Many of the benefits of personalized medicine depend on sharing genetic and other healthcare information. For example, deriving meaning out of healthcare data and in particular genetic data requires sharing sensitive information for research, often conducted by third party organizations separate from the covered entity or other organization that originally collects the genetic data. Collaborative care for patients, involving primary care physician as well as multiple specialists, requires sharing sensitive healthcare information. Healthcare organizations may also be motivated to derive revenue from massive databases of such information through de-identifying / anonymizing and then sharing it, within compliance with applicable healthcare regulations and data protection laws, such as the HIPAA Privacy Rule.


Healthcare breaches have reached alarming levels, both in frequency as evidenced by the HHS Breaches Affecting 500 or More Individuals, as well as business impact as evidenced by the Ponemon 2013 research on the Cost of a Data Breach which shows an average total cost per breach event of $5.4 million in the U.S. in 2012. Many of these breaches occur with healthcare data in transit, or where healthcare data is shared with third parties, also often known as a Data Processor in the EU or Business Associates in the U.S. These business impacts have ”naturally selected” a proactive approach (in contrast to a “wait and see” approach) as the only practical approach to privacy and security for safely sharing sensitive healthcare data.


Best practices in a proactive approach include holistic security which involves applying administrative, physical and technical safeguards, as well as a multi-layered security, also known as defense in depth where multiple security controls are applied together in layers to progressively minimize risk. Administrative controls in such an approach include a privacy notice to patients that enables them to be fully aware of the benefits and risks including specifically what sensitive healthcare information is collected, and how it will be used, retained, shared and disposed of. This enables patients to make informed choices such as opt-in or opt-out, and enables provide their consent. Another key risk mitigation in this approach includes the minimization of sensitive information based on the type(s) of processing stated in the privacy notice to the patient. Minimization involves the healthcare organization collecting the sensitive healthcare information for personalized medicine to minimize the Personally Identifiable Information (PII) in this information before sharing with a third party. For example if a research use case doesn’t require any PII, the healthcare organization should fully de-identify, or remove PII, from the genetic / healthcare information before sharing with that third party.


HIPAA, for example, provides guidance on specific PII elements required for safe harbor de-identification. Such de-identified information has low risk, although not zero risk, of re-identification of the patient. Further, some use cases require either full PII, or partial PII. Therefore it is highly recommended to supplement de-identification with other safeguards including tokenization, where any residual PII is stored separately in a secure database with access controls ensuring only authorized access. Encryption is a key safeguard to protect confidentiality of information being shared, or in transit. Hardware assisted security such as encryption acceleration enables encryption of large genetic data sets in transit with high performance.


Last, but not least, appropriate access controls should be used to ensure only authorized access to sensitive healthcare information that is shared, with appropriate auditing to ensure compliance with policies. The healthcare organization collecting the sensitive healthcare information should also vet the privacy and security of the target organization(s) for sharing, to ensure adequate protection. Contractual controls are needed between the healthcare organization sourcing the sensitive healthcare information and the target third party with which information will be shared. Key elements of these contractual controls include service level agreements (SLAs), business associate agreements (BAAs) and security incident response plans (SIRPs), in particular to outline procedures for timely response and collaboration in the event of security incidents such as breaches.


What kinds of strategies are you using to safely share sensitive data for personalized medicine?

Below is the second in a series of guest posts from Nirav R. Shah, MD, MPH, the commissioner of health for the state of New York. Look for more of his blogs in the Intel Healthcare Community in the coming months.


A woman on methadone for unrelenting pain goes to the Emergency Department, complaining of anxiety, heart palpitations and trouble sleeping. Exhausted and disoriented, the patient neglects to tell the doctor that she recently started taking methadone. The ED doctor checks the patient’s records, sees nothing about her new medication, and prescribes valium to settle her nerves.


Without knowing that she’s on methadone, the doctor has just created a dangerous combination of medications. Taken together, valium and methadone can exaggerate dizziness and drowsiness, and cloud the patient’s already fragile judgment.


It’s hard to imagine, but such a scenario is a potential reality at a hospital in New York, where the health IT system in the methadone maintenance clinic is unable to communicate with the systems in the rest of the hospital. As we all know, poor communications between any two parties – spouses, business partners, roommates – has the potential to spell disaster.


It’s no different in the world of health IT. The ability of any IT system to communicate with another is known as interoperability. Simply put, it’s the ability of different systems to speak the same language.


Because interoperability is so critical when it comes to health information, the New York eCollaborative – also known as NYeC (pronounced NICE) has launched the EHR/HIE Interoperability Workgroup. NYeC is a non-profit founded in 2006 in partnership with the New York State Department of Health that helps health care providers transition to electronic health records while also working to create a network that links health care providers across the state.


