Every person in the USA who takes a drug and experiences a side effect, or gets sick and is treated in some way and survives or dies is a data point.
To improve medical treatment for those of us who are still alive, unbiased data is critical. To get unbiased data, you either need all medical records, complete with all relevant information, or you need a random sampling from the set of all records.
This is incompatible with the default idea of “privacy”. I am aware that there are exceptions to HIPAA, attempts to anonymize medical records, and people can sign away their rights to privacy. But this isn’t really very efficient and voluntary releases bias the data.
For me personally, the only medical records that I feel should be kept private are psychiatric/psychological and any statement I have said verbally, or request for treatment related to STDs. And once I am no longer alive, I have no remaining privacy interest.
I feel like all medical records should be kept in massive cloud databases (“google health”), not socked away in individual clinics and hospital networks, and accessible to all authorized physicians who are seeing a specific patient. (no more filling out the same goddamn form every doctor you go to, and patients will no longer forget critical information in the “have you EVER” section)
This sort of centralization and global access would also make it possible to prevent nearly all the opiate over-prescribing and other abuses.
I don’t feel that the desire of individuals to feel they have privacy exceeds the real value their fates have to other people in potentially surviving their illnesses.
What happens when you don’t get hired/get fired because your boss finds out your broke your knee a few years back?
What happens when you can’t rent an apartment because all your potential landlords see that you have hepatitis?
If I’m an employer choosing between two potential employees, all else being equal, why would I pick the one that has a history of heart issues or seizures or anything else that could make them a liability?
I can see the desirability of extending this to treatment for substance abuse and admittedly there’s no real bright line even then to say “this is as far as we need to go”.
That said, I can picture the technology eventually affecting the issue - home blood testers and other portable diagnostic devices will allow individuals and families to compile their own medical data in quantity and to be useful, they’ll have to upload it somebody for analysis, and at that point the individual has as much control over the data as they do over all the info Facebook is constantly compiling on them.
Spain’s regional healthcare databases are mined for epidemiological data constantly, without individual records being shuffled about to anybody who shouldn’t have them. The hardest part is getting all the data, but that’s just an interfaces/data-mining issue.
We’re also supposed to get at least one yearly checkup as part of our job-related healthcare. The employer gets an OK, a reduced (in which case the cause of the reduction and the limits thereof are spelled out) or a medical leave (specific causes are spelled out). Note that if someone gets reduction or leave, the only information given to their employer is what’s directly linked to the administrative/medical situation: they’re not going to get any other findings. Employers do sometimes fire someone for medical reasons, but the judges consistantly fail in favor of the employee (it’s pretty easy to document, after all).
Why would making your epidemiological data available to epidemiologists land it in the hands of your boss or of every landlord in your area? Where do you live, Epidemiologyville?
I’ve had a couple of medical issues this year that have necessitated appointments with several new providers. I answer the same damn questions each time and fill out the same drug list each time. And then when my prescription needs change, I have to update that info at each provider.
This info should be in one spot, as SamuelA suggests. All I should have to do is grant access to the medical provider who requests the information.
I think HIPAA needs to be relaxed because there are times it interferes with providing/receiving health care.
I also think that much of my medical record is nobody’s damn business but mine (and medical personnel treating me). I don’t want my neighbors or coworkers able to access it out of prying nosiness.
There’s a reasonable middle ground here.
Personally, I think some in the medical industry LOVE HIPAA because it makes comparison shopping very difficult.
Well in the usa right now, as we are at will employees, this can already happen. Because employers are not required to give the reason they didn’t pick you for a job or fired you, they can do all the illegal discrimination they want generally with impunity. (As long as they aren’t stupid enough to write it down in a company email that is later turned over in discovery)
Personally I think this should be fixed. They should be required to show why they made these decisions and the records of whoever they choose to keep/not fire. And performance evaluations should be required to be factually true and challengeable when they are not.
With this way it would be much, much harder to pull this shit. if the only difference between you and the candidate they kept or whatever is a medical diagnosis, that’s a different story.
And I never said the records should be public - just not private. Any researcher represented by an accredited institution should be able to access any medical records as needed with data mining tools. Any licensed physician who can show (with biometrics or a manual review of a photo of the patient) that they are treating a specific patient should be able to access the records.
And yes, they would probably leak to the dark web. But it would still be a felony to host a website where medical records are made available to just anyone, and normal people would not be able to access the records of people they do not have a relationship with.
With no HIPAA, an employer can simply call your doctor and ask for your records. In the US you have to explicitly give your doctor permission to share your info, the OP is suggesting just the opposite.
While that’s true, it has little to do with my response.
You can absolutely have your records sent from one doctor to another (or anyone else for that matter), you just have to give them permission to release the records. Whether or not the new doctor uses those records to get all that info pre-filled before your appointment is up to them.
On a side note, whenever possible I try to stay within the same group. Most of the offices around here use epic, if you’re within the same group, all the doctors can access it without any trouble. It’s nice to see a new/specialty doc and they already know all my meds, issues I’ve had, doctors I’m seeing etc.
No I’m not. I’m saying the records shouldn’t be so secure as to be inaccessible to those who genuinely have a legitimate need for them. (healthcare providers treating the specific patient the record is for and researchers)
And I know that by relaxing the restrictions there would likely be dark web leaks. I am ok with that, as employers can already illegally do all the shit they want.
