Big Data, Genetics, and Re-Identification

by Zachary Shapiro

While all scientific research produces data, genomic analysis is somewhat unique in that it inherently produces vast quantities of data. Every human genome contains roughly 20,000-25,000 genes, so that even the most routine genomic sequencing or mapping will generate enormous amounts of data. Furthermore, next-generation sequencing techniques are being pioneered to allow researchers to quickly sequence genomes. These advances have resulted in both a dramatic reduction in the time needed to sequence a given genome, while also triggering a substantial reduction in cost. Along with novel methods of sequencing genomes, there have been improvements in storing and sharing genomic data, particularly using computer and internet based databases, giving rise to Big Data in the field of genetics.

While big data has proven useful for genomic research, there is a possibility that the aggregation of so much data could give rise to new ethical concerns. One concern is that promises of privacy made to individual participants might be undermined, if there exists a possibility of subject re-identification.

Re-identification of individual participants, from de-identified data contained in genetic databases, can occur when researchers apply unique algorithms that are able to cross-reference numerous data sets with the available genetic information. This can enable diligent researchers to re-identify specific individuals, even from data sets that are thought to be anonymized. Such re-identification represents a genuine threat to the privacy of the individual, as a researcher could learn about genetic risk factors for diseases, or other sensitive health and personal information, from combing through an individual’s genetic information.

Continue reading

NPRM Summary from HHS

As Michelle noted, the Notice of Proposed Rule Making (NPRM) on human subjects research is out after a long delay. For my (and many Bill of Health bloggers’) view about its predecessor ANPRM, you can check out our 2014 book, Human Subjects Research Regulation: Perspectives on the Future.

Here is HHS’s own summary of what has changed and what it thinks is most important:

The U.S. Department of Health and Human Services and fifteen other Federal Departments and Agencies have announced proposed revisions to modernize, strengthen, and make more effective the Federal Policy for the Protection of Human Subjects that was promulgated as a Common Rule in 1991.  A Notice of Proposed Rulemaking (NPRM) was put on public display on September 2, 2015 by the Office of the Federal Register.  The NPRM seeks comment on proposals to better protect human subjects involved in research, while facilitating valuable research and reducing burden, delay, and ambiguity for investigators. It is expected that the NPRM will be published in the Federal Register on September 8, 2015.  There are plans to release several webinars that will explain the changes proposed in the NPRM, and a town hall meeting is planned to be held in Washington, D.C. in October. Continue reading

Of Algorithms, Algometry, and Others: Pain Measurement & The Quantification of Distrust

By Frank Pasquale, Professor of Law, University of Maryland Carey School of Law

Many thanks to Amanda for the opportunity to post as a guest in this symposium. I was thinking more about neuroethics half a decade ago, and my scholarly agenda has, since then, focused mainly on algorithms, automation, and health IT. But there is an important common thread: The unintended consequences of technology. With that in mind, I want to discuss a context where the measurement of pain (algometry?) might be further algorithmatized or systematized, and if so, who will be helped, who will be harmed, and what individual and social phenomena we may miss as we focus on new and compelling pictures.

Some hope that better pain measurement will make legal disability or damages determinations more scientific. Identifying a brain-based correlate for pain that otherwise lacks a clearly medically-determinable cause might help deserving claimants win recognition for their suffering as disabling. But the history of “rationalizing” disability and welfare determinations is not encouraging. Such steps have often been used to exclude individuals from entitlements, on flimsy grounds of widespread shirking. In other words, a push toward measurement is more often a cover for putting a suspect class through additional hurdles than it is toward finding and helping those viewed as deserving.

Of Disability, Malingering, and Interpersonal Comparisons of Disutility (read on for more)

Continue reading

Tackling Medicaid In Massachusetts

This new post by Jeffrey Sánchez appears on the Health Affairs Blog as part of a series stemming from the Third Annual Health Law Year in P/Review event held at Harvard Law School on Friday, January 30, 2015.

The Affordable Care Act (ACA) provides a number of tools to address longstanding problems in our fragmented health care system. At the national level, the Centers for Medicare and Medicaid Services (CMS) are redefining Medicare through initiatives that promote payment and delivery reform, such as Shared Savings and Value-Based Purchasing. States are also seeking their own opportunities to move away from inefficient systems that reward volume over quality. In particular, state Medicaid programs have the potential to play a major role in these efforts.

