Monday, December 12, 2011

HIPAA vs. preventive medicine

This is finals week for the fall semester at KGI. Teams from our first year Medical Devices course (ALS 320 in KGI-speak) are presenting their technical and business analysis of why the world needs a specific new medical diagnostic test.

As an aside, one of the teams made a persuasive case the compliance and liability issues associated with HIPAA will deter (and possibly prevent) the adoption of new technologies for preventative medicine.

The specific context was monitoring of diabetics, of the most expensive chronic conditions in the United States. (I didn’t write down the statistics, but this article estimates diabetes directly accounts for 10% of healthcare spending, or more than $90 billion/year).

The students suggested that the health impacts of diabetes could be reduced through computerized monitoring of various symptoms — not just glucose, but hypertension and other effects as well. (Disclaimer: I am not an MD not do I play one on TV). One product they pointed to was the Withings blood pressure monitor, which uploads data to your iPhone, iPad or iPod Touch and can be manually emailed to your doctor.

The idea is that if data were gathered and stored in the EHR, then it would be possible to catch problems well before a regularly scheduled test. Getting these widely deployed would probably take a HMO (like Kaiser) or hospital group that is caring for diabetics on a long term basis.

However, the security implications of such as system are daunting. Yes, a firm or nonprofit needs to be diligent in avoiding security breaches that compromise patient privacy. However, a data breach (of the source that seem routine nowadays) could lead to government fines or even a lawsuit.

A regulatory barrier like this could be a dealbreaker for efforts such as San Diego’s wireless health initiatives. This chilling effect seems a perfect example of the law of unintended consequences.

How to solve the problem? One way is that the Federal government can’t be fined or sued under HIPAA. Does this mean that these approaches for data monitoring to support preventative health have to wait until the Feds are innovative enough to try this approach? (Or private insurance is out of business and we all are covered by the Feds anyway?)

No comments:

Post a Comment