 |
Medical ID Theft – Identity Theft that can Kill You! |
|
An article in the Dallas Morning News reports on medical identity theft and how it can ruin your finances as well as your health. This type of ID theft occurs when the thief uses your personal information, such as your health insurance information, to obtain medical services or to make false claims for medical services. It’s one thing to get billed for a medical procedure that you never had, it’s quite another thing to have false entries placed in your health records. This can result in you receiving the wrong medical treatment, discovering that your health insurance has been used up, or that you are now uninsurable due to these false medical entries.
The article says that the usual way that a person discovers that his personal information has been stolen is when he is billed for a medical procedure that he never received. Obviously, when this happens, you should immediately contact the hospital or doctor that sent the bill and tell them of the error. Some useful tips are given in the article, such as to be sure to guard your health insurance card as you would a credit card (something I never thought about!) and to make sure that no one seems to be listening when the medical receptionist asks for your social security number (usually they don’t ask, but they do request it on your medical history form).
Because all types of hospital employees have access to your medical records, hospitals are starting to take steps to ensure that different types of workers have access to different degrees of your medical data. A far cry from when I was a medical technologist (1970 to 1987) and had unlimited access to all the patients’s charts as did any other hospital employee. As the push is on to put more and more personal health records online, medical identity theft becomes more of a possibility and a more of a problem.
The article also has a list of steps to take if you are a victim of medical ID theft and lists 4 good websites where you can get help, including how to file a health information privacy complaint with the appropriate federal agency. |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
Comments (0)June 30, 2008
|
|
Update on England’s National Health Service IT Programme and the Security Factor |
|
One of my previous blogs reported on a poll that showed that many English physicians planned to boycott the National Health Service’s patient health record database. One of their fears is that a patient’s personal health data could be accessed by hackers and blackmailers. Also important to the success of the programme is the patient’s own confidence that their health record will be secure. A recent report by the National Audit Office, which was released in mid-May, identified patient confidence in the security of their personal health records as one of the major challenges of the programme that must be managed to ensure that the programme succeeds. When the programme is in place, each patient’s Summary Care Record will be accessible anywhere in England by NHS staff involved in that patient’s care. Since each patient can choose to not have a health record created and/or to not allow it to be shared with NHS staff, the programme has less of a chance of success, the more patients “opt out”. On a positive note, the May report stated that only a small proportion of patients in the early adapter areas are choosing not to share their Summary Care Records. Obviously, for a patient to choose to allow access to their health record, they must be confident and remain confident that their information will be kept secure and will be handled appropriately. NHS Connecting for Health has adopted policies on secure processing, transmission, and storage of patient information, and a range of controls have been put in place to prevent unauthorized access to data. Some of these include the use of multiple security measures to protect the system and the encryption of patient information before that information is transferred electronically.
Another factor to maintain a patient’s confidence is to assure him that the actions of NHS and NHS staff members will be “above board”. The Department and NHS have developed a “Care Record Guarantee” which details principles that will be applied in handling electronic care records. Access to care records are controlled through the use of Smartcards and passwords and individuals are granted access to information based on their role and level of involvement in that patient’s care. Not following these principles could result in disciplinary actions or possible legal proceedings against the staff member. The report stresses that maintaining the patient’s confidence is crucial to the programme’s success and recommends that all security principles be “rigorously” applied.
England’s Health IT Programme is a work in progress that continues to be interesting to follow. I look forward to the National Audit Office’s next report. |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
June 13, 2008
|
|
PubMed Training at the National Library of Medicine |
|
Last Monday, June 9th, I attended an all day training session at the National Library of Medicine (NLM) in Bethesda, Maryland. NLM is part of the huge campus of the National Institutes of Health (NIH), which as a government installation, is fenced in like a fortress. There is only one entrance for pedestrians and this entrance leads to the Visitor’s Center, where anyone without an employee badge must go through a security check to receive a visitor’s badge, which must be worn at all times on campus. Anyway, the class was taught by 3 NLM Librarians, all experts in searching PubMed. It is very intensive and quite comprehensive. Even though I have gone through the PubMed tutorial, read the 168 page Training Manual cover to cover, and taught my PubMed class at Jenkins for a few years, I still learned a lot and also had a few misconceptions cleared up. The Librarians were very willing to answer questions, which I thought was great, since I had gone into the session with a couple questions and then had more as the class went on. As did the other attendees. The trainers also told us, for future reference, that we should always feel free to contact the NLM Help Desk by email, any time we have questions about PubMed and/or help formulating a search (the email link is on the bottom of the PubMed home page.) It might take a couple of days for someone to reply, but they assured us that someone would respond. That was good to know.