Even though NYeC is based in New York, we knew that interoperability was more than a regional issue. This was an issue with national ramifications. Think of all the people who require medical treatment on vacation or all the snow birders who live in New York but spend their winters in Florida.


So far, 19 forward thinking states – including New York, California, Illinois, and  Oregon – and leading vendors in EHR and HIE have joined the work group, with the shared goal of increasing the adoption of such services. Part of doing that involves making sure that the interfaces between health systems are compatible, so that they can communicate with one another, even across and between states.


At the moment, there is no single set of universal standards to connect various health information exchanges. As a result, custom interfaces must be developed every time a hospital or practice adopts a new EHR or HIE. Developing these interfaces drastically increases the amount of time and money spent adopting and learning new EHRs and HIEs, which as you might imagine, becomes a deterrent to adoption. To address this issue, the EHR/HIE Interoperability workgroup has developed a set of interoperability standards and a compliance testing program which will certify EHR and HIE products against these standards.


Having a set of common standards creates the potential for a larger market and gives vendors a clear roadmap for interoperability. By collaborating and committing to common APIs and a shared HIE platform, it creates bigger opportunities for all vendors involved.


Most important, it means better care for patients.


What questions do you have?


The technological advancements in the medical industry are strengthening the patient-doctor relationship. With faster communication between devices and mobility, patient care and satisfaction is much higher.


In the above video, Dr. Paul Frisch, attending in the department of medical physics at Memorial Sloan-Kettering Cancer Center, shows how to utilize all existing technologies to create the most advanced intelligent hospital. Frisch's model of the intelligent hospital demonstrates how the communication between technologies increases workflow and creates a better patient-doctor experience.


What questions do you have?

One of the great strengths of our healthcare system is its specialization.


It is also one of its great weaknesses.


Here’s why: since there is such a proliferation of ‘-ists” (neurologists, cardiologists, pulmonologists) a primary care doc (particularly in urban settings) feel obligated to send the patient to the local specialist every time he encounters an issue beyond the scope of his expertise or practice.


Traditionally, the PCP (primary care provider) writes a referral, hands it to the patient on a piece a paper and….moves on to the next patient. In many instances, there is no tracking of whether the patient completed the referral and what happened if the patient did go.


Why is this a problem? Well, in the old model of visit based medicine—it really wasn’t a problem. The system was (and still is) based on individual encounters between various providers. Since the primary care provider (the main source of referrals) has no specific financial incentive to coordinate with others (other than professional courtesy), American healthcare does not have a well developed model for tracking the transition of patients from provider to provider (the buzzword for this process is called care coordination).


However, in the new world of accountability--as exemplified by accountable care organizations (ACO) and patient centered medical homes (PCMH), primary care practices are supposed to know if you showed up for the cardiology referral and what happened when you went there.


In this new model, patients will have a “home” (a primary care practice) that is responsible for helping patients navigate the system if they are referred out and working with patients and specialists to make sure that referral appointments are kept (or at least understand why they are being neglected). Moreover, the primary care practice will be expected to consolidate the reports from consultants so that they have global view of their patients.


The clinical and financial reasons for this are sound; patients that neglect completing their referrals may be compromising their health. Compromised health can lead to expensive interventions (like emergency ED visits or inpatient admissions) that might be avoided with better coordinated care. 


This new and long overdue focus on care coordination exposes one of the fundamental weaknesses of our system; we do not have a good way of electronically communicating information between practices. Yes, there is secure email, but it is not universally distributed and used and has no real work flow component. The Continuity of Care (CCD) is great start for creating a standard for distributing clinical summaries, but will not be enough for managing the subtleties of care coordination.


There seems to be the misguided notion that somehow the EHR will fill this void, but that is pipe dream; at its heart an EHR is internal documentation tool—not a means for communicating between practices. Some wags think the HIE (health information exchange) will provide the infrastructure. I wouldn’t bet on it—an HIE is too complex and expensive and was not intended as a workflow tool.


In the absence of software based communication methods, practices use people, fax, and telephone. This is going to change—and the cloud is going to be enabling technology. The cloud allows the development of light, subscription based, work-flow enabled applications that can be rapidly and inexpensively deployed. It is no longer necessary to build a behemoth IT infrastructure in order to get things done. We already have an infrastructure; it’s called the internet.


Insightful companies are starting to pickup on this. Clarity Health Services in Seattle is offering a web-based care coordination platform that is starting to create some noise. Athena Health recently acquired a cloud based care coordination company (Proxsys) to complement its EHR and billing service offerings. There will be more.


