Return of the Guru

Health Claims Database Moves Forward, Security Lags Behind

Ara Trembly
Insurance Experts' Forum, November 11, 2010

The world of politics often bears little resemblance to the world of reality, yet surprisingly few people seem to mind.

What am I going on about? Well, it seems that recent health care reform legislation has called for the creation of an electronic health claims database, several Internet posts report. The federal Office of Personnel Management plans to create such a database from which it can analyze and track health trends and costs based on medical claims submitted by physicians and hospitals for federal employees and others covered by federal health plan options, says Government Health IT.

The health reform law called for the creation of the database, which OPM says will start November 15. Analysis from the claims will enable OPM to develop statistical models, such as for methods to reduce risk in patients and improve outcomes, track pharmacy pricing, better prepare for health plan negotiations and make health care program changes, according to the notice October 5 in the Federal Register.

But hold on here. Some questions are begged. Is this statistical sample representative of the larger population of American citizens? Further, will statistical mandates from the database overrule the common sense of real cases, not to mention the sanctity of the doctor-patient relationship? Then there’s the huge problem of securing a database that—as I mentioned in a previous post—is sure to be the target of professional and amateur hackers worldwide.

It hardly seems to matter, because the law demands the creation of the database, and a database will be created, by gum! If the database is flawed, the law cares not. If the database becomes a club that can be arbitrarily used to determine availability and pricing of treatment, the law is not concerned. Of course, the law should be concerned about the possible problems wrought by such an instrument, and even more so over whether or not our federal employees are capable of protecting such a tempting target from the bad guys.

The way I see it, unless someone can show me a database that is 100% protected from intrusion, creation of such a national treasure of information will simply borrow trouble. According to Government Health IT, the data collected may include sensitive personally identifying information, such as patient name, Social Security number, addresses, medical diagnosis, health care provider information and their reimbursement costs. OPM says it will protect the information according to safeguards under the Privacy Act. Agencies are required to announce when they plan to collect personal data in a system of records that is covered by the Privacy Act. 

That may make privacy advocates feel better, but security of the data remains a huge issue. In many instances, says OPM, data will be stripped of personally identifying information to allow researchers to query the data based on general demographics, risk-adjusted profiles and comparison of chronically ill patients. Really? How many cases are we talking about, and who decides which cases get the super-privacy treatment?

OPM says it will restrict access to the records on the database to employees who have the appropriate clearance and the need to know to perform their official duties. The database will run on a secured system, the agency said. Hmmm. Would that be a secured system like we have at the Department of Defense—the same system that has been hacked several times already?

Jumping ahead on this for the sake of political expediency is simply foolish. Then again, fools and politicians often have a lot in common.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News. 

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

The Good, The Bad and The Ugly Of Enterprise BI

When IT can't deliver, business users build their own applications focusing on agility, flexibility and reaction times.

The IT-Savvy 10%

IBM survey reveals best practices of IT leaders.

The Software-Defined Health Insurer: Radical But Realistic?

Can a tech startup digitally assemble the pieces of a comprehensive, employer-provided health plan?

Data Governance in Insurance Carriers

As the insurance industry moves into a more data-centric world, data governance becomes more critical for ensuring the data is consistent, reliable and usable for analysis.

Fear This

Just days before this Issue, which contains our security cover story, went to press, we got some interesting news: 1.2 billion unique usernames and passwords and 542 million email addresses were reportedly stolen from 420,000 websites, according to The New York Times. The websites ranged from Fortune 500 companies down to small online retailers.

Should You Back Up Enterprise Data to the Cloud?

Six questions that need to be asked before signing on with an outside service.

Advertisement

Advertisement