing it. You are authoring it. You are committing a free speech act essentially. If it is ported from some other location, we need to design an interface that really makes it clear that the information becomes your authored information. It is not so much for any legal reason as much as it is for a trust reason, which is that we don't ever want anyone to be surprised about what is in PatientsLikeMe because that is one of our primary principles as a company.
You know, on the won't let be done component that is actually a very interesting question. I no longer believe that there is any such thing as the de-identified information. I think that we should all stop pretending and the reality is that any insurance company could go to our public site to the 20 percent of the patients that are public and match stop dates on medications and ages and identify every patient with 98 percent certainly really easily. I think you can do that to anyone and anywhere in anyway. I think Justice Scalia just had that done to him recently. We can all get his wife's email address.
What happens in that world? What happens in a world where there is no de-identified information? Because we are in that world and we can pretend otherwise, but we are. In that world I think what we won't let be done, what our agreements explicitly call out is the use of the information to discriminate in any way against our members. The companies that do business with us commit to non-discrimination. I think I would love to move the privacy discussion both philosophically to the value of openness and secondly and I have said this to - in the past. I think it is a weakness in the concept of privacy that we live in a society that tolerates discrimination and chooses to punish the flow of information rather than the use of that information to harm people. I actually think it is an incredibly un-American value. I wrote this in the testimony. We live in a society where all are created equal and that philosophical statement has to be applied to every component of our world. Again, we all have varying health statuses. We all have issues and the idea that we can pretend and hide that information in a world where everything will be known is wrong. We just have to figure out how to philosophically live in a world where we are able to get the most out of everyone in their ability to live and love and be productive regardless of their health status. If we don't start that journey then we are delaying an inevitable problem.
MR. LEMIEUX: I would certainly like to see the possibility that if I were on a site like PatientsLikeMe or some other site that I would be able to at minimum taking a look at what data could be electronic and is generally a lot more normalized and codified right now my labs and my medications. I would like to be able to download that to an application where somebody can show some analytics on it. I can do some of my own analytics. The communities can have a more rapid environment. We definitely want to see as a possibility and a choice and think that that's the type of future that we should be aiming for. Information policies and expectations should be part of that world. I hope that happens.
MR. HEYWOOD: This goes back to that audit question too. Let's face it. There are no applications for health information yet. We are trying to regulate a nonexistent world. No one has any idea what anyone is going to do yet. It was said in the earlier panel. We need to be really careful about thinking about is this for research subject use? Is this for billing use? What are all the utilities that we could do this stuff for? There are so many significant unintended consequences of the way we could regulate or disrupt this that could essentially prevent it from getting off the ground. I think it is really important to use a light hand.
These theoretical issues around worrying about physician accountability back to primary source or auditing. Those are all great and important but they are really theoretical. No one is doing it now anyway. Let's start the process and see what is demanded why the world as it is building it as opposed to - I am not saying don't presolve but let's just get started.
DR. MON: Can I address that point for a minute? It goes back to the point that I was saying that this isn't a one size fits all solution here because if you take a look at those nine bullet points that I had there, many of those things cannot be allowed to be done where the underlying record is the provider's EHR. Certainly not being able to hide data or delete data with or without audit traceability and so on. I believe that there is a certain level where privacy protections matched against these nine points can apply to the provider-sponsored PHR. The non-sponsored PHR are where we have the open questions. The point that I want to make clear is that when we make a statement as Jamie just made that it is important to understand which model are we really talking about. It wouldn't apply necessarily to PatientsLikeMe but it would certainly apply to the provider-sponsored PHR model.
MR. LEMIEUX: In the digital age almost every piece of information is a copy. If I send an email document you now have a copy of that document. You can do with it what you want. It is possible for an organization to actually have or maintain different copies of information with different rules applying to each copy. This is a complicated world that we live in but there is not much going bad. One of the things that was important I thought of the common framework for network personal health information is that we had a lot of HIPAA covered entities, very large and prominent health insurers and provider groups that agreed to a statement that personal health information data flows are special and that those information flows should not be used for discrimination or compelled disclosures of information. You shouldn't tap the personal health information record for those purposes. Now that doesn't get us all the way to what Jamie describes as the societal value where people aren't penalized for information about them being sick, but it is an important step I think to realize that personal health information services and electronic copies of information that are controlled by or initiated by the patient have a level of protection that goes beyond what you would expect from treatment payment options under HIPAA and I think that that was one important accomplishment.
MR. HEYWOOD: Can I share a personal story that relates more to the hospital side? I am sure we have all used personal stories to relate to this. Going to this question of theoretical harm versus real harm. Two stories. One is when my fiancé who works at Boston Medical Center as an MP in one of the general surgical practices was pregnant. Early on someone accessed her health record to find that out because she was a patient in the same hospital. They ran the audit trail or whatever. It was emotionally complicated and difficult and maybe people knew about it a month earlier or three weeks earlier. Too bad and I wish it didn't happen. At Mass General my brother and the respiratory care unit through a pulmonary embolism and was intubated and because of his ALS had a bit reflex and he bit through the intubation tube. They had to give him enough muscle relaxants to essentially kill him and in the process after the whole experience transfer him up to the critical care unit. In the critical care unit someone evaluated the replaced intubation tube, felt it wasn't placed right, and decided to reposition it, removing the bite guard which he essentially died because again with a blood pressure close to zero because he bit again down on the same tube within two hours because the information did not flow from one critical care unit to another critical care unit in Mass General.
How do I weigh the relative harm of those two environments? Do Liza and I really care that someone at work stole her data and found out she was pregnant two weeks early. Did it really hurt us? No. Did my brother almost die in a very realistic way? Yes. So I think that this sort of assumption of theoretical versus real harm is just lost. As a discovery person I use this model all the time. I believe without question that ALS will be cured someday and I think we can prove pretty conclusive that the approach to privacy in discovery is adding at least a year to the timeline that will happen. There is no question that this sort of patient protection is a component of that. It is a very simple math problem. That means that 5,000 people are going to die because of the privacy rules we have in place in one disease to prevent the theoretical harm of protection of these subjects from abuses in the medical system. I don't see the downside. I guess we need to really put this debate back on this philosophical side where openness is what matters.
MR. HOUSTON: Remove stigma and I think you will have more openness. I had some questions but I am going to defer to Paul so that he can get his questions out.
DR. TANG: This is a very interesting panel. I have a few questions for Jamie. Jamie is used to tough questions. I know he is not afraid of them but I think we will learn something from understanding some of your thought process. One I appreciate your openness about your openness policy. It may be the antithesis of privacy but at least it allows us to discuss and put things on the table.
One you mentioned that trust is everything. I can't figure out what people would trust you to do or not to do because you do say you gather the information. It is all identifiable. You solve the data. What is it that people are trusting you to do or not to do? That is first. I think probably getting your response to each one in turn would be helpful.
MR. HEYWOOD: I think we very explicitly speak to this issue on this site in the dialogue. They are trusting us to responsibly use the information. They are trusting us not to sell the information to life insurance companies. They are trusting us not to use the information to allow insurers to discriminate on the basis of pre-existing conditions. They are trusting us to use the information to advance their own personal disease management, interest and ability, and as a community the community's disease management and interest, the ability to understand and improve the condition of the disease.
There are areas where we have questions we have to deal with. Do we give one pharmaceutical company exclusive access to a particular kind of data? How do we balance some of our customer's data needs against the patient's data needs? Those are very complicated questions. I guess there is no other way to say it.
Actually it is interesting we were discussing whether to enforce our trademark against other companies. One of our board members said what is in the best interest of patients and that is what trust is. Trust is that you answer that question in that context.
I would say I will turn the question around to the medical system that is essentially asking us to justify our own trust in this environment. I think on every one of those merits the current medical system is demonstrably financially and implementally failed. It is an interesting parallel which is to say that in an environment where as often as not there is more harm than good than comes from going to the hospital to question the trust information process. I think that is the gist of it.
DR. TANG: Let me go to the next one then. It feeds off of that. These seem contradictory and so I'm just asking for your explanation. You say you make the buyers of your information assert that they will not use it to discriminate. You did say in your written testimony that among the folks you sell data to pharmaceuticals, but you did say insurance companies as well. You said just now that not life but - why are they buying this information in the first place if they are in the insurance business and don't you think they could discriminate against patients like you, the generic, and like your family? I understand what openness and detailed quantitative information as you described brings to your model and I can understand what voluntary participants get out of that participation. What I guess I don't understand is how do you protect others. I assume even though your side is about openness and it is the price of admission, you respect other people who want to be private for whatever reason. How do you balance that clearly other people either like "me" or my family members also have been admitted to this? Are there unintended consequences of that?
MR. HEYWOOD: You asked several questions. Why do insurance companies buy the data? What we have in the diseases that we operate is a new primary source of health outcome information as to the best practice of management of a disease. Companies that are in the healthcare business are presumably interested in healthcare by that data for that purposes. There are a few insurance companies that actually believe they are in the healthcare business and they want to do better at it. We are one of the sources that we can do a partnership in that. Again, if you listen to the case of the patient whose example I read, there is a 33 percent, one percent, one month readmission rate into inpatient mental healthcare. It is incredibly expensive. It is a huge cost for every insurer. If the participation and essentially our equivalent of a voluntary peer care environment reduces that, everybody wins and the patients go back to work. I think that is the interest in that space.
The second part you asked and I am trying to get it. Tell me again precisely.
DR. TANG: One of your value propositions that you can predict. You have this model for what is going to happen to people like you. Clearly each of your participants is in a group so any impact on "me" has an impact on the group. That group can be either patients with the same diagnosis or family members who have the same genetic predisposition. Aren't you making a decision collectively both the individual giving up their information and you aggregating it and republishing it? What is your sense of responsibility for other people like them?
MR. HEYWOOD: I think there are two parts to that. We will get to the genetics and reeling of other people's information in a second. The first one is I think in essence the best you can do is getting it right. When we redefine a part of our ALS communities having primary lateral sclerosis and offered an option to have a different diagnosis, it changes the curve because the primary lateral sclerosis patients that used to be very slow ALS patients first, second, third, fifth percentile now left the pool, shifted the pool down, the curve changed, and then all of a sudden you could be a 50th percentile primary lateral sclerosis patients. I think the issue is you have to deliver that information ethically well as best you can put the patient as the primary framework around that problem. Again that is a trust issue. If you blow that by the way they tell us when we get it wrong. It's not like we have a quiet community.
The second part that has to do with if I reveal something about myself, I reveal something about my family is a complicated one. There is one thing by the way. We don't put names on the website so it is not like we are putting people's names out there. We don't have any evidence that anyone has really gone and found someone other than they revealed their own name. I think that issue has been dealt with for a long time so we just added this genetic search engine. You can go to one community. You can type in a mutation and you can find everyone else in the world with your mutation with the disease and in fact were building tools that will show the variation for your progression for your mutation within the context of the specific genetic indication. You can see whether an A4V is faster than a D90 in ALS. We thought about that and if you say that you are an A4V patient or you are an SOD1 patient with an A4V, you are revealing something about your children and your siblings. You are revealing they all have a 50 percent chance of a perfectly penetrate disease. But in the same way if you write a letter to the editor of a paper and say I have Huntington 's Disease, you have done the same thing.
I think that if you think about what the people do on our website is that we give them a place to commit free speech in the medical realm. All I can do is help someone to understand the impact of their free speech. But it is someone's right to discuss themselves and due to the fact that I went to MIT does that mean that my brother was more likely to go to MIT? We all do that in every part of our lives and he did. There is coincident data that you can pull up and these inference engines will be visible as we get better and better computational tools to solve it. I think that's not a new issue. I don't think that it is particularly a health issue. I think it is just a societal issue that we have to deal with as how we as individuals in communicating about ourselves have a responsibility to communicate with others.
MR. TANG: Final question and this actually is you were at a Markle conference way back in December of some year, and you made a challenge to the audience. I haven't solved the puzzle yet. For a $100 you could find out everything about anybody in the audience. How do you spend those hundred dollars?
MR. HEYWOOD: I think if you buy a credit report - there is actually a fair amount of evidence that the cost to buy someone's medical record out of a medical - 20,000 people that have access to your medical record at your center. You look at that and you say in a system where there is a network of thousands, there is always a weak link.
The other way I think about that problem is - I just applied for life insurance, and I have a very public profile so my life is hidden. None of the life insurance companies googled me to find out any of the information about my life. It's not like we don't have that information. Maybe they do at some level. But that's a question for me to think through. Maybe they should have. Exactly. What we have to do is eliminate the value for that information from a discrimination standpoint.
I will tell it one other way. When you are a small business owner you deal with discrimination on a regular basis and I will give you three very specific personal examples. The first was in my research lab. We hired a cage cleaner and he was a really nice guy. We had a high-end research lab, lots of expensive employees, great benefits package. We just ran through this analysis that said, he has a family and we are paying him $9 an hour to clean cages and the benefits package for a family is $17,000 and the benefits package for a nonfamily is $8,000. We are going to spend literally 50 percent on his salary extra because he has a family. We hired him anyway but businesses don't make those decisions. They always act in the interest of money. So that's why if you are single and low-income wage you are going to get the job because it costs more to take care of benefits for a family.
The second is hiring someone that was HIV positive who revealed to me ahead of time that he was HIV positive. Small insurance pool, 30 people on the plan. He is going to blow the plan up. I am looking at a net cost probably the business of $50,000 to $60,000 just as a rough estimate for moving this out of a low-risk pool to a high-risk pool. Do you do that as a small business? Can a small business afford to hire someone where their entire salary is going to - the answer is I did it anyway because you have to make the ethical decision. But this is the problem that we deal with in our world. Should I blame that person for telling me that they were HIV positive? Should I blame this sort of nice guy that we hired that has worked now for us for six years for telling me that he has a family? This is the wrong way to think about information and problems. Businesses shouldn't bear those costs. They should be separated. We live in a world that tolerates discrimination and punishes information.
MR. HOUSTON: If you would like to ask a question, Walter, please. This will be our last.
