Wednesday, October 29, 2008

What Do WV Patients See As Their #1 Health Care Concern

Today I asked a health care policy related question to my West Virginia tweeters and received great responses. I appreciate the responses from my twitter followers.The responses were so valuable that I thought I would share them with my readers. If others who are reading have additional responses please add them to the comments.

The question I posed via twitter:

WV Twitters: What is the #1 health care problem/issue that you see as a patient?

rebeccaburchrebeccaburch @bobcoffield Insurance coverage -- whether you have ins. or not, affordability is often a deal-breaker for needed procedures/meds/etc...
Andrew BecknerCandidChristian @bobcoffield Solid information. Not understanding what's covered, what isn't, what the bill will be ultimately.
Andrew BecknerCandidChristian @bobcoffield ...other than cost, of course!
Andrew BecknerCandidChristian @bobcoffield Yes...transparency in the entire process, from enrolling to billing and everything in between. Would love to see it happen.
Laura LittleMtnLaurel @bobcoffield my issue: standard coverage/rules across insurers
lineberglineberg @bobcoffield | we don't trust the insurance co's. their billing is confusing. their service is poor. lack of predictability
chipwvchipwv @bobcoffield -- let's say you have a major disease or illness and have no insurance....well, you are screwed and that's all there is to it!
chipwvchipwv @bobcoffield...#1 problem? Too many docs say...well, that's the health system, deal with it.. and btw you won't like the alternatives
Justin Seibertdomjbs @bobcoffield #1 billing. #2 ease of seeing specialists
Jason KeelingJasonKeeling @bobcoffield | Still dealing with family doc. / insurance co. billing matter. Customer service from doc's staff = FAIL. from web in reply to bobcoffield

Monday, October 20, 2008

Blawg Review #182: Test Your Blawg Exam Knowledge

Take the Blawg Bar Exam practice test over at Blawg Review #182 creatively written by David Gulbransen at preaching to the preverted. Brilliantly creative edition. Don't miss testing your knowledge of Blawg Review.

Friday, October 17, 2008

The Rise of the Personal Health Record

The October edition of the Health Lawyers News, a publication of the American Health Lawyers Association (AHLA), contains an article I co-authored with Jud DeLoss, a principal in the law firm of Gray Plant Mooty, who blogs at Minnesota Health IT. On the eve of the Health 2.0 Conference next week the article provides a look at some of the legal issues around PHRs.

The article, The Rise of the Personal Health Record: Panacea or Pitfall for Health Information (pdf version), provides an introductory background on the changing world of PHRs, highlights Health 2.0 and covers some of the legal implications and compliance issues for PHRs. We are working on a longer and more detailed analysis that will be turned into a Member Briefing for the Health Information and Technology Practice Group. I would appreciate your posting a comment on topics or legal implications that we might consider covering in the full Member Briefing.

If you are a health lawyer, law student interested in health law or otherwise interested in the the legal aspects of the health care industry and not already a member of AHLA -- think about joining. The AHLA is at the top of my professional associations for written resource material, member briefings, in person programs, listserves and collaboration with health lawyer colleagues.

The Rise of the Personal Health Record: Panacea or Pitfall for Health Information

I. Introduction
Giant bytes have been taken out of the personal health record (PHR) market by technology companies like Google, Microsoft, Dossia, and others on a mission to connect consumers with their health information. If successful, the efforts by these and other Health 2.0 technology companies could transform the health care industry. It is too early to say whether the PHR will be the catalyst for health care reform; however, we can explore what may lie in the wake if a consumer-focused PHR revolution occurs.

Technological changes in health information management are altering the way in which patients and health care providers maintain, use, control, and disclose health information. We are experiencing a paradigm shift from the current decentralized system of records maintained by multiple entities at multiple locations – often with conflicting and duplicative information – to a centralized system relying on personal health information networks (PHINs), regional health information networks (RHIOs) or national health information exchanges (HIEs).

In the 21st Century, our health care system has become more fragmented and specialized. Patients seek the services from a variety of providers – from family care providers to specialists. Moreover, as individuals move from city to city and state to state, they leave a trail of partial medical records with various providers, insurers, and others.