Given the number of individuals Medicaid covers, it has the biggest potential impact in improving health care. Medicaid covers more than 1 in 5 Americans, funding more than 16 percent of total personal health spending in the United States. With ACA Medicaid expansion, enrollment increased in 2014 by 8.3 percent and led to an increased overall Medicaid spending growth of 10.2 percent. Total Medicaid spending growth in 2015 is expected to be 14.3 percent with a 13.2 percent enrollment growth. This is not an insignificant portion of both state and federal health care dollars. Thoughtful and concerted reforms to Medicaid have the potential to reduce spending and improve care quality. […]

Read the full article here.

Exploring The Significant State-To-State Variation In Marketplace Enrollment

This new post by the Petrie-Flom Center’s Academic Fellow Matthew J. B. Lawrence appears on the Health Affairs Blog, as part of a series stemming from the Third Annual Health Law Year in P/Review event held at Harvard Law School on Friday, January 30, 2015.

What role did geography, advertising, community, Navigators, and the controversy surrounding the Affordable Care Act (ACA) play in consumers’ decisions whether to purchase health insurance in the individual marketplaces? The percentage of potential exchange marketplace enrollees who actually made use of the marketplace to purchase insurance varied widely from state to state for 2014 and 2015.

As of February 22, 2015, for example, there were eight states with enrollment at 50 percent or greater and eight states with enrollment at 25 percent or lower. (Per the Kaiser Family Foundation, the top eight were Vermont, Florida, Maine, DC, Delaware, Pennsylvania, New Hampshire, and North Carolina. The bottom eight were Colorado, Ohio, Alaska, Hawaii, North Dakota, Minnesota, South Dakota, and Iowa).

It would be an interesting and challenging task to explain this variation empirically. Generating reliable statistical inferences from inter-state comparisons is notoriously difficult, and the variables at play here range from the easily measured (percent of population eligible for subsidies, navigator grant amounts, number of participating insurers, premiums) to the not-so-easily measured (enthusiasm for Obamacare, efficacy of state or federal outreach efforts, geography, education, availability and usefulness of charity care and emergency Medicaid, functionality of state exchange website, population health, availability of health services). […]

Read the full post here.

Should Health Lawyers Pay Attention To The Administration’s Privacy Bill?

By Nicolas Terry

Cross Posted from Health Affairs Blog

Health care lawyers justifiably ignored the 2012 Obama administration consumer privacy framework because it expressly and broadly exempted entities subject to HIPAA, stating “To avoid creating duplicative regulatory burdens, the Administration supports exempting companies from consumer data privacy legislation to the extent that their activities are subject to existing Federal data privacy laws.”

In contrast, the administration’s 2015 draft bill, the Consumer Privacy Bill of Rights Act, though based on that framework, substantially affects health care entities, including those subject to HIPAA, and so demands more attention in the health law community.

The “HIPAA clause” in the draft bill is subtly different (and noticeably narrower than its preemption of state law clause): “If a covered entity is subject to a provision of this Act and a comparable provision of a Federal privacy or security law [the list includes HIPAA] such provision of this Act shall not apply to such person to the extent that such provision of Federal privacy or security law applies to such person.” Continue reading

Going for gold: behavioral science reveals new biases in ACA exchange shopping

A new New England Journal of Medicine commentary by Peter A. Ubel, M.D., David A. Comerford, Ph.D., and Eric Johnson, Ph.D. highlights significant flaws in the way information is presented to insurance shoppers on state and federal exchange websites. The authors present original survey data to support the argument that subtle aspects of current website designs inappropriately bias decision making. The authors make their case most strongly in an analysis of the well-known gold, silver and bronze labels:

Consider the decision to lump health plans into categories with names such as bronze (for low monthly premiums and high out-of-pocket costs) and gold (for higher monthly premiums and lower out-of-pocket costs). These labels could have unintended effects on people’s attitudes toward which plans are best. After all, gold, silver, and bronze convey best, second best, and third best through association with sporting events, but the best plan for one enrollee will be different from the best plan for another.

To test whether such associations might influence people’s perceptions of insurance plans, two of us recruited a convenience sample of participants from public buses in Durham, North Carolina, and asked them which category of plans they would look at first if they were shopping for health insurance. To half the people, we described the gold plans as having higher monthly premiums and lower out-of-pocket costs — the language used by many exchanges. For the other half, we switched the gold and bronze plans, describing the gold plans as having lower monthly premiums and higher out-of-pocket costs.

