Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds.
THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
Grade Spread Runs Gamut from F to A+
[By D. Kellus Pruitt DDS]
Are the interests of my dental patients in Fort Worth, Texas being adequately represented by their elected officials in Austin and Washington DC? Starting a few months ago, I’ve sent multiple emails concerning patient privacy and identity theft to my elected government officials on state and national levels; as a test of responsiveness.
The Elected Officials
These include:
- Texas US Senators John Cornyn and Kay Bailey Hutchison
- US Representatives Joe Barton and Michael Burgess
- Texas State Senators Wendy Davis and Chris Harris
- Texas State Representatives Diane Patrick and Marc Veasey.
Of the 8 lawmakers I contacted through their Websites, I received no response from state officials Davis, Harris, Patrick and Veasey. However, from my national representation, only Joe Barton failed to reply. I simply have to give those 5 a grade of F. I assumed my state representatives would be more patient-friendly than members of the US Congress. But, I was wrong.
Texas US Senators
US Senator Cornyn has responded twice: Once in September and again on December 6. In both emails he says,
“Dear Darrell Pruitt,
Thank you for contacting my offices. Your correspondence has been received, and we will respond to you as quickly as possible.”
I suppose there’s still hope for a response, but he also failed. Cornyn also earned an F.
On the other hand, I’m more disappointed with Kay Bailey Hutchison’s staff than John Cornyn’s. In all 3 of her identical responses to my emails, she addresses me as “Dear Friend,” before wasting my time with a vanilla lecture about the origin and intention of the HITECH Act that I can get from HHS:
“The HITECH Act includes privacy and security provisions to expand current requirements under the Health Insurance Portability and Accountability Act (HIPAA) and strengthens the HIPAA privacy rule, blah, blah, blah.”
If Hutchison’s staff member had read the first paragraph of any of the three emails I sent before he or she assigned me the same canned response all three times, the bonehead would have recognized that an explanation of HIPAA was not what I needed from his or her boss. I’m pretty sure I know more about HIPAA than the Senator, and that is the reason I wrote her in the first place.
Senator Hutchison closed all three emails with,
“I appreciate hearing from you, and I hope that you will not hesitate to contact me on any issue that is important to you. Sincerely, United States Senator Kay Bailey Hutchison”
Then she added,
“PLEASE DO NOT REPLY to this message as this mailbox is only for the delivery of outbound messages, and is not monitored for replies.”
Although I should have known better, following her dead-end reply, I returned to her Website and complimented the Senator for being my patients’ first elected official to respond to my emails. I told Kay Bailey how special her personal attention made me feel as an American… which attracted the same response, which quickly stopped that special feeling. Compared to Hutchison’s predictable responses, Senator Cornyn’s thin promises of a meaningful response some day don’t look so bad. Hutchison gets an F, but I’ll upgrade Cornyn to a D for incomplete.
Enter Dr. Michael Burgess
And then there is Michael C. Burgess. Compared to this man, everyone else is just a failing politician, in my opinion. Dr. Burgess gets an A+.
In response to both emails I sent to US Representative Michael Burgess MD in the last few weeks, I received sincere, personalized responses. This week, I sent Dr. Burgess a copy of the timely comment I posted Tuesday on this Medical Executive-Post, “Is ‘encryption of PHI’ discussed in dentistry?”
While Senator Hutchison is unaware that her staff is asleep, and while I’ve been waiting for John Cornyn to get back in touch with me for months, Congressman Burgess’ meaningful and personalized response arrived within 48 hours on Thursday:
Dear Dr. Pruitt:
Thank you for your continued correspondence regarding your concerns for privacy as it relates to health information technologies (HIT). I appreciate hearing from you on this matter.
I assure you that I understand the concerns you have that the implementation of HIT will have harmful effects on patients’ privacy, specifically as it relates to dentistry. As problems arise, I will work closely with the Department of Health and Human Service as well as organized dentistry to make sure that these problems are dealt with quickly and efficiently so that patients continue to receive the rights guaranteed to them in HIPAA.
