Site moved to, redirecting in 1 second...

April 13, 2015

Get Social Health: David Harlow Podcast Interview with Janet Kennedy


I recently had the pleasure of speaking with Janet Kennedy of Get Social Health about health care uses of social media, with a focus on HIPAA and other privacy concerns and other legal issues that may apply to uses of social media by health care organizations for marketing purposes and otherwise.

Check out her post, and her entire podcast: David Harlow IS @Healthblawg. Stick around and listen to some of the other interviews she has conducted, too.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting

March 23, 2015

Meaningful Use Stage 3: The Buzz About APIs

8682047014_0fc52e163c_kThe Meaningful Use - Stage 3 proposed rule has been released, with official publication due on March 30. Llikewise, the 2015 edition of EHR certification criteria and related rules. Check out the CMS presser and ONC fact sheet.

Key to these rules, which lay the foundation for a post-Meaningful Use incentive-driven Health IT ecosystem, is the use of APIs - for the uninitiated,  "application programming interfaces" - or simplified connectors that allow for easier transfer of data.

The Meaningful Use requirements have themselves been simplified -- whittled down to eight high-level requirements, expressed as program goals or objectives:

Continue reading "Meaningful Use Stage 3: The Buzz About APIs" »

March 18, 2015

HIPAA Audits: The Latest Oracular Prognostications

1024px-Delphi_tholos_cazzulOMB cleared the HIPAA pre-audit survey late last week. (H/T LifeHealthPro.) That is one crucial prerequisite to OCR's initiation of the new round of HIPAA audits that have been the subject of all the Delphic prophecies we keep hearing (the survey is required to collect information about covered entities and their business associates, since this round of audits is supposed to include a look at business associates . . . and OCR won't know who's a business associate unless they ask covered entities).

OCR has apparently already identified "several hundred" covered entities (see "OCR supporting statement A") to which it would like to administer the questionnaire this time around (out of an estimated 3 million covered entities).

Continue reading "HIPAA Audits: The Latest Oracular Prognostications" »

February 06, 2015

Lessons from the Anthem breach

Into the Breach

Anthem experienced a major data breach last week, and reportedly some records (Social Security Numbers and other identifying information, but not health data) of up to 80 million members and employees were obtained by hackers.

There is much to be said (and much has already been said) about the need for privacy and security and protections in the case of Anthem, just as "helpful hints" have been provided after the fact to victims of all significant data breaches. My reaction, when reading about the unencrypted SSNs that were accessed in this attack, was: Why in the world are we using social security numbers as ID numbers? It doesn't have to be this way.

Continue reading "Lessons from the Anthem breach" »

February 03, 2015

ONC, Interoperability, and the 2/6/2015 #HITsm Tweetchat

HITsmI am pleased to be moderating the weekly #HITsm tweetchat this Friday, February 6, 2015 -- Beyond Meaningful Use: What’s next for ONC … and the rest of us. Join us at 12 noon Eastern Time.

Top of mind for the #HITsm twitterati this week are the ONC interoperability roadmap released at the end of last week, and the ONC conference taking place this week in DC. Check out the ONC liveblogging from Mark Scrimshire (aka @ekivemark), and the #ONC2015 tweetstream at large.

Here are the topics for this week's chat. I look forward to discussing them with you.

Continue reading "ONC, Interoperability, and the 2/6/2015 #HITsm Tweetchat" »

January 30, 2015

Privacy and Security and the Internet of Things

"Only Connect"

In the future, everything will be connected.

That future is almost here.

Over a year ago, the Federal Trade Commission held an Internet of Things workshop and it has finally issued a report summarizing comments and recommendations that came out of that conclave.

As in the case of the HITECH Act's attempt to increase public confidence in electronic health records by ramping up privacy and security protections for health data, the IoT report -- and an accompanying publication with recommendations to industry regarding taking a risk-based approach to development, adhering to industry best practices (encryption, authentication, etc.) -- seeks to increase the public's confidence, but is doing it the FTC way: no actual rules, just guidance that can be used later by the FTC in enforcement cases. The FTC can take action against an entity that engages in unfair or deceptive business practices, but such practices are defined by case law (administrative and judicial), not regulations, thus creating the U.S. Supreme Court and pornography conundrum -- I can't define it, but I know it when I see it (see Justice Stewart's timeless concurring opinion in Jacobellis v. Ohio).