Continue reading

A Chief Privacy Officer’s Take on the Chanko Case

Earlier this month, Charles Ornstein explored a New York City family’s charge that their privacy was violated by a local hospital and a reality television show in ProPublica. More specifically, he details how the death of one Mr. Mark Chanko was filmed at NY Presbyterian Hospital without the family’s consent, and then nationally aired on ABC’s NY MED over a year later. Mr. Chanko’s face was blurred for viewers but he remained recognizable to family and friends who watched the show. Since the broadcast, the family has pursued legal action through several New York courts with little success thus far.

The piece has already been commented upon by several smart people, most recently Kay Lazar of the Boston Globe. Just one day after Ornstein’s piece went to press, the Dean of Harvard Medical School Jeffrey Flier (@jflier) tweeted “How could this be allowed to happen?” only to be informed by the Chair of Surgery at Boston Medical Center, Gerard Doherty, (@GerardDoherty4) that three Harvard-affiliated hospitals are in fact currently hosting camera crews for a similar series. The ensuing conversation reminded me just how limited a platform Twitter is for tricky conversations about health care law and ethics. So I did what any self-respecting millennial would do – I went home for the holidays and asked my mom to help me understand what the internet couldn’t.

Continue reading

Information Blocking and Interoperability

By Nicolas Terry

The “Cromnibus” spending bill signed by the President on December 16 rightly upset Senator Warren and not just for providing luxury cars to a feckless Congress. However, in general the bill ignored healthcare. There was no new money for those ACA “villains” CMS and IRS and only a little more for NIH (resulting in net reductions all around given inflation). Of course constituencies have to be pandered to, so there was a symbolic $10 million cut from the moribund IPAB. Meanwhile, the CDC did well, HRSA picked up a few telemedicine dollars, but ONC didn’t get everything it wanted. However, look closer and it seems that during the convoluted legislative process someone threw a meaty wrench into the gears of an already flailing meaningful use program.

As I have discussed at length here and here the meaningful use subsidy program for EHRs may have delivered hundreds of thousands of mediocre electronic health records systems into provider offices but has failed to deliver effective data sharing. ONC knows this is an issue, is aware of and discussed the JASON report, has its own “10-year vision” and emphasizes interoperability in its recently released Health IT Strategic Plan (Disclosure: I serve on the HIT Committee Consumer Workgroup, but these views are mine alone). But, some kind of showdown has been brewing for a while. Have the HITECH billions been wasted? Was the regulatory problem in meaningful use or in certification? Are the HIT developers to blame or health care providers? (Answer: Yes). And, the AMA being “appalled” aside, what happens now that the meaningful use carrots have begun morphing into sticks? Continue reading

February 9-13, 2015: Visit Karolinska Institutet in Stockholm to Learn More About Biobanking

By Timo Minssen

The following information has been extracted from the webpage of the BioBanking and Molecular Resource Infrastructure of Sweden on the course Biobanking as a Resource for Biomedical Research, February 9-13, 2015 at Karolinska Institutet (Stockholm). 

Purpose and Goal

Biobanks constitute a powerful resource in medical research with access to millions of samples and associated data collected within health care and in specific research studies. New “omic-technologies” with high-throughput analytical platforms now permit large scale analyses without the need to wait for years while new samples are being collected.

However, successful research based on human biological samples and associated data requires applied knowledge about how the samples have been collected and processed. Standardized procedures, controlled pre-analytical variables and study documentation are key factors for the reliability and validity of the analytical findings.

This one week course addresses fundamental concepts in biobank infrastructures and biobank research, ethical and legal frameworks, technologies, sample analysis and practical considerations when new samples are to be collected.  Continue reading

The Constitutional Implications of Ebola: Civil Liberties and Civil Rights In Times of Health Crises

Join us for an important public forum:

Constitutional Implications of Ebola:
Civil Liberties & Civil Rights In Times of Health Crises

This public forum addresses the constitutional and public health implications of Ebola response in the United States.  According to state and federal laws, patient information is deemed private and is to be held in strict confidentiality.  However, in the wake of Ebola, well-established protocols to guard patient privacy have been neglected or suspended without public debate.  At this forum, a panel of experts raise questions not only about how to contain the disease, but also to what extent Americans value their healthcare privacy, civil liberties, and civil rights.  To what extent are Americans’ Ebola fears influenced by the origins of the disease?  What liberties are Americans willing to sacrifice to calm their fears?  How to balance the concern for public welfare with legal and ethical privacy principles?