The rise of electronic medical records (EMRs), electronic health records (EHRs), RHIOs, and HIEs reflects a need to address the increasing complexity of maintaining and sharing health information. PHRs may be the disruptive technology providing an alternative to a complex system of interconnected interoperable health information systems, often among health care stakeholders who have conflicting and competitive interests.

A. PHRs Defined
The Office of the National Coordinator for Health Information Technology (ONC) defines a PHR as “an electronic record of health related information on an individual that conforms to nationally recognized interoperability standards and that can be drawn from multiple sources while being managed, shared and controlled by the individual.”[2]

The ONC report highlights the growing importance of PHRs to facilitate the participation of individuals in their own care and wellness activities. Encouraging individuals to become engaged in their health care, and providing the means to document, track, and evaluate their health conditions, a PHR can lead to more informed health care decisions, improved health status, and ultimately, reduced costs and improved quality of health care. The PHR is broader than a medical record and contains any information relevant to an individual’s health, including diet and exercise logs, a list of over-the-counter medications, and personal information.

PHRs are distinguishable from EMRs and EHRs. A key distinction is that a PHR is under the patient’s control. The individual patient is the ultimate guardian of information within a PHR. Portability is another distinguishing characteristic of the PHR. The goal of a PHR is to be a lifelong source of health information for an individual.

B. History of PHRs
According to Wikipedia, the earliest article mentioning PHRs is dated June 1978. Wikipedia also mentions that most articles written about PHRs have been published since 2000. In its November 2001 report, the National Committee on Vital & Health Statistics (NCVHS) mentions PHRs and the growing consumer use of Internet-based health information services.[3]

Early on, PHRs were used in a rudimentary fashion as a way for individuals to track their own specific health care information. First generation PHRs can be categorized as either stand-alone PHRs, requiring patients to gather and enter their own information, or tethered PHRs, provided by a health plan, provider, or employer sponsor who populated the PHR with information.

The past twelve months mark a new era of increased activity. Call it a second generation of PHRs or PHR 2.0. The advancement is led by the entrance of large technology companies, such as Google with Google Health and Microsoft with HealthVault, into the PHR marketplace. PHR
2.0 is not merely a data collection application, but rather a platform for the electronic aggregation and storage of health information as well as the foundation for various applications.

At the federal level, ONC also is focusing on patient-centered health care. Released in June 2008, the ONC - Coordinated Federal Health Information Technology Strategic Plan: 2008-2012 serves as the guide to coordinate the federal government’s health information technology (HIT) efforts to achieve a nationwide implementation of an interoperability health information system.[4] A critical goal is to create “patient-focused health care” through the promotion of the deployment of EHRs and PHRs and other consumer HIT tools.

C. Social Networking and Health 2.0
The transformation to a PHR-based health information system is fueled by the intensifying interest in web-based social networking and the Health 2.0 movement. The increasing adoption of social networking and lightweight web-based tools among the general public may create a willingness to have and utilize PHRs. There are various technology players positioning themselves to create the “killer PHR application” to become the default standard for industry and the personal portal for each patient’s personal health information.

The definition of the Health 2.0 movement is still being refined.[5] Jane Sarasohn-Kahn, of THINK- health, defines Health 2.0 as “the use of social software and its ability to promote collaboration between patients, their caregivers, medical professionals and other stakeholders in health.”[6] Early use of the Internet for health care was limited to the distribution and search for health information. The read-only World Wide Web has been transformed into the World “Live” Web. Today, user-generated content is being created by businesses, professionals, and ordinary people at lightening speed through social media tools such as blogs, wikis, collaborative websites, and a variety of web based products.

Online health social networking and software as service models harness the positives of networking and collective intelligence to generate a new level of collective knowledge. Whether it is patients sharing observations on chronic conditions,[7] physicians globally exchanging clinical information and insights,[8] human powered health service searching,[9] online consulting,[10] or promoting transparency through tools for organizing, managing, and comparing health care paperwork[11] -- the Health 2.0 movement is creating business models and becoming a catalyst for improving efficiency, quality, and safety of health care.

