banner
News center
We are committed to upholding our ISO certification standards.

HIPAA reform should protect patients, scale back silos around medical data

Jun 22, 2023

Lifespark chief executive Joel Theisen argues for an update of HIPAA that acknowledges an advanced technology landscape and gives providers a fuller picture of patient health.

Editor's note: Joel Theisen is founder and chief executive of Lifespark, a Minnesota-based senior health company.

Back when America adopted the main law for medical privacy and technology, the most popular mobile device was a pager, home movies played on VHS at Blockbuster, and the leading search engines were AskJeeves, AltaVista and Dogpile.

Our times and tech have changed, but the famed HIPAA law of 1996 — the Health Insurance Portability and Accountability Act — remains stuck in the bygone era when the Macarena was still king.

Fortunately, there's a bipartisan push in Washington to update the law, sponsored by Sens. Tammy Baldwin of Wisconsin and John Cassidy of Louisiana. That bill calls for a commission to review existing state and federal protections of personal health information, as well as current practices for health data use by the healthcare, insurance, financial services and consumer electronics industries. It also is to recommend to Congress whether federal legislation is needed to modernize health data privacy.

As an RN and CEO of a healthcare company, I’m hoping we can update HIPAA in a way that not only acknowledges the value of new health apps and Fitbit-style monitoring devices, but also scales back the silos around health data so providers can respond to a wider, fuller picture of a person's health.

In the 1990s, legislators, consumers and medical professionals were justifiably concerned about the use and disclosure of personal health information. The result was the one part of the vast law that consumers are most familiar with — the HIPAA Privacy Rule.

Intentions were good, as were many results, but the law hasn't kept pace with the technological reality of today.

One unintended consequence was the compartmentalization of medicine. HIPAA makes it tougher to share health data, a change obvious to any patient who has had the frustrating experience of having to fill out forms and repeat their medical history every time they see a new doctor, physician assistant, nurse or health insurance rep.

Have you ever tried to assemble and review your own medical history? This is no easy task — it's extremely walled off. If it's so hard for you to get your own records in one place, then you can imagine how difficult it is for the professionals trying to gain a complete health picture so they can understand, treat and cure you.

HIPAA has encouraged the rise of giant electronic health record companies like Epic and Cerner, which have set up cloud-based repositories of patient records — and then built moats around them. They figured out that if you control the data, you control the game. That might be good for their business, but it impedes the ability of providers to understand and improve a person's health based on their life story.

Fragmented medicine makes healthcare more difficult. At a time when we need to be considering the health of a whole person, our system is set up instead for different medical specialists to view people through their particular specialist eyes. A patient isn't a living, breathing human with complex needs and varied dreams. She's viewed on the medical conveyor belt as a broken hip, or a high blood pressure that needs to come down, or a cancer that needs to be radiated away.

In my own business of complete senior health, our members have lived full lives, often after being treated by many different medical providers. Yet the burden is on the individual to tell their story, their life journey, with every provider at every point of service time and again. It's incredibly frustrating that the healthcare business can't aggregate the story and the information around the person, in our case, seniors.

Though tech platforms like Facebook, iCloud and Google Photos have greatly advanced the ways that people can record, remember and share major life events, there is no similar and straightforward way to capture and understand their full medical story. (By the way, Facebook, Google and the cloud did not exist when HIPAA was approved.) Clearly the tech is possible to help medical record keeping if we put the proper safeguards around it.

Is there any other business that makes the customers repeat, again and again, why they are here, how they arrived, when they last visited, what they hope to gain from this visit — and if they recall doing anything years ago that might have any relevance to what we want to do now?

Omissions, faulty memories, unclear dates — there are just so many opportunities for errors in this process, both from patients and providers. Yet we keep repeating it.

Having a single data source to tell the whole healthcare story would make it so much easier to improve care and tailor services to the individual.

At the same time, personal medical privacy must be protected. The key here is that the health data must be made to work best for the consumer, whose wishes should get top priority over the companies trying to capture the data and commercialize it.

Technology and data can do so much to help improve our health. With an update of HIPAA, we need to make sure that medical information is available to help and illuminate instead of being walled off in a frustrating turf battle