One of Europe’s top health tech startups, Infermedica out of Poland just closed a $3.65M funding round for its suite of tools that help patients figure out the best place to go to get care. It’s a patient-routing / symptom-checker with “AI under the hood” that is delivered via an app, chatbot, and voice application for Alexa. (In fact, they “own” the symptom checker that opens when you ask Alexa to “open symptom checker.”) Piotr Orzechowski talks about the full range of ways Infermedica is engaging patients and how they are scaling up their provider facing products as a result of this influx of funding.\
Filmed at HIMSS/Health 2.0 Europe in Helsinki, Finland in June 2019.
As Robert Muller’s testimony before Congress made clear, we
owe President Trump a debt of gratitude on two counts. First, his unlawful and
predatory actions have clearly exposed the fault lines in our still young
Democracy. As the Founders well realized, the road would be rocky on our way to
“a more perfect union”, and checks and balances would, sooner or later, be
counter-checked and thrown out of balance.
On the second count, Trump has most effectively revealed
weaknesses that are neither structural nor easily repaired with the wave of the
wand. Those weaknesses are cultural and deeply embedded in a portion of our
citizenry. The weakness he has so easily exposed is within us. It is reflected
in our stubborn embrace of prejudice, our tolerance of family separations at
the border, our penchant for violence and romanticism of firearms, our
suspicion of “good government”, and –unlike any other developed nation – our
historic desire to withhold access to health services to our fellow Americans.
In the dust-up that followed the New York Times publication
of Ross Douthat’s May 16, 2017 article, “The 25th
Amendment Solution for Removing Trump”, Dahlia Lithwick wrote in SLATE, “Donald Trump isn’t the disease that plagues
modern America, he’s the symptom. Let’s stop calling it a disability and call
it what it is: What we are now.”
Recently a long-time health advocate from California told me
she did not believe that the majority of doctors would support a universal
health care system in some form due to their conservative bend. I disagreed.
It is true that, to become a physician involves significant
investment of time and effort, and deferring a decade worth of earnings to
pursue a training program that, at times, resembles war-zone conditions can
create an ultra-focus on future earnings. But it is also true that these
individuals, increasingly salaried and employed within organizations struggling
to improve their collective performance, deliver (most of the time) three
critical virtues in our society.
First is the patient-physician relationship marked by
compassion, understanding and partnership, committed to individualized care
without prejudice.
Second, in the normal course of care, though inclusion,
involvement and planning, doctors reinforce important bonds between
individuals, families and society.
Finally, doctors allay fear and worry, which, in their
absence would accumulate and eventually undermine safety and security in our
society.
In a short two decades of this new century, technology,
global markets, and climate change have left the American experiment in all
manner of disarray. Justice, tranquility, defense, welfare, and liberty itself
have been undermined. Our prime-age workers in the bottom 60% have seen no real
income growth in four decades. During this span, the income of the top 10% has
doubled, and the income for the top 1% has tripled.
Our nation has not figured out how to get along economically
with our market equal, China. New York Times columnist Thomas Friedman says we have no “rules, norms, or
laws” to protect trust and truth in a world of social networks, cybertools, and
cyberbullies. We have moved from a “work, learn, retire” model to a “learn,
work, learn, work, learn, work” survival mode.
We need to listen to our own Preamble
and our own history. It states: “We the people of the United States, in
order to form a more perfect union, establish justice, insure domestic
tranquility, provide for the common defense, promote the general welfare, and
secure the blessings of liberty to ourselves and our posterity, do ordain and
establish this Constitution for the United States of America.”
It suggests that, in establishing our Constitution, we
continually must determine how best to promote and maintain a healthy nation
filled with healthy citizens – mind, body and soul.
The 2020 election is an opportunity to reclaim
self-governance, to plan, to work, to build together. Universal health coverage
is not the only platform from which to launch a recommitment to our common
future, but I would argue, it is a logical starting point to pursue “a more
perfect union” during these turbulent times.
Excluding moments of self-doubt and discouragement, I
believe most doctors know they are appreciated, and even loved by most of their
patients. They also know that the current system is highly variable,
inefficient, and wasteful. They have
spent enough time idled on insurance pre-approval lines, seen enough Pharma ads
imploring their patients to “Ask your doctor”, and witnessed enough lives
shortened by human error to know we can do better than this.
When push comes to shove, doctors will vote with their patients.
Mike Magee is a Medical Historian and author of “Code Blue: Inside the Medical Industrial Complex” (Grove Atlantic/June, 2019).
While the healthcare IoT demand forecasts are more than generous, anticipating the market to hit $158.07B by 2022, there is still a certain delay in IoT adoption across the industry. Connected medical devices, especially those that are directly involved in patient care, are adopted cautiously due to potential security vulnerabilities and risks to patient safety.
One of the reasons behind the hesitant adoption of healthcare IoT in
cardiology is preexisting concerns about the security of implantable medical
devices, such as pacemakers.
The recent pacemaker crisis revealed the vulnerabilities in pacemaker
software across several major vendors. If exploited, software vulnerabilities would
allow hackers to take over the device and control it fully. The crisis led to device
recalls, certain features disabled, and even remote updates cut off completely to
avoid unacceptable health risks.
This series of events led to a cautious attitude toward the emerging cardiology IoT. Since we can’t be sure that all exploits and vulnerabilities are eliminated in less advanced systems, are we really ready to take a step forward to more elaborate healthcare software solutions at this point?
The fact of the matter
is, cardiology is already taking these steps. The new generation of pacemakers has
embedded sensors to monitor a patient’s blood temperature, sinus node rate,
breathing, and other vitals. This data is used to flexibly alter the heart
rate, slowing or speeding it depending on a patient’s current activity level. They
also inherited remote control from their predecessors. Practically, next-gen
pacemakers are IoT devices.