Speakers: Reverend Jesse L. Jackson, Sr.;  Michele Goodwin, Chancellor’s Chair, UC Irvine School of Law;  Professor Andrew Noymer, UC Irvine School of Public Health; and Dr. George Woods, American Psychiatric Association.

This Forum intervenes in the current national and international discourse on Ebola by probing law’s role in addressing public health crises.  This forum is free and open to the public.

WHEN: Wednesday, November 19, 2014, 3.30pm-5.30pm

WHERE: University of California Irvine, School of Law; ROOM EDU 1111, 401 E Peltason Dr, Irvine, CA 92612

Ebola and Privacy

By Michele Goodwin

As the nation braces for possibly more Ebola cases, civil liberties should be considered, including patient privacy.  As news media feature headline-grabbing stories about quarantines,  let’s think about the laws governing privacy in healthcare. Despite federal laws enacted to protect patient privacy, the Ebola scare brings the vulnerability of individuals and the regulations intended to help them into sharp relief.

In 1996, Congress enacted the Health Insurance Portability and Accountability Act (HIPAA) to protect patient privacy.  Specifically, HIPAA’s Privacy Rule requires that healthcare providers and their business associates restrict access to patients’ health care information.  For many years, the law has been regarded as the strongest federal statement regarding patient privacy. But it may be tested in the wake of the Ebola scare with patients’ names, photographs, and even family information entering the public sphere.

Ebola hysteria raises questions not only about how to contain the disease, but also to what extent Americans value their healthcare privacy.  What liberties are Americans willing to sacrifice to calm their fears?  How to balance the concern for public welfare with legal and ethical privacy principles?  For example, will Americans tolerate profiling travelers based on their race or national origin as precautionary measures?  What type of reporting norms should govern Ebola cases?  Should reporting the existence of an Ebola case also include disclosing the name of the patient?  I don’t think so, but the jury appears out for many.

HHS Issues Guidance on Same Sex Spouses and HIPAA

[Cross-posted at HealthLawProfs blog.]

Under HIPAA, patients’ spouses and other family members have certain rights to access health information. In an important guidance document in the wake of United States v. Windsor, the Office for Civil Rights (OCR) at HHS has clarified that “spouse” under HIPAA refers to legally married same-sex spouses, even if the individual is receiving services in a jurisdiction not recognizing same-sex marriage.  Continue reading

Apple’s mHealth Rules Fear to Tread Where Our Privacy Laws Fall Short

By Nicolas Terry

On September 9 Apple is hosting its ‘Wish We Could Say More’ event. In the interim we will be deluged with usually uninformed speculation about the new iPhone, an iWatch wearable, and who knows what else. What we do know, because Apple announced it back in June, is that iOS 8, Apple’s mobile operating system will include an App called ‘Health’ (backed by a ‘HealthKit’ API) that will aggregate health and fitness data from the iPhone’s own internal sensors, 3rd party wearables, and EMRs.

What has been less than clear is how the privacy of this data is to be protected. There is some low hanging legal fruit. For example, when Apple partners with the Mayo Clinic or EMR manufacturers to make EMR data available from covered entities they are squarely within the HIPAA Privacy and Security Rules triggering the requirements for Business Associate Agreements, etc.

But what of the health data being collected by the Apple health data aggregator or other apps that lies outside of protected HIPAA space? Fitness and health data picked up by apps and stored on the phone or on an app developer’s analytic cloud fails the HIPAA applicability test, yet may be as sensitive as anything stored on a hospital server (as I have argued elsewhere). HIPAA may not apply but this is not a completely unregulated area. The FTC is more aggressively policing the health data space and is paying particular attention to deviance from stated privacy policies by app developers. The FTC also enforces a narrow and oft-forgotten part of HIPAA that applies a breach notification rule to non-covered entity PHR vendors, some of whom no doubt will be selling their wares on the app store. Continue reading

The $4 billion Medical Data Breach Case That Lost Its Way

By Nicolas Terry

Sutter Health v. Superior Court, 2014 WL 3589699 (Cal. App. 2014), is a medical data breach class action case that raises questions beyond the specifics of the Californian Confidentiality of Medical Information Act.

The stakes were high in Sutter — under the California statute medical data breach claims trigger (or should trigger!) nominal damages at $1000 per patient. Here four million records were stolen.

Plaintiffs’ first argued the defendant breached a section prohibiting unconsented-to disclosure. The not unreasonable response from the court was that this provision required an affirmative act of disclosure by the defendant which was not satisfied by a theft.