DR. SUAREZ: By the way just a comment. Thank you for this. This was very stimulating. I do have to say PatientsLikeMe seems to me to be more of, you explained it a little bit, is a platform, is a social network of health-related issues. You put us into a very unique position of perspective of looking at personal health records from a different angle in the sense that the traditional if there is such word of traditional patient health records, personal health records are actually very protected. They are painstakingly protecting the data with patients that enter the data by the patient they have received from a provider into that record and they have also some protections and mechanisms to avoid anybody else accessing it. You look at it from a very different perspective. You look at the value of sharing that data with others. It is a very different perspective of personal health information sharing. You do have a component as you explained on a personal health record where people can put in their data and things like that, but the biggest value or the biggest aspect of your venture is really the ability for sharing information. It has created in my mind a challenge of now seeing a completely different aspect of personal health record information use and so I appreciate that by the way. I did go and try to log in. Of course my Blackberry doesn't have a java application so I couldn't, but I did read your privacy statement and there are some very interesting things about it that I think would be worth commenting. I will stop there and I appreciate you.
MR. HOUSTON: We thank all the panelists. This is really again stimulating conversation. For everybody who was in the first panel as well as you if you want to supplement your testimony feel free to do that as well. Otherwise we are going to take a one-hour break. Actually a little bit less than one hour. I would still like to reconvene at about one thirty for the next panel in the afternoon which is I guess is non-provider/non-plan-based PHRs. Thank you very much.
(Whereupon, a luncheon recess was taken.)
Agenda Item: Panel III PHRs Offered by Non-Provider/Plan Entities
DR. FRANCIS: On behalf of John Houston and myself, I am delighted to welcome you to the second part of today's hearings on Personal Health Records. This is a hearing conducted by the Privacy, Confidentiality, and Security Subcommittee of the National Committee on Vital and Health Statistics. Our panel this afternoon panel three of these hearings, is on the topic of personal health records offered by non-provider/plan entities.
We have four participants: Marc Donner who is the director of engineering from Google Health; Colin Evans who is the chief executive officer from Dossia; Philip Marshall who is the vice president for Product Strategy from WebMD Health; and Michael Stokes who is the director of Policy and Compliance in the Health Solutions Group of Microsoft.
I want to welcome all four of you and invite you to discuss with us briefly the written testimony that you submitted in longer form and then we will move to discussions. I guess we should just go in the order that you are listed in the agenda and we will start with Marc.
DR. DONNER: I will try to be brief. Google Health was a PHR launched in May of 2008 so just a year ago. It is a non-tethered PHR in which the information inside is user controlled. It is free to users and partners. As of this date we have in the tens of partners and twenties of third-party services integrated. There are no ads. It is a platform model which basically means that we source no data though the consumer whose profile it is can enter information about themselves, as well as get stuff from pharmacies, from labs, and from medical record systems that can transmit appropriate CCR data.
The business model question is addressed on this slide. It is again free to users and partners. There is no advertising within it. We get asked that question of course because our core product is very advertising funded. Our current objective is to provide good service to drive ultimately people to allow people to remember to go to google.com for search. We do not and will not sell user data. The core understanding in our design of this is that the user controls the Google Health account. The data is not shared with anyone unless the user tells us explicitly to do so. Data sharing is revocable at will by the user and data can be deleted at any time. It is an open standards based. HL7 released three CCR and working on CCD. We are measuring success by the usage both in terms of number of profiles created and in terms of the amount of regulate activity.
The three key principles we outlined in the testimony for the PHR. Consumer empowerment is one of the key drivers of the design of the Google PHR. We expect consumers to take charge of their health information. They can store medications, allergies, you can read the stuff as quickly as I can, diagnoses, conditions, test results, immunization records, anything basically that is health relevant they can enter. We can either download it from capable source systems or manually entered.
We built the system around privacy protection. That basically means that the owner of the profile is in charge. They control who sees it. They control what is in it. They can delete information that comes in from an external source though they can't modify it back to the point made in the previous panel. If they self-enter data they can modify that, but data that comes from an external source are either present or absent. It is not altered.
One of our key objectives is to support data portability so we are strongly behind the efforts to standardize the data interchange in this space. We have implemented as I said HL7 CDA released three CCR and we are working on CCD. We are considering adding the ability to take in HL7 released two records that we don't expect ever to be able to admit them.
Things we have learned from doing this so far. We learned as everybody here knows from the e-Patient Dave incident in Boston that raw data must be clearly interpreted for consumers and there is a lot of deep assumptions in the communications among specialists and professionals that consumers are not aware of and that becomes a very substantial issue when data whose purpose is communication between professionals is then made available to consumers who don't have the background and the context. The challenge will be to figure out ways to interpret and translate that information effectively.
It's a very early days for these kind of things. We don't believe that a lot of the possibility space has been explored in terms of what might be done with this, but we scratch our heads and think about what could be done with these data. I would love to get a text message when it is time for me to take my pills or whatever the case might be.
We think that acceptance by the physician community is important because they are a key source of data that is currently not in any meaningful way flowing into these systems. A lot of the very fundamental issues of the language of communication have to be addressed before that is going to be a comfortable thing.
Identity verification is a critical piece of the puzzle. Many of the systems with which we would like to integrate don't have a clear concept of an identity of a patient. They have a bunch of information with some identifying markings on it that are not coalesced in a clear way into a well-identified unit. They often don't have a consumer facing relationship that you can deal with. Given that our model basically is mutually authenticated it is very hard for systems of this sort that don't clearly identify an entity, a person at the other end for them to send us data in an effective way. That represents a lot of risks if I do a partial match, which says I got the name approximately right. I have the address approximately right. I send some data and it turns out to be the wrong person. What is the recovery process for that?
Fundamentally right now we observe as we work through the integration of our systems with various providers that the incentives aren't there for people to really want to play.
Quickly and finally, policy recommendations from us. Make patient data accessible to patients. That involves the standardization efforts and certification efforts for the core systems and in some sense the patient's rights to the data in the form of their standard in the container of their desire.
Interoperability is a key to this. If a patient is going to move from state A to state B, they need to be able to take their information with them because their body goes with them.
We need to really begin to drive clear sense of identity in the source system so that when I hook up my system, my PHR to a source system I get the marked on or that I am not the other marked on that might exist. And then continue protecting consumer privacy. The breach notification stuff is a good first step in that but I don't think the regulatory environment is complete. We expect there to be more stuff to happen in that space. Privacy is a big issue for Google. We worry about it all the time. That's the end for me.
DR. FRANCIS: Thank you. Mr. Evans.
MR. EVANS: Good afternoon. Thank you for inviting us to participate. I don't have any slides so I appreciate your consideration on this important and timely topic. For the daunting homework assignment you must have had to read all the stuff that we sent so I don't repeat the stuff you have already read. So I just want to make some contextual comments about how we see this world evolving and some of the challenges we face.
Dossia's primary focus as a system being paid for by large employers who want to build a system for their employees to have a truly independent repository for their health information whether they collect it themselves or whether we can collect it for them from institutional sources or from their own instrumentation in some way. Our promise is to get a life-long personal, private and portable repository and that portability is important because it gives people a chance to change provider, change plan, change employer, change whatever and not feel constrained as a buyer of healthcare for moving in the system.
So six, half a dozen points that I want to make quickly. I will probably echo some of the comments that have been made this morning which were fascinating and I am sure I will say some of the same things. First point it disappoints me greatly but as a CEO of a PHR company, but people don't get out of bed in the morning and say boy I wish I had a PHR. They have their problems in life. They want to manage their diabetes. They want to get help from a friend because they are going through chemotherapy. They want to get their father signed up for Medicare Part D in its bewildering complexities or they just want to get into a dress size two sizes smaller for the 20th school reunion. They all have problems that they are dealing with and health information is critical to all that, but the PHR itself is not an end. It is merely a means to an end as a repository and a toolkit for getting people to engage their own health.
Secondly, it is fascinating to listen to the EMR/PHR labels we put on things, but I think that EMR/PHR labels are really way too limiting in scope. It seems that's already come through today, the idea that these are computer systems. One has a person with a white coat in front of it and one has a person with a chest pain at home in front of it, EMR/PHR. The world is a lot more complicated than that. First of all the mythical EMR doesn't exist. It is a very fragmented system today as we know and mainly on paper. There is probably a reason why HIPAA rhymes with paper.
We are also on kind of a beginning of a pretty expanding universe of personal health systems. We have home monitors, retail genomic testing, patient-to-patient portals. We have some of those discussed this morning. Health clubs and bicycles that produced data. Connected glaucomatism(?) weight scales. All of these systems that are just beginning to be used. Creating data at a very large rate and it is all being created with an individual putting themselves at the center of the universe. They want a dollar for their doctor but at the end of the day the one thing the Internet explosion has told us I think, is that people see themselves as the content whether it is Twitter or email or health data. People want the world to focus on them. I think health data is no different. We are in the very beginning of something and the puzzle of regulating and defining that is premature. It is bit a like in mid-90s deciding that a 56k modem is the definition of connectivity. If we locked that in as a standard then Lord knows where we would be now. I think we need to be careful as we consider this.
Thirdly, I would argue that this isn't just about medical data even though there are a lot of doctors in the room here and obviously clinical data is important, but it's not the only thing that people want to manage. They want to get their fitness information, their personal diaries, their advice from friends, private emails with there is a gentleman here representing a group of people exchanging information about cancer diagnoses and so forth. I think all that information constitutes somebody's nexus of their health information. There is an awful lot of useful information. There is a lot of it that is already digital, but not all of it is medical in a sense that it has to come from a doctor.
Fourthly, I would say certainly from an employer's perspective healthcare as we know it is not sustainable. From a cost and quality standpoint any serious attempt to reforming healthcare I think really has to rethink the care model. Any rethinking of that model whether you call it medical harm or you call it care in different context or different location. All of those new care models focuses on I think a need for new forums, new communications, new dialogue, and a great deal more in individual involvement. As much as we like to think about doctor performance being the core of our cost and quality problem, in fact patient performance is just as equally important part of that overall equation particularly in chronic care where most of the actual care takes place outside the clinical setting. Empowering individuals to me is also critical about health reform.
Overall the focus on the individual, we are delighted that Congress extended that codification in the high-tech act and gave people the right to actually download their information not just to see a copy of it. We think that is a very important part of freeing information up and making it liquid for people to actually to use. I think a lot of the discussion we had today about what we should do with healthcare seems a little bizarre and in fact we are also trying to get the information to the patient. I think we need to be really careful about how patronizing we end up being with individual's data.
Sixth, and last point. PHRs really are a brand new animal, new creature, probably new species. I don't know. I don't want to take that too far - that need appropriate rules. HIPAA clearly was not designed for universe of empowered healthcare consumers and certainly from a Dossia's perspective, the expectations from a consumer's perspective about personal health systems is it they have a much greater degree of granular control of what happens to the data than they get from their blanket granting of HIPAA admissions to a healthcare provider.
I will just call attention between controls and data liquidity. There is even bigger attention I think between our ideas of what consent and control might look like and the actual complexity of that in consumer's eyes when they confront how easy it is to use nonhealth systems and see how hard it is to use health systems. We are actually creating kind of an inverse of what we are trying to do. We are getting people suspicious of systems because of the interaction rather than feeling reassured because they have all these check marks they put on boxes.
I think as you consider your recommendations to the Secretary and the Congress, I think we should really ask one very simple question when we are considering any rules. One is does this help every American get the health data if they want it? Are we making that an easy, simple, cheap thing to happen? If we can actually create some consistency between HHS, FTC, and the states, and I realize that's a little bit of a tall order, the people at this table could probably build systems that will empower individuals to change health and change healthcare. I would very much like to enroll your help and figure out how to answer your questions to make that happen.
DR. MARSHALL: Thank you and thanks to the committee for the invitation to participate today. We took the decidedly creative approach to listing the questions and then our answers to each of them. So I am sure you share our enthusiasm for that exciting approach. It is printed now by the way it was just recently printed. It is available for you in that form.
I am going to be summarizing really our answers to some of the more important questions not that they weren't all important, but to some of the ones that we felt were more pressing. With regard to question number one, what is the problem that we are trying to solve and what is the business objective? We really see personal health records as a way to help consumers to gather, store, manage, and share their essential health data and we think what that helps to do is to achieve some of the objectives that are actually shared across all the stakeholders in healthcare be they payors, employers, consumers, or providers and that is to provide a greater continuity of care in order to improve quality and outcomes. That is the role that we see them playing.
When it comes to the business model that we have around personal health records at WebMD, while the business model is still emerging around how they might be used by consumers and the benefits of that in the WebMD.com free to the consumer environment today and as has been the case for now almost 10 years the PHR is licensed as part of a broader WebMD health and benefit manager solution to large employers and health plans which they use then in part to support their health management objectives, their decision support, and consumer-centric objectives that they have.
On question number three, how do you envision your offerings, as well as the health IT industry and, specifically, patient-facing online services, evolving over the next 5 or 10 years? This obviously is a very important question. As we see health information exchanges, RHIOs, the National Health Information Network being a great area of focus right now especially as we look at the stimulus funding and while they certainly hold promise on helping to connect doctors to a variety of different data sources, we actually see personal health records as helping consumers to connect to also a variety of data sources and that may be that arises in the relative near term. By doing that then not only is there not only potentially the opportunity for a greater continuity of care from information that is available as it is facilitated by the consumer, but it can also support a variety of services that help the consumer lead better life and manage their expenses all at the same time.
Question number four, how do you envision the relationship between PHRs, electronic health records, providers, plans, health information exchanges, et cetera over the next 5 to 10 years? Certainly we believe that the relationship between all of these parties will continue to elevate the consumer and while at least by our observation the patient hasn't necessarily been prioritized as a participant among a lot of the health information exchanges. We do see that as evolving as we see health record bank efforts emerge and some of the more recent health information exchange efforts emerge. We are seeing patient connectivity being prioritized among them and we feel like that is a very important trend. Even with regional organizations or community-specific organizations there is still going to be the challenge of having true continuity of care for the user especially as they move from place to place. So certainly we feel that the personal health record can help to offer some solutions to that problem. We do see the personal health record as complementing the electronic health record and I will speak more to that in a moment.
How does information come to reside in the product or the service that we are offering? We now have coming on about 10 years of history with the personal health record and certainly at the beginning of that time after our initial launch in September 1999 self-reported data was really how data got into the PHR. Data could also get into the PHR through the taking of a health risk assessment which as you might know is something that is a very common activity within a beneficiary population whether that be of a given payor or of an employer. So things like past medical history, current health conditions, biometric values, family history, social history. These are the kinds of things that health risk assessment at least by our observation can come from tools like health risk assessments and they can do a great job in delivering that data to the PHR.