Accordingly, the
industry can either stigmatize the security concerns or choose to adopt a new perspective,
seeing the pacemaker crisis as an opportunity to create a solid platform for
unbiased adoption of upcoming connected cardiac devices.
The Pacemaker Crisis: Fast Facts
In 2017, FDA recalled approximately 465K pacemakers made by Abbott due to their potential security issues. In particular, the devices were identified as vulnerable to hacking, which could increase their activity or reduce battery life. Tampering with such insecure pacemakers would quicken the battery drainage and pose an indirect risk for the patients’ health and safety.
That same year, security researchers Billy Rios of Whitescope and Jonathan Butts of QED Secure Solutions uncovered vulnerabilities in one of Medtronic’s cardiac device programmers. They found vulnerabilities which would allow unauthorized users to get access to the programmer’s settings and tweak the functionality, taking control over the pacemakers. If any hackers were to exploit these vulnerabilities, they could disrupt the patient’s heart rhythms, hurting or even killing people.
The researchers
notified Medtronic about their findings, warning them about potential patient
safety threats. However, the vendor didn’t address the issue fully until 2018,
when Billy Rios and Jonathan Butts demonstrated their discovery during the
Black Hat security conference speech. The demonstration resonated with the
audience and also drew the attention of DHS, FDA, and NCCIC. The regulators
started collaborating with Medtronic to assist them in mitigating data security
and patient safety threats in their devices.
However, security assurance seems to be still far from completion, as the attention of manufacturers and government agencies spreads to other cardiac devices. The 2019 FDA safety communication lists a wide range of Medtronic’s products that are still considered vulnerable.
The list features implantable
cardioverter defibrillators (ICDs), cardiac resynchronization therapy
defibrillators (CRT-Ds), device programmers, and monitors. Due to the lack of
encryption, authentication, and authorization in the Conexus wireless telemetry
protocol used in these devices, unauthorized users may be able to access and
control them. The FDA also states that Medtronic is on the way to implementing additional
security updates to ensure both PHI and patient health safety.
Turning Gaps into Gains: The Action Plan
Following the
pacemaker crisis, cardiac IoT security assurance activities must be
prioritized.
First, the regulators,
providers and manufacturers must reach a consensus. All parties should make an
effort to come up with standardized practices for securing IoT development and
maintenance. In particular, they should define the obligatory protocols for
remote configuration, data transfer, and updates to ensure the following
security measures:
Authentication
Identity validation
and role-based access allow securing cardiac devices against unauthorized
access. Only verified users, messages and services will be able to interact
with protected device.
Integrity
To ensure integrity,
security testing should be held throughout the stages of development, upon
implementation, and after each major update. Moreover, the manufacturers can
issue specific certificates to validate data transactions, making sure they can’t
be intercepted or altered.
Encryption
Encrypted data transfer
is also an essential measure for assuring the safety of cardiac devices. All
inbound and outbound data flows, such as monitored vitals and patients’ current
health status information, will be transmitted privately, making it much more
difficult for hackers to access and modify data.
While the older cardiac
devices may be too low-power, low-memory or low-capability to support all the basic
security measures, vendors and regulators can work together to get rid of the
vulnerabilities and exploits with certain workarounds.
For example, Medtronic
significantly limited the range for the remote control and configuration of
their pacemakers, programmers, and monitors. So while the vulnerabilities may
still be in place, unauthorized users can only access them while physically
near the active devices.
Conclusion
Fortunately, there
have been no malicious activities or attacks in which hackers tampered with
pacemakers, programmers, or other cardiac devices so far. However, the
possibility itself is critical enough to prioritize the security assurance of
connected cardiology devices.
The security crisis associated with cardiac devices might have hindered their adoption, yet it also pointed to a critical gap in policy-making and technology testing on the whole. While some measures are underway, fully bridging this gap will require a more coordinated effort from both regulators and manufacturers.
Inga Shugalo is a Healthcare Industry Analyst at Itransition, a custom software development company headquartered in Denver, Colorado. She focuses on Healthcare IT, highlighting the industry challenges and technology solutions that tackle them.
Today on Health in 2 Point 00, it’s IPO day! On Episode 89, Jess asks me about the recent IPOs, Oscar Health getting into Medicare Advantage, and Fitbit accuracy in people of color. Jess asks me to weigh in on whether Livongo’s IPO was better than we expected and it’s safe to say that they are growing fast. On the flip side, the “silent” IPO that no one seems to be talking about is Health Catalyst, which is also doing quite well with a $1.6 billion valuation although they are not growing as fast as Livongo is. Next, Oscar Health decided to enter into Medicare Advantage, which is not surprising because that’s where the real money is in the insurance side. Finally, Fitbits and other wearables may not be tracking heart rates accurately in people of color, so what does this mean for the wearables industry—and their potential use for medical purposes? —Matthew Holt
We Need Legal Assaults On The Greediest Providers!
When a patient is hospitalized, or diagnosed with a deadly disease, they often have no choice about the cost of their treatment.
They are legally helpless, and vulnerable to price gouging.
We need more legal protection of patients. In some cases we need price controls.
In the final part of this series, I discuss how we need to empower patients by allowing them to challenge their medical bills in courts.
Assault Phase Four – Binding
Arbitration of Medical Bills
We must allow patients to challenge their medical bills in expanded
‘Health courts.’
Patients should be able to contest any bill over $250, especially if they have not given ‘informed
financial consent’ to the provider.
Such ‘consent’ would require that if a procedure can be
scheduled in advance, it can also be quoted in advance. If the patient requests
an estimate, they must be notified in writing at least seven days in advance.
This would allow the patient to request a different provider, or to investigate
other alternatives. If an estimate is requested but never produced, the patient
has no liability. (That will shake up the providers rather quickly.)
