Tag Archive for: privacy

October 2021 Digital Health Roundup

The popularity of telemedicine is being embraced by insurance companies, and for now, the best place to identify skin cancer is still at the dermatologist’s office. Patients are concerned about privacy threats when it comes to technology in healthcare, and it turns out they have good reason to be. Fortunately, there are things being done to address the issue.

Privacy of Medical Records

A new survey shows that patients are concerned about privacy of medical records and the use of facial recognition technology in healthcare, reports upi.com. A large portion of the survey respondents perceive facial recognition technology as a privacy threat, but the use of the technology in healthcare has increased over the past few years as a way to prevent medical errors and provide extra security. With nearly 60 percent of respondents saying they are concerned about the security of these technologies, researchers are tasked with gaining public trust by increasing protections of healthcare information. Find more information here.

It seems that patients have reason to be concerned. Ransomware attacks are having negative effects on patient care, reports fiercehealthcare.com. A new report shows that ransomware attacks on healthcare organizations can lead to longer stays, delays in care leading to poor outcomes, and increases in patient transfers. The ransomware attacks are also linked to increased mortality rates. The report emphasizes the importance of increasing cybersecurity in healthcare to protect patients. Learn more about the report findings here.

Cybersecurity

Recognizing the cybersecurity vulnerabilities in healthcare, the U.S. Food and Drug Administration (FDA) recently released a best practices document as a resource for the healthcare industry, reports healthcareitnews.com. The document focuses on developing a cybersecurity communication strategy and offers aspects to consider in the event of a security breach. The FDA also plans to address medical device vulnerabilities so that patients who are dependent on medical devices will know what kinds of questions to ask their healthcare providers regarding the security of their devices. Get more information here and see the FDA best practices document here.

The U.S. Government is also investing in the future of information technology in public health, reports thehealthcaretechnologyreport.com. The Office of the National Coordinator for Health Information Technology (ONC) has an initiative that will help to develop the health information technology workforce and will help to increasing the number of workers in the field from underrepresented communities. With funding from the American Rescue Plan, ten universities that serve diverse communities have cooperative agreements to build up the healthcare technology workforce over the next four years. Learn more about the initiative and the ten institutions that are participating here.

Skin Cancer App Fails

A setback for healthcare technology occurred recently when a flaw in a direct-to-consumer app used to detect skin cancer was identified at a European annual meeting of dermatology, reports medicalxpress.com. Researchers found that the app, which is available in Europe, incorrectly classified more than 60 percent of benign lesions as cancerous, and almost 18 percent of Merkel cell carcinomas and almost 23 percent of melanomas as benign. The problem appears to be that the app depends on available images to determine the status of a lesion, but there are not enough images of rare skin cancers available for better accuracy. Find more information here.

Telemedicine

If you love virtual visits to the doctor, you are in luck! Insurers are now offering new types of health coverage specifically for telemedicine, reports modernhealthcare.com. Some insurance companies have plans that require online visits for nonemergency care. The plans tend to have lower premiums and patients select a doctor for their virtual visits who can refer patients to in-person doctors within the network if needed. However, there is some concern that virtual care as the primary means of care may not be ideal. The concern is that things might get missed, like early signs of disease that a doctor would not be able to pick up on through a virtual visit. Learn more about the new type of insurance plans here.

Embracing Telehealth: Protecting Our Data in a Medical Revolution

The world changed when the pandemic came upon us, and so did healthcare. Telehealth visits with our care teams were available, but not as prevalent as they are now. We could message our doctors via secure patient portals or call a nurse and ask for advice. However, with the introduction of video, as well as new devices and apps, how is our privacy as patients affected? 

Telehealth can be defined as “the use of electronic information and telecommunications technologies to support long-distance clinical health care, patient and professional health-related education, public health and health administration.” The majority of us have now had a telehealth visit with one of our doctors via video or phone. They have seen into our lives at home, and we may have seen into theirs. While this can make for a personal, more intimate encounter, we also have to think of privacy. According to the Department of Health and Human Services, the Office of Civil Rights (OCR), which is responsible for enforcing Health Insurance Portability and Accountability Act (HIPAA) regulations, “will not impose penalties for noncompliance with the regulatory requirements …against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency.” What this means is that providers may use video-conferencing services, including Zoom, Apple Facetime, Skype, etc., without risking noncompliance under HIPAA. Therefore, it is up to the patient to review the privacy policy(ies) of the software being used. 

Additionally, recording these visits for our own personal use to listen to later and/or share with family members and caregivers may come into play just as if it were a regular in-person visit. But is this legal? Each state has its own statute that varies on whether one or two parties must consent (single-party vs. all-party jurisdictions). As of 2020, 39 out of 50 states as well as the District of Columbia are single-party jurisdictions where only one party has to consent. The remaining 11 states (California, California, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, New Hampshire, Oregon, Pennsylvania, and Washington) require both the patient and the healthcare provider to consent, and failing to ask for permission is considered a felony. Additionally, HIPAA does not extend to any recordings made by the patient. 

