Don’t Let an Obsession with HIPAA Be a Barrier to Health Data Insights
Federal regulators announced earlier this month that one of the biggest healthcare systems in the country has agreed to a $5.55 million settlement related to release of HIPAA-protected data. Did the news send a chill down your spine? Certainly addressing the security of HIPAA data needs to remain a top priority—especially when hackers appear to target healthcare providers with increasing frequency.
The potential benefits of using data to support the transformation of healthcare cannot be ignored.
But at the same time, hospitals and healthcare systems should not allow apprehension to overcome action when it comes to gathering and using insights from health data analytics to forge ahead toward goals to reduce costs, drive engagement among healthcare consumers, and improve patient safety, care quality and outcomes.
Three Reasons to Embrace Health Data Analytics (Despite HIPAA Concerns)
The potential benefits of using data to support the transformation of healthcare cannot be ignored. Instead, hospitals and others in the healthcare industry need to consider these factors.
1. HIPAA Privacy Rule Has Limited Scope
The HIPAA Privacy Rule apply to health information from healthcare providers, payors, clearinghouses and their business associates. Naturally, data analytics that depend on these sources of information need to comply with HIPAA guidelines.
But other sources of information can lead to critical insights that support meaningful use and more. A source like the c2b Consumer Diagnostic, uses consumer surveys and psychographic segmentation to identify consumers’ unique behaviors, influences, motivations and attitudes about health and wellness. This type of data enables healthcare-related organizations to better understand healthcare consumers in general, as well as within the context of consumers with specific health conditions including cancer, cardiovascular, depression or anxiety, diabetes and obesity.
As we noted in a past blog, psychographic segmentation allows hospitals and health systems to develop relevant, more effective patient engagement programs, increase patient loyalty and drive revenue. Isn’t that what you want?
2. HIPAA Allows for Use of De-Identified Data
Under the Privacy Rule, organizations must extract identifiers related to the patient, as well as the patient’s immediate household members, relatives and employers, to de-identify the data
• Geographic indicators other than state
• Elements of dates (day, month) except for the year
• Contact information including phone and fax numbers along with email addresses
• Social security, medical record, health plan beneficiary and account numbers
• Certificate or license numbers
• Vehicle and device numbers
• Associated URLs and IP addresses
• Biometric identifiers like finger or voice prints
• Photographic images
• Other unique identifiers
This type of de-identified data from clinical, claims and billing data, as well as other sources, accelerates research, allowing hospitals and other healthcare providers to spot risk factors sooner, track outcomes and optimize treatment protocols based on their findings.
For example, Mercy Health in Cincinnati, Ohio uses de-identified patient data with a health data analytics tool to drive an 11 percent improvement in diabetes management. Modern Healthcare notes, “By analyzing what has been effective with other patients, Mercy can work with its doctors to devise new care paths, better care coordination, or improved patient education approaches.”
3. HIPAA Will Be a Moving Target in Coming Years
Cybersecurity threats to patient data privacy won’t end—ever—so standing still until the risk is gone will just leave some organizations in the dust. Instead, you need to address security as proactively as possible and then get a move on with leveraging health data analytics. Plus, chances are good that the HIPAA protections will change in the coming years. After all, HIPAA was enacted in 1996, a decade before Apple introduced the iPhone, and today healthcare consumers have a host of health and wellness apps to use.
As NPR’s Angus Chen said in a report about health data, “We leave behind other trails of health data, too, from apps and activities that are sometimes only tangentially health related. When I walk down the street, an app on my phone logs steps as it bounces against my thigh. When I swipe a loyalty card at the pharmacy, the over-the-counter medications that I buy become bits of data attached to my name.” The universe of the Internet of Things continues to expand too, so there’s a strong possibility that protection of patient data will be revisited.
In other words, it’s now or never when it comes to using health data analytics. And as the hospitals that have seen clear benefits from using data effectively will attest, never is not an option if you want to transform for the future.