The Health Courts will be staffed by
ex-physicians and active judges. All court costs will be paid by the
government, and the patient will not always need an attorney. There will be a
free ‘ombudsman’ service (as Medicare already has) to provide guidance to
patients.
A padded bill of $1500 may be financially significant to a patient, but too small for an attorney to take on the patient’s case, and perhaps too insignificant for the state’s attorney general to pursue.
The courts can rely on the following principles:
If a patient is insured and their care is
in-network, no balance billing is allowed without informed consent.
If the care is out-of-network, they can only be
charged a ‘reasonable and fair fee.’ Generally this will be equal to the
provider’s average reimbursement from insurance companies.
If an insurance claim is denied, the patient is
not necessarily liable. Under Medicare, if an insurance claim is denied and the
patient could not have been expected to know this in advance, then the health
care provider suffers the economic loss.
The case law is ready and waiting to
apply. Arbitrators can cite numerous
rulings that have required providers to accept ‘reasonable charges.’
Right now, small claims courts are used
mainly by providers to collect their own billiings. We would open them to
patients, to challenge their bills.
Here is a sample of
potential Health Court cases :
Extra billing for ‘facility fees’ (i.e higher
charges for outpatient care done in hospitals)
Outlandish charges for simple diagnostic tests
(i.e. $5000 for an echocardiogram)
$50,000 in charges for an air ambulance trip
$35,000 for an artificial knee that costs about
$700 to produce
$20,000 for a pacemaker that costs about $6,000
in the US, and $1,000 in India
$4,000 for a drug infusion that costs $500 in
Britain, France, or Germany
$12,000 for an “operating room” to conduct a 20
minute surgery
$15,000 for a ‘Trauma Activation Team” to help
with an ER admission
$20,000 for an anti-venom inoculation that costs
the hospital about $200.
Extra charges because a doctor inadvertently
referred you to a non-network provider
Extra charges because the provider used a higher
“severity” code when coding the claim.
(You can still go to Health Court even if you are insured. For example, if
your high-deductible insurer approved $4000 for a simple echocardiogram and
left you with a bill for $2000, you still have a grievance. For that matter,
insurance companies can even use Health Courts when they are being gouged by
providers.)
All bill collections
will be suspended while a patient is waiting for a hearing in health courts. We
do not care if thousands of medical bills wind up sidetracked in health courts.
Hospitals will claim that their insurance reimbursements are ‘confidential’,
but this must be overturned. Sometimes it takes a few bad results to wake up a
complacent and powerful industry.
This is not really “a terrible expansion of state
power.” Remember that doctors and
hospitals are fiduciaries, because patients are medically at their mercy.
Charging patients more if they are
unprotected flagrantly exploits
the patient’s vulnerability.
Price gouging will
not go away overnight — there are always loopholes, and some providers will
always persist in financial exploitation. They figure they have nothing to
lose.
The goal of health courts is that greedy providers should
lose money, due to fines and attorney costs.
(In a competitive market, they would also lose
reputation for gross overcharges. But people may only use a hospital or
specialist once in their lives, so predatory billing goes almost wholly
unpunished.)
It is ridiculous that
some hospital stays require virtually a fresh negotiation every time —
starting with the hospital bill, and then the patient going to the media and
hiring a lawyer and/or going to Health Courts.
All states would benefit from a binding fee schedule for all hospitals,
versus the current free-for-all. One
virtue of a single-payer system would be that hospitals would get one check a
month from the government, and not need to recover all their expenses from
patients.
In fact, in the words of Adam Gaffney:
“Hospitals shouldn’t have prices at all, any more than public schools, parks, or libraries. For one thing, the very meaning of per-user “prices” in social institutions is murky. We could attempt to attribute the costs of maintaining Central Park to distinct visitors, I suppose, based on how long they spent lounging on the Great Lawn, whether they circle the reservoir once or twice, whether or not they ask for directions from park staff, and so forth. But it would be a very crude, and perhaps intrinsically fraudulent, effort. Regardless, it would necessitate a major diversion of park resources into a bookkeeping apparatus with zero social value.”
Final Note
Medicare patients have been protected against balance
billing, surprise billing, claims-denial liability and ER overcharges for over
50 years. This level of decency should
not be restricted by age.
The reforms described here will require relatively little in
new taxes — at most about $40 billion for ER subsidies and ambulance funding.
This is less than one percent of payroll, if funded by an increase in Medicare
taxes.
What these reforms
require is public officials who not beholden to the medical industry. We
must build on what Elizabeth Rosenthal called “Nine Rights Every Patient Should
Demand” in the New York Times (4-27-2018)
All economic systems ultimately run on fear and greed.
Some health care providers now need a
good dose of fear to bring them under control. ‘Charging what the market will
bear’ is no longer acceptable.
Bob Hertz is a retired insurance broker. He learned about health care from Uwe Reinhardt, Joseph White, Dr. Robert Evans, and George Halvorson a fellow Minnesotan.
We Need Legal Assaults On The Greediest Providers!
When a patient is hospitalized, or diagnosed with a deadly disease, they often have no choice about the cost of their treatment.
They are legally helpless, and vulnerable to price gouging.
We need more legal protection of patients. In some cases we need price controls.
Next in this three-part series, I discuss how we could challenge Big Pharma by lessening regulation of generic drugs, having the government take over production and establishing price review boards.
Assault Phase Three – Challenge Big Pharma
Step One – Less Regulation of Generic Drugs
If an off-patent drug has been approved by other first-world nations, this would
constitute automatic approval by the FDA.
The price gouging around Epipen would have ended quickly,
if new versions of genetic drugs did not require an FDA approval process. We
should let reputable drug companies produce whatever generic drugs they want.
If an office products company like Staples tried to charge
$50 for a box of paper clips, a competitor would have a price of $1 on the
street in a week.