D. The Common Framework for Networked Personal Health Information
Recently the Markle Foundation announced the Common Framework for Networked Personal Health Information,[12] which has been endorsed by a collaborative group of providers, health insurers, consumer groups, and privacy groups. The framework outlines a set of practices to encourage appropriate handling of personal health information as it flows to and from PHRs.

The framework uses the term “consumer access services,” which it defines as an emerging set of services designed to help individuals make secure connections with health data sources in an electronic environment. Consumer access services are likely to provide functions such as authentication as well as data hosting and management. The framework also provides analysis of the application of HIPAA to consumer access services.

II. Ownership of Health Information
The shift to a patient-centric PHR from a provider based record raises traditional property law issues. As health information becomes networked and technology allows for health information to be transferred more easily, the lines of ownership of health information become further blurred.

Health information is often viewed under the traditional notion of property as a “bundle of rights,” including the right to use, dispose, and exclude others from using it.[13] This legal application of historic property law may not be well suited to today’s health information where patient information is shared via a variety of formats, copied, duplicated, merged, and combined with other patient records into large scale databases of valuable information.

Who owns health information? The physician? The insurer? The patient? Under the traditional rule, providers own the medical records they maintain, subject to the patient’s rights in the information contained in the record.[14] This tradition stems from the era of paper records, where physical control meant ownership. Provider ownership of the record is not absolute, however. HIPAA and most state laws provide patients with some right to access and receive a copy of the record, along with amendment and accounting of disclosures.[15]

The PHR model, where all records are located and maintained by the patient, flips and realigns the current provider-based model of managing health information. Instead of provider-based control, where the provider furnishes access to and/or copies of the record and is required to seek patient authorization to release medical information, the PHR model puts the patient in control of his medical information.

III. Legal Liability and Compliance Issues Associated with PHRs
PHRs open the door to a wide-range of new and modified legal claims. PHR stakeholders should recognize and address the negative implications to avoid long-term problems. These, of course must be balanced against the liability risks of not adopting an available technology designed to improve the quality of health care.

A. Medical Malpractice
Medical malpractice cases address whether: a patient-physician relationship was created; the treatment provided was within the standard of care; a breach of the standard of care was causally related to the injury; and the patient was injured.[16]

Seeking to prove or disprove these elements raises the issue of whether the PHR would be relevant as evidence against a provider. Generally speaking, if the data within the PHR was provided to or accessible by the provider then the evidence is admissible.[17]

Many providers have expressed concerns over the accuracy and completeness of PHRs if controlled by patients. Whether the information is credible is a legitimate question. On one hand, a patient would not want to jeopardize his or her health by including inaccurate information. On the other hand, it is well known that patients often withhold sensitive and possibly embarrassing information.

Moreover, with the advent of electronic discovery under Federal and States Rules, the production of PHRs in their electronic form could impact evidentiary issues. Health 2.0 and other social networking sites suddenly become fair game for defense lawyers seeking to discredit patients’ claims. Patients may attempt to refer to those same records and other portions of their PHR as examples of treatment modalities approved by other medical providers. Plaintiffs’ lawyers may also investigate the potential for utilizing the collective knowledge of the types of treatments suggested online within the patient networking sites as evidence of the standard of care. In essence, the possibility exists to use PHRs as the “expert” to support or reject claims of malpractice.

B. Defamation and Invasion of Privacy
Generally, a claim of defamation requires the publication of a false statement that harms the plaintiff’s reputation or esteem in the community.[18] Accordingly, PHRs which are solely accessible by the individual or upon the invitation of the individual may not create a cause of action for defamation. However, those PHRs that include communication with other individuals or providers may provide the publication necessary to satisfy that element.

Defamation based upon online communication is fairly new. Typically, such claims have involved false celebrity information posted on the Internet.[19] Arguably, where an individual uses a PHR to publish false information, an analogous claim could be pled.[20]

Generally, the tort of “invasion of privacy” encompasses four claims: (1) intrusion upon the plaintiff’s seclusion; (2) appropriation of the plaintiff’s name or likeness; (3) publicity of the plaintiff’s private life; and (4) publicity placing the plaintiff in a false light.[21] The improper disclosure of health information contained within the PHR may form the basis for one or more of these claims. Each of these claims involves the use or disclosure of private information – such as health information – concerning a person. If wrongfully used or disclosed, those responsible for the use or disclosure, as well as those responsible for protecting the PHR, may face potential liability.