Continue reading "Privacy and Security and the Internet of Things" »

January 29, 2015

Better, Smarter, Healthier: Medicare and Value Based Purchasing

EvolutionThe big announcement this week from Medicare -- setting forth specific targets for a historic shift away from fee-for-service reimbursement in order to reduce costs and improve quality -- is less than it seems.

Medicare has been talking about value based purchasing for decades now, and thus far has taken baby steps towards implementation. Even the strides taken in recent years, and the targets laid out this week for the future, don't really leave FFS medicine in the dust. ACOs and other MSSP innovations don't entirely move away from FFS reimbursement; they just add cost and quality kickers as part of a retrospective reconciliation.

CMS identified four categories of payment and targets related to each of these categories.

  • category 1—fee-for-service with no link of payment to quality
  • category 2—fee-for-service with a link of payment to quality
  • category 3—alternative payment models built on fee-for-service architecture
  • category 4—population-based payment

Continue reading "Better, Smarter, Healthier: Medicare and Value Based Purchasing" »

January 06, 2015

2015 Health IT Predictions and Reflections

Janus-Vatican-2Kate Ackerman at iHealthBeat asked me to participate in her annual piece on Health IT past and future, 12 Experts Weigh In on Health IT Progress, Disappointment in 2014 & Hopes for 2015. Check out her roundup of 2014 highlights, and the collected opinions of a dozen prognosticators, including the HealthBlawger.

Read them all. Agree or disagree. Most important of all: Work to make your own predictions come true.

For those of you dying to know what I had to say, have at it:

What was the most significant health IT development over the past year?

The continued slow but steady development of asynchronous telehealth services, leveraging resources such as wireless monitoring devices, which was potentially supercharged by the development of consumer-centric health data platforms by big consumer electronics firms.

Continue reading "2015 Health IT Predictions and Reflections " »

December 15, 2014

Farzad Mostashari on the Proposed ACO Regulation: The future of the Medicare Shared Savings Program examined in an interview with David Harlow

Mostashari_Farzad_ORIGINALThe Accountable Care Organization regulations were first promulgated under authority of the ACA's Medicare Shared Savings Program in 2011. Three years later, the regs are in the shop for a tune-up. Farzad Mostashari MD was one of the authors of the Brookings Institution ACO issue brief released in the spring, suggesting some changes to the program that would keep current ACOs engaged past the end of their three-year contract term, and improving the program overall. Dr. Mostashari, former National Coordinator for Health IT, is now the founder and CEO of Aledade, a startup focused on helping physician organizations develop ACOs. With a level of excitement shared only by a small coterie of health wonks -- and usually reserved for video recordings of unboxing the latest hi-tech toy -- Farzad livetweeted his reading of the 429-page typewritten version of the proposed ACO rule when it was released late last Monday. (See the CMS Fact Sheet on Proposed Changes to the MSSP and the Aledade post on the proposed reg.

The rule was published officially on December 8, with a 60-day comment period. I had the opportunity to interview Dr. Mostashari about the new rule. As he noted in our conversation, CMS is calling for input on a variety of issues, so don't be shy, especially if you have some data to back up your suggestions on the choices that remain to be made in this rulemaking process.

(Read or listen to the full interview after the jump.)

Continue reading "Farzad Mostashari on the Proposed ACO Regulation: The future of the Medicare Shared Savings Program examined in an interview with David Harlow" »

December 11, 2014

Disruptive Innovation or "Woo"?

640px-Distillation_of_dry_and_oxygen-free_tolueneIs it the best thing since sliced bread? Is it really a better mousetrap? Does it really have that special sauce?

The term "disruptive innovation" gets bandied about quite a bit, and in recent weeks and months, it has been applied to the designs of Patrick Soon-Shiong and Elizabeth Holmes on changing medicine and health care. The former is focused on cancer diagnostics and treatments, the latter, on blood tests. Each has been the subject of paeans in the press, but questions have been raised -- less broadly -- about the claims they are making. Setting aside for the moment the question of whether talk of disruptive innovation is in itself "woo," let's take a look at these two entrepreneurs and their current projects.

Continue reading "Disruptive Innovation or "Woo"? " »