However, over the last now more than five years we have facilitated the import of professional data into the personal health record that includes laboratory test results that includes medication history from medication claims. It includes a variety of data elements from administrative medical claims data. There are increasingly large number of data sources that can be useful for the personal health record and certainly as I have already mentioned that is beginning to now extend into the electronic health record and health information exchange realm.
Question number eight, what kinds of privacy protections and policies are you building into your products and services? We employ a variety of security and privacy practices. We have participated with the Markle Foundation's Connecting for Health and the Common Framework and certainly the policies and practices recommended there. We certainly enthusiastically support. Also the policies and practices that we have developed we feel are consistent with the high-tech provisions as well. And of course central to the personal health record is the user, the consumer control over their data and certainly that just as a matter of practice is certainly one of the most important aspects of what we do to ensure privacy and security.
I am going to go ahead and move down to question number 13. In what ways is the model notice proposed by HHS helpful to you, or not helpful? This was an interesting question for you to ask and I am actually glad that you asked it. Since I don't know when many, many years ago we worked very hard to make sure that what we are telling the consumer when they sign up for our service about their privacy and security and their control over the user data and their rights. We have tried to make that as easy to understand by the end users as possible. There are certain guiding principles that groups like TRUSTe and URAC have provided to help us in that regard. We have really attempted to make that as easy to use and as understandable as possible for the user. When we talk about the model notice certainly the intent behind the model notice, we respect that very much.
What we are concerned about is that the more you put this kind of check list or three, four, five-page notice in front of the user and even under the most recent version of the CCHIT PHR criteria the user is asked to confirm that they have read and they understand this. This begins to add more and more and more steps into a process that the consumer was really kind of hoping would help their healthcare experience be more efficient, quicker and easier. Certainly again the intent is well respected. I think we have to be aware of the true impact because the truth is that people see 20, 30 check boxes in front of them, I'm exaggerating, but I think you understand the point. They actually they don't increase their trust of the service because it deviates between those services that they are most used to whether it is online banking or it is other services that they trust and use everyday. I think it is something that we need to be aware of.
What challenges do you find in managing individuals' authorizations and consumer-directed access to their PHRs? Consumers understand the idea of making their essential health data available in case of emergency. They understand the idea of being able to email their doctor, be able to print their immunization list on their children. What's not yet certain is to what degree they will embrace a more granular level of discretionary access control. I think many of you are probably familiar with the CCHIT criteria with regard to third-party access. It's I don't think yet clear on how well consumers will embrace that level, detail that they might have to go in order to share their information. I think as long as others and we make that as easy as possible then we should be fine.
Moving on to question 18, to what degree do you anticipate providers accessing patient information through the PHR? Another very good question. While WebMD has created a "break the glass" model of access that the consumers can opt into to enable care providers even emergency care providers even when they are unconscious to be able to access their authorized information. That is any information they haven't specifically withheld for purposes of sensitivity. The truth is that we see that as a safety net for end users, but really the use of this information in the clinical work flow we feel will come when systems become more interoperability. That providers will continue to use the systems that they have adopted that they have purchased for their clinical work flow and when they are seeing a patient for the first time, we believe they will leverage a CCD or CCR snapshot of that user that might imported from the user's PHR to the extent that the PHR can more accurately reflect what the person might otherwise try to represent verbally then we feel that that is a great value. Certainly the PHR unlike the EHRs are probably a little bit more likely to represent data from across the continuum of care. It is really through interoperability that we feel that information will be utilized and we feel the PHR can complement the EHR in that way, but we don't necessarily feel that the PHR at least as we perceive it is built first and foremost for direct care provider access.
How have physicians' practices or relationships with patients changed with the advent of PHRs? Well we haven't observed that to occur just yet, but again I think utilizing some of the interoperability methods that I mentioned, the availability of this kind of information when seeing new patients in particular, or being able to utilize some of the home monitoring information that might have arisen since the last visit. These are all ways that the PHR will complement EHRs and through the interoperability standards that should become more available.
Finally, how do the changes to HIPAA in the Recovery Act affect your work with PHRs? First of all let me say that the HITECH Act's provision that allows consumers electronic access to data held in electronic form is a great addition. I think it will help to support the furthering of personal health records and their adoption. We may be a little bit unique in this regard when it comes to HIPAA that we actually have served as a business associate with each of our employer and health plan customers for some time. So the provisions that may depending on your interpretation require that PHR serve as business associates to cover entities when they are taking in professional data don't change what we do at least at that highest level. Some of the more detailed provisions may and in fact will cause us to go and ensure that what we have in place with our customers is consistent with the new provisions but the business associate position is a position that we have held for some time. Again, thank you for the opportunity to speak with you.
MR. STOKES: Thank you for the invitation to testify. I would like to first say I am not a doctor. I am not a lawyer. I haven't had a career in the health field. I am a software guy but I have been doing software for quite awhile. I have code in all three major platforms and probably over a billion different devices that have been in service for a number of years now. So I do know some about the software side of this. Microsoft offers a number of health solutions. On the enterprise side we offer our Amalga service. I mention it because both of our approaches are customer centric. A customer on the enterprise side is the CIO. We try to provide the CIO access, management, transparency into all of the information and their enterprise. On the consumer side with HealthVault we try to do the very same thing for the consumer. It is a very similar approach. What we have found with control it's about choice and if they don't have transparency into their information then they don't have control of their information and they cannot manage or choose what to do with their information.
I have a number of points that I'm not going to repeat my testimony, but I want to talk a number of points based on some testimony earlier today. I want to give the flip side of James' hospital breach story from this morning. One of the many times my wife was recently giving me a ride home from the airport. She was quite upset and wanted to talk, she knows what I do, about HIPAA, which after being at work for on the road that was not high on my list. She had a friend that was quite upset that had been in the hospital for a situation that is covered by substance abuse and mental health regulations. It turns out that the friend had a friend who had a doctor at the hospital as their husband and was curious and the doctor went into the record. The mental health records were mixed with the other records. He looked and told his wife, the wife told the friend, the friend was humiliated and embarrassed and stopped going to those social circles and at this point is looking at quitting her job and leaving town. There was no physical threat or harm but the emotional damage was unparalleled.
This is not an isolated incident. We have talked to people at SAMHSA. We have talked to psychiatrists and others. It isn't just the physical treatment of a breach that causes harm and the emotional and reputational damage from our side a lot of the criminal and civil liabilities involved are not near as much as a threat as the reputational damage to our company. We note that that is true for our customers as well.
The second story is I have a very dear friend whose husband of 60 years is going through the transition from curative to palliative care with bladder cancer. He probably has days or weeks to live. By being able to share their personal health information with their friends just for the emotional support and he was in a lot of pain and couldn't sleep. They have not bought a new bed in a number of decades. My friend that they were sharing the information with asked well why don't you get a hospital bed. They said we had never thought about that. No provider had mentioned it. The nurses hadn't mentioned it. But after 60 years of sleeping with the same person you get a little awkward about even thinking about that. But they found out they have wide hospital beds and by being able to share that very sensitive information with not the providers but their circle of friends, they had a hospital bed within two days and he is able to get back on the computer which he wanted to do to stay in touch with his friends around the world that he wasn't able to do for support. That is what we see of people in control. It isn't necessarily cure but it is them managing their own health and being responsible.
For us as I have testified earlier in the year with Dr. Houston on privacy it is about control transparency and security. We had talked earlier about that being a proxy for trust. I think that is accurate and a lot of it is about choice. Whether the choice is to be completely open with your information under controlled circumstances like PatientsLikeMe or completely controlled and confidential with your information should be the customer's choice whether that customer is our consumers in the personal health information or not. It isn't about whether the information is open or closed. It is about respecting that consumer's choice and enabling them to have the choice, and if you don't do it in a way that they can make informed decisions then it isn't transparent.
For us we have spent a lot of time recently on how do we enable consumers to make truly informed decisions. That is an ongoing area of research. We all are used to the click boxes, check boxes, forms, and everything else. We are actively doing research on how to make that a better solution. There is no panacea that I am aware of today.
We do spend a lot of time in other parts of the world exploring different privacy regulations and security and other regulations. We essentially act as what the EU would call a data processor not a data controller. The consumer in our case is the controller and that is one of the ways we differentiate between this discussion about EHRs, PHRs, clinical claims and other data. But it leads to what is a PHR.
If I strictly read by the ARRA definition of a PHR some legal friends of mine have pointed out that Facebook could be a PHR. I wrote a friend that's in the policy side of Facebook. He is a little concerned with that. Our friends at Google should also be concerned because Gmail could be a PHR and subject to the breach notifications with the current definition.
There was an article in CNET this morning about young doctors using electronic health using Twitter. Thus Twitter could be a PHR. We are urging HHS to clarify the definition and consider other parts of HHS like the FDA, which talk about intended use because as a legal corporate entity if I am going to be regulated depending upon the actions of my users that I don't have any control over after the fact, that puts me in a very interesting legal and liability position, which leads to one of the other topics we haven't heard a lot talked about.
If I have a lot of clinical and medical information flow through a much wider system that leads to some interesting medical malpractice fraud and other litigation possibilities and could be kind of the depression recovery act for a lot of lawyers. We would prefer to avoid that. We think there needs to be a lot of attention placed to these topics that have not been openly discussed. I know tort reform is a very political issue, but you ask what could this look like in 5 or 10 years if we take a risk management approach these are risks we should proactively look to manage as we do health reform so we don't end up being blocked by those?
The other side I have done standards for quite a while. We are watching the whole CCHIT, HITSP, NHIN approach where historically HITSP was a protocol point-to-point message-based protocol. The CCHIT certified a number of features almost from an application-oriented perspective. NHIN took a very network-based approach and when we started putting all these together we end up with prescriptive guidance on what an EHR is with some of the aspects of an application, some from a network, some from the messaging protocol and some from the documented-based perspective. That ends up being very prescriptive and very limited and we have some serious concerns about that with respect to innovation going forward as well as assuming one size fits all and this is going to work.
The other side is when you deal with international standards you deal with intellectual property and you deal with patents. The chain of linkage to the regulations and the money to the certifications to the harmonization of standards to the original standards bodies to the patent disclosures in the committees of those original standards bodies is a rather obtuse change. So we could end up with regulated mandated certifications based on somebody's patent that we are all going to pay royalties to. This is another side of the litigation that people should pay attention to otherwise we are not going to be able to manage our risks well.
Finally, I would encourage the committee as we have done as we have gone into other fields to ask what went wrong or right with the 85 percent adoption rate by family practitioners and the United Kingdom before the National Health Service got involved and did a tremendous amount of health IT funding in that area. Or what went right with the veterinarians in the US where there is tremendous electronic documentation or adoption of electronic records for pets without a lot of government intervention funding or mandates or interoperability. We know about the pet situation because when we launched our service we had actually lived with customers and asked what they wanted and did a bunch of surveys. They were very clear that the order of a family health manager is important so the children are first. Somewhere second is either the wife or the pet depending on the wife or the pet. The vast majority of family health managers are the wives. The husband is fourth. These are our own internal statistics. What we found is having support for pets are part of the family health ended up being really important.
It also gave us kind of a sanity check that we have in our case a pseudo anonymous service, which means I can make a hotmail or live ID account. I can have my name being John Houston and my email address being JohnHouston@live.com but it is really my record. We do know ID proofing of the natural person within our service itself. We delegate that to the actual clinical provider who has the face-to-face relationship. I could open an account with a different name but it would be my records. There are a lot of assumptions of if I have a personal health record then you know it is me and the service actually knows who I am and can go track me down. We do offer open ID authentications that provide two-factor authentications for people that are more comfortable with that and other ways to do two-factor but we tend to put that type on the clinical side of the house and our clinical partners and it provides a little more sanity check on is the information staying within the service or are people asking for additional information that we have in our privacy statement that we will not share.
The last comment. Somebody talked about the difference on access versus acquisition. Given our work in the accessibility for people with disabilities we have quite a bit of experience with tools called screen scrapers. So if you can see it on your screen you can capture it or scrape it. So if you have electronic access you can acquire that information. It's not always easy but there are a lot of inventive people around that share tools freely on the Internet to make it easy if people think that's a prohibition again acquisition of information. Thank you very much.
DR. FRANCIS: Thank you. We have I think about 40 minutes for questioning from the committee so I'm just going to get right to it. Walter, we will start with you.
DR. SUAREZ: Thank you. This is the big heaters, personal health records. I appreciate the comment and I appreciate the testimony. Clearly some of your products are being provided as a platform for providers and payors to deliver personal health records. There is that aspect of your product that is used as a platform by providers and payors who are covered by HIPAA. So we now have electronic health records that are heavily controlled and regulated and protected by HIPAA. We have personal health records provided by these entities through your platforms that are subject to these controls. Then you have the stand-alone products that you offer which are outside of the realm of most of these protections. I totally agree with the concerns around regulation of products on functionality that would limit or even eliminate any innovation opportunities.
But there are two areas I am concerned about when it deals with personal health record stand-alone and those would be privacy and security. My concern and my expectation I think is that there should be some basic protections provided to consumers that use those products. Now we have those protections on the provider and payor side when there is a record in there, where there is an electronic health record or personal health record provided by your platforms, but we don't have those protections on the stand-alone personal health record. So my question is from your perspective what should be the basic protections that should be required to be afforded to consumers within your stand-alone products?
DR. DONNER: The model that we have in our head for the Google PHR is -- think of it as your electronic manila folder. I have one at home. I throw stuff in there as it comes in. Occasionally I rummage around in it. Fundamentally the privacy that I have and I expect of that is the privacy that ultimately the patient should have, the expectations they should have of anything we provide in this fashion. That means that it should be protected against disclosure to unintended parties. It should be protected against the destruction or alienation of the data. Beyond that I am not certain what privacy protections are required in the sense that if I take this piece of information which has let's say my EKG on it and I post it on my blog, I am entirely within my rights to do that. What kinds of regulations would you put on me about my use of the data about me?
