I have a lot of doctors. A lot of doctors. I’ve seen more than I can count and each time I go in, they ask me to fill out a new patient form. Inevitably, the form does not have enough space to include all of my information. And worse, I’ve already filled this form out in hundreds of other places. So I decided to make my own form – a personal health record (PHR).
I need to use email to work with my providers. I’ve explained before why I’ve given up on patient portals. Basically, I have multiple providers to manage (16) and going into multiple portals to send multiple messages is untenable for me as a patient and really does a disservice to me and to my providers. However, doctors are reticent to use email. The EHR vendors have done a great job with their marketing to scare physicians to think that they can only use the portal to communicate. But that’s not true! And in fact, patients have a right to use email, one that doctors must accommodate.
Because doctors don’t want to believe me despite my law degree, I have written this letter and present it when they try to resist the use of email. Some still try to push back and refuse, but the law is in my favor and I’ll push for what I need to do for my care. We shouldn’t have to fight over this, but until doctors really learn how HIPAA works, I’ll have to educate them on my own.
For all patients that want to use email, feel free to use this. It is NOT legal advice, it is simply what I use as a patient and cites the relevant laws, rules, regulations, and guidelines.
The last line of my article on privacy and security in the cloud for IBM reads:
Ultimately, responsibility is important not only for HIPAA and HITECH compliance but also for ensuring trust. A doctor entrusts a BA with critical information shared by patients who have divulged their most intimate details and whose EPHI [electronic personal health information] might be stored in the cloud. If their EPHI is compromised, patients might lose trust in their doctors and consequently their care might be put at risk. Thus, the significance of HIPAA and HITECH goes beyond law. EPHI is not merely data; it represents individuals, their health, and their lives. (ital, bold added)
It’s not exactly the line you’d expect to see in a technology publication but it was important to me that the article end with the reason why HIPAA is important, a reason that is often forgotten or in the least neglected by providers tasked with following the law – trust.
The privacy and security provisions in HIPAA are ultimately about trust.
Healthcare does not have a problem with silos.
In fact, there are no silos in healthcare; there are only boundaries.
If we truly want to change healthcare, we need to break boundaries.
At least once a day a picture of someone’s blood glucose meter reading or continuous glucose meter (cgm) graph or posting of someone’s HbA1c comes across my twitter feed. All by well-meaning diabetics who are trying to share their experiences – for support, to relay information, to pat themselves on the back for the very hard work that is the life of someone with type 1. But I am asking them and all diabetics to please pause before posting your blood sugars.
It seems to me that no one in the healthcare world and particular patient advocacy is paying attention to net neutrality. Perhaps this is because net neutrality is a newer concept and potentially confuses many. But, the future of net neutrality will have a significant impact on healthcare, particularly as we focus on digitalizing the industry – from apps to manage our health to medical records to simply being able to search for information on our conditions. Much like many were not paying attention to the implications of the recently signed into law provisions that allow our internet service providers to sell our data until it was passed, this is something we cannot let slip under the radar.
So here’s a brief primer on net neutrality basics, why it matters in healthcare, and actions currently being taken to end net neutrality.
I’m giving up on patient portals.
I asked my doctors to deactivate my accounts and I’m sticking to email.