Is HIPAA stifling innovation in big data?

The Bipartisan Policy Center (BPC) issued a report this month that outlined the potential for big data to create value in health care. The policy forum included leaders from CMS, the US Senate, and the technology industry.


What is Big Data in Health Care?

Big data is often defined as a very large set of structured and unstructured data that is fed by a variety of sources. According to the report, sources of big data in health care include: 

  • Clinical data derived from electronic records within physician offices, hospital imaging centers, laboratories, pharmacies, and other settings in which care and services are delivered;
  • Claims and cost data derived from those who pay for and manage care;
  • Biometric data derived from devices and other remote tools that monitor such things as weight, blood pressure, blood glucose levels, etc.;
  • Data input by individuals, including preferences, satisfaction levels, health status, and self-tracking information on food intake, exercise, sleep, etc.;
  • Genomic information, which is showing significant reductions in the time and cost associated with genomic sequencing;
  • Data on other determinants of health, such as those related to socioeconomic factors and the government and;
  • Social media data

By crunching all of this information, care providers will become much more precise in the prediction and diagnosis of disease at the individual level. Moreover, using predictive analytics to target high-risk patients is estimated to reduce US health care costs by $300-$400 billion.



The Inversion of the Data Pyramid in Health Care

When referring to healthcare data today, most think of information derived from EHR and claims sources. Data from genomics, wearable devices, and social media are often thought of as clinically irrelevant. According to the BPC thought leaders, this will change. Here's the money quote:

"Only 10 to 15% of health is determined by medical care delivery. The remaining 85 to 90% of health is determined by other factors, which include healthy behaviors, genetics, and the socioeconomic and physical environment."

This stands to reason. Patients spend only a handful of hours with their physicians per year. Health happens between these formal encounters. Big data will ultimately make this "between encounter" information clinically relevant. 

HIPAA: road block or speed bump?

The promise of big data insights hinges on an ability to freely share data. Some healthcare organizations cite HIPAA concerns as a reason to keep data locked inside their walls. The report suggests that hypervigilance about HIPAA is used by some as a convenience excuse for non-action. The authors indicate that HIPAA is "misunderstood, misapplied, and over-applied." According to Esther Dyson, chairwoman of the Health Initiative Coordinating Council:

"The problem with HIPAA is [that] it was applied much too broadly, and to be candid, it was often used as an excuse not to move data around."


Bottom Line

HIPAA should focuse on protecting patient privacy when health information is shared, not on blocking all access to it. Leaderships such as this is needed to avoid HIPAA becoming another TSA -- a program whose scope grows with little regard for the cost it imposes.