PHRs, Health 2.0 and the Impact of Social Media on Health Care

Uploaded on

Presentation by Bob Coffield and Jud DeLoss at the American Health Lawyers Association Annual Meeting, July 1, 2009, Washington, DC.

Presentation by Bob Coffield and Jud DeLoss at the American Health Lawyers Association Annual Meeting, July 1, 2009, Washington, DC.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • I was very impressed with the depth and scope of the presentation. Thanks for the opportunity of seeing through your post.
    Stan Frochtzwajg, M.D.
    Community Memorial, Ventura, CA
    Are you sure you want to
    Your message goes here
  • Great overview Bob! Thanks!
    Are you sure you want to
    Your message goes here
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. PHRs, Health 2.0 and the Impact of
    Social Media on Health Care
    American Health Lawyers Association
    Annual Meeting – July 1, 2009
    Robert L. CoffieldFlaherty, Sensabaugh & Bonasso, PLLCGerald “Jud” E. DeLossMinneapolis, Minnesota
  • 2. PHR Defined
    “A tool for collecting, tracking and sharing important, up-to-date information about an individual’s health or the health of someone in their care”
    American Health Information Management Association ("AHIMA") and American Medical Informatics Association ("AMIA")
  • 3. HITECH Definition
    “An electronic record of PHR identifiable health information . . . on an individual that can be drawn from multiple sources and that is managed, shared, and controlled by or primarily for the individual”
  • 4. PHR 1.0
    “First generation” PHRs
    Stand-alone PHRs
    Require patients to gather and enter their own information
    Tethered PHRs
    Provided by a health plan, provider, or employer sponsor who populates the PHR with information
  • 5. PHR 2.0
    Not merely a data collection application
    Platform for the electronic aggregation and storage of health information
    Foundation for various applications
    Personal Health Information Networks – part of NHIN
  • 6. Impact of PHRs
    Comprehensive shift in the way health information is used, maintained, and stored
    Impact on means and methods for patients, health care providers and payers to maintain, use, control, and disclose health information
    The current, decentralized system of records maintained by multiple providers and entities at multiple locations
    Transformed into a centralized record maintenance system that may rely on personal health information networks ("PHINs"), where the PHR serves as the central repository
  • 7. Data Ownership
    Who owns health information?
    The physician?
    The plan/insurer?
    The patient?
    Under traditional theory, providers own the medical records they maintain, subject to the patient’s rights of access in the information contained in the record
  • 8. Data Ownership
    Physicians and other healthcare providers
    Maintain ownership of health information results in a greater likelihood of maintaining a relationship with the patient
    Patient who desires to change providers faces difficult task in locating all sources of the health information and requesting that it be transferred to a new provider
    Rehash in the form of health intake questionnaires, health and physical history examinations, and tests which may not have been adequately communicated
  • 9. Data Ownership
    Plan ownership
    Underwriting and utilization review activities
    Whether coverage may be extended or whether a pre-existing condition is present
    Aggregate the data in records or de-identify the information to be used, disclosed, sold, or manipulated for a variety of medical and economical reasons
  • 10. Data Ownership
    The PHR Vendor
    Patient privacy advocates have expressed concern over what use PHR vendors will put to the health information
    An individual executes an authorization then the vendor may use or disclose the health information in any manner it wishes, since HIPAA would no longer apply
    New HITECH Act provisions (discussed below) will place limits on these uses but some PHR vendors have taken an initial position that HITECH will not apply because an authorization, among other things, wll relieve them of compliance 
  • 11. Patient Ownership
    Patient ownership
    Results in framework where medical, expense, well-being, and utilization are aligned within one party
    Patient has an incentive to keep costs to a minimum by avoiding multiple or repetitive procedures
    Patient has an incentive to or at least the means to monitor their health or well-being by becoming actively involved in the process
    Patients have an incentive minimize the unauthorized disclosure or use of their health information
  • 12. Discrimination
    Under HIPAA, a group health plan is prohibited from disclosing protected health information to a plan sponsor (typically an employer) for other than plan administration functions
    In addition, the plan sponsor must certify that it will not use or disclose the protected health information for employment-related actions
    Health plans, including group health plansoffering PHRs to their enrollees
    Must ensure that the PHR is either not accessible by the group plan
    Any health information contained within the PHR which is accessible by the group plan is not shared with the plan sponsor for other than administration functions
  • 13. Discrimination
    In addition to HIPAA, employers – and possibly insurers -- must consider the implications
    Americans with Disabilities Act (“ADA”)
    Family and Medical Leave Act (“FMLA”)
    Similar State laws
  • 14. HITECH Act
    Under the HITECH Act, a “personal health record” means
    “An electronic record of PHR identifiable health information . . . on an individual that can be drawn from multiple sources and that is managed, shared, and controlled by or primarily for the individual.”