As one of the few Members of Congress who have run a medical practice and been required to meet HIPAA, I take your concerns to heart and will be vigilant in my oversight.
Again, thank you for taking the time to contact me. I appreciate having the opportunity to represent you in the U.S. House of Representatives. Please feel free to visit my website (www.house.gov/burgess) or contact me with any future concerns.
Sincerely,
Michael C. Burgess, MD
[Member of Congress]
—————————–
So of those 8 elected officials from the Dallas /Ft. Worth area, who you think, I should trust with my patients’ interests next time I vote? As for my state representatives whom I could run into almost anywhere in my community, they never bothered responding at all.
For months, I’ve emailed Diane Patrick more times than any other lawmaker. Long ago, I assumed that since she is married to a dentist, she might have natural interest in the welfare of dental patients. I was wrong. Even though the Fort Worth District Dental Society supports her campaigns, I have to wonder why?
Assessment
And as for Marc Veasey, I met the man once, but I don’t think he remembers me. His campaign office is four doors down the hall from me as I type Tip O’Neal’s quote. “All politics is local.”
Conclusion
Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.
Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com
OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:
- PHYSICIANS: www.MedicalBusinessAdvisors.com
- PRACTICES: www.BusinessofMedicalPractice.com
- HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
- CLINICS: http://www.crcpress.com/product/isbn/9781439879900
- ADVISORS: www.CertifiedMedicalPlanner.org
- BLOG: www.MedicalExecutivePost.com
- FINANCE: Financial Planning for Physicians and Advisors
- INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors
Share this:
Filed under: Health Law & Policy, Information Technology, Op-Editorials, Pruitt's Platform | Tagged: Chris Harris, D. Kellus Pruitt, Diane Patrick, EHRs, EMRs, HIPAA, HIT, HITECH, Joe Barton, John Cornyn, Kay Bailey Hutchison, Marc Veasey, Michael Burgess, Wendy Davis |
The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants 
Addressing encryption
HIPAA says encryption of PHI is “addressable.” So let’s address it.
I posted the following challenge on 8 of my elected officials’ Websites.
——————
Honorable
In an email this weekend, I sent you and 7 other of my elected officials a copy of a “report card” reflecting my opinion of your representation of my Fort Worth dental patients’ interests concerning HITECH/HIPAA and patient privacy.
The following 7 representatives on state and national levels failed to respond meaningfully, including 5 who failed to respond at all: US Senators John Cornyn and Kay Bailey Hutchison, US Representative Joe Barton, Texas State Senators Wendy Davis and Chris Harris, and Texas State Representatives Diane Patrick and Marc Veasey. Naturally, all 7 received failing grades from me.
Only US Representative Dr. Michael Burgess passed, and with A+ honors.
“Grading Texas Lawmakers on Patient Privacy” was picked up this morning by the Medical Executive-Post, which has over 250,000 readers. This one looks like it could become popular.
Dr. Burgess’ thoughtful and personalized response is copied in the article. I’m grateful for him. Since identity theft from healthcare facilities is becoming worse instead of better, dental patients need more representatives like Michael C. Burgess MD in Washington. His confidence in his knowledge of healthcare issues allows him to discuss topics concerning eHRs in dentistry that even my ADA representatives have transparently evaded for years. That’s progress in the land of the free.
Even though the ADA strongly advises members to encrypt Protected Health Information (PHI), it is simply not happening in dentistry, and I doubt if it is widespread in physicians’ offices either. Otherwise, encryption would be a hot topic in HIT literature – and encryption is simply not being discussed anywhere as far as I can tell. In fact, Dentrix, the largest selling dental software in the nation, refused to reply to basic questions about encryption on their Facebook page last week. I think you can see that this is a volatile topic that needs attention now, while it is still way under the radar, rather than later when the failure becomes exponentially more costly to Americans.
Consider what a Wikileaks spin-off could do with almost all US citizens’ health histories – including DNA information. The liabilities of fumbled identities only last lifetimes. DNA codes last generations.
We must get a handle on slippery eHRs – even in dentists’ offices.
