Social Organ Donation?

It’s all over the place that facebook is now encouraging users to report their organ donor status, along with all the other stuff in your profile. The San Jose Mercury News has even reported that it’s already increasing registrations in California. What gives?

Nurse: The upshot is that Facebook hopes that asking people to list their organ donor status on their Facebook page will create peer pressure to sign up as a registered donor. This is a potentially good strategy to get people who would be fine with organ donation, but never bothered to sign up, to do it, or at least to think and/or talk about the issue. Especially if Facebook uses their spying/linking/advertising mojo to link you to your DMV. No harm there, right? Interesting– framing organ donation as a social issue.  I can’t really see a valid argument that peer pressure will cause people who aren’t ok with donation to sign up. I don’t see this as controversial, but then again, I’m usually wrong about that kind of thing. . . 

Lawyer: I guess it just depends on whether you see it as a personal/private kind of decision, or whether the “greater good” notion of having a donor registry to begin with really makes it a public-spirited thing anyway. Is it just sort of like the “I voted” sticker that you get on election days? Like the tote bag or bumper sticker that says you gave to NPR? Or is it somehow more private because it’s about your body? I guess I agree that I have a hard time objecting, especially since as I understand it, you can leave it blank, and it never appears. 

Nurse: The interesting question was whether Facebook could ever be used as a source of information for hospitals about the patient’s wishes if they did not officially register. The article suggests that, rather, Facebook could let the family, who makes the decision if the patent didn’t register, know what the patient wanted– essentially that they would have consented. Could it ever lead to a direct use by hospitals of this information? Probably not anytime soon, but it sounds like Facebook is adding more health features to its site– maybe we are moving towards an online “personal health record” style repository of information that could, some day, be useful in that way– but honestly, I don’t see that happening yet.

Lawyer: And ew, would you want it to? I already find it sort of annoying when people use status updates to report on their various symptoms and/or dietary and exercise achievements. A platform that’s created to be social and very adept at trying to sell you things based on your personal information seems like a bad place for personal health information.

As to the consent issue, I think that’s probably right — and it probably would lead to at least some increase in donations, assuming there are a fair number of cases where the family says no because they’re not sure whether the person wanted it. But then, I like all kinds of things on facebook. You have to wonder if any of that could come into play after you’d died. (Imagine leaving a big chunk of money to a charity which, unknown to you, has dispanded before you die; what do they do with the cash? I could see using an online profile to find information about what you would’ve wanted.)

And with my cynic hat temporarily on: Surely they did this to get some good press as a socially positive company in advance of their IPO…?

It’s all happening!

Well, I guess we weren’t the only ones who read the “HITECH” part of the stimulus bill. Companies have kicked their marketing machines into gear to try to cash in on this whole thing.

WalMart wants to sell your doctor a package of Dell computers, eClinicalWorks software, training, and support.  Which is interesting. On the one hand, I’m not sure I want anyone to buy the system that tracks my sensitive information at Sam’s Club. Especially given that no attention has been given, at least in this initial coverage, to security.

On the other hand, if you really support the adoption of this stuff, this is probably the way to get it out there. Can you get any more mainstream than WalMart? And if they distribute it efficiently enough  make it cheap enough that the rebates from the stimulus bill will actually cover a decent portion of it, goshdarnit, some doctors might actually use it.  So the jury’s still out — might work, but please start telling us how you’re going to make this safe!

Another recent PR move comes, oddly, from Apple. They seem to be trying to convince medical practices that Macs, being so convenient, easy to use, and, well, shiny, are best because they won’t have to waste time on training, and patients don’t mind having them in the room. Apple: please don’t discourage companies from training the health care professionals. With all the issues involved, there is no such thing as a plug-and-play EHR system.

Also, the example they used was from Canada.  Seems that there are no Mac-friendly EHR suites approved in the US? eClinicalWorks, the WalMart pick, is available in (limited) mobile version for the iPhone but not for the Blackberry. But you can only run it on a Mac if you use Boot Camp. Hmmm. What’s going on?

Don’t get me wrong. I love Macs. I even have the little white apple sticker on my car.  But this “news item” seems a little misguided to me. Guess they weren’t really counting on much attention there anyway, since all eyes are on the unbelievably tiny new iPod.

And neither story even mentions security! Like, not even to say “of course, all of this will be secure.” The only mention of it I found was as a vague excuse for why the iPhone app for eClinicalWorks isn’t more fully-featured.