But not in the drug industry! Thanks to the FDA,
Staples paper clips would in effect be protected for years even though no
patent is involved. Competitors would be bogged down for years in litigation,
or in waiting for the FDA to prove that no one could cut their finger on a
non-Staples clip.
It is wasteful for the FDA to take over two years to review competitive generic drugs, when the original version has been on the market for years and poses zero danger to anyone. Companies must be prevented from ‘stealing’ popular and effective drugs that have been in the public domain for years, and then claiming them as private property until their competitors can slog through FDA approval. By the time the FDA gives anyone else permission to compete, the price gougers will have made their fortune and can move on to their next scheme.
Step Two – The Government Could Take Over
Production
For drugs with no
competitors, the Government can
still stand up to the drug companies….and here’s how…………
Under 28 U.S.C. § 1498 (“Section 1498”), the federal government has the power to
use or manufacture any patented product, and must provide only “reasonable”
compensation to the patent holder. The government could therefore elect to
contract with another manufacturer to produce a cheap generic version of
expensive patented drugs;
Section 1498 was used routinely by federal
agencies in the 1960s and early 1970s to obtain cheaper drugs. In one notable case, the Defense
Department purchased an antibiotic from a generic manufacturer in Italy at a 72
percent discount on the price charged by Pfizer, the drug’s patent owner.
During the Anthrax scare in 2001, the Bush administration
threatened to use Section 1498 to purchase generic versions of Bayer’s
antibiotic ciprofloxacin, which proved enough to coax Bayer to cut its price in
half.
Recently, Louisiana health secretary Rebekah Gee has been urging federal officials to employ this law to cut the price of hepatitis C drugs.
The state’s 35,000 uninsured or Medicaid-enrolled residents with hepatitis C
are projected to cost Louisiana $764 million per year at the drugs’ retail
rate.
Section 1498 is a big
stick, and if the administration bothered to pick it up, the threat of this
power alone could compel drugmakers to slash prices.
Sen. Elizabeth Warren and Rep. Jan Schakowsky (D, Il) have introduced a bill to allow the federal government to
start manufacturing prescription
drugs, when:
no company is producing a generic
version of the drug
only one or two companies are
producing a drug and there is either a price hike or a drug shortage
only one or two companies are
producing a drug, the price makes it difficult for some patients to afford, and
the World Health Organization classifies it as an “essential medicine”
Unfortunately, not all drugs can easily be produced at a
government-run company. The
‘bio-similars’ and genetically-engineered drugs today are aimed at relatively
tiny numbers of patients ,and are virtually impossible to copy. A new drug to
prevent infant paralysis has been priced by Novartis at $725,000 a year, and
will help only 2,000 patients.
Why are we allowing Novartis to set the price in the first place?
I would argue that we should not spend that much on any one patient; and if we
do so, it ramps up insurance rates relentlessly.
For these drugs, we will
need to impose ‘price ceilings.’ We should have a full=fledged ‘Pharmacy
Price Review Board’ as exists in numerous other nations.
The Board would review all new drugs, plus all existing drugs that
have prices over $30,000 a year.
Drug companies will have the opportunity to present their case for
current prices; however, as their usual motive is just ‘greed’ I suspect they
will not have much success. These drugs might never be able to be copied as
generics for $100, but they certainly do not really cost $100,000 or more per patient.
This process will take some time. Whereas surprise billing in hospitals tends to be caused by a few bad actors, the entire American drug industry is currently based on price-gouging. We will have to try a series of reforms.
Bob Hertz is a retired insurance broker. He learned about health care from Uwe Reinhardt, Joseph White, Dr. Robert Evans, and George Halvorson a fellow Minnesotan.
We Need Legal Assaults On The Greediest Providers!
By BOB HERTZ
When a patient is hospitalized, or diagnosed with a deadly disease, they often have no choice about the cost of their treatment.
They are legally helpless, and vulnerable to price gouging.
Medicare offers decent protection — i.e. limits on balance billing, and no patient liability if a claim is denied.
But under age 65, it is a Wild West — especially for emergency care, and drugs and devices. The more they charge, the more they make. Even good health insurance does not offer complete financial insulation.
We need more legal protection of patients. In some cases we need price controls.
‘Charging what the market will bear’ is inadequate, even childish, when ‘the market’ consists of desperate patients. Where contracts are impossible and there is no chance for informed financial consent, government can and should step in.
This series describes the new laws that we need. Very little is required in tax dollars….but we do require a strong will to protect.
Assault Phase One: Outlaw surprise
billing
This rule must become universal:
If a hospital is
‘in-network’, then any doctor who practices in that hospital is ‘in-network.’
To enforce this, we should adopt Connecticut’s law on
surprise billing and balance billing for the entire nation.
Connecticut’s
law No.15-146, which took effect July 1, 2016. states
the following:
“If a patient receives a “surprise bill” from a health
insurer for Out-of-Network services provided at an In-Network facility – the
patient will only be responsible to pay the co-insurance, co-payment,
deductible, or other out of pocket expense that would apply – if the services
had been provided by an In-Network provider.
The physician is reimbursed at the in-network rate,
unless the patient and provider agree upon something else in advance.”
In addition:
Patients who see Out-of-Network providers for
emergency services can only be required to pay the equivalent of In-Network
costs. This includes Out-of-Network hospitals, transportation services, and
providers who are Out-of-Network practicing within In-Network facilities.
In addition:
It is illegal in Connecticut for
any provider to request extra payment from a patient who is covered by
insurance — as the entire purpose of insurance is to negotiate prices for you.
It is also an unfair trade practice for a health
care provider to report a patient’s unpaid surprise medical bill to a credit
reporting agency.
Other Connecticut rules include:
A patient who still receives a surprise bill
from an out of network provider in excess of what the patient would owe under
the plan’s in-network rate can seek actual damages, punitive damages, and
injunctive relief based on the Connecticut Unfair Trade practices Act.
