Tuesday, April 30, 2013

The Gun Lobby Target Doctors

The gun lobby paranoia seems to have infected all branches of our government, but even I am surprised how far politicians are willing to go to please their NRA sponsors. In today's Miami Herald an article titled " Medical liability bill gets snagged by gun concerns" highlights such an example. According to the article a Senate priority bill to limit the liability of Florida doctors ran into trouble in the House on Monday when opponents suggested that it could be used by insurance companies who represent the doctors to create a private registry of gun owners. The bill, HB 827, would deal with what are known as “ex parte communications” in malpractice cases and would allow lawyers for doctors hit with a malpractice claim to interview any other doctor about a patient’s health record in private. Rep. James Grant, R-Tampa, believes that the provision could open the door to lawyers asking doctors about the gun-toting habits of their patients and, over time, use that information to build a database of gun owners who could be charged higher insurance rates. Grant filed an amendment to the bill Monday that would prohibit doctors from revealing any information about a patient’s gun ownership, as well as any history of child abuse, sexual abuse, substance abuse, mental health and reproductive history unless the patient’s lawyer is present. Just to make sure that we understand this mind-boggling political acrobatic: Rep Grant BELIEVES that insurance companies will mine these records to essentially eliminate potential risky clients, especially gun owners, who then would be charged higher insurance rates. Therefore, according to his amendment, doctors would be prohibited from collecting and revealing such information, unless the patient's lawyer is present. Sounds reasonable? Well, probably in the mind of those who believe that the government is trying to disarm Americans by buying ammunition in large amounts, or those who believe in black helicopters following their every move etc. What is more troubling that those "freedom fighters" are willing to gag doctors and force them to sanitize their medical records in order to please their NRA masters. Why do we vote for these NRA stooges? What happened to our individual freedom from interference in our lives and professions? Its time to expose these so-called politicians as willing executioners of the NRA. Yours Bernd

Monday, April 29, 2013

Health Data Leaks

Attached an article published in the recent edition of the South Florida Business Journal titled " Breached: Health data security has sprung an expensive leak" highlighting the connection between the increasing identity theft and tax fraud in South Florida with the "leaky security" at healthcare facilities. Identify thieves and tax fraudsters are often purchasing patient data from employees in the healthcare services sector which are then being misused for fraudulent tax filings costing the federal government $5 Billion last year. As physicians we have to be part of the prevention and cure of this problem. Therefore, I do not collect social security numbers anymore in my office and safe all sensitive patient data on a secured server. Once I enroll a new patient into my practice my EHR creates an internal ID for identification purposes eliminating the need for recording the social security number. Unfortunately, Medicare is still imprinting the identification cards with the recipient social security number. This should be replaced with a tracking number which then has to be verified through a secured server accessible only by registered providers of healthcare services. This of course will not eliminate the human factor and the susceptibility for financial bribes and other incentives. But we must start today to stop identity theft. Breached: Health data security has sprung an expensive leak Brian Bandell Senior Reporter- South Florida Business Journal South Florida’s identity theft and tax fraud epidemic is often tied to leaky security at medical providers that fail to safeguard patient records. Fraudulent tax filings cost the federal government $5 billion last year, and South Florida is epicenter for this scam, said Wifredo A. Ferrer, U.S. attorney for the Southern District of Florida. Criminals could not file fraudulent returns without easy access to victims’ personal information. The identity thieves, often former street criminals, are willing to pay hundreds of dollars for each Social Security number, he said. The masterminds have “filing parties” where they teach others to do fraudulent returns in exchange for a cut, Ferrer said. “Hundreds of thousands of people go to hospitals and, if you have someone inside willing to sell your information for a couple hundred dollars, that will happen.” In the past few years, employees of Jackson Healthcare System, Memorial Healthcare System, Mount Sinai Medical Center, Boca Raton Regional Hospital and the Palm Beach County Health Department have been charged with stealing patient data to aid fraud schemes. Many other defendants worked for smaller local medical offices. In other cases, health care providers had data stolen or hacked by outsiders, Ferrer said. While his office is working hard to find criminals by tracking the IP addresses used to file bogus returns and the flow of stolen tax dollars, Ferrer is urging hospitals and doctor offices to secure the information. The U.S. Department of Health and Human Services requires health care providers and insurers to report data breaches affecting more than 500 patients and post it on the HHS website. Since this began in 2009, there have been 17 data breaches affecting 1.44 million people at health organizations serving South Florida. The largest breach was at Miami-based AvMed Health Plans, with 1.22 million records leaked from stolen laptops, which led to a lawsuit from its members. Still a problem 17 years after HIPAA Medical records were supposed to be safeguarded by the Health Insurance Portability and Accountability Act (HIPAA), which passed in 1996, but apparently, many providers still haven’t plugged the leaks. “This will keep happening because many health care companies don’t have good internal controls, don’t have physical controls to prevent them from walking out with records and don’t have proper security awareness and training for employees,” said Silka Gonzalez, president of Miami-based Enterprise Risk Management, which helps companies with data security. Banks take a more aggressive approach to data security because regulators have been tough on them, but the health care industry hasn’t been under as much pressure, Gonzalez said. They’re more interested in investing in patient care than data security. “If some hospitals are far from having the best security possible, forget about small practices,” Gonzalez said. “They won’t have any security in many cases.” The government is trying to show that HIPAA compliance is serious, but so few doctors have been fined over the years that the chances of getting penalized are pretty slim, said Luis Salazar, a partner with Miami-based Salazar Jackson, which has a data privacy law practice. Salazar said he was a victim of tax fraud, but he was able to sort it out fairly quickly and file his tax return. “Most people realize they are victims in the first three or four months, but 20 or 25 percent don’t catch onto it for three or four years,” Salazar said. The Social Security number should only be available during billing and intake, but Salazar has seen hospitals that have multiple terminals with patient information available to all employees. In response to the data theft by its former employee, Boca Raton Regional Hospital enhanced its security to block out full Social Security numbers from patient records, conduct random workspace audits of records security and additional employee training on HIPAA, spokesman Thomas Chakurda said. Electronic records make theft easier The push to use electronic medical records had the unintended consequence of making data theft more efficient, said Alan Brill, senior managing director for New York-based Kroll Advisory Solutions. “If you want to steal 5,000 sets of identity, it might take days to copy it from physical files, and someone might notice,” Brill said. “Now it’s on a computer and it may be no more difficult than putting in a USB key or staying late and printing things.” Brill worked a case where a hospital technician replaced a backup DVD with a blank DVD, copied the entire set of patient records and made counterfeit credit cards. Two Palm Beach County Health Department employees were arrested in February for stealing more than 2,800 patient records for a tax fraud scheme. PBCHD spokesman Tim O’Connor said the employees, who worked in the medical records department, targeted patients born between 1991 and 1996 because they could claim the youngsters were dependent on their parents and claim a big refund. The health department has since put safeguards in place – such as replacing Social Security numbers with independent patient numbers, O’Connor said. Only financial counselors will have access to Social Security numbers, he added. Miami attorney Mark A. Dresnick, who represents health care providers in HIPAA cases, said he would not give providers his Social Security number unless there is a valid reason because he doesn’t want it stolen. “My suspicion is that a lot of the tax fraud is coming from doctor offices due to theft of Social Security numbers by receptionists and clerical staff,” Dresnick said. HHS has become tougher with penalties and has targeted smaller providers, Dresnick said. In Massachusetts, an ear and eye clinic was fined $1.5 million after a data breach. Dresnick said regulators would be less forgiving of medical offices that ignore HIPAA training for employees and don’t take sufficient steps to secure data. HIPAA expands beyond health providers A new rule expanded HIPAA compliance for patient record security to companies that provide services to the industry. Jorge Rey, associate principal and director of information security and compliance at accounting firm Kaufman, Rossin & Co., said this includes consultants, medical records storage companies, law firms, collection agencies. If there is a data breach or lax security, they could face monetary penalties, he added. Brill added: “You’re not a security company, yet you have the responsibility for doing the right thing.”

Monday, April 01, 2013

The New Prescription Abuse Epidemic

Attached you find a link to an important article published in today's New York Times titled "A.D.H.D. Seen in 11% of U.S. Children as Diagnoses Rise" highlighting the staggering increase in ADHD diagnosis and related stimulant prescription use. Nearly one in five high school age boys in the United States and 11 percent of school-age children over all have received a medical diagnosis of attention deficit hyperactivity disorder, according to new data from the federal Centers for Disease Control and Prevention. The figures showed that an estimated 6.4 million children ages 4 through 17 had received an A.D.H.D. diagnosis at some point in their lives, a 16 percent increase since 2007 and a 53 percent rise in the past decade. About two-thirds of those with a current diagnosis receive prescriptions for stimulants like Ritalin or Adderall, which can drastically improve the lives of those with A.D.H.D. but can also lead to addiction, anxiety and occasionally psychosis. About one in 10 high-school boys currently takes A.D.H.D. medication, the data showed. Sales of stimulants to treat A.D.H.D. have more than doubled to $9 billion in 2012 from $4 billion in 2007, according to the health care information company IMS Health.Even more teenagers are likely to be prescribed medication in the near future because the American Psychiatric Association plans to change the definition of A.D.H.D. to allow more people to receive the diagnosis and treatment. The question remains: are millions of children receiving medication merely to calm behavior or to do better in school? We also should be aware that those medications are often NOT taken as prescribed, shared with or sold to classmates, contributing to diversion long tolerated in college settings and also gaining traction in high-achieving high schools. The C.D.C. director, Dr. Thomas R. Frieden, likened the rising rates of stimulant prescriptions among children to the overuse of pain medications and antibiotics in adults.“We need to ensure balance,” Dr. Frieden said. “The right medications for A.D.H.D., given to the right people, can make a huge difference. Unfortunately, misuse appears to be growing at an alarming rate.” “There’s no way that one in five high-school boys has A.D.H.D.,” said James Swanson, a professor of psychiatry at Florida International University and one of the primary A.D.H.D. researchers in the last 20 years. “If we start treating children who do not have the disorder with stimulants, a certain percentage are going to have problems that are predictable — some of them are going to end up with abuse and dependence. And with all those pills around, how much of that actually goes to friends? Some studies have said it’s about 30 percent.” As physcians we should stop giving in to parents and patients pressures to prescribe these stimulants indiscriminately. We must refocus our efforts on proper and evidence based ADHD diagnosis, demand special training of stimulant prescribers and tracking of stimulant prescriptions. Otherwise, we will force the federal government to step in with tighter regulations.