America: the commerce machine is on. Don’t get swept away.

What’s actually in the bill

Because I am the nerdiest nerd around, I actually read the relevant portion of the stimulus bill. And while I was doing that, I took notes. In outline form. Which essentially reproduced the TOC at the beginning of the bill, but in a format that’s easier to read and understand. So if you happen to be curious about what’s actually covered in the HITECH Act, or what kind of form it’s in, check this out.

(You can, of course, also read the whole bill here.)

Title XIII – Health Information Technology

Sec. 13001. Short title; table of contents of title.

Subtitle APromotion of Health Information Technology

Part I – Improving Health Care Quality, Safety, and Efficiency

Sec. 13101: Standards Development and Adoption. (Adding to Public Health Service Act.) These sections comprise Title XXX of that act.

Sec. 3001. Office of the National Coordinator for Health Info. Tech.

Sec. 3002. HIT Policy Committee

Sec. 3003. HIT Standards Committee

Sec. 3004. Process for adoption of endorsed recommendations, adoption of initial set of standards, implementation, specifications, and certification criteria.

Sec. 3005. Application and use of adopted standards and implementation specifications by federal agencies.

Sec. 3006. Voluntary application and use of adopted standards and implementation specifications by private entities.

Sec. 3007. Federal health information technology

Sec. 3008. Transitions.

Sec. 3009. Miscellaneous Provisions.

Sec. 13102. Technical Amendment.

Part II – Applications and use of adopted health information technology standards; reports

Sec. 13111: Coordination of federal activities with adopted standards and implementation specifications

Sec. 13112. Application to private entities.

Sec. 13113. Study and reports.

Subtitle B – Testing of Health Information Technology

Sec. 13201. National institute for standards and technology testing.

Sec. 13202. Research and development programs.

Subtitle C – Grants and Loans Funding

Sec. 13301. The following will be added to Title XXX of Public Health Service Act, as created above.

Subtitle B – Incentives for the Use of Health Information Technology.

Sec. 3011. Immediate funding to strengthen the health information technology infrastructure.

Sec. 3012. Health Information Technology Implementation Assistance.

Sec. 3013. State grants to promote health information technology.

Sec. 3014. Competitive grants to states and Indian tribes for the development of loan programs to facilitate the widespread adoption of certified HER technology.

Sec. 3015. Demonstration program to integrate information technology into clinical education.

Sec. 3016. Information technology professionals in health care.

Sec. 3017. General grant and loan provisions.

Sec. 3018. Authorization for appropriations.

Subtitle D – Privacy

Sec. 13400. Definitions

Part 1: Improved privacy provisions and security provisions.

Sec. 13401. Application of security provisions and penalties to business associates of covered entities; annual guidance on security provisions.

Sec. 13402. Notification in the case of breach.

Sec. 13403. Education on health information privacy.

Sec. 13404. Application of privacy provisions and penalties to business associates of covered entities.

Sec. 13405. Restrictions on certain disclosures and sales of health information; accounting of certain protected health information disclosures; access to certain information in electronic format.

Sec. 13406. Conditions on certain contacts as part of health care operations.

Sec. 13407. Temporary breach notification requirement for vendors of personal health records and other non-HIPAA covered entities.

Sec. 13408. Business associate contracts required for certain entities.

Sec. 13409. Clarification of application of wrongful disclosures criminal penalties.

Sec. 13410. Improved enforcement.

Sec. 13411. Audits.

Part 2: Relationship to other laws; regulatory references; effective date; reports.

Sec. 13421. Relationship to other laws.

Sec. 13422. Regulatory references.

Sec. 13423. Effective Date.

Sec. 13434. Studies, reports, guidance.

Ping-Pong Post: Electronic Health Records

The stimulus bill includes an extensive title on Health Information Technology. And your very own “Lawyer” read the entire Title. (Okay, fine. She skipped the section on grants and loans. But she read the rest of it.)  Let’s take a look at the good, the bad, and the ugly.

Lawyer: If we could absolutely guarantee total privacy of these records, (granted, we can’t,) would there be objections to the system? There are clearly many potential benefits — both for any individual patient’s care (diagnosing, preventing duplicate tests, avoiding drug conflicts, more please, nurse?) but are there any potential pitfalls from a healthcare standpoint?