    “PHR identifiable health information” is broadly defined as individually identifiable health information, relying on the HIPAA definitionand “includes, with respect to an individual, information  . . . that is provided by or on behalf of the individual” and “that identifies the individual or with respect to which there is a reasonable basis to believe that the information can be used to identify the individual.”
  • 15. HITECH Act
    Breach Notification Requirements
    The HITECH Act imposes breach notification requirements on PHR vendors and entities that offer products and services through, or that access information from, a PHR
    Requires each vendor of PHRs, and each designated PHR entity, following the discovery of a breach of security involving unsecured PHR identifiable health information that is in a PHR maintained or offered by such vendor, to provide notice to the Federal Trade Commission (“FTC”) and to any United States citizen or resident whose unsecured health information is acquired by an unauthorized person as a result of the breach
    Third party service provider that provides services to a vendor of PHRs or a designated PHR entity in connection with offering or maintaining PHRs (or related products or services) and that “accesses, maintains, retains, modifies, records, stores, destroys, or otherwise holds, uses, or discloses unsecured PHR identifiable health information must notify the PHR vendor (or the designated PHR entity) of a breach of such information, which notice shall include identification of each affected individual
  • 16. HITECH Act
    The HITECH Act generally requires that breach notices be sent without unreasonable delay and in no case later than 60 calendar days after discovery
    Notices to affected individuals generally must be sent by first class mail or may be sent by electronic mail if the individual has expressed a preference for it or, in an urgent situation, by telephone
    Further, if 10 or more individuals require notification for which there is insufficient or out-of-date contact information, then the notifying entity is required to place a conspicuous posting on its website homepage or place a notice in major print or broadcast media, including major media in geographic areas where the individuals affected by the breach likely reside
    If the breach involves more than 500 residents of a state (or jurisdiction), a PHR vendor or designated PHR entity also must provide notice to prominent media outlets serving the area
    A PHR vendor or designated PHR entity must notify the FTC immediately if the breach involves more than 500 individuals. The FTC must notify HHS of such breaches
    Violations of the notification requirements related to PHR identifiable health information will be treated as unfair and deceptive acts or practices under the Federal Trade Commission Act
  • 18. technology + mobile tools + information + community +
    user-generated content + collaboration + social interaction
  • 19. Do YOU use social media and networks?
    Are you LinkedIn?
    Do you Facebook?
    Do you Tweet?
    Do you have a blog? Do you read/comment on blogs?
    Do you use RSS?
    Do you regularly look at your online reputation via Google.
    Are you lifestreaming via Posterous?
    Do you know what Google Wave is?
    11% of American adults use a service like Facebook/Twitter to share updates about themselves or to see the update of others. Pew Internet & American Life Project, Dec. 2008
    Where are YOU?
  • 20. Where Is EVERYONE?