MR. EVANS: From Dossia perspective we absolutely fit right in that intersection of conflicting needs from a regulation standpoint. We sort of take the position from the beginning that HIPAA is not necessarily the set of rules and regulations that govern us. We also believe that the FTC promises we make the consumers. Having published a privacy statement that is very specific and very complete as to what consumers should expect if they use the system whether they are an employee of an employer whose health plan is authorizing us to actually paying to provide this service or whether they are doing it independently of their own volition. We assume that we are making consumer promises that we have to keep and whether it is HIPAA doesn't get us. The FTC will or state's attorney general would probably be more aggressive in this field at pursuing people in these particular cases. As I said earlier I believe HIPAA is a bad fit.
The reality is the way we read the current set of laws is that we are trying to comply with both because of the way we are operating. I think that does create an awful lot of concerns and confusion for us because in some cases the roles are conflicting. The promise we make to our consumers is that their data is life long. It's personal. It's private and it's portable.
If you have been getting data for the three years of you working at Walmart from Blue Cross/Blue Shield of Arkansas then you go on and work for somebody else, we've told you can take your data with you. But if all of a sudden now we no longer have that covered entity relationship with your health plan, we are legally supposed to destroy the data. Well, we just made a promise with the consumer they can keep it forever.
We actually have some real concerns about the inconsistencies and won't even go there as far as the state inconsistencies also. We recognize that we are trying to navigate between in two pretty turbulent streams that are coming together. I would certainly make a strong request that as you are looking at this and making recommendations that we try very hard to rationalize and normalize and make consistent the different set of rules in which we operate because otherwise it is almost impossible to operate actually.
MR. STOKES: I agree with what Colin just said. Our primary concern is around regulations that would dampen or hinder consumer control of choice whether that is conflicting within the states or conflicting at the federal level. As I referred earlier we spend a lot of time with other regulatory jurisdictions that tend to have stronger privacy rights such as the EU or different parts of Canada. Other than the concerns about limiting consumer rights or consumer control I don't care because if your regulations are forcing me to higher bar then I have not been consumer focused. If it's FDA, if it's HHS, if it's FTC, it is whatever it is, but we believe as James implied earlier if we have really focused on the consumer we should be doing better than the regulatory floor.
DR. MARSHALL: One of the things I haven't really been able to reconcile. I'm not lawyer. I'm probably not what could be called a HIPAA expert by any stretch. But what I really haven't been able to reconcile is the intent of HIPAA to protect unauthorized disclosure when information is being shared between parties that aren't the patient and that law being used with regard to a product that is by definition controlled by the patient. I will just admit that up front. It seems to be somewhat inconsistent. Certainly when we partner with health plans and employers it has been a relatively natural agreement to have with them, the business associate agreement. But when it comes to offering a direct to consumer solution where consumers are able to choose among a variety of data sources and the like and they aren't doing it in the way it is sponsored. I wouldn't call it tethered. It still I think considered independent but when it's not sponsored is HIPAA a good fit? I don't have an answer. I just want to admit that I haven't been able to reconcile it with a consumer-controlled solution.
DR. TANG: Just a variant to that question before I get to my question. While I think covered entity would be not an appropriate label or responsibility for any of you.
MR. STOKES: Actually that depends upon the clearinghouse definition and if we are translating into and out of standard formats.
DR. TANG: And I understand that but there is other things that would go with covered entity just would be inappropriate. On the other hand a business associate agreement would make sense from my point of view for you to have that kind of relationship with a source of data like a provider. It is a quick question and I already know Phil already is a business associate. For the other three is it okay for you to be a business associate from a covered entity who gives you data? Would that be okay?
MR. EVANS: Our view of the world is reacting on behalf of the consumer, the individual employee. On it legally if one of our founders is self-insured and the trustees of their health plan contract with us to provide that system, they actually are not providing the health data themselves. They are just paying us to get the data from somewhere else. That is what I understand the law is establishing a business associate relationship. We don't think that's the appropriate relationship at all. We think we are establishing a relationship with the individual patient because they can tether with this employee today and untether them and tether with somebody else a week from that. That tethering is not specific to that particular arrangement. It just happens to be transient.
It is a very difficult question to answer. Frankly I believe that as a minimum we should have some consistency in the rules between the different agencies but as I said we started off with a preconceived notion that we were in fact governed by and we are making commitments so we are consistent with consumer promises that will be upheld by the FTC.
DR. DONNER: To follow onto that and to reiterate a point made earlier. The business associate relationship when it is terminated requires the destruction of all of the received data that is tied to that relationship. As a system intended to provide data for the consumer, the notion that one particular provider is no longer connected then makes the data unavailable to the consumer seems somehow inappropriate. Our view is that appropriate regulation of PHRs is expected and appropriate, but that it should be carefully thought through I think from first principles around the needs and expectations of the consumer recognizing the fact that the medical establishment is not the only source of health relevant data to the consumer. The business associate relationship is a particular model that is sort of monolithic and doesn't quite fit the need.
DR. FRANCIS: Maya wants a quick follow up on that.
MS. BERNSTEIN: I just want to know if you used the example of the requirement to destroy the data as a problem or are there other things in the business associate relationship that would be inappropriate your business model?
MR. EVANS: I just think it creates a lot of very awkward complexities in the way we operate. The data we get for an individual employee isn't just from one place. We get data from a pharmacy, from a clinical source, from claims sources. Any one patient could get data from dozens of different independent clinical entities. So to figure out who controls that relationship, who are we acting for at any one moment in time, is a very complex thing for us to do. We are not acting as a subcontractor to a health plan to provide a system. We are acting on behalf of the consumer to write a system. It just happened to be connecting to Covedent(?) just to get the information.
DR. MARSHALL: I know that while we do act as a business associate most often times. I would say that there is something I have been wondering about as we head into an environment where more and more doctors have electronic medical record systems and now we have a high-tech provision that says if that data is in electronic form that the consumer can have access to it in electronic form. I have wondered what the practical implications are of requiring that a system like I suppose any of ours getting data electronically from that provider's practice. If the requirement of us being a business associate to that doctor has such immense practical implications maintaining what a signature from every doctor in the US for each of us, for example. It works against the intent of the transparency. I know that there are ways that the vendor as a representative of the provider can keep and are carried through of that authorization. But still I do wonder what the practical implications are. I am concerned about the practical implications and I do think we need to think very hard about is that a cost that we want to pay when we are talking about systems that are consumer controlled to begin with. I'll just bring that up as yet another question without an answer.
DR. TANG: I guess it was indirectly trying triangulate on how to be accountable to the consumer in some legal way. I think everyone believes that all four of you have your reputations at stake so it's not likely that any one of you would violate the principles you espouse, but you partner with an untold number of partners and how the consumer do they have the same reputation at stake et cetera? That is part of Walter's question and part of my question. I was trying to reach to BAs as a way of getting to your in some sense your subcontractors. Although that probably isn't even the way you do it.
MR. EVANS: Yes, we clearly have all reputational risk if we screw this up, but that reputational risk is also followed up and pursued by again by the FTC as part of their normal pursuit of when I read our privacy statement I think that is a contractual, legal document. It's not a marketing document that's put up on the site to impress people and convince them that we may have privacy. It is a legally binding piece of paper. If we don't deliver on those consequence to that, we can be pursued by the FTC and the state's attorney general. That is a very high bar in terms of individual consumer commitment that we take seriously, the three words that I think Michael are the control, transparency, and security. They are all implied in that commitment that we are making. So I don't believe we are just thinking about it as a marketing reputation risk. I think there are legal teeth behind what we are actually saying into the outside world.
DR. TANG: Would the legal teeth reach to your partners?
MR. EVANS: I think if we are housing information in Dossia, for instance, and the patient through our - through our arrangements with the partners decides they want to share their information with the health club, the individual is then agreeing to a process whereby their information shared to the health club. I can certify the health interface. I can check them against the API. I can verify on a periodic basis they are complying technically, but I am not accountable for the disks and computers and stuff in the health club. I think if someone - an application lost the data then they would be the one from a breach standpoint would be accountable.
DR. TANG: That is the theory I was trying to get at with the BAs. The covered entity in that case is responsible to the patient in this case for the BAs and that's where your chain of trust breaks down. That is what I was trying to test. Is that a way to fulfill that chain of trust?
The other question is all three of you have similar goals with respect to the consumer and you want to untether it from all the other sources of data. It is a bit ironic that none of the four of you exchange data among yourselves.
MR. EVANS: Discover, Visa, and Master Card and exchange data with each other. There competing alternative to fulfill a similar problem is room for there is more than one in the market place.
DR. MARSHALL: We do in some cases work together. Certainly Dossia and WebMD work closely together for large employer clients who have chosen both solutions. Dossia as a data aggregation service and WebMD is the application experience for the end user. I am certain that that kind of cooperation will expand.
DR. TANG: Final question has to do with I think it was eDave or whatever it was, e-Patient Dave. There is a risk for having information that can influence in an unintended but negative way. I think all four of you import claims data into your systems or used to at least from one source. What do you think about that because you are all out for the consumer good, the consumer health, and what about the downside to recognize downsides of the data that you are housing and making available not only to the consumer but the tools that the consumer then uses?
DR. MARSHALL: That is a great question and I am so glad you asked it. I actually had about two pages of my written testimony on this and our team decided no they weren't asking about that so take that out. I said but I really want to answer that question. This is an important question because out of approximately I think it is now 300 million Americans. About 250 million are insured and the truth is that their experience across the continuum of care. The encounters that they have are centralized at the payor through the claims process. While each given provider may have a little bit of information, the truth is that the payor has data that reflects that more complete continuum of care experience. If you look at, for example, the Markle Foundation's recent work on meaningful use for EHRs, they focus on medication data and continuity of care. Both of those are potentially valuable outputs of administrative claims data. We have been utilizing claims data selectively and carefully I believe as a data source for the PHR for a few years now.
I can tell you that the consumer is proactive in managing their record. They have the ability to accept data into their record. If you process that data relatively careful so that you are not taking in the codes that aren't necessarily consistent with the objectives of the PHR, if you have translated those accurately so that the consumer can fully understand it, that it can be a very valuable source. I personally feel that considering its relative ubiquity compared to other data sources, considering the kinds of data that are in there that reflect the continuity of care I believe it to be a disservice if we were to dismiss it out of hand. I know that not necessarily most people are dismissing it out of hand. Is it reflective of the patient's health history as well as a primary care doctor who helps to coordinate a person's care such as in the medical home model? The medical home model is a good model and when EHR enabled certainly that's a great model.
I have been managing my own personal health record that is claims driven for years. We have a lot of experience where yes sometimes things come through, but the truth is that even though things do come through from time to time that can be a little unsettling for end user. What we have found to be the result of that more often than not is that the user understands the source of that and then goes back to the source to make sure that it is corrected. The truth is that CMS has put out some pretty clear guidelines on not putting things into claims like rule outs or tentative diagnoses or otherwise things that aren't accurately reflective of the person's care. I think that some of the result of some of these unsettling codes that might arise that are not reflecting the person's health is that the person goes and tries to correct them. I think everybody wins when that data is more accurate than not. There I put my two pages of testimony in front of you. That is our experience with claims data.
MR. STOKES: I do not believe we currently take in claims data but I will verify and get back. We are in the process of investigating that. We did do our own follow up on the recent press and our understanding is there is an underlying ambiguity in the upstream standards that do not differentiate between billing information and clinical information and the original coding standard. Those processing streams need to inject that type of semantic source information. I think it's not an isolated issue whether it's claims or clinical. It could also provide additional information if the consumers knew whether the information came from their primary doctor or a secondary doctor or a secondary opinion. There is a wide variety of information if we had more semantic meta data attach to where the sources were. Consumers could make more informed choices as well as mental health data that should be blocked before it comes to us and stripped out in many circumstances.
DR. DONNER: Back in the 1500s doctors were educated and conversed among themselves in Latin. In some sense ICD9 and the discourse between physicians and insurance companies is today's Latin. Buried in those conversations are a lot of context that is not accessible to the layman and a lot of understanding of particular workflows that are well known to practitioners and to insurers, but again not well known to the public. The e-Patient Dave incident highlighted the fact that this is in fact 21st century Latin and that translating the bible into English is definitely in order and will be viewed with similar dismay as people begin to make hitherto inaccessible discourse accessible.
DR. FRANCIS: May I switch this to Harry now?
MR. REYNOLDS: Narrow down my 43 questions to two. The other 41, John, you are going to have to answer later. Two things. This committee has done a large body of work in this subject so it's not the first time we have been in the privacy environment. That's for sure. But there are two things that continue to not ring clear with me not because of you guys. Just in general as we hear it. One is identifying all this disparate data that is coming into you and without a unique identifier how are you putting it together and as you mentioned they can even change their name and do it that way.
The second and I would like each of you to comment. The second is this whole idea - we did a lot of work on sensitive data categories. On the one hand will go back to the do it yourself earlier and not being a doctor if I eliminated some diagnosis but didn't take out the lab result, but didn't take out the drug, but didn't take out the other thing that Paul has taught me, I would still be disclosing what I presupposed I didn't disclose. Because that drug that I am taking if I eliminated just a piece that drug being sent forward still stays. Aha, here is what you have. I think it is great.
So consequently when we completely turn it over to the layman - yes, the data belongs to somebody but you are turning a bit of an art over to a nonartist and then you are saying to them do this in a way that it is okay. So help me as we try to figure out because if you pragmatically start to define some of these things and I know earlier I think it is right. You can't pragmatically define them to where you shut everything down. On the other hand you can't leave the free for all that the kind that it looks like it might be going on right now. So help me with those two things because those are real underpinnings as to how we share this data and what data we share and what it means when we share it because I have heard from all the doctors on the committee that as soon as a person pulls data out, they need to be notified that the person has pulled some data out not what it is exactly otherwise how can they ask a question as to whether or not they have all the data. Those are the two issues; the identification and this whole idea on selected information categories.
MR. STOKES: I'll jump in. As I put in my written testimony we don't differentiate between sensitive data. We tried to and we went to a lot of consumer advocates and said is this not sensitive data and we came up with clear use cases. Every time we thought something wasn't sensitive to where it could be viewed as near life threatening or catastrophic to the patient or to the consumer. We had a very difficult time and we went from genetic data to partners like injecting RFID chips in their arm and the whole bit of is anything more or less sensitive. The advocates basically held us to a bar of it's all sensitive. You better treat it as the highest sensitivity.