They can already illegally find out your race, sex, religion, or silly things you said when you were 15 and use this against you. (the last bit is even legal)
They can find out your arrest records even in states where it isn’t legal to use these. They can find out your credit records, even in states where this is not permitted. They can just look if anyone with the same name as you got in trouble and use this against you even if it isn’t you.
They can discriminate against you because they don’t like how tall you are. Or because you have a vague odor or a squeaky voice or a mole on your cheek.
Pretty much you have no rights, the reason why some of us have lucrative secure jobs is because of supply and demand, though employers do their absolute best to import as many foreigners as possible who will work for less.
Not precisely true. If I am one of your treating physicians, I can request records from other providers past and present, and get that info without your consent, unless it is for records on psychiatric disease or HIV infection.
I do this multiple times a week, and get those requested records without a release signed by the patient without issues. That is the law; a treating physician doesn’t need patient permission to obtain most past records. Your submitting to treatment in the first place is implied consent for your treating physician to access past medical info.
But you can’t really access all the records in a remotely efficient way.
I’m revising my proposal : I think HIPAA should require the inverse of what it does now, specifically, that all records must be stored with a licensed cloud provider. (ok, perhaps sensitive records could be locked while the patient is still alive)
And, in turn, licensed cloud providers must make their indexes and records accessible to all other licensed cloud providers.
A licensed cloud provider must then provide the complete records to healthcare providers who want to know, including all other records indexed by other cloud providers, as well as to accredited medical researchers.
This would get rid of all the bullshit once the systems were running smoothly. Any pharmacist would automatically have the system they are connected to check all active prescriptions for the patient, preventing redundant and contra-indicated prescriptions. Any doctor wouldn’t need to ASK if a family member had X disease, it would automatically be detected and accounted for.
Having just had yet another financial data breech announcement today, no thanks. As QtM said, medical providers already can access records with implied consent (though outpatient therapists have an ethical obligation to seek explicit consent). I get some medical services from a teaching hospital, and sometimes give consent for them to use my disaggregated data. I recognize that this may create a skewed sample, but until we figure out how to secure vulnerable information, I want my medical data as unleaky as feasible.
But I do now have access to the local (huge) University medical system’s records, and can access any patient in it as long as I have their name, DOB, and either their University medical number or the last 4 digits of their SS number. I still have to register why I am accessing the record, declaring me to be a treating physician, and consequences are dire if one is found to be violating that. But it does give me instant access to extensive records on at least about 20% of my typical patient population.
Better systems are needed now that everyone is going EMR. We should be able to get needed records in minutes and not hours (If we’re lucky) or days to weeks (more usual).
But the EMRs as a whole suck royally and are too often less useful for patients and practitioners than the old paper charts were, for so many reasons that I won’t bother to list here at the moment.
And electronically transmitted records are all too often NOT secure. We need vast improvements in that area. Fax is still the mandated way to transmit copies of records, rather than scan and email, because at least fax is secure 99.9999% of the time.
I am a dentist and HIPPA applies to us also. Before HIPPA an employer could call me up and ask for your records and I would have said no. End of story.
If I see a new doctor, or end up in a hospital emergency room, all they have to do is swipe my health fund card and they’ll see my medical record onscreen. If they then want to prescribe something for me, they just type it in, and I can go to any drug store and the pharmacist will swipe my card in turn and see the scrip.
My country may have problems with its healthcare system, but access to information is not one of them.
So you’re telling me that basically any new medical provider with whom I make an appointment can get my medical history from any other provider that I may have seen in the past?
If true, it’s never happened to me, or anybody else in my immediate family.
And you’re telling me that I can request that my current primary care physician send my records to any other doctor?
If true, why wouldn’t my PCP ask me if I want this done when he refers me to a specialist? Again, I don’t think that this has ever been told to me or anybody else in my immediate family.
He’s saying that in the case of if you have records with a big local hospital, those specific records he can access with some level of hassle. (it is not the near automatic under 60 seconds, records are in their original form mechanism that would be possible with cloud-based record repositories)
Qadgop, assuming the records are leaked but cannot be legally used against you, and are not available on reputable websites, what *interest *does a typical patient actually have?
I am saying the needs of the few (people with things they wish were kept secret in their medical records) do not exceed the needs of the many (people who want to go on living and would benefit if automated systems could calculate the optimal treatment based on more complete information)
What’s the issue here? To make all records available to have data for research purposes, or to facilitate individual patient services? These two issues seem to be conflated here.
Researchers can get data (stripped of patient ID), but I’m not sure how comprehensive it is, or if there are any clearing houses for such data.
As an individual, I can download my medical history, and give that to any doctor I see. I’ve never had the need to do that, but I keep the file on a cloud drive, and could easily email it to a doctor at any time.
Can’t LEGALLY be used against you and can’t be used against you are very different things. As long as the prospective employer or landlord or creditor isn’t foolish enough to reference the records directly, proving that they were used against you can be very very difficult. Then there are the rumor-mongerers, the people who live just to stir up trouble among their friends and neighbors, and the various people in church groups and boards and societies and the like.
I would argue that the number of people with things they wish were kept secret in their medical records is far far more than “few.” Anyone who has ever been treated for any form of cancer, for example, or for depression, or who has even been tested for HIV or other STDs, probably needs that to be concealed from at least some of the people they deal with. That’s a huge percentage of Americans.