My first misconception that the class corrected for me - I had thought that PubMed was the search engine for searching MEDLINE, and that MEDLINE was the complete medical article database. Wrong! Entrez is the search engine, PubMed is the full database, and MEDLINE is a large subset of PubMed. MEDLINE consists of citations to articles that fall within the scope (health-related articles) and that have also been fully processed (checked for bibliographic accuracy and assigned MeSH indexing terms). The other citations in PubMed consist of citations to articles that appear in the journals that are indexed for MEDLINE but which fall outside of the scope of MEDLINE (e.g., an article in the journal Science about earthquakes). Also part of PubMed but not part of MEDLINE are all the citations that have not been fully processed by the NLM indexers.
Another misconception that was corrected - I learned that the core clinical journal subset is comprised of journals that NLM selected in 1979. This subset has not been changed since then – no “new” journals have been added and no “old” journals have been subtracted. I had thought that limiting a large search result to citations to articles from the core clinical journal subset was a good idea. No, another wrong!
Among the many useful tips the Librarians offered, was to limit to the “review” publication type if you get a large search result, as review articles are usually more comprehensive than an “ordinary” type journal article. Another tip, the last author in a scientific publication article is usually the head of the lab – the one who applied for and received the research grant. This is the usual convention and a research scientist would know to search for the last named author (that is an option available in “Limits”) if he is interested in knowing who received a particular grant. And still another tip, be sure to check the year that a MeSH term was introduced, because if you are searching for articles entered into the database before your term was introduced and you search with that term, you will miss these older articles.
I learned that my usual approach in starting a search, is not necessarily always the right way to approach a search. Before I took the class, I would first identify the appropriate MeSH term and then search on that term, while also including appropriate text terms in my search query. Well, our first “wrap-up” exercise involved searching for a concept that wasn’t easily described in MeSH terms. The NLM Librarian who was helping me with the search suggested that I search for the text terms and then see how the relevant articles are indexed. And then re-run the search including these MeSH terms in my search query.
About the indexing process - NLM employs over 100 indexers, some off-site (e.g., China, to index the Chinese language journals). Most of the indexers are language specialists as well as medical subject specialists. They go through an intense and lengthy training period to learn how to index to NLM specifications. In particular, they are trained to use the most specific term in indexing an article (e.g., using “lip” as the index term instead of “mouth”). This is why PubMed automatically “explodes” a MeSH term search. Thus, if you are searching a MeSH term that is not at the bottom of the hierarchy, the explosion feature allows you to retrieve relevant articles that a non-exploded search would miss, since these articles were indexed with the more specific term and not the term that you searched. We were cautioned not to turn off the “explode” feature without checking where our MeSH search term appears in the MeSH hierarchy.
As an aside, we did break for lunch but were “on our own”. We had our choice of eating in either of two cafeterias on the NIH campus, or going off-campus for lunch, which would have entailed going through the security procedures again to enter the campus. I choose to eat in one of the cafeterias in a NIH (not NLM/NIH) building. Sitting there looking all around the room, I couldn’t help wondering what types of research all these scientists were working on.
On closing, the PubMed class was definitely worthwhile. I would recommend it to anyone who wants to know everything there is to know about PubMed. Actually, as I say that, I realize that even though it seemed, by the intensity of the class, that I was learning everything there is to know, I am sure that I didn’t. One could never learn all that the NLM searchers know just by taking one all-day class! I guess I will just have to re-take the class in a couple of years! |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
May 27, 2008
|
|
Hospital Patient Devices Could be Disrupted by Proposed Internet Use |
|
An Associated Press article (as published in the Boston Globe online) reported that the proposed use of unoccupied TV airwaves for high-speed Internet service could disrupt the signals that hospitals use to monitor critically ill patients. The use of these idle channels, called “white spaces”, by unlicensed portable Internet devices, could interfere with the monitoring of patients’ heart rates, blood pressure readings, blood oxygen levels, etc. These “white spaces” will be available when the U.S. transitions to digital TV next Februrary. The article reports that GE Healthcare, a unit of General Electric Co., which manufactures medical devices, has asked the Federal Communications Commission to devise stricter standards which would protect wireless patient-monitoring equipment from being overwhelmed by other wireless devices operating on nearby channels. The article also reports that the FCC is conducting tests to find an efficient and interference-free way to use the “white spaces” for broadband use, but that several trial devices have either broken down or failed. In 2000, the FCC did allocate channel 37 for exclusive use by medical monitoring equipment, but some hospitals still have not migrated to this channel. One of my previous blogs was on the possibility of hacking a patient’s implanted heart device. The AP article is another take on the safety and security of wireless health care devices. |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
May 21, 2008
|
|
Google Health |
|
I was on the Michael Smerconish radio show this morning, talking about Google Health, which lets you store your personal health information online. You can create a medical profile and automatically import your records from Quest Diagnostics, Walgreens, and others. You can also manually import records from your personal physicians. Your information is private, and you can specify who can get access to it. Michael was keen on Google Health. He mentioned an actual scenario where he needed to get medical information for one of his sons for summer camp. He couldn’t remember which of his kids had an allergy to penicillin, so a service like Google Health would make his life a lot easier. Accessing this information from an Internet-enabled smartphone such as an iPhone makes it that much more powerful. I have reservations. The more I use Google, the more all of my digital eggs are in one basket. If I use Google Web search, Google Maps, Google Health, Google Docs, Google Desktop, Gmail, Google Talk, Google Checkout, etc., they potentially know:
You also have to be very careful when you access GH on someone else’s computer: at work, on the road, or in the doctor’s office. You have to be very aware of the need to logoff (or close the browser) — if you close a browser tab or click away to another Web site, you are still logged in. My feeling is if you already have to import copies of paper records from your doctor, it would be better to scan them to PDF and store them on an encrypted USB drive. Michael asked me if Google will run ads off of your profile? I looked at the Google Health Privacy Policy, which states: “Certain features of Google Health can be used in conjunction with other Google products, and those features may share information to provide a better user experience and to improve the quality of our services. For example, Google Health can help you save your doctors’ contact information into your Google Contact List.” So as far as I can see, the door is open for ads. Keep in mind Google isn’t the first online health manager. Some competitors include: |
|
|
Submitted by: Dan Giancaterino, Internet Librarian
|
May 8, 2008
|
|
Health Care Meets Online Social Media |
|
A report prepared by Jane Sarasohn-Kahn for the California HealthCare Foundation entitled The Wisdom of Patients: Health Care Meets Online Social Media, details how social media on the Internet is educating health care consumers and providers. Social media includes social networks (MySpace, FaceBook), blogs, wikis, picture-sharing (Flickr) and video-sharing (YouTube) sites, as well as web-based ”communities” where patients with the same disease/condition can meet. Social media appeared as the Internet evolved from strict information retrieval with read-only capability (Web 1.0) to the interactive Web 2.0, which allows people to post, share, and comment-on information. Ms. Sarasohn-Kahn refers to this sharing of health-related information as Health 2.0 and describes how this new medium facilitates the grouping together of people with similar health concerns. This results in the posting of health information that is more important and relevant to the individual consumer. These online collaborations are changing the way that patients, health care providers, and researchers learn about therapeutic regimens and disease management. In her comprehensive report, she details the positives and negatives of Health 2.0 and predicts how it will evolve in the future. One example in the report really demonstrated to me how this dynamic medium can be useful to an individual patient. On a social network called PatientsLikeMe, “Joe” posted that he had been trying for 10 years to manage his leg spasticity, a common symptom of multiple sclerosis. His doctor had prescribed a low dose of Baclofen, a muscle relaxant, telling him that a higher dose would cause him problems. After “Joe” joined the network, he learned that people in the MS online “community” were taking up to 10 times the dosage that his doctor had prescribed for him. “Joe” then asked his doctor to increase his dosage and his condition improved. If it hadn’t been for the social network that “Joe” joined, he would still be suffering from leg spasticity. Thinking about this example, I also thought how the network had encouraged “Joe”’s doctor to try a new treatment regimen that he ordinarily never would have tried, and how this new regimen turned out to be quite successful for ”Joe”. Ms. Sarasohn-Kahn includes a glossary of social media terms and a list of useful Health 2.0 websites in her very interesting report. Definitely good reading! (The full report can be accessed at the California HealthCare Foundation’s summary of the report.) |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