    210 Years of Information. Thomas Baekdal
  • 21. A Glimpse Into the State of Social Media
    200M active users; 100M log on every day; 30M mobile users
    If country 5th largest behind China, India, US & Indonesia
    Average user has 120 friends
    Fastest growing demographic – over 35
    850M photos uploaded each month
    1B pieces of content shared each week
  • 22. A Glimpse Into the State of Social Media
    Amazing growth! Unique monthly visitors:
    Jan. 2008: 500,000
    Dec. 2008: 4.43 M
    March 2009: 8 M
    Largest user demographic: 35-49
    Users more mobile less tethered by technology
    Twitter replacing RSS and Google search – “real time” results
  • 23. WEB 2.0
    Controlled message
    Static Web
    Software Release
    Desktop Computing
    Central data
    World Wide Web
    Dynamic and User-Generated
    Mental chatter & wisdom of crowd
    Read, write and collaborate
    Participatory Web
    Software as Service
    Cloud Computing
    Decentralized data
    World Live Web
  • 24. social media = 297 hospitals + youtube +
    facebook + twitter + blogs
  • 25. social media = doctor + disruptor +
    technology + e-visits + health stream
  • 26. hairball + health data + technology + consumer rights + viral campaign =
    e-social media health movement
  • 27. The WORLD has changed . . .
  • 28. . . . and so has the HIT landscape.
  • 29. Without CHANGE . . .
  • 30. Is it a time for HEALTH CONSUMERISM?
    Demographics -> “Pig In Python” (79M Baby Boomers)
    Rise in chronic illness and complexity of treatment
    Rising cost of health care and cost shift (employer -> you and me)
    Governments’ inability to afford uninsured/universal coverage
    Personalized medicine and genomics
    The role of PHRs and HEALTH 2.0:
    Shift to consumer-centric (PHR) model of health data
    Health consumer is at the center of integrated medical info network
    New technology tools to treat and reduce/manage chronic condition
    Mobile health to monitor/feed health data (the desktop to the pocket)
    Cost transparency/reform to the current reimbursement model
    Consumerism drives the need to get information and exercise control over yours/my health and care decisions
  • 31. WHAT IS HEALTH 2.0?
    Health 2.0 by Scott Shreeve MD. Creative Commons Attribution, Non-Commercial, Share Alike 2.5 License.Updated on 5/30/07.
  • 32. Health 2.0 = social software + web/cloud based + light weight tools + consumer/provider collaboration
    Health 1.0
    Opaque System
    Passive Patient
    Physician Authority
    Insurance Adversary
    System Generated
    Health Care
    Health 2.0
    Engaged Consumer
    Physician Advisor
    Health Plan Advocate
    User Generated
    Health and Wellness
  • 34. Personal Health Records
  • 35. Personal Health Records
  • 36. PHR and Health Platform
  • 37. Personalized Health Search
  • 38. Personalized Physician Search
  • 39. Collaborative Medical Information Wikis
  • 40. Physician Social Community
  • 41. Web BasedPractice Management
  • 42. Virtual Concierge e-Health Practice
  • 43. Practice Management Tools
  • 44. Health Support Community
  • 45. Disease Communities Capturing & Sharing Outcome Data
  • 46. Consumer Facing Health Tools
  • 47. Consumer Facing Health Tools
  • 48. Personal Health Tools
  • 49. Health Consumer Tools
  • 50. Reinvented Health Care Marketplace
  • 51. Consumer Health Financial Tools
  • 52. Health Financial Tools
  • 53. Insurance Coverage/Discovery
  • 54. Blogging/Med Mal/Privacy
  • 55. Medical Identity Theft/Privacy
  • 56. Negative Review/Libel
  • 57. Contract Law/Libel/Litigation
  • 58. EHRs/PHRs/HIEs/Malpractice
  • 59. User Agreement/Contract Law
  • 60. Health Data Ownership
  • 61. Privacy/Regulatory
  • 62. Patient Rights/Privacy
  • 63. Discovery/Employment
  • 64. Employment(from 30 ways to lose your job on Twitter)
  • 65. Legal Ethics
  • 66. ONE SLIDE PROJECT: Engage With Grace Project
  • 67. QuestionsRobert L. CoffieldFlaherty, Sensabaugh & Bonasso, PLLCHealth Care Law BlogRCoffield@fsblaw.comTwitter: @bobcoffieldGerald “Jud” E. DeLossMinneapolis, MinnesotaMinnesota Health IT Bloggdeloss@gmail.comTwitter: @gdeloss Slides Available via SlideShare