C. Discrimination and Improper Disclosure
HIPAA prohibits impermissible uses and disclosures of protected health information. Although individuals are free to use and disclose their own information as they see fit, appropriate firewalls need to be constructed where, for example, employer-sponsored health plans are providing PHRs. Information in the PHR should not flow from the plan to the plan sponsor nor should it be used for employment purposes.

In addition to HIPAA, employers – and possibly insurers – must consider the implications of the Americans with Disabilities Act, the Family and Medical Leave Act, and similar State laws. The laws offer protection to employees from access to employee health information and discrimination based upon that information.

D. Breach of Contract
Despite the disclaimers and protections set forth in user agreements, it may be possible for an individual to argue that some protections arise through the agreement itself. While user agreements tend to be drafted almost entirely in favor of the PHR vendor or provider/plan, these documents may contain limited rights in favor of the individual. The individual could bring an action for breach of those rights in the event of a violation.

E. HIPAA Compliance
Most PHR vendors have taken the position that HIPAA does not apply to them. PHR vendors generally do not qualify as covered entities. Such vendors take the position that they are not business associates because they are not providing services on behalf of covered entities but rather have a relationship with the patients. Moreover, the patient releases information to or creates information in the PHR, and HIPAA does not regulate individuals’ use and disclosure of their own information.

The contrary position is that many of the PHRs are now linked directly with covered entities to allow the health information to be transferred. Several high profile relationships have been announced relating to collaborations between PHRs and medical facilities to provide PHRs for patients.[22] The collaborations should be reviewed to determine whether a business associate relationship has been created.There has been recent activity to expand the reach of HIPAA to encompass PHRs. Federal and State proposals also may address privacy and security concerns separately. In the interim, private initiatives, by the Markle Foundation and others, propose a voluntary framework to protect health information.

F. State Laws
Many States have enacted breach notification requirements and other consumer protections, which raise new issues with respect to PHRs. Some states, e.g., California, have expanded the breach notification rules to specifically cover health information. These regulations must be addressed with respect to PHRs.Finally, many states have promulgated regulations addressing the movement towards health information exchange. Many recognize “record locator services” or other similar entities that may contain health information or act as an intermediary for locating such information.[23] These State laws may be implicated by PHRs.

G. Stark and Fraud and Abuse
The Federal Stark Law prohibits certain referrals for Designated Health Services (“DHS”) by a physician to an entity with which he/she has a financial relationship.[24] In addition, the Anti-Kickback Statute prohibits remuneration in exchange for the referral of a patient for services covered by a Federal health program.[25] The violation of these laws may provide the basis for a claim under the Federal False Claims Act.[26] State laws may provide additional restrictions and prohibitions.

Recently, a number of health plans and systems have begun to offer PHRs to patients and providers. Currently, the Stark exception and Anti-Kickback Statute safe harbor expressly allow only for EHR and electronic prescribing to be donated. PHR donation may not be protected.

In addition to the practical issues associated with the donation and use of PHRs, new avenues of identifying fraud and abuse are being opened with discovery involving PHRs. Federal investigators and qui tam litigators may turn to PHRs to prove treatment that was billed for may not have been provided. In addition, the compilation of information via Health 2.0 raises the specter of data aggregation to establish fraud over a large population of patients.

PHRs bring a new dimension to the debate over how to create an interoperable health information network. The shift of power into the hands of patients could bring about a sustainable model. Before proceeding with the expansion of PHRs, the legal implications that go along with such an adoption should be addressed.

Bob Coffield is a member of Flaherty, Sensabaugh & Bonasso, PLLC in Charleston, West Virginia. Bob is also a Co-Chair of the Privacy and Security Compliance and Enforcement Affinity Group, a part of AHLA’s Health Information and Technology Practice Group.

Jud DeLoss is a principal with the law firm of Gray Plant Mooty in Minneapolis, Minnesota. Jud is also a Vice Chair of the AHLA’s Health Information and Technology Practice Group.