What questions do you have?


Bruce Kleaveland is President of Kleaveland Consulting and a sponsored health IT correspondent for Intel.

In case you haven't noticed, innovation is on a fast track in healthcare technology. New processes, online tools, consumer apps, and devices designed to make our healthcare systems work better are a large part of the great thinking going on in the industry. That’s why Intel is pleased to once again be the sponsor of the Intel Innovation Award that will be presented at the 2013 Health IT Leadership Summit on Nov. 12 at the Fox Theater in Atlanta.


Companies that offer innovative health IT products or services, and healthcare organizations that are using technology in new and exciting ways to improve patient outcomes, are encouraged to apply for the Intel Innovation Award. The top four finalists will present at the Summit and one will be named as the top innovator. Learn more and download an entry form here. Entries are due by 5 p.m. on Wednesday, Sept. 18, 2013. Finalists will be announced in October.


You can see the past winners and finalist here and see some of their innovative products and services.


The daylong The Health IT Leadership Summit features panels and presentations on the issues most affecting industry growth, including the Affordable Care Act, health information exchanges, payer programs and disruptive technologies. The Summit was founded by three organizations: Georgia Department of Economic Development, Metro Atlanta Chamber and Technology Association of Georgia (TAG) Health. Additional information and registration:


What type of innovation are you seeing in healthcare? Let me know, and be sure to submit your nominations for the Intel Innovation Award.

Dr. Steven Davidson, chief medical informatics officer at Maimonides Medical Center and practicing emergency room physician, is a self-proclaimed “physician-executive geek.” But he’s not interested in jumping on every new technology brought to market; rather, he supports technology that helps physicians build trust with their patients. Dr. Davidson told us about the ways in which he, his colleagues, and patients use mobile technology to build trust and create a better patient experience.


How do physicians and patients use mobile devices?

All physicians are mobile users. We are always up and moving around. We depend on our devices to communicate among ourselves and manage our personal and professional lives. A more useful mobile device facilitates interaction with patients with tools such as apps that deliver asynchronous communication like text messaging and email, that also file to the patient’s medical record and personal health record. When we use our mobile devices for patient care, we need apps that are HIPPA compliant and support communication between the physicians who are caring for the patient. DrDavidson.jpg


Using a mobile device also means we can spend more time with hospitalized patients at their bedside. Applications now allow for physicians to enter information into the EHR just as they would using a pen and paper. After talking to the patient, physicians can look over the information privately and then engage the patient and patient’s caregiver in a discussion about the options for the care plan along with resources such as images, animations, and videos that better help the patient understand the potential course of treatment and the benefits, possible alternatives, and risks. In fact, when we do speech and swallow testing for stroke patients, we walk the patient through the process using a video on a tablet. The patients and physicians see success because it’s a visual demonstration of a process that’s hard to articulate. 


Patients use their mobile devices to support their care as well. Some physicians decry it, but many patients use their mobile phones to get a second opinion from Dr. Google. In addition to accessing information, tablets are a key communication tool for patients. They use smartphones and tablets with Skype to help a family member lend support remotely.


How does an organization change the culture to welcome mobile devices?

Clinicians are skeptical about change for many reasons, including wanting to protect their patients and their income. To get them to accept change, you must show the value of the new approach and compare it to the value of the technology that’s currently being used. They’ll change when you implement a solution to improve patient care, not just a new technology.


Physicians my age are often in the mode of digital migrant. It takes us a bit longer to get with the program, but we’ll get there.


Where do you see technology going in the next three years? 

To accommodate any changes over the next three years, we must have bandwidth improvements so we can manage more images and video. Video will certainly play a bigger role in patient care. In fact, data is emerging that suggests that up to two-thirds of encounters with physicians for managing chronic conditions don’t require an examination. If that’s the case, then we’ll see more telemedicine and video conferencing with patients. It means that people who live remotely can still get great treatment and those who live closer are not inconvenienced with a trip to the doctor’s office. 


How do you use technology to collaborate?

Collaboration begins with communication. Communication is where humans exchange information and it’s where we build confidence among interlocutors. Through good communication, patients build confidence and trust in their doctors. The advances in telecommunication and the cloud are supporting better communication between physicians for better patient treatment.


I’m the co-author of a study from the American Journal of Radiology that looked at the communications errors over the course of the last two decades. We found that communications failures between doctors and patients as a cause for action of malpractice suits grew from about 7 percent to nearly 8 percent. Technological improvements in telecommunications will only help reduce that number. Patients will gain more confidence in their doctors if physicians use these technologies in ways that facilitate genuine communication and approach the effort with a genuine impulse to partner in trust building and information sharing in support of the patient’s health.


