Taking health information to a community fair is about as bogus as it gets, said Deborah Peel, a psychiatrist who heads Patient Privacy Rights, an advocacy group with a self-explanatory name. Peel was one of the people I interviewed last week in a group of stories about a data breach at Keystone Mercy Health Plan and Amerihealth Mercy Health Plan, two affiliated companies with their headquarters in southwest Philadelphia.
Early last week, the insurers, which serve medical assistance clients in Eastern Pennsylvania, reported that a USB drive containing records of 285,691 people was missing. The majority of the records linked an insurance identification number with some recent health information. There were also various combinations of names, addresses, birth dates and health information. In seven cases, the records included Social Security numbers.
Donna Burtanger, a company spokeswoman, said the USB drive, which was lost, they say, in their headquarters, was used to take patient information to community health fairs. She said it was important for insurance field reps to be able to have the information so they could advise clients on the spot about getting lifesaving screening tests, including mammograms. Sometimes a community health fair is the best way for them to in contact with their members.
Peel did not buy it. Here's what she wrote in an email to me. With her permission, I am cutting and pasting it so you can read it below.
"This story just gets worse, highlighting the poor judgment of the insurance companies. Keystone Mercy Health Plan and AmeriHealth Mercy Health Plan never even considered how sensitive patients are about the privacy of personal health information, from their prescription records to DNA.
Now Keystone Mercy Health Plan and AmeriHealth Mercy Health Plan claim that taking the health records of 285,691 people to community health fairs is a way to “save lives”. That particular argument is often used to make people believe that a decision was made for important and worthwhile, even essential reasons. So let’s take a look and see if the decision to take health records to community health fairs is a good decision or makes sense.
The insurers want their employees to check people’s medical records and decide if a test is needed, like a mammogram, and schedule it—at a health fair. But as a matter of law, ONLY physicians can order tests like mammograms—not insurance company employees. Their employees cannot schedule doctor’s appointments, much less medical tests. Besides, most people are very uncomfortable with strangers, who are not health professionals that treat them, looking at their medical records.
Most people would never want their sensitive health records taken to health fairs in the first place. Obviously, Keystone Mercy Health Plan and AmeriHealth Mercy Health Plan did not ask enrollees for consent to take their records to health fairs, or anywhere outside of their offices where personal records are supposed to used to ONLY to pay claims.
Most people strongly object to health insurers even having, keeping, or using their sensitive health records. Patients want insurers to have the bare minimum information about them to pay claims. Patients typically do not turn to insurers for advice about their health, about treatment, or to recommend tests.
And the insurers say conflicting things about what kinds of information and how much was on the flash drive. if only recent screenings were on a flash drive, a woman’s last mammogram might not be there. No physician would order a test like a mammogram without knowing the exact date of the last one and the details of her history, like what risks she has for breast cancer. Unnecessary mammograms expose women to radiation.
It appears that this example of helping women at health fairs to get needed mammograms doesn’t make any sense, because the employees of insurance companies cannot order or schedule mammograms—or doctor’s appointments.
The example of saving women from breast cancer at community health fairs is so far-fetched that it may have been fabricated to try and make it seem that the insurers had good reasons to take sensitive health records out of their offices. But it’s hard to judge their reasons and intentions without full disclosure, so we are left with the few things they said and dd. They exposed 285,691 people’s sensitive demographic and health information to loss, sale, identity theft, and medical identity theft for reasons that don’t make sense.
Is it responsible to allow insurance employees access to people’s sensitive health records at health fairs and risk the loss or theft of that sensitive data?
If the insurers actually put complete or very detailed health information on enrollees on a flash drive that would enable a health professional to know enough to order certain tests, and the stated goal is to increase screening for needed tests, there are far more effective and privacy-protective ways to do that. They do not have health professional staffing their booths at health fairs. Insurers could contact patients directly by mail or email or phone IF the patient had opted in to receiving advice or reminders from them. Or insurers could contact doctors if they think a test is needed, so doctors can evaluate full records and decide whether tests should be ordered.
Risking the privacy of 285,691 people at a health fair to improve screening for breast cancer or other unnamed conditions is a bad decision—whether they encrypt the data or not. Encrypting the data would have lowered the risk of loss, theft, or sale of the information, but would not solve the problem of using patients’ sensitive health information in ways that they would never want or agree to."
Two points of view, obviously. But what is clear is that theft of medical information is a serious problem, according to experts I interviewed last week for a story that ran in Monday's Philadelphia Inquirer. You can read it by clicking here.