Sincerely,
D. Kellus Pruitt DDS
LikeLike
On the right of patients to request restriction of shared health information
The patient’s right to not have health information shared without consent was the standard practice throughout the history of the country and most of the history of medicine ( at least since the Hippocratic Oath in the 5th Century B.C.), as recognized in the Original Privacy Rule issued by the Clinton Administration. Then the Bush Administration, after confirming the Original Rule, reversed its own decision in the amended HIPAA Privacy Rule in August of 2002.
[See Clinton Administration findings at 65 Fed. Reg. at 82,472 (Dec. 28, 2000)]
HHS under the Bush Administration addressed the obvious inconsistency with prevailing standards of professional ethics and the concern that disclosures without consent would become the “de facto” practice by stating that the HIPAA Privacy Rule was only intended to be a “floor” of federal privacy protections and was not even intended to be a “best practices” standard. They stated further that state laws and professional standards that are more privacy protective “retain their vitality”.
[See 67 Fed. Reg. at 53,212 (Aug. 14, 2002)]
So now the HIPAA Privacy Rule provides federal “regulatory permission” (HHS’ words, see 67 Fed. Reg. at 53,211) for covered entities to use and disclose anyone’s identifiable health information for TPO without consent and even against the individual’s wishes, but standards of professional ethics of the AMA and most other professional organizations prohibit such unauthorized uses and disclosures. The HITECH Act merely reinstated the right of consent for the use and disclosure of health information to health plans for payment and health care operations if the individual pays out or pocket (which commonly occurs with mental health care—especially in Washington, D.C. where the laws are made).
So today, HHS authorizes the disclosure of anyone’s health information regardless of their wishes for TPO in violation of traditional standards of medical ethics. But those who can afford to pay for health care services can have their right to privacy restored in a limited way, if they ask for it. This leaves us with the question—why should the right to health information privacy be available only to those who can afford to pay for care?
Some have objected that heeding the patient’s wishes to not disclose health information when the patient pays out of pocket would be too difficult for current HIT systems to accommodate. That argument has caused some others to suggest that we should consider constructing a health IT system that is consistent with patient wishes and professional ethics rather than trying to modify patient wishes and professional ethics to fit the limited capabilities of the current HI technology.
Also, HHS pointed out in its response to those who said that accommodating patients’ wishes was too difficult that the Privacy Rule already requires covered entities to be able to limit the disclosure of certain information in order to comply with the minimum necessary rule which requires that standard to be applied in a manner that is “consistent with and not override professional judgment and standards”.
[See 78 Fed. Reg. at 5628 (Jan. 25, 2013) and 67 Fed. Reg. at 53,197]
The “too difficult” argument assumes that the HIT systems being developed for use by practitioners are routinely violating HIPAA and the practitioners’ professional ethics. See 78 Fed. Reg. 5628-5630 for some discussion of how the right to pay privately can be implemented.
So we now have a HIPAA Privacy Rule which authorized many covered entities to use and disclose patient information in a way that is contrary to patient wishes and practitioners’ standards of ethics. And a HITECH Act that restores the patient’s right to privacy, but only if they can afford to pay for it. This has resulted in eroding public trust that the health care system will protect the right to privacy (that and the near daily headlines of massive privacy breaches possible only with HIT systems) and confusion among practitioners about precisely what is required of them.
This is what you get when you use a “stakeholder” approach to health regulation. The patients, who have the most “at stake” and without whom there can be no health care delivery system, are always outvoted by the other stakeholders whose principal interest is “efficiency”. The HIPAA Privacy desperately needs to be revised from the ground up taking the approach we commonly take in the practice of medicine—we put the ethical practice of medicine, and the patients, first and craft rules to protect them.
That should be still possible if you believe that the HIPAA Privacy Rule is only a federal “floor”.
Jim Pyles
[James C. Pyles, Principal]
POWERS PYLES SUTTER & VERVILLE PC
1501 M Street NW, Seventh Floor | Washington, DC 20005-1700
via Darrell K. Pruitt DDS
LikeLike