[1] Mr. DeLoss thanks Bryan M. Seiler, a Summer Associate at the firm, for his assistance in this article. Mr. Seiler is a third year student at the University of Minnesota Law School.
[2] National Alliance for Health Information Technology, Defining Key Health Information Technology Terms, April 2008.
[3] Report and Recommendations From the National Committee on Vital and Health Statistics, Information for Health, A Strategy for Building the National Health Information Infrastructure, November 15, 2001.
[4] ONC-Coordinated Federal Health IT Strategic Plan: 2008-2012 (June 3, 2008),
[5] Health 2.0 Wiki,
[6] California Healthcare Foundation, The Wisdom of Patients: Health Care Meets Online Social Media, Jane Sarasohn-Kahn, M.A., H.H.S.A., THINK-Health, April 2008,
[7] E.g., Patients Like Me,;,; Daily Strength,; SugarStats,; Revolution Health,
[8] Sermo,
[9] Organized Wisdom,
[10] American Well,
[11] change:healthcare,; Quicken Health,
[12] Markle Foundation, Connecting for Health, Connecting Consumers Common Framework for Networked Personal Health Information, June 2008;
[13] Christiansen, John R., Why Health Care Information Isn’t Property – And Why That Is to Everyone’s Benefit, American Health Lawyers Association, Health Law Digest, 1999.
[14] Alcantara, Oscar L. and Waller, Adelle, Ownership of Health Information in the Information Age, originally published in Jounal of the AHIMA, March 30, 1998;
[15] E.g., 45 C.F.R § 164.524.
[16] See, e.g., Nogowski v. Alemo-Hammad, 691 A.2d 950, 956 (Pa. Super 1997).
[17] See, e.g., Breeden v. Anesthesia West, P.C., 656 N.W.2d 913 (Neb. 2003) (nurse’s electronic note on patient condition which would have prevented administration of anesthesia should have been reviewed by anesthesiologist despite no verbal or handwritten report by nurse).
[18] See, e.g., Mahoney & Hagberg v. Newgard, 729 N.W.2d 302 (Minn. 2007).
[19] See, e.g., Carl S. Kaplan, Celebrities Have Trouble Protecting Their Names Online, Cyber Law Journal (July 30, 1999).
[20] See, e.g., Churchey v. Adolph Coors Co., 759 P.2d 1336 (Colo. 1988). See also Restatement (Second) of Torts § 577, cmt. k (1977).
[21] See, e.g., Werner v. Kliewer, 238 Kan. 289, 710 P.2d 1250 (1985); Humphers v. First Interstate Bank, 298 Or. 706, 696 P.2d 527 (1985). See also Restatement (Second) of Torts § 652 (1977).
[22] E.g., Google Health with Cleveland Clinic and Microsoft HealthVault with Mayo Clinic.
[23] See, e.g., Minn. Stat. § 144.291, Subd. (i).
[24] 42 U.S.C. § 1395nn(a).[25] 42 U.S.C. § 1320a-7b(b).[26] 31 U.S.C. § 3729.

Health 2.0 Conference

Next week I'm headed to San Fransisco to attend the Health 2.0: User Generated Healthcare Conference.

Looking forward to attending, seeing old and meeting new colleagues interested in the world of health 2.0. I will be involved in the Health 2.0 Accelerator meet and greet on Tuesday (Oct. 21) and will be at the conference and in San Francisco through Friday (Oct 24). If you are attending or just in the area and want to meet up in person shoot me a tweet, wall post, email or call.

The buzz and discussion has started among those attending via the online social networking tools - twitter feed, Facebook page, blogs, etc. Matthew and Indu have also created a separate social network for the attendees - great idea. I plan to live blog and twitter from the conference next week -- so check in next week.

While out on the West Coast I will be following another great event here in West Virginia - CreateWV Conference. I'm sorry I will miss the conference because they have a great line up, will be bringing together the talents and creativeness of West Virginians throughout the state and addressing important issues for the future success of West Virginia.

Thanks to the likes of the Create WV twitter feed, Facebook page, etc. I can stay in touch with those at the conference and will plan to watch some of the post-conference content that will be posted on YouTube, the CreateWV Blog and other West Virginia bloggers live blogging the event.