The second part of your question is when we provide transparency. If we don't provide transparency without the informed part of that, it's like reading one of our infamous ulas(?) from years ago that was written in legal ease which it predates Latin I think. Our approach has been two-fold and it is a work in progress.
We provide a number of mechanisms in our platform that we call reconciliation mechanisms that essentially walk the user through the more complex data as it comes in so that they can make choices and categorizations and understand it in a bigger context. We also work with a variety of partners who add a much more robust experience to this. Neither of those is bullet proof answers to the concern of is the user going to get all this information - and it could cause them damage due to their ignorance. We are balancing that with the user's right to access that HIPAA provides even before all the issues.
MR. REYNOLDS: How about the identification? We don't have a single identifier for people.
MR. STOKES: We mandate that we put the ID proofing on our partners through contractual obligations. So nothing gets into that user's record on our service from a clinical system without the clinician having done explicit ID proofing on their end.
MR. REYNOLDS: But you are taking stuff from payors. You are taking stuff from others. What is the number? Do you use 12 fields? Do you use a number? Payor has a number for somebody and
MR. STOKES: The matching occurs on the partner's end. So the payors have their number. They have the patient in front of them. The patient gives them their account.
MR. REYNOLDS: Thank you.
DR. DONNER: This comes back to the point I made earlier during my initial remarks, which are that many of the extant health IT systems don't have a concept of a patient. They have some paint on information that is related to the patient's identity, but they don't actually have an ID. In fact you don't need a single galactic ID. You need one ID per major locus of information. But again as my colleagues have all said the responsibility for knowing the patient exists on the clinical end. We can't fix that. If it's not fixed at that end there is no magic.
As far as sensitive data are concerned, there are two pieces to an answer to that. One is ultimately it is again at the clinical source because we don't have the understanding to discriminate one piece of data from another. We aren't medical people. You guys with the clinical world are. You guys will ultimately have to sort that out and decide yes the substance abuse data and all of the things dependent on it are classified this way. They don't flow except under some kind of extraordinary circumstances or whatever.
But the other piece of the puzzle again because this is the consumer's controlled thing if information ends up down here that the consumer does not want visible, she deletes it. That doesn't delete it from the source system. It is still there. The fact that it is there oh, I get again notification in my PHR that I am pregnant. Well, that is manifestly impossible so maybe I will protest it and say you've got some kind of an error. My methadone prescription is listed. Maybe I don't want that seen. I will delete it. There is no simple solution to that. This is big complicated stuff and it's going to take time to sift it all through.
MR. EVANS: We are identifying participants by virtue of their employment. If someone opts in I think enough of the opportunity to other person's health record collected on an employer side, we take their opt in as a fact of record in our system and we use information provided sort of out of the demographic information from the employer to identify who they are so we want to communicate with health plan or the pharmacy or whatever. We have effective, a unique number that does identify them. We are not trying to do some fuzzy math kind of general trolling for information. It is a very specific connection.
The same answer as far as the data. This upstream obligation on the part of the provider or the plan to decide whether data should be disclosed to us but if the patient has a right to the information and we request it and they send it, we are assuming we are allowed to have it on behalf not we are having it, but the patients are allowed to have it in our system. We don't have any special firewalls or categorization.
The same issue if someone wants to annotate it, hide it, whatever they do the same thing. We don't delete the data in fact from the system. They can hide it. They can't delete it.
DR. MARSHALL: It sounds as though WebMD's experience is very similar to my colleagues. From a sensitive data standpoint we too have not found any reliable way to create rules that are system driven around that but instead leave it to the end user to choose whether or not piece of information is sensitive. Frankly I believe that's the only way you can possibly do it.
Then when it comes to identity whether it's an employer-driven data source, a paired driven source, or a third-party data source we too rely on an identifier that is usually specific to that data source with some additional parameters that are used for verification. There are relatively new ways of doing that. The older way are things like eligibility files being securely shared between parties that we can verify against. Relatively new ways would be for a consumer to direct their own connection to a data source that they have an online web account with perhaps their online pharmacy, for example. So they can verify there. They verify their account with WebMD and then they are able to securely connect the two. But that again that data sources identify as shared with WebMD.
DR. FRANCIS: I want to give Sallie and John each a chance. Sallie, do you have a question?
MS. MILAM: You talked about putting data into the PHR that comes from clinical sources and a comment has also been made that a goal or a vision is to be able to impact the continuity of care of the patient. So data comes from a provider, clinician, and patient under your direction. You put it in a PHR and then it closed to another provider. When you look at public policy around especially protected information like HIV, mental health, substance abuse, state laws and part two substance abuse laws require that the provider attach a notice that would put the receiver the information, a notice that they are receiving specially protected information and it also includes special handling rules. Different states have different requirements. What are you all doing with those notices when you receive them? If the state's law requires any special handling, how do you deal with that? Should those issues not be relevant because the laws were written before we ever had a PHR? Let me throw that out to you. What I am hearing is part of your goal is for that information in part to get back into the healthcare system so the public policy issues around having a notice would again be relevant as the information travels within the healthcare system.
MR. EVANS: Our goals are to get the data to the individual so they can decide how best to engage their own health and do something with it. If the individual decides they want to share that information with another clinician because they changed doctor or they are out of town then I think that's their choice. I don't think we are not tracking, attaching those kinds of disclosures if the data has been given to the individual patient. We are treating that as something they are entitled to get a copy of independent of what the doctors has to do if they choose to pass that information to another doctor. At the moment we are not contemplating a system as an automatic conduit of data from clinician to clinician. The nexus of this is the individual consumer can decide what they do with that information.
DR. DONNER: At present we don't receive any of those kinds of information. I have no meaningful answer. I can speculate on what we would do if we were to be offered it which is to preserve those notices and make sure it is passed along with any sharing, but we would have to really analyze the policy stuff and get the appropriate advice and so on. At present we don't take any of those data. If someone sends them to us by mistake, I suppose we would have them. But we don't. Our arrangements with the various sources we talk to are that they will not send us those protective data.
MR. STOKES: Our policy is essentially as was repeated. We try to treat this transaction into our PHR as if the clinician is giving the information to the patient for use at their kitchen table. As I understand your question those type of information a clinician would be prohibited from giving that information directly to their patient and our policy prohibits that type of information to flow in. It leads to a different question of where it might not be prohibited and how to get provenance through the system and our policy is to strive to not treat our consumers like data mules for the inefficiencies of the healthcare system. We actually have talked with the folks at SAMHSA and take that very seriously and my understanding today is we prohibit that type of information from coming in.
DR. MARSHALL: I couldn't possibly top that metaphor.
DR. FRANCIS: Thank you all very much. This has been wonderfully informative. I want to do two things just right at the end. The first is to remind you that you can submit further thoughts to us if you would like to do that within the next couple of weeks. The second is if there is anything that hasn't been said about privacy or security that you think we absolutely need to know, would you say it now?
MR. EVANS: I said my piece in terms of what I would like to see in terms of consistency of regulation. I was in a forum last week and I was trying to count the number of ways I could go to jail and it got to be a very large list and I would like to get that list down to just one would be fine. Apparently I think yesterday we can harmonize all the regulations when it comes to auto mileage standards apparently so maybe we can at least do the same thing around the health privacy. That would be nice.
MS. BERNSTEIN: So you say you prefer federal regulation to 50 different state regulations?
MR. EVANS: I would like one set of regulations. Right now it is a nightmare. I guarantee you that things that are mandatory in one state are illegal somewhere else. There is levels of inconsistency which make doing business in Russia seem like a preference.
DR. MARSHALL: There are some areas that it is particularly true on whether it is laboratory information, which I am sure you are all aware of. There are restrictions there. Or it's dependent access of rules that are certainly state-by-state. These are particularly gruesome barriers to consumers gaining access to their information. These need to be addressed.
MR. STOKES: I would encourage you to track the new trend of security attacks recently that have escalated in the last year. Our own internal data as well as those of other services indicate that this has switched to organized crime for a majority of security attacks. I think the recent news from both Virginia and California support that, but there is objective data that the security attacks are no longer as unorganized or as unincented as they were previously and this is a very serious threat.
DR. FRANCIS: Thank you very much. We will come back in about 15 minutes.
(Break)
Agenda Item: Statements from Members of the Public
DR. FRANCIS: Any public testimony?
(No Response)
Agenda Item: Open Committee Discussion
DR. FRANCIS: So this is the time for our first time slot for open committee discussion of what we have heard, what we think might want to be doing with it, how we might want to be changing questions if at all. We will be reconvening tomorrow at nine and have the second part of this hearing and a third part June 9th followed by additional time for committee discussion. With that I am going to open the floor to the members of the committee and staff.
MR. HOUSTON: Maybe I can ask a question too because I think tomorrow - I thought the three groups today worked really well. There was plenty of time for discussion, testimony, even though I think one of testimonies went longer than five minutes. I don't think that was a problem at all. I think it actually worked very well.
MS. BERNSTEIN: It is always frustrating because we never have enough time to ask all the questions that we want to ask.
MR. HOUSTON: We had a lot more time than normal. I think it worked really well. My thought is sort of housekeeping. I think if we kept sort of the same process in June, which I think we would have had. If we needed to modify this we could for June. I don't think we could modify things for tomorrow, but I think the June's testimony. I don't see any reason to deviate from how things really went today unless somebody else has a strong opinion to try to refocus at all.
DR. TANG: I would just second the notion that it was very helpful to have more time than usual to discuss. I think it was very helpful that almost everybody submitted testimony had a time. I would keep more to the time that they were originally request the five minutes because we did read this material and the probing I think is really helpful. I think keeping more to the time would give us even more time.
DR. FRANCIS: I reminded people ahead of time this afternoon's session but I didn't hold up a timecard. We can consider doing that.
PARTICIPANT: The only problem with that is that we always try to do that and it never works.
DR. FRANCIS: We will stick the same and perhaps use how well it went this time as extra clout when Maya goes to people for getting testimony.
MS. BERNSTEIN: I think for the June 9th hearing I asked people for the testimony I believe it is May 26th which is the Tuesday after Memorial Day so it would be two weeks in advance. They have already been invited. They have more time than the people that were here today and that will be here tomorrow. I will send them a reminder that it is due which I did not do this time too much in advance until I realized people weren't coming in with them. I will try to get them to you. If you have really two weeks to read everything then. We have some of it already actually, but for that we don't have yet.
MR. HOUSTON: I think the biggest dilemma that I had in reading stuff like this last panel. Certain things didn't quite gel in my mind until I heard everybody together starting to talk. I guess that probably holds true for the first two panels as well. I don't know how you get around that. I guess that is why you have panels and have people come and talk. It does seem to reinforce things that made clearer of things that maybe weren't as clear when you ran the testimony separately.
MS. BERNSTEIN: Do you want to talk before you get onto the substantive and off of the procedural about what may happen next in terms of what the committee wants to do just so we have an idea of looking forward of what we are heading toward. I have been assuming that if we were going to make recommendations on this topic that the earliest we can do it is at the September meeting because they have to be voted on by the committee as a whole and the committee meets in September. We have the June meeting. We have both times after the hearing on June 9th. I presume we will have a couple of hours for break out during that meeting. Is that right?
MS. GREENBERG: I actually think that the privacy subcommittee as currently - I'm looking for Debbie Jackson. She is probably downstairs having to woman the desk down there.
MS. BERNSTEIN: I have been running back and forth by the way trying to get them freed.
MS. GREENBERG: I think that maybe the privacy subcommittee currently is not down for any break out session because you are having a meeting the day before.
DR. FRANCIS: We have time for discussion in the afternoon of the 9th.
MS. GREENBERG: Right, but on the 10th is a full committee meeting I think we only have working sessions for the other.
MS. BERNSTEIN: Not on the afternoon of the 10th or the morning of the 11th like we usually do.
MS. GREENBERG: Neither. I don't believe either.
MR. HOUSTON: I think it's going to be difficult. It always seems to take a lot more time. You like to think to come up with recommendations and put some together. It seems like everything is three or four times as long. It's going to be the summer time. September is going to be rather aggressive to try to get something together. I think what is going to happen is in September we are going to probably have an idea where we want to go with this, spend the September meeting and the break out to try to come up with more substance and then after that meeting try to get something together for review. I suspect that's a time.
MS. GREENBERG: Also that would give you an opportunity to which we've been trying to do more to kind of preview for the full the committee the type of recommendations you would be expecting to bring forward in November.
DR. FRANCIS: My hope would be that we could have stuff ready for a first draft preview in September that could then be voted in November because otherwise we have pushed it to February and that's way too if we are going to have anything to say that will influence the development of events over the next six months we need to be in the fall cycle.
MR. REYNOLDS: I would like you to consider in the June meeting to go ahead and restart this subject. Every time we have done a privacy letter it takes a little more work with the full committee than some of the other considerations. Even if during the regular readouts that we have if you would just update the group that these are going on, the kinds of things that we are focusing on then in September actually be able to really get people warmed up on the subject and then for the November to have something done because otherwise we are going to have bring the full committee forward.
MR. HOUSTON: Without a letter surrounding the recommendations it would be nice if we could have sort of straw man recommendations that we would just simply put before the committee in June. Even it's just a straw man. Here are the four or five bullet points of things that we think are important and not even try to get a letter around it.
MR. REYNOLDS: Or even the categories of consideration.
MS. BERNSTEIN: Can I ask Marjorie if it is possible or appropriate, I know it's appropriate, if full committee members want to come to our meetings they can come if they are in town. We are not going to travel them specially probably, but because they are coming in already for the 10th and 11th we can invite them to come for the afternoon discussion on the 9th if they care to be there and if they have the time to be there. The idea is we could have them be listening to the discussion and that has happened before for better or worse, but we get an idea from some of the other committee members. We can give them an idea of what we are doing and we can get an idea from them where they might
MR. HOUSTON: I would try to keep it really succinct.
