Return of the Guru

Health Claims Database Moves Forward, Security Lags Behind

Ara Trembly
Insurance Experts' Forum, November 11, 2010

The world of politics often bears little resemblance to the world of reality, yet surprisingly few people seem to mind.

What am I going on about? Well, it seems that recent health care reform legislation has called for the creation of an electronic health claims database, several Internet posts report. The federal Office of Personnel Management plans to create such a database from which it can analyze and track health trends and costs based on medical claims submitted by physicians and hospitals for federal employees and others covered by federal health plan options, says Government Health IT.

The health reform law called for the creation of the database, which OPM says will start November 15. Analysis from the claims will enable OPM to develop statistical models, such as for methods to reduce risk in patients and improve outcomes, track pharmacy pricing, better prepare for health plan negotiations and make health care program changes, according to the notice October 5 in the Federal Register.

But hold on here. Some questions are begged. Is this statistical sample representative of the larger population of American citizens? Further, will statistical mandates from the database overrule the common sense of real cases, not to mention the sanctity of the doctor-patient relationship? Then there’s the huge problem of securing a database that—as I mentioned in a previous post—is sure to be the target of professional and amateur hackers worldwide.

It hardly seems to matter, because the law demands the creation of the database, and a database will be created, by gum! If the database is flawed, the law cares not. If the database becomes a club that can be arbitrarily used to determine availability and pricing of treatment, the law is not concerned. Of course, the law should be concerned about the possible problems wrought by such an instrument, and even more so over whether or not our federal employees are capable of protecting such a tempting target from the bad guys.

The way I see it, unless someone can show me a database that is 100% protected from intrusion, creation of such a national treasure of information will simply borrow trouble. According to Government Health IT, the data collected may include sensitive personally identifying information, such as patient name, Social Security number, addresses, medical diagnosis, health care provider information and their reimbursement costs. OPM says it will protect the information according to safeguards under the Privacy Act. Agencies are required to announce when they plan to collect personal data in a system of records that is covered by the Privacy Act. 

That may make privacy advocates feel better, but security of the data remains a huge issue. In many instances, says OPM, data will be stripped of personally identifying information to allow researchers to query the data based on general demographics, risk-adjusted profiles and comparison of chronically ill patients. Really? How many cases are we talking about, and who decides which cases get the super-privacy treatment?

OPM says it will restrict access to the records on the database to employees who have the appropriate clearance and the need to know to perform their official duties. The database will run on a secured system, the agency said. Hmmm. Would that be a secured system like we have at the Department of Defense—the same system that has been hacked several times already?

Jumping ahead on this for the sake of political expediency is simply foolish. Then again, fools and politicians often have a lot in common.

Ara C. Trembly ( is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on do not necessarily reflect those of Insurance Networking News. 

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

The Other Auto Insurance Telematics Shoe Drops

Progressive's decision to charge Snapshot drivers more if their driving data indicates higher risk has started the industry down a road of data-driven adverse selection.

Core Transformation – Configuring in the Rain

The whole point of core transformation is that changes at the micro level can be used as a stimulus for changes at the macro level.

6 Ways to Develop a Productive IT-Business Dialog

Relationship management 101 for keeping IT and business on the same page.

Unified Digital Strategy: Succeeding in the Digital Revolution

A unified digital strategy recognizes that all business strategies and technologies touch the customer in some way and that a one-size-fits-all channel model is obsolete.

Agile and Continuous Delivery in a Regulated Environment

Just because a development team is doing continuous delivery or packaging releases into two-week sprints doesn’t mean that code is being moved to production.

Dealing with the COBOL Brain Drain

Documentation on aging systems often is akin to tribal knowledge, and the potential for things to go bump in the night increases as these environments face generational transition.