Watch one of the pre-conference videos on diversity that was just released via twitter by @createwv:

Wednesday, October 15, 2008

Grand Rounds: Notes of an Anesthesioboist

The October 13, 2008 edition of Grand Rounds is now up at Notes of an Anesthesioboist. Great reading for anyone interested in the latest from the health and medical blogospere.

Next week's Grand Rounds will be hosted by Christian Sinclair, M.D. at Pallimed. The theme --"Changing Goals of Care."

Tuesday, October 14, 2008

Health Care Cost Rising In 2009

Sandra Block of USA Today Money reports that the average amount employees will pay for health care is expected to increase 8.9% in 2009. Her column also provides good advice on how to try to control your health care expenses.

According to the Hewitt Associates report the average amount employees will pay for health care is expected to increase 8.9% in 2009. The breakdown:

2008 2009
$1,806 $1,946

Out-of- pocket costs
2008 2009
$1,707 $1,880

2008 2009
$3,513 $3,826

Her article advises health consumers to take a close look at their health care options during the open enrollment period. As her article states - the difficulty I find is trying to compare plans/options/covered services/drug benefits/co-pays/deductibles, etc. This process is even tough for a health care lawyer and his lawyer wife. The bulk of Americans don't have the skill and expertise to understand the subtle differences.

The folks at change:healthcare recently published a new survival guide for the health care consumer to better understand the the key terms on health insurance. You can download a free copy of the book, "My Healtcare is Killing Me."

Sandra is a native of my hometown, New Martinsville, West Virginia. Great to see her offering good practical advice to health care consumers.

Monday, October 13, 2008

PROTEX: Cardiac Innovation From West Virginia

Today's Charleston Gazette features an article on a Charleston based medical technology company, Nexeon MedSystems.

Mark Bates, M.D., CEO and interventional cardiologist at CAMC has developed a "pro-healing" stent that is lined with protein. The device called PROTEX system may also eliminate the need for heart patients to take blood thinning medications for a year or more after the procedure. Clinical trials on the device are currently underway in Germany. More information can be found on Nexeon MedSystems' website.

Quote from the article:
"It's a protein-lined metal stent that the body thinks is normal artery," Bates said. "Instead of the body thinking it's a foreign body, it lines it with normal cells real quickly. It allows the body and arteries to function normally."

We're not stopping nature from doing its thing," said Bates, who heads Nexeon's offices in Charleston and Carlsbad, Calif. "We're helping nature. The body doesn't recognize [the stent] as something that's not supposed to be there."

About 65 percent of patients across the country now receive drug-releasing stents during cardiac catheterization procedures to open arteries. The remainder have bare-metal stents placed in their vessels.

Congratulations to Dr. Bates on his creativity and forward thinking to bring better heart care to West Virginians and others around the globe.

Sunday, October 12, 2008

Dr. Val Launches Getting Better With Dr. Val

Val Jones, M.D. has a new home at Getting Better with Dr. Val. Congratulations to Dr. Val on the launch of her hew health care blog.Check out her welcome message and the official press release. If you already follow Dr. Val don't forget to update your blogroll.

Dr. Val is also one of the new co coordinators (along with Colin Son who blogs at Medskool) of Grand Rounds. Be sure to check out Grand Rounds every week if you are involved in the health care industry.

Saturday, October 11, 2008

Health 2.0: Stay Focused on the Goals

Ben Heywood, co-founder of PatientsLikeMe, outlines simple (but difficult) goals that those in the health 2.0 space must accomplish. Based on his post I take it that he highlighted these during his keynote address at the second Health 2.0 Northeast conference.

His simple but eloquent message to the health 2.0 community:
I believe we, as the eHealth community, need to focus on two major goals: 1) solve patients’ problems, and 2) create business models that allow us to do #1.
Successful companies must show real and tangible benefits directly to the patient consumer. As one who regularly participates in the health information discussion and debate as West Virginia moves forward with its health information network infrastructure -- I often try to step back and ask, like Mr. Heywood, the simple question, "does this help the patient -- why and how?"

To be disruptive and successful the current crop of creative companies have to show a direct and immediate impact on improving care and quality linked to a reduction in cost or a value proposition that the increase in cost is worth such expenditure.