DR. TANG: I don't know whether you intended to say June but I think to be relevant to any of the meaningful use, it has to be in time for the final rule to come out by December. Even if we don't get to recommendations just like we handed over an entire hearing of meaningful use it would be useful to share observations or even at the findings level. Even with the June ambitiously and no later than the September so that can be incorporated. So even if it is no more than trying to make sure that privacy protection and security are part of meaningful use which is not defined in the law, that would be a contribution. Through the testimony we heard today and June 9th we will have enough to say well that makes sense. I would like to see if we could get the committee around that kind of idea and then see what we could do in advance beyond that.
DR. FRANCIS: We could produce something like a summary at least of what we have heard today and will hear tomorrow. Obviously we can't do the morning of the 9th in time for the full committee. But we will have the testimony in advance and we can certainly have something that looks like the same kind of summary that we had.
MS. GREENBERG: Meaningful use is principally of the electronic health record, right?
DR. TANG: It wasn't excluded. PHR was not excluded.
MS. GREENBERG: I think all of you were at the meaningful use hearing, excuse me, all but Sallie. You all have the full summary, which we have submitted to Dr. Blumenthal. Now he has received it so we will be sending it around. In any event it would be good to take just as you suggested take this set of hearings also in combination with that set of hearings and think about what kind of recommendations related to privacy and security you might want to make to the full committee. If June isn't too early to do that that would be good I think.
MS. BERNSTEIN: One of the things I asked you this week was about the availability of the transcript for this meeting today and tomorrow and it was not clear we thought we might get it before June 9th but you told us no it is probably ambitious because it is only
MS. GREENBERG: Well actually Janine who is more with the contractor. I was just saying it was 10 working days so it was cutting it kind of close.
MS. BERNSTEIN: But even if we had it 10 working days we also need time to assimilate it and summarize it. It would be very challenging to do it.
MS. GREENBERG: I think it would be challenging to have any actual recommendations in June but it might not be challenging to be thinking about whether you are going to have any and then in what areas they might be.
DR. TANG: Margaret did that ahead of the transcript too. It can as simple as that certain privacy protection provisions are in the meaningful use definition and criteria.
MS. BERNSTEIN: At that level or slightly next level down of detail.
MS. GREENBERG: Also whether meaningful use does include anything related to personal health records.
DR. FRANCIS: That is a separate question.
MS. GREENBERG: That is two separate questions.
DR. FRANCIS: I didn't hear anyone say in the analytic summary of the testimony that interchange functionality with PHRs was part of meaningful
MS. GREENBERG: No, but patient access was
MS. BERNSTEIN: To be fair did not tell the people who came to talk to us today or tomorrow to prepare information about meaningful use or that we were going to connect it up or any of that. Although that is one thing that we could use this information for, there are broader things that we want to do with the information from this hearing.
MR. REYNOLDS: I guess I would say is I know our normal process and I know how we do things. It's the right way. But Paul mentioned meaningful use and that is being worked on nationally. All 50 states right now are wide open on getting ready for this. As you heard earlier they are building HIEs. They are thinking about building HIEs. They are thinking about hooking - I just drew some bubbles here. I know what we are dealing with in North Carolina. You have health information exchanges. You have ePrescribing. You got disease management. You get PatientsLikeMe we heard from today. PHRs, EHRs, lab results, quality data and public health is on in play right now, full speed in every state and it is all electronic. This group has done a lot of work on privacy. We heard today, for example, a reversal of our belief philosophically, I didn't say we agreed yet, that sensitive data could or would be defined or should be defined as we heard in the testimony. I didn't say we are agreeing or disagreeing yet. We haven't talked about it. What I am saying is we do have on the record a journey on some significant privacy discussions.
Well now we have a whole lot of work going on nationally. As Paul said December is way too late because most states will have already applied for how they can make this work well in advanced in that. I can just take my own state as an example. It is a rocket to the moon how fast we are going. As I said many times before the train has left the station on the technology. The train has left the station on these implementations. Even imprecisely and not through our normal exact way of doing it if we don't keep some subjects forward and some thoughts forward and some ways to think about it forward then I'm telling you we are not going to be relevant as relevant as we need to be. By the way, putting on my day job hat the world needs some relevance on some of this right now because it is going real fast.
MS. MILAM: What is sounds like maybe what we need to do is to take a step back in a way when we decided PHR was the next area we were issuing recommendations on. That was before the high-tech act. Perhaps what we need to do is in our discussions right now until we complete this hearing is really focus on what privacy and security ought to be in meaningful use and then develop the recommendations around PHRs after the hearing is completed.
MR. HOUSTON: The only concern I have in that respect is I am not sure whether we have been asked to make recommendations in that respect and whether that would not be viewed. I am looking at Marjorie because they are very specific they wanted us to talk. To help the meaningful use hearings they wanted us to simply provide back a summary rather than make recommendations above and beyond.
MR. REYNOLDS: I agree. I don't think we should direct it straight at meaningful use. We should put any other privacy issues either old ones we had or new ones we heard out there to make sure that they are considered whether it's a meaningful use, whether it's in a state that's doing something, or whatever it is.
MS. GREENBERG: I think we agreed to take on an activity, the National Committee did, and I know it was appreciated by the department organizing the Meaningful Use Hearing and what we were asked to do was to provide a summary of the hearing and we have done that. We are also talking about a possible expansion of that from a point of view of observations. But as an advisory committee to the Secretary, you pretty much have cart Blanche if you want to develop recommendations whether you are asked for them or not.
As Jim Scanlon, since he isn't here - we try to do that if one of us isn't there we quote the other one. As Jim Scanlon has frequently said, you want to have a customer. You don't want your recommendations to be dead on arrival or when you send them there is nobody to open the envelope. But I think that the legislation itself says that the recommendations of the National Committee should be taken into consideration. We couldn't come up with recommendations from the Meaningful Use Hearing by the deadline of when they wanted at least a summary, when ONC wanted the summary, because we weren't having a full committee meeting. Subcommittees cannot make final recommendations, they have to go through the full committee, but now it's only a few weeks and the full committee is meeting. I still think it is an open question whether you are going to even maybe follow up with some recommendations other than Meaningful Use Hearing. You aren't precluded from doing that even if you weren't specifically asked for it. I can see a desire to do so and I think it wouldn't be seen that you were - I don't think it would be seen that you were going beyond your role or mission or scope, because it is right within your scope.
The question I do have and I am hoping that maybe Paul can help us a little bit with this since you are on the policy committee, is it is my understanding that at the time that NCVHS held its hearing on meaningful use the two new advisory committees had not been established. They certainly hadn't met. They now have been established and have met both last week. I think the Standards Committee at least discussed having a Subcommittee on Privacy and Security but didn't establish one. Or it was the policy committee. I think the Standards Committee did set up some other subcommittees but they weren't specific on privacy and security.
In any event I think now we are at the point where we do want to make sure that we are not tripping over each other these different advisory committees and everyone knows there is more than enough work to keep everyone busy I think. That would be more of my concern than whether we had agreed to do recommendations or not on the meaningful use. Do you have any sense of that, Paul, or any guidance?
DR. TANG: I think it is a valid point. So the three groups that were set up, one is on meaningful use, another is on certification and HIT adoption, and the third is on health information exchange, which includes the infrastructure, workforce, et cetera. Privacy and Security originally was going to be one and then it was decided well that should really permeate and integrate with all the work groups so that's how that's been set up.
In a sense that kind of recommendation certainly could and probably is expected to come from the advisory committee to David Blumenthal, who was the one to help construct the policy recommendation and regs. I guess what we could do is not act as if we were that but provide input based on another set of information we just obtained. Just like there is no sense in tripping over each other. There is no sense in that committee conducting another hearing. So there is clearly something we have learned that we could communicate to the rest of the Department to be used. That is why I think the summary idea would make sense because we are then basically passing on what we have just heard and we certainly could say because this a subcommittee of another fact, that it says this is an area that should be considered as part of meaningful use. You couldn't disagree that it wasn't part of the intent of the Recovery Act because there are tens of pages dealing with this although it wasn't in the meaningful use component bullets.
DR. SUAREZ: I have two comments. One is I think we got to be mindful and that's why probably David and others have asked this committee to provide first of all, the summary and then some observations now. We ought to be mindful and careful not to come up with a series of recommendations that then a policy committee that is set to do would have to either validate or contradict or then put in a position David Blumenthal to have this two or three bodies giving the different or conflicting - I would be cautious around that. I think the most we can go to is into the observation side and be mindful that those observations are going to be used by the committee that - provide the actual guidance to the Office of the National Coordinator on this point.
The second item I want to be mentioning here is I am not sure I understand the connection between meaningful use and personal health records in the following sense - Meaningful use as I understand from the Recovery Act, focuses exclusively on EHR in the sense of insuring that there is a way to validate that the EHRs are being used in a meaningful way. There is nothing about funding PHRs or evaluating the meaningful use of PHRs. Now we heard in the discussion on meaningful use that there is a value to and there is even some question about how much we heard about that. There is value in having the EHRs be able to as a meaningful use connect to different outside sources including public health, including quality reporting, externally reporting, and including connecting to PHRs. I don't know necessarily that we can frame a series of recommendations or meaningful use around PHRs. I have been having trouble kind of creating that.
The other issue is really this committee specifically focusing on privacy and security. Now around that I think we can create a summary of what we heard in this day and tomorrow and present that from a personal health record what the privacy and security framework or components of a framework should be and the importance of having a framework and all those things. Beyond that I'm not sure how much we can necessarily do.
MR. REYNOLDS: I will say two different things. This subcommittee has clearly dealt with the privacy issue for a long time. This is just one more piece of the ecosystem that we are hearing in this hearing, but all of it still plays together because if you listen to today where it was clear that with a personal health record if all a person's information is sent to a personal health record then they decide where it goes then that says philosophically if you believe that as an end game then two EHRs could not send data back and forth to each other through an HIE or that would go against that premise philosophically. I didn't say it was right or wrong. Those are some things just to consider.
Stepping back as the Chair of the Full Committee for a minute and starting there, we have a Privacy Subcommittee and we are looking at the entire ecosystem. I would like all of our recommendations to be based on what we have heard, to be based against things we have already said, how it affects the ecosystem as it was then and it is now, and then we could forward those to anyone as input to their deliberations, but I would struggle to all of a sudden that the only direction we think about and the only thing we focus on is how we dive into meaningful use because that is not clearly our assignment, but we do have an assignment of dealing with the privacy ecosystem as it relates to electronic records. Everyone of these things that we have talked about today in one way or another if you just took that panel there and listened to them that is going to drive how information flows possibly even between - if I have a patient after to say a doctor can send this, well should I send my personal health record or should they this? All I am saying is it is all the same subject. It is me as a person in my electronic records somewhere. I would like to see us stay focused.
As NCVHS we have delved into this privacy arena pretty much longer and with more depth than anyone. Let's stay in our comfort zone. Let's do what we do and then we can share that information in ways that if it fits into other categories as people could use it. I agree with Paul. Let's come up with some of this information sooner rather than later so it could fit in the right time in some other discussions but not in any way say that we are recommending that if you are doing meaningful use or you are doing this, this is what it means. Then I think we are right where we belong because then when it comes from the Full Committee it goes to the Secretary as Privacy, not as Privacy in Meaningful Use, and oh by the way, I'm glad you guys are meeting over there. That's where I would like to see us go then I am real comfortable that we are playing where we should and we are doing what we should because we are looking at an entire ecosystem not just necessarily as you said EHRs or some of these other specific implementations. We are out a little bit ahead too on how the next step of this might be.
DR. FRANCIS: That would suggest what we do is an analytical summary of what we have heard and will hear combined with any privacy and security recommendations we want to make based on that.
MR. REYNOLDS: Or that we have made previously.
MR. HOUSTON: The stimulus package didn't just contain health IT and the need for a definition and meaningful use. There is the whole provision related to privacy and security and that is separate and distinct from all of this stimulus money going for health IT. In my mind when I read through that whole summary not the whole summary but the whole privacy portion of the stimulus package. I was really left with thinking boy there is still a logical gap with regards to PHRs. I was underwhelmed with the treatment of PHRs in that. I understand the Congress has now spoken and to go back and to raise concerns or to raise recommendations after the bill has been passed. I don't know if that is bad form or not, but I was really underwhelmed with the treatment of PHRs from a privacy perspective and I just wonder whether there is a method to maybe bring some more insight into how do we better -
MS. MCANDREW: It is certainly one piece of the High-Tech Act call for a study which HHS will be doing in consultation with the FTC specifically focused on personal health records and what is the best privacy and security practices to have in this arena and what is the best mechanism for oversight which is now by the statutes, but between HHS and the FTC.
MR. HOUSTON: When I read through that - maybe it's the way I read it, I was underwhelmed with what the outcome of that was. I will go back and reread it but what I read I was thinking okay, that doesn't really accomplish much in the end. Maybe I just have to reread it again but I didn't see that language as being all that -
MS. MCANDREW: What it potentially provides the platform for is an outcome that says the Department is recommending based on things such as the recommendations of this Committee and others, that now all personal health records become part of this business associate model or that all personal health records become under some other model because they don't really hit with
MR. HOUSTON: I'm going to go back and reread this this evening, but if that is in fact your interpretation of that, then I think then it becomes quite meaningful for us to continue on.
MS. MCANDREW: That is due in February as we are looking at the statute. It doesn't accomplish anything in and of itself, because it depends on what the solutions are, but to the extent the solutions do require Congress to act on them in order to bring them into being then it is. It is just a set of recommendations.
MR. HOUSTON: That is what I read it to be. It was just recommendations.
MS. MCANDREW: But clearly when they designed the interim breach notification requirements for the FTC, they wrote in a V subset when Congress acts in this area. Which in earlier versions of the act which tied much closer to study report recommend and then we will rewrite the breach notification if not the broader oversight requirements for personal health records. We are just not prepared to do that right now.
I think that may be a more natural target for the complete information that you will get from the series of hearings and that some initial meaningful use observations cannot also come out of it.
MS. WATTENBERG: I would just say that I agree with you. I think the point is that it sort of opens up the conversation and it is also an acknowledgment that people have talked about today, which is that it is even less well developed than EHRs are. It is clearly high tech was about moving EHRs and there is in my view sort of circling back to the beginning of the conversation I think we have more time on PHRs. We didn't take testimony today on meaningful use of PHRs. That is what Maya said in the beginning. To represent that we actually have something meaningful to say about meaningful use and PHRs is really I think prematurely foreclosing on that topic and to even represent to the it's not AHIC. It's something else now where they would then not take testimony really would I think do a disservice to this whole area because in fact we only just got a piece of it today and I think we do have more time. We can buy more time on this issue.