Connecticut also prohibits health plans from
imposing a facility fee for outpatient visits at an off-campus site of a
hospital. In fact, billing statements to
patients must include a notice that the costs might have been less if they had
had the procedure performed at a facility not owned or operated by the hospital
or hospital system, and that the patient has the right to request a reduction in
the fee.
For uninsured patients, Connecticut providers
may not charge more than the applicable Medicare rate.
Only six states have laws that are even close to this level of patient
protection. Let’s establish the Connecticut standard nationwide.
Assault Phase Two: Regulate the fees of emergency rooms and
ambulances.
Any
hospital ‘contract’ that is
signed upon an emergency admission is legally flawed. Such contracts are in
fact procedurally unconscionable — because the only way for the weaker party
to acquire the services is to agree to the terms dictated by the stronger
party. Signed admission forms, which include a promise to pay, absolutely do not
constitute mutual assent.
Here is the solution:
If an ER patient is insured, then the hospital
must accept ‘mandatory assignment ‘ of benefits –
i.e. if the insurer pays $500, then that
closes the account. (as long as the insurer pays at least as much as Medicare.)
No balance billing would be allowed for emergencies. As described in
Connecticut law, a patient who received a balance bill could sue for damages.
ER doctors would be
barred from billing separately for emergency, ancillary, and hospitalist
services. The hospital would once again be responsible for paying them, and for
collecting reimbursement from insurance networks.
Of course hospitals will
complain. Many of them have been ambushing emergency patients with huge
out-of-network bills, basically to put pressure on insurers to raise their
payment rates. Patients are caught in the middle of the power struggle, and
this must cease.
Hospitals are supposed to fight emergencies, not cause them.
They must be forced to stop abusing
their monopoly position toward emergency patients.
Important note:
Hospitals
do deserve lump-sum federal subsidies for uncompensated emergency care. The
EMTALA act (which mandates that all patients must be stabilized, whether or not
they can pay) was totally unfunded. That was a mistake that can be corrected
now.
For the insured population:
Emergency care must be exempt from the deductible in all
health insurance plans. (ER Co-pays up to $250 are acceptable.)
The ridiculous HSA plans
(where absolutely nothing is covered until a high deductible is met)
must be legally amended.
In addition:
Ambulances should be fully funded by the federal government,
including air ambulances. The cost would be from $14 to $18 billion a year,
which is about ten days worth of Medicare spending.
It is far better for
us all to pay a few dollars a year in extra taxes, versus a tiny number of us
to be stuck with a huge ambulance bill. Medical transport should be a public
service, instead of another industry on the take.
Note: We could allow a $100 user fee, in order to discourage the use of ambulances for non-urgent transport to drugstores or to doctors’ appointments. There could be a $500 user fee for air ambulances.
Stay tuned for the next article in the series in which I discuss Big Pharma.
Bob Hertz is a retired insurance broker. He learned about health care from Uwe Reinhardt, Joseph White, Dr. Robert Evans, and George Halvorson a fellow Minnesotan.
This post is part of the series “The Health Data Goldilocks Dilemma: Privacy? Sharing? Both?”
In our initial blog post of February 20th, “For Your Radar – Huge Implications for Healthcare in Pending Privacy Legislation,” we broadly discussed six key issues for healthcare stakeholders in the potential federal privacy and data protection legislation. We committed to future posts comparing and contrasting specific legislative proposals.
The buzz around federal privacy legislation continues, but as of yet there appear to be no proposals or bills that have emerged as the lead bills.
In the meantime, the clock is ticking. As we mentioned in our February 20th post, a significant catalyst for federal privacy legislation is the desire of companies covered by the California Consumer Privacy Act (CCPA) to have that broadly-applicable, stringent state law preempted by a more company-friendly federal law. The CCPA, which sets stringent consent and other requirements for large companies, or companies collecting or monetizing large amounts of consumer data from California residents, goes into effect January 1, 2020 – less than six months from today.
Is it possible for a legislative body to move quickly on such a controversial topic? Again, California’s experience may be instructive. The CCPA was passed into law and signed on June 28, 2018, about a week after it was introduced. Lawmakers were in a rush in order to keep a popular and even stricter consumer privacy ballot initiative from being put before the California voters. (The sponsors of the ballot initiative agreed to withdraw it if the CCPA were enacted by the June 28th deadline.).
Despite the perceived lack of movement of current bills, the ticking clock on CCPA suggests this issue is quite live in Congress, albeit less visible to most of us. It’s possible that the ultimate lead bill(s) are still under discussion and have yet to be introduced – although it is also likely the lead bills will incorporate provisions from bills and proposals already introduced or in the public domain). So it’s still worth a deeper dive into what’s already on the table.
On the Roadmap page to this series, we list and categorize 23 Congressional bills introduced or pending that relate to privacy/data protection. We’ve labeled them either as “comprehensive” or “focused” (narrow) — although we’ll admit these classifications are imprecise. Those bills we considered more comprehensive are those that cover a broad spectrum of companies and, in most cases, impose a comprehensive set of requirements on those companies. More “focused” (narrow) bills take on particular industry segments or particular data practices that are perceived to pose increased privacy risks. For good measure, we’ve also included some potentially relevant bills from 2018.
“Comprehensive” Privacy/Data Protection Bills
We count at least 7 comprehensive privacy bills introduced so far in 2019 (most recent listed first):
Senator Markey — S.1214
Senator Blackburn — S.1116
Representative Delbene — H.R. 2018
Senator Cortez Masto — S.583
Representative Rush — H.R. 1282
Senators Klobuchar/Kennedy — S.189
Senator Rubio — S.142
“Focused” Privacy/Data Protection Bills
We count at least 16 “focused” (narrow) privacy bills introduced/pending so far in 2019. Several of these bills are targeted at and/or could directly impact various types of health data:
Senators Klobuchar/Murkowski — S.1842: “Protecting Personal Health Data Act”
Senator Hawley — S.1578: “Do Not Tract Act”
Senator Wyden — S.1108: “Algorithmic Accountability Act of 2019”
Representative Rush — H.R. 2155: “Genetic Privacy Act of 2019”
Senator Kennedy — S.806: “Own Your Own Data Act”
The other focused bills deal with a wide range of subjects, e.g., protecting data at the border, combatting revenge porn, protecting airline passenger privacy, restricting facial recognition technology and others.