What about the use of apps? There are more than 300,000 health-related apps on the market today, with a 37% increase in usage since the pandemic began, especially in the area of mental health. With apps for everything from tracking our weight and heartbeat to counting the number of steps we take and the hours of sleep we get, it’s hard not to interact with one of these apps to streamline our lives and make them a little simpler. When it comes to the collection of data, however, how do we know what’s protected under HIPAA? Covered entities under HIPAA include healthcare clearinghouses, most healthcare providers, and health plans. However, if an organization is creating an app on behalf of a covered entity (or one of the covered entity’s contractors), they are considered a business associate, meaning they must comply with HIPAA rules and regulations. This helpful website provides different scenarios on whether or not an organization would be covered. This means that we, as patients, must be cautious in what types of data are being collected and how it might be used, which can usually be found in an app’s privacy agreement or policy. 

This also extends to use of wearable devices, including FitBits, Apple Watches, glucose monitors, and biosensors that collect patient-generated health data. According to a Gallup poll conducted at the end of 2019, 19% of U.S. adults wore a wearable fitness tracker, and a 2019 Washington Post article reported more than 3 million consumers wore a medical alert device. But how is this data regulated? When we collect data for our own purposes, the data does not fall under HIPAA regulations. However, should a healthcare provider ask a patient to submit data from that device and integrate it into their organization’s EHR system, a covered entity, it becomes protected by HIPAA. 

In conclusion, is telemedicine safe? The quick answer is yes and no. In an article released by the Patient Safety Network of the Agency for Healthcare Research and Quality, two physicians noted that “Studies have shown that telemedicine promotes continuity of care, decreases the cost of care, and improves patient self-management and overall clinical outcomes.” However, new technologies present new challenges that have to be worked through. This means that more research needs to be conducted and improvement processes be put in place to ensure protection of patient data. In the meantime, here are some safeguards healthcare organizations may put into place to establish peace of mind for patients: 

  • Be aware of updates from the OCR related to HIPAA 
  • Train providers and staff on policies, practices, and protocols for using telehealth services 
  • Make sure that your telemedicine portal confirms the security of patient data through the use of incident reporting, monitoring of security events, and strong levels of encryptions 
  • Have a strong authentication method, preferably two-factor 
  • Create a detailed audit log of user logins and meeting connections 

Artificial Intelligence in Healthcare

Ready for its closeup, or not ready for primetime?

Headlines about the advent of artificial intelligence, AI, in pretty much every sector of human life or enterprise seem to be a daily occurrence. Other phrases that get thrown around in stories about AI are machine learning, deep learning, neural networks, and natural language processing.

Here’s a handy list, from the transcription company Sonix, which uses some of these AI tools to drive their service:

  • Artificial Intelligence (AI) –the broad discipline of creating intelligent machines
  • Machine Learning (ML) –refers to systems that can learn from experience
  • Deep Learning (DL) –refers to systems that learn from experience on large data sets
  • Artificial Neural Networks (ANN) –refers to models of human neural networks that are designed to help computers learn
  • Natural Language Processing (NLP) –refers to systems that can understand language
  • Automated Speech Recognition (ASR) –refers to the use of computer hardware and software-based techniques to identify and process human voice

A lot of the stories I see about AI are focused on how it might impact, improve, or otherwise influence healthcare. Depending on who you listen to, it sounds like AI is already diagnosing cancer successfully – here are two pieces, from science savvy sources, on how that’s working, “AI is already changing how cancer is diagnosed” from The Next Web, and “AI matches humans at diagnosing brain cancer from tumour biopsy images” from New Scientist, for your reading pleasure.

As aspirational as the idea of AI in healthcare is, and despite the fact that it’s showing some promise in cancer diagnosis, I’m not thinking that it’s time for the champagne, balloons, and glitter … yet.

One of the biggest barriers to AI is the same barrier everyone – on both sides of the stethoscope, and all the way up to the c-suite – in healthcare confronts daily: data access and liquidity. Data fragmentation is rife across the entire healthcare landscape, with EHR systems that don’t talk to each other well (if at all), and insurers unwilling to open their datasets to anyone under cover of “trade secrets.” In “The ‘inconvenient truth’ about AI in healthcare” in the journal Nature, the authors (British, so this is not just an American problem) point out that, “Simply adding AI applications to a fragmented system will not create sustainable change.” Healthcare systems may be drowning in data (they are), but tools to parse all those data lakes into actionable insights aren’t able to bust the dams holding in that data.

Access is one barrier. Another is the ethics of using AI in healthcare. The American Medical Association’s Journal of Ethics devoted an entire edition to that issue in February 2019, with AMA J Ethics editor Michael J. Rigby calling for deeper discussions about preserving patient preferences, privacy, and safety before implementing AI technology widely in healthcare settings. He particularly notes the impact AI could have in medical education, with medical education being shifted from a focus on absorbing and recalling medical knowledge to a focus on training students to interact with and manage AI-driven machines; this shifting would also require attention to the ethical and clinical complexities that arise when humans interact with machines in medical settings.