Yet I do understand, Harry, what you were talking about which is this is unique opportunity in time and if there is something we can really target and suggest like HER meaningful use really needs to account for in the near future being able to import and export data to PHRs then that is easy and simple, but it should be put as the easy, simple, quick and dirty kind of thing.
MR. REYNOLDS: To restate my own words. We are not having a hearing on meaningful use. We are having a hearing on privacy. This is a fast moving area. If this committee comes out with things that are of interest to the whole environment, good. They can be shared with anybody working in the environment. One of that group right now, is some of these other committees. It may be useful to them. But we will continue forward on what we are doing. We did hear some things today, for example, that may override what the industry has been touting as things we wrote before that may be used. On the one hand we say well we don't want to influence something. On the other hand we have already influenced a lot. A lot of our documents that are out there right now are being used as the basis for how people are thinking. So if we hear anything now that makes us change what we think this would be a real good time to do it because things are moving so fast now that all those recommendations as people are implementing everything that they are needing to do if somebody swept them up and now as a group we may not agree with some of those or we may want to change or we may want to reiterate we still believe them. That is all I'm saying. This stuff is happening so fast. In no way should we be talking about addressing meaningful use because we did not set that hearing up nor have we set that. I did not say anything anywhere near that.
MS. BERNSTEIN: That may have answered my question, but let me clarify. I was going to ask you after your previous comment, Harry, was whether given the I'm trying to find the word you used for ecosystem of privacy. Even though this particular hearing and the one on June 9th, are focused on PHRs, what we are hearing is related to EHRs. What we know from our previous hearings we know lots of information from our previous hearings that might relevant to meaningful use. I admit that while I am privy to the Executive Subcommittee's emails because I am staff to the Executive Subcommittee, I have not been reading them much because I have been working on planning this hearing but I do tend to read what my co-chairs say. One of the things that somebody said in an email was gee we have this summary of meaningful use but even though we heard people skimmed over privacy. It was mentioned vaguely. In the summary it came out as negative pejorative something. We need to fix that.
The question is would it be either appropriate or inappropriate for this committee aside from the fact that we have been hearing about PHRs particularly and we didn't ask about meaningful use. Rather than one of our long, complicated letters if we wanted to make one or two recommendations that said meaningful use ought to include this and this on privacy. We probably have the information and tools to do that if it would be appropriate to try to put something together for the June meeting and so that it would be timely. Something very narrow. Because I understand that in the meaningful use out of the meaning we are not specifically making recommendations, but Harry also said there's nothing to preclude us from - and Marjorie said of making recommendations on anything that we think might be timely and useful.
DR. FRANCIS: I think the way you put is helpful because it is a separate question I think whether we want to weigh in on meaningful use and what we want to say about PHRs. They are just separate issues. If we do want to weigh in on meaningful use what we are going to need to do is have this subcommittee look at the summary of the testimony when it gets ready for together with whatever - John and I spent a fair amount of time. We read through everything. I think there were 120 documents that are up on the website looking for what was said about privacy. We both have what are our small here it was, here it was, here it was, cut and paste out of the various submissions on that point and we could bring that to this committee as part of our discussion June 9th.
MR. HOUSTON: But I don't think we are necessarily compelled to have to be relying upon anybody's explicit input or hearings. We could provide common sense recommendations, right, from our perspective.
MS. GREENBERG: I assumed particularly after your review of the meaningful use testimony that one of the observations of the committee or of the executive subcommittee that people who participated in that hearing would be exactly what you just said. Certainly there was recognition. Nobody denied that privacy and security weren't foundational or important and it did come up occasionally, but that it was dealt with very cursory way. I don't think there was a specific question related to privacy and security so we weren't leading people that way. I think that is a very reasonable observation. Anything that I think was either dealt with a lot or not very much that you consider a gap. That is where I would see observations. The question is then I think that observation should be made. The question then is whether the committee wants to base on its work or in this area of privacy and security over the years makes any recommendations because they are related to meaningful use and privacy.
I understand where you are coming from, Harry. I think maybe it's just something we have to think about some more. I don't really think it's inappropriate for the committee to do that. I do think it should come from work you have already done from really recommendations you have made in the past. There is more than enough to draw on. I don't think it is just a question of gut feeling or whatever. It doesn't have to come out of this hearing or the previous hearing.
I will make an analogy when there was the rule making on the FDA rule making on controlled substances. I was having a hard time with that adjective. The committee commented based on work that it had done before and said we made these recommendations in the past and we think these are relevant, sent it to the departments. These continue to be relevant and in particular in this context. There is precedent of doing that although they didn't hold a particular hearing on that rule.
MR. HOUSTON: Here is my only concern though. Meaningful use has to be described in quantifiable terms. At the end of the day somebody is going to have put some criteria down that however many hundreds of thousands of providers can then certify to which means there has to be some, I hate to say it this way, laundry list of privacy and security things that somebody is going to say certify, yes, I comply with these things. It's going to have to be checklists.
MS. BERNSTEIN: I would call that list fair information practices.
MR. HOUSTON: But it is a checklist that's going to have to be fairly limited because I don't think you can have too many measures.
MS. GREENBERG: I am not recommending that you make a recommendation. I am just saying I don't feel it's inappropriate to if you decided to.
MR. HOUSTON: I think though that we have to be very - if we wrote a letter, I think the criteria that they are going to be willing to agree to in terms of meaningful use, in terms of privacy and security is just a few, very clear, very demonstrable measures that people can in a quantifiable way say either yes or no or I got this.
MS. BERNSTEIN: My idea, John, would not even get to that. When I had mine one or two recommendations is to say that there should be such a list and somebody should put it in their meaningful use and think about it. It doesn't have to be us dictating what it is but even if we had the simpler form of recommendation that said our observation at these hearings from what I understood from the email traffic was nobody said much about it but everybody acknowledged it was important. We want to recommend that something like this ought to be taken care of. There ought to be a measurable list.
MR. HOUSTON: But somebody needs to do something.
MS. BERNSTEIN: But the department can do that if you make that kind of recommendation.
DR. SUAREZ: It is an interesting process here. Number one I think the rule of order here is that committees I mean that's my understanding from my hearing when I came into the committee is that in order for the subcommittees to make recommendations, the recommendations have to come from hearings or from past evidence. If this committee were to make recommendations on meaningful use and privacy and security, it would be either from past testimonies or some other links because not all of us were at the meaningful use hearing. My recommendation is the meaningful use hearings were done, there is a report coming out, there is a series of observations being done that said that meaningful use whatever we were going to be asked us to that to do with respect to meaningful use will have to wait. We have to be respectful of the ONC process to ask for specific advice from specific FACAs. That would be my perspective. That's just my opinion I guess.
The other point I wanted to make is on this particular hearing that we are having here they are about personal health records and privacy and security. That should be our focus and people are going to be looking at the recommendations of that, how they fit into the larger ecosystem. Certainly there will be opportunities to discuss that, but I think we got to focus our attention on what we are doing.
DR. FRANCIS: Let me try to organize this for a second and say it is now 25 after and my thought would be that we ought to see if we can agree after the draft of the report is available. When will that report of the meaningful use hearings come out? It's done? Okay.
MR. REYNOLDS: It's already in David Blum's office. It's done. What I want to do is I want to read the observation that is currently in the draft that we are putting together.
MR. HOUSTON: Do we need to do anymore based on
MR. REYNOLDS: I want to make one comment about that. We have been writing privacy stuff on the NIH all along. The NIH is still in play as a philosophy. We have written a number of privacy letters related to things whether it is PHRs. We have been playing in this game for a long time. The statement we have in the draft observations not for public dissension. You know not announcing it but just using some wording that is under consideration, under things that testify or said as common observations. Privacy and security must be addressed in a definition of meaningful use of EHR and got a few other sentences in there. I'm not going to go any further for purposes of the right reason. The next thing is we have a PHR hearing that is continuing to add to the ecosystem. We make privacy recommendations based on the ecosystem and if they can use them in any other venue, good, but trying to take over a venue, trying to take over a definition, and trying to act like we own that definition would not be a wise opportunity with three FACA committees in play. I think we can just continue as we are, do what we do. We've done a good job of it in the past and keep moving at it and if somebody can use it in some other deliberations on this specific definition whatever it may be. Maybe it's PHR definition somewhere else. Maybe it's an HER. Maybe it's meaningful use. It doesn't matter then it can be used.
MR. HOUSTON: I went back to the stimulus bill privacy rule and looked at the language. I'm just going to read the first part because I think it's meaningful. It says study not later than one year after the date of an enactment of this title. The secretary in consultation with FTC shall conduct a study and submit a report under paragraph two on privacy and security requirements for entities that are not covered entities or business associates as of the date of enactment of this title including. And again I guess my thought is that is the language I see that really relates to PHRs. I guess when I read through the whole thing I'm not left with it saying that anything has to be done with this study after it is completed, but I do think that this is an opportunity to put some information into play that might be considered as a study is performed. So I guess probably the timing is good to put our two cents worth in. It is a nonbinding study as far as I can tell. It does contribute to the ecosystem and I guess if the FTC and HHS decide that they are going to go off and do a study and don't consider it then so be it as well.
MS. MCANDREW: I do believe at the end of that it does call for us to make recommendations.
MR. HOUSTON: Unless it's under a separate section and I'm missing. I just went through the one -
DR. FRANCIS: What I had actually wanted to do was close off as of four thirty the discussion on meaningful use and move to PHRs. I think what we should do on the meaningful use point I think what we should all do as members of the subcommittee is have a look at the analytic summary of the discussion that the committee had on meaningful use and see if there is anything that any of us want to bring from our prior work on privacy to simply point in connection with that analytic report. We could discuss that we could set aside a half an hour or 45 minutes on June 9th to discuss that. That seems to me to be a sensible way. Harry, does that work for you?
MR. REYNOLDS: The work we have done in the past is in play at all times. We can reference it for any number of reasons. Everything that we have written and done including what we are doing today and including what we did the other day was heard in hearings. We're not magically making anything up. We are pulling from what we used to have and we are pulling it from what we heard now and we are pulling from this hearing and we are deciding what we ought to say about something.
DR. FRANCIS: We will set aside some time specifically to discuss where there are things from our prior hearings, our prior documents, that we want to make sure to remind people of. Does that make good sense?
MR. REYNOLDS: I'm not running this committee. I'm just throwing it out there that when it comes to the full committee, if I'm sitting chair in the full committee, I'm going to struggle. One if we are making something up. Two if we are taking an assignment we don't have. But if we base it on everything we have done against an entire ecosystem I think we are making a service to a lot of people because again there are a lot of people on the ground running full speed, wide open full speed.
DR. SUAREZ: So you are saying June nine will bring this up for the full committee.
DR. FRANCIS: No, that's our subcommittee.
DR. SUAREZ: The subcommittee hearing that we will have before the full committee. What would be the impact of that? My question comes because right now we have delivered the summary, which will be published later in hopefully a few days, soon. We are expected to deliver some observations soon also. By the time we get to June 9th and 10th things would have already kind of out there. By virtue of having that discussion are we going to put something in a letter separately to bring up? Who would be the audience of the result of that discussion that we would have on meaningful use and privacy?
DR. FRANCIS: It was Harry who brought it up.
MR. REYNOLDS: The point is that we have to get the full committee warmed up on the fact that we are going to be putting out some more privacy stuff and every time we've done privacy it has taken more than one opportunity in the full committee to make anything happen. If anything came out of here that we could start warming them up on and if it was anything that was worthwhile that's reasonable comments that could be used by other people, fine because they are going to be announced and we're going to say it public. It's just happening fast now so let's don't talk about December to begin starting to do some things when a lot of the discussion that it is needed for - and remember we were the ones that said over and over again we got to get privacy moving along with everything that is happening and there is going to be a lot of effort and a lot of money and a lot of time spent in the next few months making stuff happen. We need to say what we are going to say and then we need to figure out whether or not how we do with it. I'm not making that up for this committee.
MR. HOUSTON: So what's our priority?
MR. REYNOLDS: I will leave that to the chairs of this committee.
MR. HOUSTON: What is our priority? Let's throw priorities and dates out there then if we want to make sure the train doesn't leave the station.
DR. FRANCIS: There is the question about the meaningful use point and we could simply say something like what you just said and what some of the others of us said a little while ago which was that the meaningful use hearings didn't include a lot about privacy and there should be some measurables as Maya said. That is something we could observe. Then we could decide if we wanted to say something more or we could our discussion for the remaining half an hour that we have to what we have heard about PHRs and what we are thinking about as we go forward to make what could be important recommendations that would be taken into account as part of the study and so on on the kinds of privacy issues and security issues that are raised by PHRs. So we could open the floor now. We could resolve if we are going to say anything. I haven't read the final draft of the report yet. It just went around and that's not even I'm sure an exactly a final draft. It's not a public draft in any event. I don't know that we are even in a position yet to say anything.
MR. REYNOLDS: The summary is done.
MS. GREENBERG: I don't believe the summary as submitted although I think the final version was sent to everybody.
MR. REYNOLDS: -- is available to everyone.
MS. GREENBERG: It is actually available to everybody but I am wondering if it has actually been sent to everyone. I know it hasn't been sent yet to the full committee. The question is whether we have sent it to the executive subcommittee and
MR. REYNOLDS: Other than a few basic edits it is not different than the summary that was reviewed on the phone last week. That is a fact.
MS. GREENBERG: I agree.
MS. BERNSTEIN: Is there some action that the executive subcommittee now needs to
MS. GREENBERG: That is essentially it.
MS. BERNSTEIN: Is there some action that the chair or the executive subcommittee now needs to take to make that public?
MR. REYNOLDS: All we wanted to do was since Dr. Blumenthal and ONC were our customer we wanted to make sure it was in the hand of our customer so we knew they had it so that it didn't hit the Internet, it didn't hit anything and read about in the paper - that is a courtesy that we afforded.
MR. HOUSTON: For the purpose of this committee does it make sense to the read the couple sentences about privacy and security that are in the summary? I could do that. I have it in front of me if you would like.