Why would legislators choose to introduce focused legislation vs. more comprehensive bills? There are a number of possible reasons:
Fewer committees to review bills. A more comprehensive bill will fall under the purview of a larger number of Congressional committees that will have jurisdiction to to review the legislation, which means a slower path for consideration
Fewer potential detractors. A more comprehensive bill is more likely to affect the interests of a greater number of stakeholders.
More politically expedient. Enacting legislation that is focused on just one or two particular privacy problems lets Congress take credit for a win (even if the impact in terms of improving privacy is much less).
The Impact on Healthcare — Our Upcoming Analyses
How will healthcare be impacted? In reviewing all of the privacy and data protection legislation that has been proposed to date, the privacy bills differ significantly in their approaches. In the coming weeks we’ll provide separate blog posts discussing some of the most relevant aspects of pending comprehensive Congressional bills:
What types of entities are covered
What information is covered
What rights are granted to consumers
What are the obligations of entities covered by the law
What are the penalties for failure to comply
We’ll cover the 7 comprehensive bills introduced in 2019 + 3 additional potentially relevant bills/drafts from 2018:
Senator Schatz — S. 3744 (2018)
Senator Wyden — discussion draft
Trump administration approach
We include the Trump Administration’s potential approach, as gleaned from the 2018 Department of Commerce National Telecommunications and Information Administration (NTIA) request for information (RFI) on “ways to advance consumer privacy while protecting prosperity and innovation.” This RFI has not resulted in an Administration bill but is an indication of future Administration direction on these issues.
We’ll also provide separate updates on some of the most potentially impactful focused bills.
As noted above, some bills have broad coverage and could cover most entities in healthcare; others have more limited coverage or target only certain types of data collection activities, so the impact on healthcare is harder to predict.
Activity at the state level also has increased. The National Conference of State Legislatures notes that bills or bill drafts have been considered in at least 25 states.
We’ll keep you apprised!
Deven McGraw , JD, MPH, LLM (@healthprivacy) is the Chief Regulatory Officer at Ciitizen (and former official at OCR and ONC). She blogs at https://medium.com/@ciitizen.
Vince Kuraitis, JD/MBA (@VinceKuraitis) is an independent healthcare strategy consultant with over 30 years’ experience across 150+ healthcare organizations.He blogs at e-CareManagement.com.
This
post is part of the series
“The Health Data Goldilocks Dilemma: Privacy? Sharing? Both?”
In our initial blog post of February 20th, “For Your
Radar – Huge Implications for Healthcare in Pending Privacy Legislation,” we
broadly discussed six key issues for healthcare stakeholders in the potential
federal privacy and data protection legislation. We committed to future posts
comparing and contrasting specific legislative proposals.
The buzz around federal privacy legislation
continues, but as of yet there appear to
be no proposals or bills that have emerged as the lead bills.
In the meantime, the clock is ticking. As we mentioned in our February 20th
post, a significant catalyst for federal privacy legislation is the desire of
companies covered by the California Consumer Privacy Act (CCPA) to have that
broadly-applicable, stringent state law preempted by a more company-friendly
federal law. The CCPA, which sets
stringent consent and other requirements for large companies, or companies
collecting or monetizing large amounts of consumer data from California
residents, goes into effect January 1, 2020 – less than six months from
today.
Is it possible for a legislative body to move
quickly on such a controversial topic?
Again, California’s experience may be instructive. The CCPA was passed into law and signed on
June 28, 2018, about a week after it was introduced. Lawmakers were in a rush
in order to keep a popular and even stricter consumer privacy ballot initiative
from being put before the California voters.
(The sponsors of the ballot initiative agreed to withdraw it if the CCPA
were enacted by the June 28th deadline.).
Despite the perceived lack of movement of
current bills, the ticking clock on CCPA suggests this issue is quite live in
Congress, albeit less visible to most of us.
It’s possible that the ultimate lead bill(s) are still under discussion
and have yet to be introduced – although
it is also likely the lead bills will incorporate provisions from bills and
proposals already introduced or in the public domain). So it’s still worth a deeper dive into what’s
already on the table.
On the Roadmap page to this series, we list and categorize 23 Congressional bills
introduced or pending that relate to privacy/data protection. We’ve labeled
them either as “comprehensive” or “focused” (narrow) —
although we’ll admit these classifications are imprecise. Those bills we considered more comprehensive
are those that cover a broad spectrum of companies and, in most cases, impose a
comprehensive set of requirements on those companies. More “focused” (narrow) bills take on
particular industry segments or particular data practices that are perceived to
pose increased privacy risks. For good measure, we’ve also included some
potentially relevant bills from 2018.
“Comprehensive”
Privacy/Data Protection Bills
We count at least 7 comprehensive privacy
bills introduced so far in 2019 (most recent listed first):
Senator Markey — S.1214
Senator Blackburn — S.1116
Representative Delbene — H.R. 2018
Senator Cortez Masto — S.583
Representative Rush — H.R. 1282
Senators Klobuchar/Kennedy — S.189
Senator Rubio — S.142
“Focused”
Privacy/Data Protection Bills
We count at least 16 “focused”
(narrow) privacy bills introduced/pending so far in 2019. Several of these
bills are targeted at and/or could directly impact various types of health
data:
Senators Klobuchar/Murkowski — S.1842: “Protecting Personal Health Data
Act”
Senator Hawley — S.1578: “Do Not Tract
Act”
Senator Wyden — S.1108: “Algorithmic Accountability Act of
2019”
Representative Rush — H.R. 2155: “Genetic Privacy Act of 2019”
Senator Kennedy — S.806: “Own Your Own Data Act”
The other focused bills deal with a wide range
of subjects, e.g., protecting data at the border, combatting revenge porn,
protecting airline passenger privacy, restricting facial recognition technology
and others.