Thursday, October 09, 2008

HR 6898: The Health-e Information Technology Act of 2008

Jen McCabe Gorman at Health Management RX brought attention to a new House of Representative Bill (HR 6898) focused on electronic health information introduced in the 110th Congress by Congressman Pete Stark. The bill was introduced on September 15, 2008, and is currently referred out to committee.

Jen provides some great analysis and brainstorming on the impact of the draft bill in her post, "Breaking News: Congress Wants to Create National eHealthNetwork, Legislate Who Owns Health Data." Well worth a read for anyone interested in health information technology, electronic health information, personal health records, health 2.0 or the future of our health care system.

Jen highlights those sections dealing with who owns the electronic health information. Should it be the government? the provider? the consumer? This key legal concept - ownership of health information -- is a key question to discuss and debate. As I have mentioned in the past (here and here) the consumer health movement may force a change in the traditional legal notion of health information ownership rights.

The draft bill also addresses a variety of other areas - including the regulation of non-covered entities under HIPAA (many of which weren't even contemplated when HIPAA was enacted) who create or handle health information, codification of ONCHIT under HHS and empowering them with various tasks, creating Medicare related incentives for adoption and modifying other sections of the current HIPAA privacy standards. I haven't had a chance to read through the full bill and spend time reading the related materials but look forward to further analyzing.

For more information about HR 6898 (The Health-e Information Technology Act of 2008) check out Congressman Stark's website information about the legislation:
To locate the current status of the bill check out Thomas. I suspect that there will be little movement on the bill this Congressional session - but it does give insight into what might be coming down the road.

Wednesday, October 08, 2008

California Health Data Privacy and Security Bills Signed

Last week two new California data privacy and security bills were signed into law. Senate Bill 541 and Assembly Bill 211 set new breach disclosure standards and require security controls for preventing unauthorized access to patient data.

I previously posted about the bills before they were finalized. Computer World, "New health care privacy laws heighten need for HIPAA compliance in California," provides background and a good overview on the scope of the laws with great links to additional information.

Those who do health care business in California should take a close look at these new laws.

Medical Blogger Dr. Wes Subpoenaed Over Blog Comment

The New York Personal Injury Law Blog relays a incident involving a subpoena issued to a medical blogger related to anonymous comments made on his blog.

The incident involved medical blogger, Westby Fisher, MD (Dr. Wes), who was subpoenaed for a discovery deposition to determine whether he knew the anonymous commenter who left a comment on a post.

Interesting reading for medical and health care bloggers.

UPDATE: Kevin MD provides follow up commentary and his position on comment moderation. Any health bloggers looking at the advantages/disadvantages of blog post comment moderation should take a look at Section 230 of the Communication Decency Act of 1996.

Basically, Section 230 gives protections to users and providers of computer services by not making them liable for information published by another information content provider. As a blogger you can be both a user and provider. Bloggers are "users" when they create content for blogs and "providers" when they allow others to comment on blog posts. The legal question on comment moderation involves whether your active participating in moderating the comments makes you the "publisher" of the comment rather than just the "provider" of the comment. To date I don't believe this question has been fully addressed or answered by the courts.

The Electronic Frontier Foundation (EFF) has some great resource materials (and cases) for bloggers to learn more about the Section 230 protections. Check out the EFF "Legal Guide for Bloggers."

Monday, October 06, 2008

FSB: Best Lawyers in America 2009

This past week I learned that I was again selected by my peers for inclusion in The Best Lawyers in America® 2009 in the field of "Health Care Law".

In all, seven lawyers from Flaherty, Sensabaugh & Bonasso, PLLC were selected for inclusion in The Best Lawyers in America® 2009. Congratulations to my partner, Ted Martin, who was selected for the first time this year in the category of "Medical Malpractice".

Below is a list of all the 2009 FSB honorees:
Below is background information about Best Lawyers and the process used to select attorneys for inclusion:
Since its inception in 1983, Best Lawyers has become universally regarded as the definitive guide to legal excellence. Because Best Lawyers is based on an exhaustive peer-review survey in which more than 25,000 leading attorneys cast almost two million votes on the legal abilities of other lawyers in their specialties, and because lawyers are not required or allowed to pay a fee to be listed, inclusion in Best Lawyers is considered a singular honor. Corporate Counsel magazine has called Best Lawyers “the most respected referral list of attorneys in practice.”

