I can read them fine by clicking and dragging them larger. Tested on desktop, iPad, and iPhone. Not perfectly sharp,…
Morning Headlines 5/3/22
Virtual care enabler Capable raises $6 million
Capable Health, developer of plug-and-play virtual care software, raises $6 million in seed funding.
Kidney care-focused analytics and population health management vendor Healthmap Solutions raises $35 million, bringing its total funding to $135.6 million.
Allscripts Closes Sale of Hospital and Large Physician Practices Business to Constellation Software
Allscripts finalizes the sale of its hospital and large physician practices business to Harris parent company Constellation Software for up to $700 million in cash.
Health startup MyNurse to shut down after data breach exposed health records
Virtual chronic care management and remote patient monitoring startup MyNurse announces it will shut down alongside its notice to users of a March data breach.
No headline for the leaked Supreme Court draft that’ll overturn Roe vs Wade?
Unless SCOTUS servers were hacked, its not ‘IT’-related
Well, I can’t tell if I’m Chicken Little or not, but I can see a very dark path for health IT if Roe vs Wade is overturned. I hope I’m wrong.
Not Chicken Little. In 2019 a MO legislator testified that they were already tracking LMP of girls and women who visited women’s health clinics.
I have seen many posts already with warnings to stop using period tracking apps, for fear of their information being used against you. Reasonable for Mr. H not to headline it, but I have to say – I agree that in an age of $10k bounties, that’s going to break into HIT real fast.
Here’s your headline on the leaked Roe draft pertinent to HIT: https://www.washingtonpost.com/technology/2022/05/04/abortion-digital-privacy/
I’m a fair sight more worried about this one: https://www.aclu.org/other/faq-government-access-medical-records
I’m rather hesitant to voice the following in a public forum, but I do believe that avoiding the subject won’t make it go away…would 45 C.F.R. § 164.512(f)(2) permit an anti-abortion clerk to run a report in their EHR and report swaths of abortion-seeking (or sought) women? Like, say, maybe there’s a clerk of a multi-hospital, multi-state healthy system that can earn a large amount of blood money by sending exactly that report to the Texas Dept of Justice?
Mr H – if you could, please amend my typo earlier.
I said ’45 C.F.R. § 164.512(f)(2)’ but should have typed 45 C.F.R. § 164.512(f)(5)….or maybe even (f)(6) in the eye of the beholder.
Someone on Twitter yesterday wrote a long thread about something similar, basically outlining how a combination of access to data — even without direct access to HIT information, think more like the data mining company that is already selling data about visits to womens’ health clinics — and the bounty on women in Texas and being proposed in other states combine very easily to create arbitrage based on hunting women. Direct access to HIT systems takes all the risk out of that, and makes it very straightforward. With a state DOJ entirely uninterested in protecting women — and in 23 states actively interested in harming us — the risk of prosecution for HIPAA violations would be low, and dozens or hundreds of $10K bounties would be worth the risk to a certain cohort of psychopaths.
I agree that there’s a point of vulnerability and concern there. However this statement is problematic:
“Direct access to HIT systems takes all the risk out of that, and makes it very straightforward.”
It may be straightforward, for sure. In my experience though, modern HIT systems are very good at logging access. Anyone who attempts this is sticking a very large target on themselves!
Then the issues will be:
1). Is anyone looking at the access logs?
2). If the culprits are detected, is there any appetite to go after them with penalties?
It is sad though, I have to say. We keep losing barriers to harassment and discrimination. If the people responsible for these moves, were themselves subject to this sort of scrutiny? No doubt they would wail about “their rights”.
This is a secondhand, unsubstantiated allegation that runs the risk of FUD so I will refrain from mentioning the HIE in question, but…
In a previous life, I worked with a medical director who stated they can’t connect to a regional HIE. Their stated reason was that the HIE was incapable of producing audit reports of who looked at a given patient’s record, so the medical group’s Compliance folks killed the project. This was stated very clearly and without ambiguity and I did believe they did receive that statement directly from the HIE’s staff.
I’ve also heard about several issues revolving around another HIE (different state) whose audit reports lead to multiple terminations because users couldn’t seem to stop snooping.
It’s not just the EHR operators who can ‘leak’ this information, but also repository-based HIEs and their users.
“2). If the culprits are detected, is there any appetite to go after them with penalties?”
That’s where I was going with the comment about state AGs, and lawmakers who have already passed or written laws hunting women. A law is as good or as bad as its enforcement, otherwise its just words on paper.