April 22, 2008
|
|
A Tip for All You PubMed Searchers |
|
For all of you who search MEDLINE on PubMed, be sure to check the Details feature after you type in your search query to see exactly what search you are running. If you search for a text word, PubMed will usually add the corresponding MeSH term to your search query. That means that you are searching the title and the abstract of the articles for your text word and the index terms for the MeSH term. If you check Details and the MeSH term has not been added to your search, your search retrieval will be adversely affected. For example, and I use this example in my PubMed searching class, if you type “cancer” into the PubMed query box, a click on Details shows that you are really searching for “cancer” as a text word OR “neoplasms” as a MeSH term. If the search engine does not translate the text word to the MeSH term, then you need to identify the appropriate MeSH term and “OR” that into your search to insure a comprehensive search. To further demonstrate how Details works, check the Details section of the PubMed tutorial. The searcher enters the text terms “zinc infant growth” into the query box. The search engine “OR’s” in the MeSH terms “zinc”, “infant”, “growth”, as well as the subheading “growth and development”. Now your search is comprehensive and complete - searching for text words in the title and abstract and MeSH terms as indexing terms. I recently used the Details feature to solve a “mystery” that I encountered while demonstrating an author search during my class. Searching for the author’s name (e.g. ”walker am”) gave me 458 results. Searching for the author’s name, specifying the search in the author field only, (e.g. ”walker am [au]“) gave me 457 results. Checking the Details feature revealed that searching “walker am” was searching both the Author field and the Investigator field. Checking the Details feature while searching “walker am [au]” revealed that I was indeed just searching the author field. So, PubMed searchers, be sure your “attention to detail”includes Details! |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
April 4, 2008
|
|
Gov. Rendell Signs Executive Order Creating Health Data Exchange |
|
Pennsylvania’s Governor Rendell recently signed an executive order creating the Pennsylvania Health Information Exchange (PHIX). This exchange will give health care providers improved access to a patient’s clinical data and is expected to lead to safer and more efficient patient care. It is part of the Governor’s Prescription for Pennsylvania health care plan, which the Governor introduced last year to address the quality, accessibility, and affordability of health care for all Pennsylvanians. PHIX will provide the technology to store the patient’s electronic health records and electronic prescription information by sharing data that is captured in the physician’s office or hospital. Instead of separate online systems used by doctor’s offices, hospitals, laboratories, and pharmacies, PHIX will integrate these records so they can be shared by all of the patient’s health care providers. This health data exchange will provide clinicians with important medical information about their patients to enable them to treat them quickly and more efficiently. A physician can immediately see what laboratory tests and radiology exams were recently performed, thus preventing the reordering of these tests. This reduces costs and avoids the wait for the second test results. The doctor knows immediately what condition(s) his patient is being treated for and also what medications he is taking. All this becomes critically important and perhaps life-saving if an unconscious patient is transported to an emergency room and unable to give the treating physician his medical history. It will be interesting to follow this program and see how it works. Especially considering my concern for the privacy and security issues involved in online PHR’s. (See my previous blog on this topic.) |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
March 13, 2008
|
|
Heart Devices can be Hacked! |
|
The study will be presented at a symposium on computer security in May. |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
An March 6, 2008
|
|
Online Personal Health Records and the Privacy Issue |
|
The San Diego Union-Tribune, in a March 5 article, reported on the Health 2.0 Conference recently held in San Diego, which showcased the latest interactive health care offerings on the Internet, including systems which allow an individual to post their personal health record (PHR) online. Both Google, with its upcoming Google Health, and Microsoft, with its upcoming HealthVault, figure to be major players in the PHR business. To show the downside of PHR’s , the article also referred to a February 20 report by the San Diego based World Privacy Forum which determined that the posting of a PHR was a genuine threat to an individual’s privacy. The San Diego Union-Tribune article said that the Health 2.0 Conference did not even list privacy and security matters on its program, which is fairly surprising to me - ignore the issues and they go away? The World Privacy Forum was quoted as saying in their report, “Any consumer worried about the privacy of personal health information should proceed with great caution before agreeing to sign up for a (personal health record)”. This is because most health care websites are not covered by the Health Insurance Portability and Accountability Act (HIPPA), the federal law that requires health care providers to protect the privacy of an individual’s health record. Pam Dixon, the Forum’s executive director, expressed concern that an insurance company might use an individual’s online PHR to turn down their application for coverage. And that’s only one of the many privacy concerns. For a detailed description of the different kinds of PHR systems, what determines whether or not the system vendor is covered under HIPPA, and all the privacy issues involved, see the World Privacy Forum report. |
|
|
Submitted by: Alice McCreary, Reference Librarian
|
RSS