Why would legislators choose to introduce
focused legislation vs. more comprehensive bills? There are a number of
possible reasons:
Fewer committees to review bills. A more
comprehensive bill will fall under the purview of a larger number of
Congressional committees that will have jurisdiction to to review the
legislation, which means a slower path for consideration
Fewer potential detractors. A more
comprehensive bill is more likely to affect the interests of a greater number
of stakeholders.
More politically expedient. Enacting
legislation that is focused on just one or two particular privacy problems lets
Congress take credit for a win (even if the impact in terms of improving
privacy is much less).
The Impact on Healthcare — Our Upcoming Analyses
How will healthcare be impacted? In reviewing all of the privacy and data
protection legislation that has been proposed to date, the privacy bills differ
significantly in their approaches. In
the coming weeks we’ll provide separate blog posts discussing some of the most
relevant aspects of pending comprehensive
Congressional bills:
What
types of entities are covered
What
information is covered
What
rights are granted to consumers
What
are the obligations of entities covered by the law
What
are the penalties for failure to comply
We’ll cover the 7 comprehensive bills
introduced in 2019 + 3 additional potentially relevant bills/drafts from 2018:
Senator Schatz — S. 3744 (2018)
Senator Wyden — discussion draft
Trump administration approach
We include the Trump Administration’s
potential approach, as gleaned from the 2018 Department of Commerce National
Telecommunications and Information Administration (NTIA) request for
information (RFI) on “ways to advance consumer privacy while protecting
prosperity and innovation.” This RFI has not
resulted in an Administration bill but is an indication of future
Administration direction on these issues.
We’ll also provide separate updates on some of
the most potentially impactful focused bills.
As noted above, some bills have broad coverage
and could cover most entities in healthcare; others have more limited coverage
or target only certain types of data collection activities, so the impact on
healthcare is harder to predict.
Activity at the state level also has
increased. The National
Conference of State Legislatures notes that
bills or bill drafts have been considered in at least 25 states.
We’ll keep you apprised!
Deven McGraw , JD, MPH, LLM (@healthprivacy) is the Chief Regulatory Officer at Ciitizen (and former official
at OCR and ONC). She blogs at https://medium.com/@ciitizen.
Vince Kuraitis, JD/MBA (@VinceKuraitis) is an independent healthcare strategy consultant with over 30
years’ experience across 150+ healthcare organizations.He blogs at e-CareManagement.com.
I’ve been driven steadily nuts by a series of recent articles that are sort of describing what’s happening in health tech or (because the term won’t die) digital health, so I thought it was time for the definitive explanation. Yeah, yeah, humility ain’t my strong suit.
It won’t have escaped your attention that, after five years during which Castlight Health more or less single-handedly killed the IPO market for new health tech companies, suddenly in the middle of July 2019 we have three digital health companies going public. While Livongo, (FD-a THCB sponsor) Phreesia and Health Catalyst are all a little bit different, I’m going to use them to explain what the last decade of health tech evolution has meant.
Don’t get carried away by the precise details of the IPOs. Phressia is already out with a market cap of $845m. Yes, it’s true that none of the three are profitable yet, but they are all showing decent revenue growth at an annual run rate of $100m+ and Livongo in particular has been on a client acquisition and annual triple digit revenue growth tear. It’s also the newest of these companies, founded only in 2014, albeit by buying another company (EosHealth) founded in 2008 that had some of the tech they launched with. Going public doesn’t really mean that the health care market will swoon for them, nor that they are guaranteed to change the world. After all, as I pointed out in my recent somewhat (ok, very) cynical 12 rules for health tech startups, UnitedHealth Group has $250 Billion in revenue and doesn’t seem to be able to change the system. And anyone who remembers the eHealth bust of 2000-2002 knows that just because you get to the IPO, it’s no guarantee of success or even survival.
But just by virtue of making it this far and being around the 1/10th of 1% of health tech startups to make it to IPO, we can call all three a success. But what do they do?
They are all using new technologies to tackle longstanding health care problems.
Phreesia gives provider organizations tablets which their patients use to fill in that clipboard information, pay their bills, and get to see a little (pharma-sponsored) health content.
Health Catalyst delivers data warehousing and analytics for some of the biggest provider systems in the country. Its technology is delivered on-premise for enterprises but it’s increasingly moving to the cloud (which is more scalable and more profitable). Very unusually for a pure tech company Health Catalyst also goes at risk for its clients’ outcomes.
Livongo helps people manage their chronic conditions (mostly diabetes, but also high blood pressure, obesity, and some mental health issues) delivering a combination of products like infomated glucose meters, services including coaching, and data analytics.
The type of problem that they’re individually going after tells you about the major problems in health care.
A. Clinical care delivery in the current system
First, there’s the mess that is clinical care delivery at the coalface. We just spent $40 odd billion of the Chinese taxpayers money on putting in EMRs. We’ve paved the cowpath. In fact we have created a hidebound referral structure that locks in place the dominance of the current delivery systems. That’s not to say that EMRs haven’t improved clinical care. I’d argue they have, even if they’ve driven clinicians crazy in the process, but they’ve cemented in place what we did, and made it harder for more innovative care patterns to be introduced. That has to change and it is changing in three main ways.
1) The data in the EMR is slowly being opened up via API access (FHIR, SMART on FHIR, TEFCA and all that), leading to the ability to use that data in new tools and services. More and more app stores and interfaces are being introduced, and more companies like Xealth and Unite.us are building access directly into the EMR workflow.
