Editor’s Note: This edition of Morning eHealth is published weekdays at 10 a.m. POLITICO Pro eHealth subscribers hold exclusive early access to the newsletter each morning at 6 a.m. To learn more about POLITICO Pro’s comprehensive policy intelligence coverage, policy tools and services, click here.

The yin and the yang: As the health IT universe sinks its teeth into CMS and ONC rules on information blocking, startups warn HHS that the behavior takes many forms. Cyber experts, meanwhile, worry that freeing the information will make it harder to secure.

—A breast cancer survivor files a complaint charging that Facebook should pay billions in fines for misleading patients about its online forums and failing to notify them of a major breach of information.

—Some EHR vendors are going through the motions of giving patients the right to download their health records without offering a practical way to do it, according to three startup CEOs.

—A cybersecurity expert predicts that the new era of interoperability will lead to privacy and security gaffes unless health care adopts tighter security standards.

Tweet of the Day: Genevieve Morris @HITpolicywonk Anyone else feeling the post #HIMSS19 cold? Thinking I should have hit the hand sanitizer harder.

Welcome to Tuesday Morning eHealth, where despite shaking 45,000 hands at HIMSS we feel healthy after a few nights of good sleep. We’ll be sorting out the rule proposals for a few weeks yet. Make sure to send your thoughts to [email protected] or tweet to me and my peeps @arthurallen202, @dariustahir, @ravindranize, @POLITICOPro and @Morning_eHealth.

FACEBOOK ACCUSED OF HEALTH PRIVACY VIOLATIONS:
Its practices with health forums could threaten users with discrimination or harassment, according to the complaint to FTC shared with Morning eHealth’s Mohana Ravindranath. Online bullies harassed sexual assault survivors participating in one such group, and there’s reason to suspect that companies may have scraped data from the sites to use in business practices such as insurance underwriting, it says.

Members of ostensibly closed groups on Facebook can download entire membership lists of people with specific genetic mutations, sexual orientations or other characteristics. Malicious users could infiltrate the groups and leak names or messages sent by members, according to the complaint, filed by health IT researcher Fred Trotter and Andrea Downing, who co-moderates a group for breast cancer patients.

A Facebook spokesperson said the company had been transparent with members and administrators about its privacy settings. Mohana’s complete story here, for Pros.

IS THIS INFORMATION BLOCKING?: Startups that are trying to provide aggregated health records for patients say some EHR vendors are making it nearly impossible for patients to get their records. And they warn that Apple and large health care providers could end up controlling the health app economy unless regulators take stronger action.

The problems described to POLITICO by four startup CEOs at HIMSS could be evidence of a coming fight over the final language in the 720-page ONC proposal that was released last week. Cerner requires a cumbersome, and unworkable process for a patient using an app to download health records, according to one of the developers, David Brooks of Durham, N.C.-based record aggregator Medlio.

Another app developer, Philip Parker of Coral Health, raised the problem at an ONC Town Hall at HIMSS Thursday. The ONC’s leading man for standards, Steve Posnack, told Parker, “This is an example of something where we might not have addressed with sufficient clarity.”

Cerner, meanwhile, said it was happy with the response to the Apple Health app, and was looking forward to working with other third party developers.

Pros can read my story here.

MORE HIMSS REACTION: Former ONC Chief Privacy Officer Lucia Savage led the pack to publication Friday with her thorough analysis of the ONC rule in Health Affairs. “Bravo, ONC, for this bold proposal,” she wrote, warning that it remains to be seen how much of it ends up in the final rule. The 60-day comment period starts this week (EHR vendors are asking for an additional 30 days). … We’ve also heard that ONC set a 2021 deadline for the new certification requirements knowing the date will slip a year. … Mac McMillan, CEO of cyber firm CynergisTek, told us that the CMS and ONC proposals raise major privacy and security concerns. “They said, ‘We want you to be more open but you still have to protect the data.’ Typically those two things don’t go hand in hand … Folks are going to be very concerned they are the hook for any downstream incidents that occur as a result of openness they have with third-party developers.”

… Several industry folks raised concerns about whether OCR, ONC, CMS and OIG were coordinating their activities. ... The last day for comment on OCR’s HIPAA rule came the day after ONC put out its info blocking proposal — which created an entirely new context for the HIPAA changes OCR is contemplating. Blame it on the shutdown… “It would have made a little more sense if they [the ONC/CMS proposals] came out when they were supposed to,” said Epic’s Janet Campbell. But ONC policy chief Elise Anthony said HHS would coordinate in providing a clean policy for sharing and protecting data.

CONNECTED CARE THAT’S WORKING: Intel has published a white paper stating that the connected care it’s offering employees is working in that it is improving diabetes conditions, making it easier to schedule appointments and improving other health measures for its employees in four Western states.

AI IN EUROPE: Ministers of EU states responsible for artificial intelligence on Monday released a strategyto expand the use of AI in Europe. ... The Dutch, meanwhile, want more ethics guidelines for the technology.

DIGITAL MAESTROS RESCUE VETS: The Appeals Modernization Act takes effect today in a noon ceremony at the VA. A 35-member team of the U.S. Digital Service has been working behind the scenes to launch a suite of tools called Caseflow that will give VA employees new ways to streamline appeals decisions.

HEALTH IT ACROSS THE POND: The UK’s National Health Service announced it will no longer pay for fax machines for any of the Trusts that operate its hospitals and specialist services … Health Minister Matt Hancock is campaigning hard to get rid of paper. Senior NHS officials have issued statements assuring the Trusts that a no-deal Brexit next month won’t lead to a cutoff of funds. However, they’re also urging the Trusts not to start any big health IT projects, especially work that requires more hiring (presumably because of all the non-British IT talent that could am-scray). ... Meanwhile, Eric Topol, who is heading a commission named after himself to examine UK’s AI future in health, gave an interview in which he stated his pleasant surprise at the level of support for the NHS over there.

PERSONNEL: If you’re a lawyer who likes zapping info-blockers, HHS’s inspector-generals office has an opening for you. ... The Mayo Clinic reelected trustees Michael Powell, the former FCC chairman, and Paula Menkosky, chief administrative officer of the Mayo Clinic in Arizona. Mayo’s board elected two internal trustees to four-year terms: neurologist Claudia Lucchinetti and Florida Mayo administrator Christina Zorn, J.D.

Aging Americans are a growing market for health tech, perCNBC

The Star in Hong Kong reports that China could use stolen medical data to blackmail Americans.

Queensland, Australia, doctors raise safety concerns about Cerner implementation . On a related note, 300,000 Australians have canceled their medical record portals.

Follow us on Twitter


• Mohana Ravindranath @ravindranize
• Darius Tahir @dariustahir

Follow Us