Nurse: There is the potential for a provider to be lazy or for a tricky diagnosis to be missed if we assume that the record is accurate, or we are influenced by what someone else has entered. Also I would like to think that knowledge of previous conditions or things like drug abuse would only be used in a patient’s best interest, but some healthcare providers judge and discriminate inappropriately. It might be easier to do this with electronic medical records.

Lawyer: Privacy is obviously a huge concern. Of the 60-some page section of the bill devoted to this program, 20-some are devoted exclusively to the privacy and security measures being undertaken, including the appointment of a point person whose entire job is to oversee the development, testing, and approval of security measures for this thing. What are the practical concerns about security? I mean, yes, there is the icky feeling of violation, and that is legitimate. But beyond that, what should we fear?
What else? What are we *actually* afraid of here?

Nurse: When people rely on private, employer-based insurance, they may be denied coverage for certain conditions, or they may face discrimination.

Lawyer: So I guess the question is who is going to have access to what parts of these records. The bill doesn’t specify – it only specifies which entities and various appointed people will set these standards and develop and assess the technologies to carry them out.

Nurse: There are already more stringent privacy laws attached to diagnoses like HIV. How will this be carried forward? How is that protection approached in the context of a comprehensive and accessible electronic record?

Lawyer: Another really good question. And I don’t know – I don’t know how it works now, either. I do know that the law specifies the use of limited data sets, with a minimum-necessary standard – so in, say, a public health or research setting, your name, SSN, etc, would never be attached to your sensitive diagnoses.

Nurse: I think it’s possible, also, that patients would delay care or avoid medical situations if they didn’t want something in their record of if they knew something was there.

Lawyer: The authors of the bill are definitely aware of that concern – but I’m not sure they have a good solution. They even mention that concern specifically in the bill and specify the need for educational efforts to reduce that sort of behavior.

On a related note, one of the provisions that’s been catching a lot of attention is that they’re attempting to establish an electronic health record for every person in the United States by 2014. It looks like (though I’m not entirely sure how to interpret this language) people can request that their information not be disclosed, as long as the request isn’t surrounding the need for payment for a service. (You can’t opt out of having the information about what procedure was performed that they owe money on go to your insurance carrier unless you’re paying for it out of pocket.) And even then, it will be a “minimum necessary” disclosure. Which I guess makes sense.

Nurse: What if information is lost or stolen, what are the backups in place? There have been several recent cases of hospitalized celebrities having their privacy breeched. I see potential for that kind of abuse here.

Lawyer: The way this bill is written, it’s already assuming that we will come up with security provisions that are sufficient. The bill doesn’t specify what the safeguards will be – it discusses how they will be evaluated and adopted. It also discusses the penalties for entities that allow any sort of security breech. In other words, we’re no longer asking whether this might be feasible. We’re assuming it will be, though we don’t yet have the measures in place or the technologies developed. Is this warranted? TJ Maxx might’ve been broken into, but online baking remains safe and secure. So my feeling is, it should be fine, as long as sufficient care is taken, and it’s certainly written into the bill.

Nurse: The perfect is the enemy of the good, and it’s not perfect now, so we do stand to lose by getting bogged down. Where is the dividing line between useful improvements and endless legal tinkering? There are MANY advantages:

-It would potentially save a lot of money, both in unecessary tests and treatments and in provider hours used, to have medical histories accessible even for patients who cannot tell us or don’t know their own history. Even in my limited clinical experience, I’ve seen a number of criticallly ill patients without a good history, and this undeniably affects our ability to give them the best care.

-It could potentially be life-saving to have pertinent medical info at hand when a patient arrives in an emergency situation—knowing an allergy or a condition or a blood type, for example.

-It would cut down on unintentional errors and intentional abuse that occurs when a single patient sees multiple doctors and doesn’t mention all medications and treatments being used. Allowing pharmacies and physicians to access an entire record would absolutely help to avoid what are now strikingly common errors.

-Within a hospital, even, it makes a difference. I’ve worked at places where different parts of the record and orders systems were computerized, and there are far fewer mistakes and generally less wasted time when the paper steps are removed all together.

-Patients can be greatly empowered by having access to their own health information. It would also perhaps help to promote accountability on the part of providers.

Lawyer: Yeah! Way to go, Nurse. I would like to point out that the bill dictates the composition of the HIT policy committee, and it specifies two health care providers, one of which must be a physician. It doesn’t say anything about the other, but they’d better pick a NURSE! Also, think the office of the National Coordinator will need a legal intern in the summer of 2010? Cause I might be available…