Dr. Val Guest Post: Straight Jackets Issued To All Hospital Patients Over Age 65?

Below is a guest post from fellow health care blogger, Val Jones, M.D, on the topic of the new Medicare "never events." For other recent posts by Dr. Val - check out the recent Dr. Val sightings at Suture for a Living.
Straight Jackets Issued To All Hospital Patients Over Age 65?
By Val Jones, MD
Bob is a good friend and blog buddy of mine, and I respect his legal opinions on medical matters. He has kindly invited me to guest post on his blog, and so I’d like to take this opportunity to ask you (Bob’s audience) to help me with a medicolegal issue. Let me explain.
Today I viewed a TV ad sponsored by the AARP. It was promoting a remote alarm device that elderly people could use to notify EMS if they fall and need help. The ad featured a surprising statistic:
“One in three people over the age of 65 will fall down this year.”
That’s a pretty common occurrence, wouldn’t you say? It certainly argues for the need for those wearable alarm buttons.
But at the same time that these ads are running on television, Medicare is moving forward with their “never event” quality program. The initiative means that Medicare will not pay for the care of patients who experience a “never event” in a hospital – funding for that patient’s care will need to come out of the hospital’s budget. Medicare argues that they shouldn’t have to pay for medical errors such as “wrong side surgery.”
While I’m sympathetic to their perspective on wrong side surgery, the list of never events reaches far beyond the limits of medical errors to include things like mental status changes, infections and… drum roll please . . . Falls.
That’s right, Medicare believes that falls are “never events” and will not cover the costs associated with fall injuries in the hospital setting.
Let me ask you this, if 33% of people over the age of 65 fall during a given year, how on earth can we argue that falling (in a sicker, hospitalized population) can be prevented 100% of the time?
The only solution I can think of is to tie down all Medicare patients to their hospital beds so that they are unable to fall. Forget autonomy, freedom, dignity, and all that other stuff. Can hospitals afford to lose funding for fall-related injuries that up to a third (or more) of their Medicare patients might have during their hospitalizations?
I feel very sorry for patients in this new “never event” era. Going to the hospital is dehumanizing enough – you’re put in a backless gown, poked, prodded, kept up all night and visited by throngs of staff, and now, you may just be put in a straight jacket as well.
I ask you, Health Care Law Blog readers – what are we to do about this? Is it legal to tie people down against their will? Is it fair for Medicare to classify falls as “never events?” Could attorneys help us in any way here? I eagerly await your responses.
I will be the first to respond to Dr. Jones' plea for answers from health lawyers. Daily I deal with health care provider clients, including hospitals, and help them to understand, interpret and practically implement health care regulations. As a part of the process we work together to understand the regulations, assess potential risks, legal implications, etc.

Dr. Jones' post points out the practical difficulty faced by hospitals -- limit the number of falls that occur in their facility or face non-payment for services. I'm not going to pass judgment on the reasons and process developed for implementing these new regulations because I have little historical background on the drafting of the regulations.

Do we want hospitals to have a 0% patient fall rate? Yes. Is it possible, probably not. Not all falls are preventable. I suspect the question of what is a preventable fall will be a topic of discussion and debate (with legal consequences) as the regulation is implemented. Also, personally I would have liked to have seen CMS take a "carrot" vs. "stick" approach to incentivizing hospitals to reduce the number of falls and other "never events." On a positive note, this type of regulation implements a process that links providing quality care with the amount of reimbursement.

Like most health care regulations, part of the problem is understanding the regulation. The world of health care regulation has become so complex that it is almost impossible for the average health care provider to understand the regulations. Just finding the regulations can be a task. For example, the details on the "never event" regulations were published in the midst of a 2,140 page regulation.

The new "never events" regulations were issued as a part of the Medicare Hospital Inpatient Prospective Payment System (IPPS) FY 2009 and went into effect for discharges occuring on or after October 1, 2008. To learn more about the regulations read the CMS press release and the final rule (regulations starting at page 290 and comments/responses at page 352). You can also find more information on the CMS' Hospital-Acquired Conditions site.