2) The second main trend is the need to create a way to incorporate more and more data that isn’t in the current clinical workflow. Phreesia sits in this space. In their case, they collect patient administrative information, patient surveys and pre- and post-visit information. This all ends up in the patient record. Phreesia also gets administrative data off paper and deals with payment. Finally it returns information back to the patient. All of this was previously done on paper, or not at all, and was done badly. Now this patient generated data, which will soon include more and more data generated outside the clinician’s office, will be part of the record. It will also improve administrative efficiency.
3) The third trend, is the ability to analyze this data to improve what we know and change workflows to improve outcomes. Health Catalyst, which started as a new type of data warehouse under the EMR, is now providing more and more analytics and, as I mentioned, is even going at risk for the resulting outcomes. They’re by no means alone, with startups like Qventus and Ayasdi using data to change workflow and clinical patterns across hospitals and systems. It’s part of a much wider move to use data, analytics, AI and algorithms to understand what works and what doesn’t. Of course the big question is whether this will change outcomes and reduce costs. But irrespective of that, the availability of data will lead to much greater use of analytics across health care, and more and more venture dollars will be invested there.
B. The New New Thing
For those who remember Jim Clark and Healtheon, the similarity of today’s “New New Thing” to that of 20 years ago is that new players are trying to go around the system. Unlike 20 years ago, it’s not so much about putting an intermediary between the insurer and the provider, rather it’s attempting to get at patient care at the source. The source is of course chronic illness. Now Al Lewis may claim that, especially for the under-65 population, chronic illness isn’t the driver of costs for inpatient care that you’ll hear about at conferences and from the CDC, but there’s no question that difference in cost between a controlled vs uncontrolled chronically ill patient is significant.
That means a raft of new service businesses incorporating devices, technology, coaching and analytics to try to track and change the behavior and hopefully the outcomes of those with chronic disease. That starts with diabetes, moving onto heart disease, high blood pressure, mental health and respiratory conditions (asthma and COPD). Dozens of companies are focusing on all of these and Livongo is squarely in this space.
Indu Subaiya and I have called this “flipping the stack.” Instead of starting with the care encounter and layering services and tech on top of that, this new approach is starting with technology (particularly at home tracking of the chronically ill), then layering on services, with face to face clinical interventions only being used when needed.
Dozens of companies are putting together this in-home layer and many more are coming in as IOT infomates the bathroom and the bedroom. But the one area has been a little separate is telehealth. That’s because it started as a substitute for minor acute care issues for healthy people, rather than a way to care for the chronically ill. But that’s already changing. Doctors on Demand now claims it does chronic care management, Teladoc has invested in coaching platform Vida, and I would-be very surprised if Livongo doesn’t bump up the acuity level that it can deal with—probably by buying a telehealth service and partnering with a (or starting its own) medical group. Its keto-diet based competitor Virta, already has its own doctors—even if Livongo’s Glen Tullman is not a fan! (He probably likes his ice cream as much as I do…)
The end result is that Livongo is the first of a new type of care management company out of the gate. Don’t forget that Lee Shapiro and Glen Tullman bought dozens of companies while they were running Allscripts and they have already put together either external or internal tech services for diabetes, pre-diabetes, high blood pressure and mental health. They will certainly add technologies for tracking and monitoring, more behavior change tools, more telehealth services, and probably more pharmacy/medication tools and more home visits. Next of course is the move from focusing on the under-65 population to the really expensive folk in Medicare and Medicaid
So the real question that emerges is what is the future of health care delivery? And who is in charge?
Right now 99% of care is delivered through traditional health care systems. They in turn are connected to their physical plant–hospitals and clinics. But everyone knows that the health system of the future will be much more about meeting patients where they are. Will the current players extend out to these new locations? Will specialist new companies like Livongo take that role? Or will the consumer tech giants that already access the home like Amazon, Google, Apple, Comcast et al end up delivering the devices tech and services for the chronically ill?
And of course what do the other giants, the insurers who are adding technology and delivery capability–notably United/Optum and CVS/Aetna–end up doing in-house and what do they outsource?
The IPOs this week are part of a significant shift in the health care ecosystem. Of course it doesn’t mean that Phreesia will integrate all patient data into the current delivery system, that Health Catalyst will revolutionize delivery system analytics, or that Livongo will change the location of care management. But these are core parts of the next generation of the health system, and by going public they are both signalling that potential to the market and putting themselves in position to be significant players in the future.
Matthew Holt is the publisher of THCB and co-founder of Health 2.0
“The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” series will cover a whole host of topics that discuss, clarify, and challenge the notion of sharing data and if it should be kept private or made public. On the one hand, sharing health information is essential for clinical care, powering medical discovery, and enabling health system transformation. On the other hand, the public is expressing greater concerns over the privacy of personal health data. This ‘Goldilocks Dilemma’ has pushed US policymakers towards two seemingly conflicting goals: 1) broader data interoperability and data sharing, and 2) enhanced data privacy and data protection.
But this issue is even more nuanced and is influenced by many moving parts including: Federal & State privacy legislation, health technology legislation, policy & interoperability rules, data usage from AI & machine learning tools, data from clinical research, ethical concerns, compensating individuals for their data, health data business models, & many more.
Fear not, Deven & Vince are here to walk readers through this dilemma and will be providing pieces to help explain what is going on. Most of their discussion & pieces will cover 2 specific affected areas: 1) How are policymakers addressing health data privacy risks, and 2) The impact on business models within the Health Data Goldilocks Dilemma.
We hope you enjoy the series and if you have any pieces to add to it, please email me zoya@thehealthcareblog.com
Zoya Khan is the Editor-in-Chief of THCB & an Associate at SMACK.health
Health Advice and more 