Patient Privacy Invasion Promoted by the Federal Government – Part III – Patient Registries Addendums added 3/30/2019 and 12/4/2019

Leave a comment

Part III – Disease Registries

What is a Registry?

Registries are collections of patient data usually focused around a particular disease.  Cancer have been mandated by law in most states and some cites for many years.  If you have cancer and a pathologist reads the slide of a specimen that turns out to be cancer, your name and varying amounts of data about you and your cancer are reported to one or more cancer registries.  https://www.cdc.gov/cancer/npcr/  This can include the genome of the tumor which, of course, will include some of your genome.  You have probably heard a lot about these registries lately because of former Vice President Biden’s “Cancer Moon Shot” which seeks to collect extensive genomic data about cancer and the people who have developed cancer.

What is Meaningful Use?

The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009,  put incentives in place to encourage the use of electronic health records (EHRs).  Shortly after that, there came regulations to encourage the use of those EHRs “Meaningfully” which is where a program called “Meaningful Use”  began.  This program is administered by the Office of the National Coordinator for Health IT (ONC) which is part of Health and Human Services (HHS).  There are, so far, three stages to Meaningful Use.  The first was relatively simple for most EHRs to achieve, the second much more difficult and the third is just now in progress.

Meaningful Use and Exchange of Data

A large element of Meaningful Use revolves around gathering and exchanging data.  In fact, exchanging data is probably the most important element and yet, as of right now, the goal of easing the exchange of data has not been met despite the expenditure of $36 Billion in incentive payments for installing Meaningful Use Certified EHRs and using them “meaningfully”.

Most patients would like it to be much easier to have their data exchanged and be able to get it themselves.  What they often don’t realize is that there is a lot of data being released about them without their permission and that this exchange of data without permission is exploding.  We discussed one very important way in part I, the Quality Measure Reporting.

The push to Create New Registries and Submit Data

One method of providing data without the patient’s permission being promoted by Meaningful Use and even outside of Meaningful Use is submitting data to patient registries.  Not all registries will take data without permission, but the creation of registries and submission of data to them without patient permission seems to be on a fast track right now with HHS and the health committees in Congress such as the Senate HELP Committee.

A typical patient registry being promoted is a diabetes patient registry.  These registries are felt to be important for research and the “greater good” so you will almost never hear of anyone from Congress or HHS voicing any concern for patient privacy.  Many are hoping that a plethora of patient registries will be created and that data will be submitted to all of them.

Would you agree with sharing your medical data with registries?

 I believe 85 percent or more of patients would be willing to fully share their health records, but I don’t believe that those who want their privacy protected should be forced into giving up what should be their right to decide.  I also believe that patients should have the option of withdrawing  permission if they wish.

There are significant concerns for some who might otherwise be willing to share their data that have nothing to do with their own privacy, but have to do with the implications of how sharing the data might affect their relatives.  It might also affect their relationships with others with whom they work or have significant contact if it were known what ailments they were suffering from.

To me it is simple, patients should be ASKED and health care providers should not be asked to share personal patient data without their permission.  In this era of Big Data, this also includes most de-identified patient data.

Now is the time to protect your privacy!

Let your Representative, Senators and Tom Price know you want to have a say sharing your healthcare information about you!

http://www.opencongress.org/people/zipcodelookup

HHS Secretary
HHS Office of the Secretary
E-mail Address:
Secretary@HHS.gov
Phone Number:
202-690-7000

Addendum Added 3/30/2019

California may be trying to stand up for its citizens against Google and Facebook, but it is seriously invading patient privacy by mandating that anyone with Parkinsons Disease must have their information entered into a Parkinsons Disease registry maintained by the the California Department of  Public Health.  Below is the notice sent to physicians with California Licenses on March 12.  Note that persons with Parkinson’s disease often develop dementia in the late stages of Parkinson’s disease and thus would likely want to keep the diagnosis between themselves and their doctors in the early stages.

March 12, 2019

Dear Health Care Provider:

In accordance with Health and Safety Code Section 103870, health care providers diagnosing or providing treatment to Parkinson’s disease patients are now required to report each case of Parkinson’s disease to the California Department of Public Health (CDPH).

Senate Bill (SB) 97 created the Richard Paul Hemann Parkinson’s Disease Program of the California Parkinson’s Disease Registry (CPDR). CPDR is a statewide population-based registry that will be used to measure the incidence and prevalence of Parkinson’s disease. California’s large and diverse population makes it ideal for expanding the understanding of this disease to improve the lives of Parkinson’s disease patients.

The first deadline for submitting case information to CPDR is March 29, 2019, for all reportable patient encounters from July 1 – December 31, 2018.

Health Care Providers: If you are a health care provider and wish to report via manual data entry (i.e., using the CalREDIE direct data entry web portal), you must:
1. Register on the CDPH Health Information Exchange (HIE) Gateway (https://hie.cdph.ca.gov/).
2. After registering on the HIE Gateway, you will be sent a CalREDIE Account Request and User Authorization form which must be completed and returned to CPDR.

Once your account has been created you will receive your CalREDIE account login information, and you will be able to submit Parkinson’s disease case information to the registry.

Reporting Facilities: Health care systems implementing an electronic interface connection with the registry using a Health Level Seven International (HL7) formatted message should already be in the testing stages. If your facility has not initiated testing of the electronic interface, please contact the registry right away at CPDRhelp@cdph.ca.gov<mailto:CPDRhelp@cdph.ca.gov> to begin the on-boarding process. (Note: Information on acceptable HL7 message formats can be found in the CPDR Implementation Guide [version 3, August 2018], available for download from the CPDR website: www.cdph.ca.gov/parkinsons<http://www.cdph.ca.gov/parkinsons>.)

Resources: CDPH has developed several implementation resources that are available for download from the CPDR website (www.cdph.ca.gov/parkinsons<http://www.cdph.ca.gov/parkinsons>). These include:
· The CPDR Implementation Guide (Version 3, August 2018)
· Webinar: Reporting Data to CPDR (December 2018)
· HL7 Specification Documents
· Answers to Frequently Asked Questions
· Patient Information brochures

If you need assistance submitting Parkinson’s disease case information to the registry, please contact us at CPDRhelp@cdph.ca.gov<mailto:CPDRhelp@cdph.ca.gov> or (916) 731-2500. For additional information and program updates, visit the CPDR website at www.cdph.ca.gov/parkinsons<http://www.cdph.ca.gov/parkinsons> and join our listserv.

12/4/2019

Note that this provision for a registry was supposed to sunset in January 1, 2020 but now has been reauthorized until 2021.  Physicians who do not submit their patient’s data to the registry will be fined up to $500 a day that the data is not provided.  See 103870 (f) at this link.  Also see the FAQs at the second link making it clear that patients may not choose to opt-out of having their information entered in this registry.    https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?lawCode=HSC&division=102.&title=&part=2.&chapter=1.6.&article=

https://www.cdph.ca.gov/Programs/CCDPHP/DCDIC/CDSRB/Pages/CPDR-FAQs.aspx

Nancy Anthracite, MD

Leave a Reply

Your email address will not be published. Required fields are marked *