MR. REYNOLDS: Purposely today I would love to what we just heard. You guys figure this out as to how you think
MS. BERNSTEIN: Can I just make a couple of observations and then we can move on. I think the only reason we are talking about this is just because this is the first time this subcommittee has met since the ARRA has passed and all this activity is happening. I don't think it is a problem that we are talking about this now.
The second thing is in response in particular to Walter about I don't want the committee members particularly the newer committee members to get the idea that we respond only to assignments. We do not and that is what Marjorie was saying. You are free to make recommendations on any topic you want to the secretary that you think is appropriate and timely and so forth or if you are wrong about that your recommendation just won't be well received. Basically the idea of the committee is to figure out what is timely and useful and you don't have to wait for ONC to ask you or for anyone to ask you to do something and we are basically not confined to what they have asked. In this case they asked us to do something in particular we did it, but that doesn't mean that's all we can do on that topic. If at some point we decide to make further recommendations about that we can.
The other thing I wanted to say also to John's point about legislation just because the ARRA passed it's not likely the Congress is going to take up that thing again, but if you believe that there is something wrong in it or that we need to make recommendations for legislation, you can make those recommendations. The Secretary should make a recommendation for the following sort of legislation and that's a fine recommendation as well if you think there is legislative change that is needed that is a recommendation you can make.
All of those things are open to the committee. I don't want you to feel constrained in a way on the kinds of topics that we are thinking about.
MR. REYNOLDS: I just want to add one thing to that. In the past there weren't three FACA committees. We owe a courtesy to the new process. That's all I am saying. Everything you said I am not disagreeing with so don't anybody take it any different than that; however, until we all understand we just owe a courtesy. I'm the one that is recommending us moving forward on privacy so I don't want anybody thinking anything different, but I am just saying what we will for the right reasons consider courtesy and consider communication because what we are doing and what ONC are doing are both under HHS. We have to keep that in mind in all instances. I just ask for a courtesy. That is all I am talking about is courtesy. If we become too courteous we have no purpose ourselves. If we don't become courteous we may have just stepped on something we don't need to be stepping on quite as hard as we think we would step on. That is all I'm saying. Just take that into consideration. Please move forward. Please be the privacy subcommittee of NCVHS. Please recommend what you want to and some of the rest of us will take the courtesy items into consideration.
MS. BERNSTEIN: I agree. We have had these similar committees anyway for several years now. It hasn't always worked so well and I think the fact that we have leadership that wants to make it better coordinated and to figure out how to make that work is a good thing.
DR. FRANCIS: Could I turn us to the PHR discussion? I was going to suggest a slightly different way of handling this which is to go around the room and maybe even to start with Amy one at a time and to have each person say one thing that they think we shouldn't lose sight of from what you heard today that we should not lose sight of. One important thing that as we move forward in the questioning or thinking about recommendations or even pre-recommendations thinking about an analytical summary. One thing that you heard that you want to make sure we don't lose sight of.
MS. CHAPPER: We will come back to you if you want to think about it.
MS. KHAN: What I thought I heard was that education is a really important aspect. Education. Educating the public whether it is by the website or different modes of education.
MS. MILAM: I am going to add a little preface. I think we heard that there may be some gaps with specially protected information and I think we also know in ARRA that some personal health records could be business associates and there might be an opportunity to help HHS figure out what those regs are, but I think I heard overwhelmingly is that this is a really new tool for consumers. It's not like anything we have had before. I think it needs its own set I heard that things need to settle for a while and once they settle we need to look at this entirely new paradigm and help clear away some of the existing barriers that may be in state law or other places that really have no relevance in this model today.
MR. REYNOLDS: I guess what I would summarize today is I think with where we are now versus where we are going we have a naïve vision of where we are at the moment, a very naïve vision. You asked my personal opinion because we talk about the health citizen. We talk about some of these other things and that is one piece. There are complicated contractual relationships between that person and many other entities. Those companies and many other entities and so I think consumerism is fine if it's point to point, just that person, just to that environment. In this health system there are so many relationships that are contractual and so on whether it is a doctor/patient, whether it is the payor/doctor, whether it is whoever has the PHR system or these other things. I think just looking at one piece by itself is a little naïve as to how it is all going to work in the end and where the data is going to end up being and so on. Great information today and it made me think a whole lot differently. I'm not sure what to do with it yet.
MS. BERNSTEIN: One thing that I heard in different ways from more than one of our witnesses is that putting the burden of protecting privacy on individuals and individual patients is a mistake and that we need to think about what the right rules should be not in a paternalistic fashion but we need to have I think Mr. Weitzner said some kind of national dialogue about what those rules should be and perhaps how they should be enforce. Other people sort of described this in a different way by saying a long checklist of everything you have to think about. That is not helpful. It doesn't increase trust. It decreases trust. I would like to keep mindful of that. That where we are placing the burden on helping people probably shouldn't be on the people we are trying to help.
DR. FRANCIS: I guess I will just comment that I heard a lot of tensions about what the right if any regulatory environment is and whether it is the FTC which is really viewing it as commercial and contract and fair information practices and putting it on the consumer or whether the right regulatory framework is something more like HIPAA which people were clearly not thinking it was and the state/federal interface as well.
MR. HOUSTON: I really don't have any thoughts yet.
DR. TANG: I think that we need to explore the privacy checks and policy as we accelerate adoption of HIT and increase the innovation around HIT. Personally I think that the status quo is not good enough. I think in the context of today which is not PHR as a software, but the spread of personal information outside of the traditional covered entity is one that is potentially more dangerous than where the EHR is. The reason is because EHRs are operated by covered entities. They already have a federal form. I think the consumer data that is out there some of which are in PHRs have now protection. That is what I mean by this status quo is not good enough. There is a sense of urgency for the same reason that we are urgently or accelerating at least the adoption of making health data into computers. That means there is going to be more personal data outside of EHR existing and I think we need to have policies that protect that on behalf of the consumers.
DR. SUAREZ: The most significant thing I heard was the challenge of finding the right balance on what the regulatory framework should be. But one important thing I think I heard was when you ask people do you think we need a regulatory framework for PHRs, I heard in the very first panel all of them said no. It is too early. You don't want to minimize innovation. This is a starting and it is just the beginning. We are in the beta or alpha or however they call it model one, Model T, model A. But then I think what I thought I understood was they were thinking of regulations in the sense of how we are looking at EHRs, certification, meaningful use, those kinds of things, but when you turn around and refocus the question around shouldn't there be some privacy and security protections afforded to consumers that use the products? The answer was in my understanding was yes I think there should be. My concern is that there is a lot of hiding behind the sense that this is so early, this is just starting; this is a new kind of set of products. We shouldn't regulate it yet. But at the same time there is that type of urgency of saying it is because you are so early. It is because of those kinds of things. You are already collecting millions of records that there should be some immediate protection, privacy and security protection afforded to consumers that are going to use those products. When you begin to refine the question around regulatory framework, you begin to understand. Their own views I think was yes I think there should be some although there were some variant perspectives around that. That was quite an interesting element.
The second thing I wanted to mention was a point that I have been in my mind so much and that is the granularity of the controls. I think that is still a major challenge on what data to protect by - for what purpose to be released how. Those kinds of features and aspects are still very much troubling in the sense that there is no guidance around that.
MS. GREENBERG: Let me just say first I thought it was a really interesting day and thank the chairs and co-chairs and Maya for working with the rest of the subcommittee and putting together this very interesting day and I am sure the rest of the hearings will be equally interesting.
I would say that even though we haven't yet gotten to the panel on consumer advocates and attitudes, it was the most consumer-focused hearing that I almost ever been to of the National Committee. I thought that was really great in that I think obviously the people who are working on personal health records their main constituency are consumers, citizens, citizens, that is whom they are for. Now what their business model are et cetera is another story. I won't get into that analysis.
They have to listen to consumers and need to know what is important to consumers or otherwise they wouldn't have any business model. I think that was kind of refreshing to me. A lot of things that we have talked about in other subcommittees or on other days or whatever whether it is medical home or things related to other privacy, issues was kind of like a microcosm of them almost. They were coming back or bubbling up, but from this new perspective or this somewhat different perspective and for understandable reasons, but in the meaningful use hearings you didn't hear them much about consumers. I thought this was a nice complement to that.
I agree with Hetty. I am glad Hetty picked up on the education. We have talked for many, many years about health literacy, education, whether it is related to privacy, whatever it is related to. We have never really been able to get a handle on what to do about it other than to maybe make some recommendations that other people should do something about it. It does come back to that as being very important.
Just one other thing, and that was again a déjà vu in a different context, the quality workgroup when it was a quality work group, but this whole issue of claims data. Truth in advertising here. I am eager to meet Dave and I think his experience was important. He will be here June 9th. I think it was a very telling experience and it certainly caught everyone's imagination, but I thought that the rationale that was given principally I think from the WebMD, for the fact that - it is sort of like when we talked about it with quality stuff. We don't want to use data, we want to use electronic health records and that was several years ago and nobody even had electronic health records. Even now we know the penetration is very low. There is this data out there where the penetration is very high for everybody who is insured. I think there has been somewhat of an overreaction to that and I thought what he said was very useful and I look forward to that being captured in the minutes.
Also the fact that we should know. If our claims data if data going into claims are completely not representing really what our health problems are, ignorance is not bliss. That told him and maybe there was some missed coding or other problems we won't go into it, but I thought that was a very useful exchange and I thank Paul for raising the question.
MS. WATTENBERG: To pick up on what Maya said about what she heard is don't burden the patient or the consumer with having to be the decision maker and controlling all this stuff. I heard that but I also heard a difference of opinion, which is that it depends on the model. I think it is important to understand that there are lots of different models that are blooming and that the extent to which consumers control the information needs to relate directly to that model. One of the things that I thought was interesting was that some people said the amount of information is just overwhelming. There is no way for the consumer to understand it and yet I also heard I think it was from Microsoft say that they have this method of pursing out data so that people can make very meaningful choices. I think that is also a difference of opinion and I would like in the future testimony to kind of hear from people what they think is helpful, what they think isn't helpful.
The other thing is just to always keep I notice not so much in the testimony but in some of the paperwork that we had gotten the use of language and how still and precise it is. In some of the paperwork the way in which they were talking about consents really does not comport with how we have used consent here. It didn't even really comport with how we use authorization under HIPAA which is when you are talking about a truly consumer-oriented tool becomes even more important both in terms of education and all of that stuff that were clear about what all these different terms mean were clear about who the customer is and what does that mean because it takes on a different kind of necessity when it is now their personal health record that it is a different kind of education and understanding that they need to have in the context of EHRs.
MS. MCANDREW: I think the thing that I took away really came up from the first panel which in a way goes to the importance perhaps of continuing a distinction between the expectations of an EMR and the expectations of a PHR and the consumer facing values of a PHR but not the health reform values that the PHR is going to be a side show with regard to health reform. I think what I was keying in on was and it may get back to the meaningful use definition, but the health reform impact of electronic information and interconnected electronic information is the use of this data and pushing the use of this data and the tensions that that does bring in terms of privacy to the point that there may well be much more room in the electronic health records space for uses that are assumed going back much more to the current HIPAA model of TP&O and making sure quality is in there, making sure even public health is in there, possibly even making sure that research is in there going forward. That they will be automatic assumed uses of this information in order to get the most value out of this information in order to get the most savings out of going with electronic systems. This does push against privacy. It certainly pushes against control and choice other than a general in or out. I think that that to me says at least with respect to personal health records that there is still value there. There is great consumer value there. This is going to be the portal for consumers to have their access to this information to be able to use it as they want even while the underlying system is doing what it needs to do in order to get the efficiencies and the economies making all of this information digital and an inner exchangeable. I think that presents a slightly different environment as this committee proceeds with making privacy and security not so much security because I think that's always going to be there, but certainly privacy expectations with respect to this information.
The other observation that I would come away with is that trying to come up with a balance in particularly, regulatory balance in this area is hard and so welcome to my world.
PARTICIPANT: Sarah wants to say one more thing and I also want to go back to Amy. Is Gail on the phone still? Do we know? I want to make sure that Gail gets her two cents too. Gail, do you want to chip in first?
MS. HORLICK: I think some of the couple of the points that I had were just made. I think that one of the things that struck me I think maybe Harry mentioned earlier about after all the deliberations the committee did on sensitive data and blocking and flagging and masking how we heard more than one person say that the advocates all say no. It is all sensitive. You can't distinguish. I was very struck by that and how it was balance to everything we had discussed. That and the regulatory issues as well.
MS. CHAPPER: Well, I guess I should have gone a little sooner since certainly a lot was said, but from the beginning it seemed like a lot of the testimony was about trust and what is in the best interest of the patient and then our own concerns about privacy and security and yet all these PHR vendors and activities going on with their data and this idea that well we will let this go while we look at other things. Let it all kind of play out. I just think that's a really big concern that it's all out there or a lot of it is out there. Then when I hear about the meaningful use discussion, I have to say I really thought that related to the EHRs as opposed to the personal health records. I'm just a little confused with that, but you all know.
MS. WATTENBERG: Just in thinking about this issue of what does the future really hold. It got touched on a little bit and we were talking about it at lunch a little bit too is depending on how this whole health reform thing shakes out. You know the whole privacy paradigm could really shift. You know the easy one to think about is if part of privacy is protecting against insurance discrimination and we move to a system where health and pre-existing conditions don't matter. If you leave one plan there is an opportunity to go to another one. You have removed a sloth of discrimination that no longer needs protection against which you no longer need protection. I think that the consumer perception of privacy need is really going to undergo big shifts if in fact privacy is a proxy for failed health system and the health system improves those kinds of things. That those really I think are the paradigm shifts that are at work. I don't know where it's going to all play out, but I just feel like I always do which is we are going to do all this work and then in three years nobody is going to care anymore about this and we are going to be onto something else. But I do think that that's really when you look at the future it is about information merging. It is about systems changing so radically that whatever we do have to be sufficient but a loose fix so that we are not overly getting tied into something.
DR. FRANCIS: We are at five o'clock. I want to thank everybody for a wonderfully rich day and we will resume this set of hearings tomorrow at nine in this room.
(Whereupon, the meeting adjourned at 5:00 p.m.)