What is the one technology you would like to invent?

I would love to have a trust-o-meter. With this device, the patient and I could look at each other and come to a mutual understanding and balance of trust and respect around the work we are doing together.


Until the trust-o-meter is invented, mobile technology is the ascendant technology. People of all socioeconomic groups are using smartphones and other devices as their preferred means of reaching the Internet, and this opens up great possibilities for participatory medicine. Mobile devices accessing the Internet and the cloud allow patients and physicians to meet and share information together and engage one another in a quest to support the patient’s health through their own activation and connection to knowledge and community. That’s a big deal.


Follow Dr. Davidson on Twitter (@sjdmd) for more insights on technology and patient care. 


The cloud is becoming more prevalent in healthcare, and is proving to be one area that CIOs should not ignore.


In this video, Microsoft Director of Product Marketing Mark Weiner talks about cloud strategies for health IT professionals. He offers tips for healthcare CIOs on how to move big data so that it is more accessible for patients and clinicians, and manage data growth effectively.


What questions do you have?

Personalized medicine promises compelling benefits in improving the quality and reducing the cost of healthcare. Personalized medicine is enabled by powerful new types of sensitive data including genetic information about patients. To ensure these benefits are realized quickly, effectively and smoothly it is desirable to avoid security incidents such as breaches. In prior blogs I discussed how to manage privacy and security risks, and securely collect and use data for personalized medicine. In this blog I focus on how to retain data for personalized medicine.


When looking at retention it is useful to consider the types and characteristics of the data used in personalized medicine. The types of data powering personalized medicine range from the original blood or saliva samples used to get genetic information for a patient, to the raw genomic data for a human which is approximately 3.2Gb in size, as well as various other types of derived data. One of the key steps in deriving meaning out of the raw genomic data involves comparing this raw genomic data to baseline genomic data to derive a variance file that is much smaller in size, highlighting only the interesting variations in the genomic data of the specific patient. The data points in the variance file are referred to as SNP’s. Lastly, a risk factors report can be produced from this variance file, highlighting the patient propensity to various traits such as diseases. This report may also highlight pharmacogenomics, specifying the efficacy or toxicity of various drugs to the patient. The risk factors report is often included in the EHR for the patient.


Genetic data are considered PHI and subject to federal regulations such as HIPAA, HITECH Act as well as state level regulations such as for breach notification, for example CA SB 1386, and subject to privacy, security and breach notification rules. The 2013 Cost of a Data Breach Study estimates the average total cost of a data breach in the US in 2012 at $5.4M. Clearly a major business impact. Avoiding such incidents requires a proactive approach to privacy and security.


Location of data retained has a direct impact on regulations and data protection laws that apply. This includes not only the primary backend servers, but also Business Continuity / Disaster Recovery sites, backup sites and any business associates or data processors that may also retain sensitive data. Recent studies and incidents point to the risk of BYOC (Bring Your Own Cloud). To ensure sensitive data for personalized medicine stays in the cloud where it is supposed to be, under the control of the healthcare organization with effective privacy and security controls, it is necessary to ensure solutions are usable, security is not cumbersome, and IT within the healthcare organization is responsive and not overly restrictive.


De-identification is a key safeguard often applied to enable research and mitigate risk of security incidents such as breaches. Various methods exist for de-identification. This can involve removing specific elements of PII, such as in the HIPAA Safe Harbor method. Alternatively a risk based method such as the HIPAA Statistical Method may be used. De-identified data often has some small risk of re-identification, and research has shown that it is possible to re-identify patients using de-identified genetic information. Further, some types of research require some elements of PII, for example phenotype research may require zip code. A practical approach to effectively mitigating risk of sensitive data retained for personalized medicine requires a holistic approach where administrative, physical and technical controls are applied in combination, together with a multi-layered approach where for example de-identification is combined with tokenization, access controls, encryption and so forth.


To ensure solutions are usable security must not be cumbersome, otherwise research shows that non-compliance and BYOC and other risks can increase. Hardware assisted security such as encryption acceleration enables such technical security controls to be implemented with improved performance, robustness to increasingly sophisticated malware, improved usability, and reduced cost. Performance testing shows that such an approach can be very effective in enabling sensitive data to be retained in a highly secure manner with minimal performance and usability impact.


What kinds of strategies are you using to protect sensitive data for personalized medicine?

Filter Blog

By author: By date:
By tag: