nicolas terry, "big data, regulatory disruption, and arbitrage in health care"
Upload: the-petrie-flom-center-for-health-law-policy-biotechnology-and-bioethics
Post on 14-Apr-2017
139 views
TRANSCRIPT
Regulatory Disruption and Arbitrage in Healthcare Data Protection
@nicolasterry
Hall Render Professor of Law& Executive Director of the Hall Center for Law and Health
Indiana University Robert H. McKinney School of Law
• Increasingly large amounts of sensitive healthcare data exist in lightly regulated space outside reach of traditional healthcare data protection
• Results:
• Regulatory disruption as stakeholders struggle with under-regulation and indeterminacy
• For data brokers, successful regulatory arbitrage enabled; doing in lightly-protected space what they are prohibited from doing in HIPAA-space
• Deprecation of traditionally high levels of health data protection and challenges to ACA principles
• Proposals for legislative reform generally have failed to gain traction
• Specific and general powers of FTC remain the primary defenses against big data abuses.
Clinical:Point of Care
Clinical:Operations
Research:Outcomes
Research:Intramural/Corporate
Research:Population
Health
Caveats
Sectoral Data ProtectionHealth Care Financial Services Genetic Privacy Internet Other
HIPAA GLBA GINALaw
Agency HHS-OCR FTC/SEC/Banking
EEOC FTC
General (but limited)Broadband
FCC
Anonymization: Identity not Associated with Data
Inalienablility; Designed to Disincent Collection
Privacy; Limits on Collection
Right to Erasure; Selective Removal
Regulation at Point of Use; e.g., anti-discrimination
Security; Repelling Outsiders (Identity Thieves)
Confidentiality; Limits on Disclosure
Breach Notification; “The Horse Has Left the Barn”
Upstream
Downstream
Disclosers
“Paymentor Healthcare Operations”
Business Associates
Care Team
Traditional Health Data
Space
http://thedatamap.org/
“We have one of the largest and most comprehensive collections of healthcare information in the world, spanning sales, prescription and promotional data, medical claims, electronic medical records and social media. Our scaled and growing data set, containing over 10 petabytes of unique data, includes over 85% of the world’s prescriptions by sales revenue and approximately 400 million comprehensive, longitudinal, anonymous patient records. We standardize, organize, structure and integrate this data by applying our sophisticated analytics and leveraging our global technology infrastructure to help our clients run their organizations more efficiently and make better decisions to improve their operational and financial performance.”
IMS Health Holdings, Inc., Form S-‐‑1, Registration Statement under The Securities Act Of 1933,
Scoring personal health.…In 2014, there were at least a dozen health scores available in the marketplace, including the Affordable Care Act (ACA) Individual Health Risk Score, FICO Medication Adherence Score, several frailty scores, personal health scores (e.g., WebMD, One Health Score), and medical complexity scores (e.g., Aristotle for scoring of surgery for congenital health conditions). Consumers are largely unaware of the existence and use of these scores and the algorithms that create them.
[A] “body score” may someday be even more important than your credit score. Mobile medical apps and social networks offer powerful opportunities to find support, form communities, and address health issues. But they also offer unprecedented surveillance of health data, largely ungoverned by traditional health privacy laws (which focus on doctors, hospitals, and insurers). Furthermore, they open the door to frightening and manipulative uses of that data by ranking intermediaries— data scorers and brokers— and the businesses, employers, and government agencies they inform.
• The ACA prohibits pre-existing condition exclusions, discriminatory premium rates, and generally requires guaranteed issue
• Guaranteed issue and related regulations generally do not apply to life insurers who are customers for big data proxies
• Health insurers who use data-mined prescription drug data to continue their discrimination against high cost patients
• There is evidence that insurers move drugs associated with patients with expensive chronic conditions to high cost-sharing tiers in the hope of discouraging those patients from applying for coverage
• Unregulated big data has the potential to frustrate some of the mainstay policies of our healthcare system.
Reform Incoherence1. The White House, Consumer Data Privacy in a Networked World: A Framework for Protecting
Privacy and Promoting Innovation in the Global Digital Economy (2012)
2. Fed. Trade Comm’n, Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers (2012)
3. The White House, The Big Data and Privacy Review (2014)
4. Fed. Trade Comm’n, Data Brokers: A Call for Transparency and Accountability (2014)
5. PCAST, Big Data and Privacy: A Technological Perspective (2014)
6. Administration Discussion Draft: Consumer Privacy Bill of Rights Act of 2015
7. Health IT Policy Committee, Privacy and Security Workgroup, Recommendations on Health Big Data (2015)
8. The White House, Big Data: Seizing Opportunities, Preserving Values (2015)
9. FTC, Big Data: A Tool for Inclusion or Exclusion? (2016)
10.The White House, Big Data: A Report on Algorithmic Systems, Opportunity, and Civil Rights (2016)
• FCRA
• ECOA
• FTC § 5(a)(1)
• Deceptive Prong/Unfair Prong
• LabMD
• Wyndham
https://www.ftc.gov/system/files/documents/reports/big-data-tool-inclusion-or-exclusion-understanding-issues/160106big-data-rpt.pdf
Q & AMail: [email protected]: @nicolasterryPodcast: TWIHL.com
Nicolas TerryHall Render Professor of Law
& Executive Director of the Hall Center for Law and Health
Indiana University Robert H. McKinney School of Law