A second statutory provision argued by the plaintiffs looked like a winner. This section provided, “Every provider of health care … who creates, maintains, preserves, stores, abandons, destroys, or disposes of medical information shall do so in a manner that preserves the confidentiality of the information contained therein.” Continue reading

Big Data, Predictive Analytics, Health Care, Law, and Ethics

Update: The Moore Foundation has generously paid to make my article available as open access on their website here. Today I am speaking at Health Affairs’ “Using Big Data to Transform Health Care” in DC, that will also launch its new issue devoted to the topic. I have a co-authored paper in the volume entitled “The Legal And Ethical Concerns That Arise From Using Complex Predictive Analytics In Health Care” that has just been released. Ironically the article is behind a paywall (while data wants to be free, I guess big data is different!) Here is the abstract.

Predictive analytics, or the use of electronic algorithms to forecast future events in real time, makes it possible to harness the power of big data to improve the health of patients and lower the cost of health care. However, this opportunity raises policy, ethical, and legal challenges. In this article we analyze the major challenges to implementing predictive analytics in health care settings and make broad recommendations for overcoming challenges raised in the four phases of the life cycle of a predictive analytics model: acquiring data to build the model, building and validating it, testing it in real-world settings, and disseminating and using it more broadly. For instance, we recommend that model developers implement governance structures that include patients and other stakeholders starting in the earliest phases of development. In addition, developers should be allowed to use already collected patient data without explicit consent, provided that they comply with federal regulations regarding research on human subjects and the privacy of health information.

I will also have a related paper on mobile health coming out later this summer that I will blog about when it comes out…

Using Big Data To Transform Care: A Briefing on the July 2014 Special Issue of Health Affairs


Register online now!

The application of big data to transform health care delivery, health research, and health policy is underway, and its potential is limitless.  The July 2014 issue of Health Affairs, “Using Big Data To Transform Care,” examines this new era for research and patient care from every angle.

You are invited to join Health Affairs Editor-in-Chief Alan Weil on Wednesday, July 9, for an event at the National Press Club, when the issue will be unveiled and authors will present their work.  Panels will cover:

  • Using Big Data At The Point Of Care
  • Research Issues
  • The Role Of The Federal Government
  • Obstacles/Challenges Of Using Big Data

Among the confirmed speakers are:  Continue reading

Journal of Law & Biosciences publishes HLS student work

JLB coverThe Journal of Law and the Biosciences, the new open-access journal launched this year by the Petrie-Flom Center and Harvard Law School in partnership with Duke University and Stanford University, has published several articles in recent weeks by Harvard Law School students:

Check out these articles, and learn more about the Journal of Law and the Biosciences!

PCAST, Big Data, and Privacy

By Leslie Francis

Cross-post from HealthLawProf Blog

The President’s Council of Advisors on Science and Technology (PCAST) has issued a report intended to be a technological complement to the recent White House report on big data. This PCAST report, however, is far more than a technological analysis—although as a description of technological developments it is wonderfully accessible, clear and informative.  It also contains policy recommendations of sweeping significance about how technology should be used and developed.  PCAST’s recommendations carry the imprimatur of scientific expertise—and lawyers interested in health policy should be alert to the normative approach of PCAST to big data.

Here, in PCAST’s own words, is the basic approach: “In light of the continuing proliferation of ways to collect and use information about people, PCAST recommends that policy focus primarily on whether specific uses of information about people affect privacy adversely. It also recommends that policy focus on outcomes, on the “what” rather than the “how,” to avoid becoming obsolete as technology advances. The policy framework should accelerate the development and commercialization of technologies that can help to contain adverse impacts on privacy, including research into new technological options. By using technology more effectively, the Nation can lead internationally in making the most of big data’s benefits while limiting the concerns it poses for privacy. Finally, PCAST calls for efforts to assure that there is enough talent available with the expertise needed to develop and use big data in a privacy-sensitive way.”  In other words:  assume the importance of continuing to collect and analyze big data, identify potential harms and fixes on a case-by-case basis possibly after the fact, and enlist the help of the commercial sector to develop profitable privacy technologies.  Continue reading

DUE 6/3: Call for Abstracts: Emerging Issues and New Frontiers for FDA Regulation

            PFC_Logo_300x300                    FDLI_Logo_380

The Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School and the Food and Drug Law Institute are pleased to announce an upcoming collaborative academic symposium:

Emerging Issues and New Frontiers for FDA Regulation

Monday, October 20, 2014 

Washington, DC

We are currently seeking abstracts for academic presentations/papers on the following topics:  Continue reading