Item: WSJ Online/Harris Interactive poll says

Overall, 60% of 2,153 respondents said the benefits of electronic medical records outweigh the risks; 63% said electronic records can significantly decrease the frequency of medical errors, 55% said they can significantly reduce costs, and 51% said they make it more difficult to ensure patients’ privacy.

Item:  My friend Richard Dale, a VC at Sigma Partners, spoke about PHRs at the Personally Controlled Health Records Infrastructure Conference here in Boston this week, describing 26 or more economic models for dissemination and use of PHRs in materials posted on his blog.  Richard says that there was at last year’s conference,

and even more so now (viz. Dossia), a feeling that PHRs really can deliver value for all players in the health care system.

The trouble is that there is no clear business model that has emerged. The work on PatientSite at BIDMC, HealthVault from Microsoft, and Dossia illustrate three of many disparate approaches, any one or more of which may take root and grow well.

Item:  Managed Care Plans Push PHRs, says an article in the October issue of Health Data Management.  Some plans focus on so-called PHRs, other on fuller EHR systems.   Some are limited to claims data, others have more information that allows both patients and  providers to get a handle on a history. 

Some observers . . . question the value of a record based primarily on the codes used in claims. "Those codes are not really diagnostic codes; they are reimbursement codes," says Margret Amatayakul, president of Margret/A Consulting LLC, a Schaumburg, Ill.-based firm specializing in electronic records. "They don’t provide enough detail on treatment."

The American Health Information Management Association, a Chicago-based group representing medical records managers, has voiced similar concerns. "We really think that it’s preferable that PHRs be integrated with providers’ electronic health records," says Linda Kloss, CEO at AHIMA.

Group Health, in Seattle, is cited in the article as an organization that is integrating EHR data into the PHR.

Consistent with the general public opinion survey cited above, many folks in the field are in favor of putting PHR/EHR data on line, and see it as a boon for maintaining and communicating data needed for treatment.  Not everyone is quite so sanguine, however:

"If my insurance company puts my PHR on the Internet, they better have some good lawyers," says Vincent Ciotti, principal at H.I.S. Professionals, LLC, a Santa Fe, N.M.-based consulting firm. "Internet security is going to be breached. You’re asking for trouble if you share PHRs on the Internet."

Instead, Ciotti advocates that patients retain control of all their records by storing them on a smart card or on their home computers. "Medical records are extremely confidential and private, and need to be kept that way," he stresses.

. . .

Ciotti also argues that the real reason managed care plans want to create PHRs is to gather more information that can be used to deny future claims or reject potential applicants for coverage.  And Amatayakul expresses concern about the potential for payers to share data with employers without asking the permission of the enrollee.

"There isn’t any explicit federal protection against secondary uses of the data in a PHR," notes Kloss of AHIMA. "Patients need to control how the data in a PHR is accessed, used and controlled."

AHIMA argues that the federal HIPAA privacy and security regulations should be extended to protect against inappropriate use of PHR data.

Payers say they are taking appropriate steps to make sure PHRs are not misused.

"We assure our enrollees that we won’t use the data in PHRs for any underwriting purposes," says McCabe [Meg] McCabe [head] of Aetna [e-health products]. "Where no specific regulatory controls exist, we have strong ethical controls on how the data should be used. And we allow a member to suppress line items."

Item:  The reformed Dr. Drug Rep (Daniel Carlat) published his Big Pharma kiss-and-tell story in last Sunday’s NY Times Magazine, bringing his story to MSM from his blog.  Not news, but an extraordinary personal story.  The WSJ Health Blog reports today that he is now giving "unsales" pitches to atone for his Effexor detailing lunches. One point made by Carlat was that there is a tremendous amount of information available about prescribing habits of physicians, based on the prescription records of their patients, which is mined by the drug reps in order to tailor presentations to the docs.

Conclusion: Whether or not you believe the studies tying use of EHRs or PHRs to improved clinical outcomes and cost-effective care, this train has left the station, and as the Aetnas, Microsofts and Googles of the world continue to focus on personal health information, more and more of it will be finding its way on line.  While the simple truth may be that no one can guarantee security of personal health information, there are steps that should be taken to restrict secondary use of PHI — though much of it is truly worthwhile population health, not just extracting data for use in drug detailing and other marketing efforts. 

As usual, the regulatory framework is playing catch-up with the technological realities in the world.

David Harlow