[NYAPRS Enews] OM: Do You Want "Granular" Control Over Your Health Record?

[Briana Gilmore]

NYAPRS Note: It seems to be the buzz word of the season: "granular". When talking about healthcare data, though, what does it really mean? The ability to capture unique client data for policy makers and health industry firms simply boosts the ability to effectively aggregate it. Meaning, granular data's biggest appeal is its power to become larger data sets that can inform spending, policy, and population health. But for many providers and for healthcare clients, granular data can be more about understanding and manipulating the particular elements of health interactions that lead to detailed outcomes. This difference in how granular data can be used may, as indicated in the article below, create tensions between an industry that relies on aggregated data for its survival (ie relevance) and an increasing consumer demand that begs a person-centered, individually tailored approach to health delivery.

Do You Want "Granular" Control Over Your Health Record?
Open Minds; Monica Oss, 10/7/2014
Developed by OPEN MINDS, 163 York Street, Gettysburg PA 17325, www.openminds.com<http://www.openminds.com>.  All rights reserved.
You may not alter, transform, or build upon this work. You may not use this work for commercial purposes without written permission from OPEN MINDS.

The steady growth of coordinated care models and value-based reimbursements are dependent on exchanging a lot of consumer health information - payers want better management of health care spending; provider organizations need to "plug in" to be effective, and clinical professionals want data for better decision making.  All of this relies on "big data" and analytics - which in turn is dependent on access to detailed data on consumer health status. Most of these activities are covered by the Health Insurance Portability and Accountability Act (HIPAA). But a question remains, which could throw a wrench in this "data nirvana" scenario. Should consumers have "granular" control of their personal health records?
By granular, consumers would have control over "the collection, use, and disclosure of their health information", specifically over information within their health care records. The question was tested in a recent study published as an article, Patients Want Granular Privacy Control Over Health Information in Electronic Medical Records<http://www.medscape.com/viewarticle/776925>, in the Journal of the American Medical Informatics Association: JAMIA<http://www.medscape.com/viewpublication/10309>. In summary, the study found that consumers are willing to share broad amounts of information with their primary care physicians - but wanted the right to restrict what was shared with specialists and other health care stakeholders.  Another survey of consumers with chronic conditions (see Majority of U.S. Consumers with Chronic Conditions Believe Accessing Medical Records Online Outweighs Privacy Risks, According to Accenture Survey<http://newsroom.accenture.com/news/majority-of-us-consumers-with-chronic-conditions-believe-accessing-medical-records-online-outweighs-privacy-risks-ccording-to-accenture-survey.htm>) found that 69% want on-line access to their own medical records; 87% want control over their personal health data; but 55% believe they don't have any control over that information.
>From a technology perspective, is "granular" control of consumer data possible? Yes - technology exists that could allow consumers to "set rights" within a record controlling which providers have access to which information. But, there are some disadvantages of granular privacy rights, including complexity on the provider organization end (organizations that are struggling to get basic EHR functionality working) and "incomplete" records for "big data" for research and treatment. And then there is the "data aggregator" business - giving consumers rights to granular control of data would interfere with the robust trade in aggregating and selling data for all kinds of non-health care purposes. (We have previously covered this issue in a number of articles including  FTC Analysis Of 12 Consumer Fitness Apps & Devices Found Consumer Health Information Shared With 76 Different Third Parties<http://www.openminds.com/market-intelligence/news/personal-health-information-collected-mobile-fitness-apps-wearable-fitness-devices-can-sold-third-parties-without-hipaa-violation.htm/>, Proactive Wellness Or Creepy?<http://www.openminds.com/market-intelligence/executive-briefings/consumers-trust-privacy.htm/>,  Is An EHR Ever "Free"?<http://www.openminds.com/market-intelligence/executive-briefings/092313-free-ehr.htm>, and Who Owns Patient Records?<http://www.openminds.com/market-intelligence/executive-briefings/101613-owns-ehr-data.htm>.)
For consumer the issues are two-fold. In an era where data breaches are in the headlines on a weekly basis (see Idaho Medicaid Contractor Optum Idaho Under Investigation For Data Disclosures<http://www.openminds.com/market-intelligence/bulletins/ocr-investigating-idaho-medicaid-contractor-optum-idaho-data-disclosures.htm/>, Community Health Systems Reports Data Breach<http://www.openminds.com/market-intelligence/bulletins/community-health-systems-reports-data-breach.htm/>, and 43% Of Personal Information Exposures Due To Medical Record Breaches<http://www.openminds.com/market-intelligence/news/43-personal-information-exposures-due-medical-record-breaches.htm/>), consumers increasingly want control. And, despite all assurances to the contrary, we have seen that even de-identified data can be aggregated, reanalyzed, and identified (see Can You Be Re-Identified?<http://www.openminds.com/market-intelligence/executive-briefings/060312-patient-privacy.htm>).
I'm not sure if this is an issue "with legs" or not, from either a marketing or policy perspective. Exactly who is concerned about personal data privacy is an issue - is this a cohort issue and only of interest to the "over 50" crowd?  Or is this an enduring issue for consumers?  (For more on that check, out Home Depot and JPMorgan are doing fine. Is it a sign we're numb to data breaches?<http://www.washingtonpost.com/news/get-there/wp/2014/10/06/home-depot-and-jpmorgan-are-doing-fine-is-it-a-sign-were-numb-to-data-breaches/>, in today's Washington Post.) Will we see competition between health plans and health care provider organizations based on "respect for consumer privacy"?  Though I don't know the answer, this isn't an issue that is going away (see The Integrated Personal Health Record and the Involved Consumer<http://www.openminds.com/market-intelligence/resources/081809integratedpersonal.htm>). In the meantime, check out these presentations about consumer privacy:
1.   A Future Perspective: Have We Seen The End Of Consumer Privacy In Health Care?<http://www.openminds.com/market-intelligence/resources/101712tiiprivacy.htm>
2.   Beyond Security: What We Can Expect to See in Patient Privacy Issues & Challenges From an Obama or McCain Administration<http://www.openminds.com/market-intelligence/resources/103008peelkeynote_ibhi08.htm>
3.   Privacy, Portability, and the Future of Personal Health Records<http://www.openminds.com/market-intelligence/resources/111110privacyportability.htm>

For more, check out the upcoming session at the 2014 OPEN MINDS Technology & Informatics Institute<http://www.openminds.com/technology/agenda/> - Preventing A Data Breach: How To Protect Your Data In A World Of Electronic Health Records, Health Information Exchange & HIPAA<http://www.openminds.com/technology/agenda/>, featuring Kate Borten, President, The Marblehead Group, and OPEN MINDS Senior Associate, Sun Vega.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kilakwa.net/pipermail/nyaprs_kilakwa.net/attachments/20141008/6cd449fb/attachment.html>