AI, across all uses, but particularly in healthcare, has to take a long, hard look at how bias can spread algorithmically, once it’s baked into the code that’s running the machines. There are data scientists doing bias detective work, but will the detectives be able to prevent bias, or just bust perpetrators once the biased outcomes appear?  Stay tuned on that one.

Is there an upside to AI in healthcare? Absolutely, *if* the ethical issues on privacy and error prevention, and the practical issues on data access, are addressed. AI could pave the way to fully democratizing information, both for patients and front-line clinicians. It could liberate all clinicians from data-input drudgery, or “death by a thousand clicks.” The Brookings Institution has a solid report, “Risks and remedies for artificial intelligence in health care,” as part of its AI Governance series, that breaks down the pros and cons.

Circling back to the question in the headline, is AI in healthcare ready for primetime? This person’s answer: it depends. I think that rigorous study, in the development of AI in medicine and its use in the healthcare system, is required as an ongoing feature of AI tech used in human health. Upside there? A whole new job classification: AI oversight and management.

Cyber Hygiene – Peer Support in the Age of Surveillance Capitalism

Unless you’re a visitor from another planet, you’ve probably seen or heard some news about the internet being a giant privacy sinkhole. Between the stories that first started to break in the Cambridge Analytica/Brexit aftermath, and the ongoing drip-drip-drip that is the “my phone is a snitch” stuff that seems to bring fresh scary headlines every day, it feels like anyone who has a social media presence of any kind has had their privacy violated in some way.

It’s tempting to just say, “who cares – I don’t do anything that anyone else cares about,” but that’s not really the case if you participate in online patient communities, particularly those that gather on social media platforms like Twitter and Facebook. The issue is particularly problematic for patient communities dealing with health issues that could impact their health insurance coverage, or their employment status, or even their lives, if the details of their health status were widely or publicly known.

An example of that risk could be someone who’s gay, but who works for an employer that has a public profile of being anti-LGBTQ. Someone in that situation, who participates in a Closed Facebook Group for people looking to share experiences on getting access to pre-exposure prophylaxis (PrEP) medications to prevent HIV transmission, might think that a Closed Facebook Group would be a safe place to have those conversations, but Closed Groups – which were promoted by Facebook to community moderators as private community building tools – were subject to the same data privacy breach risk that the rest of Facebook became. Which means that a gay man in a Closed Group that serves as a community space for discussion of access to HIV preventive treatment could be outed to their anti-LGBTQ employer via data leakage from that “private” group … which was not really private at all.

There is rising awareness, and concern, in patient communities about this privacy issue, particularly related to Facebook Groups, which became the de facto place to establish peer health communities over the last decade. An advocacy group called The Light Collective is looking to build a safe harbor for patient groups to build community without sacrificing members’ privacy, but until that harbor is built, what’s a patient community to do? And what about just-plain-people, the ones called “patients” – what’s their path to privacy in the surveillance age?

Here are my suggestions for enhancing your privacy online:

The internet is a boon to humanity when it comes to access to information, and democratization of knowledge. However, along with access to information, we’ve also gotten disinformation, trolls, and cyber-surveillance at scale. Peer to peer communities, particularly in healthcare, are critical to accessing good information, and emotional support when dealing with serious illness. However, data privacy is not guaranteed in any way on social media platforms. Caveat emptor – let the user beware. And modify their settings accordingly.

From the Diary of a Stage 4b Melanoma Patient

I am a male with Metastatic Melanoma Stage 4b. Clinical trials have been saving me. Latest is GSK B-RAF inhibitors. Jan07 Original Site was my left thigh. Removal, sentinel node removal, all clear. Mar09, golf ball in left groin. Removal. Lymphandectomy Jun ’09. Reoccurrence in chest Dec10. Inoperable. BRAF trial Apr ’11, still on trial.

Still thriving as of May 2015!

Diary Entry – Melanoma Patient

Amazing, when I wrote this diary title down – September 2014, I recalled how it was not that long ago that I refused to write dates. For over 2 and a half years, I lived in 3-week blocks. Couldn’t plan anything, couldn’t do anything, because I was so close to being finished. Two stints in a hospice house proved that. Yet here I am today and now I keep track of my entries by writing the date.

So Fall is upon us, the leaves have changed color and are falling in great numbers. The mornings are brisk but the afternoons get warm…well, warm for us up here, I suppose. Went for a good walk today through the forests, I just love the colors and the smells of fall. It was great.

My dizziness still eludes myself and the docs. This is good as it means Mr. C is not visiting at this time but all the same I am frustrated at not being able to get “normal” again. I think I am well enough to go back to work…well, I want to anyway but it certainly won’t work if I can’t get there without falling down.

I read another person’s post about their recovery and how the length of time it takes tends to baffle them. That really helped. The only people I know that have been to the edge like myself and have made it back just aren’t the same people they were going in and have conceded to not working anymore. I am bored without the work and being a part of something bigger. These are long days at home, long, especially when the body is working fairly well compared to what it was. Summer is gone and fall is here, next comes winter so I better find a hobby cause winters are long up here.