Posted on

Your Hospital Data for Sale: Addictions, Suicide Attempts – HIPPA is only for doctors

[preamble]As I stated, your data is being shared and insurance companies will get your data! Good Luck! A past post i stated how the IRS STOLE thousands or patient records – the government is getting your information and will use it against you. HIPPA rules are ONLY to be followed by doctors – all others are exempt – as a lot of things in this NEW government![backtopost]
Your Hospital Data for Sale: Addictions, Suicide Attempts
Bloomberg News
By Jordan Robertson
June 05, 2013

Hospitals in the U.S. pledge to keep a patient’s health background confidential. Yet states from Washington to New York are putting privacy at risk by selling records that can be used to link a person’s identity to medical conditions using public information.

Consider Ray Boylston, who went into diabetic shock while riding his motorcycle in rural Washington in 2011. He careened off the road and was thrown into the woods, an accident that was covered only briefly, in the local newspaper. Boylston disclosed his medical condition and history to a handful of loved ones and the hospital that treated him.

After Boylston’s discharge, Washington collected the paperwork of his week-long stay from Providence Sacred Heart Medical Center in Spokane and added it to a database of 650,000 hospitalizations for 2011 available for sale to researchers, companies and other members of the public. The data was supposed to remain anonymous. Yet because of state exemption from federal regulations governing discharge information, Boylston could be identified and his medical background exposed using only publicly available information.

“I don’t really feel that the public has a right to read up on my medical history,” said Boylston, who is 62 and a veteran. “I feel I’ve been violated.”

He agreed to share his story when contacted by Bloomberg News.

The potential for a patient’s hospital record to be made public by anyone buying data compiled by states adds to ways privacy is vulnerable in an age of digitized health record keeping and increasingly sophisticated hacking.

China, Twitter

Security concerns have been heightened recently by the breach of the Associated Press Twitter Inc. account, which resulted in a temporary stock-market decline, U.S. accusations that the Chinese military is engaged in a cyber espionage campaign and attacks on financial institutions that have led to losses of tens of millions of dollars in the past year.

Laws governing medical-information sharing were intended to protect the privacy of patients like Boylston. People can lose out on jobs, pay more for insurance, fare poorly in custody battles and suffer personal embarrassment. The trouble is that state public-health agencies received an exemption from the federal law, formally the Health Insurance Portability and Accountability Act, or HIPAA, enacted in 1996. The privacy rules took effect in 2003, though they apply only to health-care providers, insurers, billing and claims processors and their contractors.

Potential Compromise

Some states voluntarily follow the law’s strict privacy guidelines, which require that discharge data be shorn of details — such as age, ZIP codes or admission and discharge dates — that could be used to connect it to a specific person.

Washington and at least 25 other states release some combination of these identifying markers, increasing the likelihood that patient privacy can be compromised, according to records reviewed by Bloomberg News and Latanya Sweeney, director of Harvard University’s Data Privacy Lab.

“All I have to know is a little bit about a person and when they went to a hospital, and I can find their medical record in this kind of data,” Sweeney said. “The real takeaway is we can do better than this.”

Some of the states, including New York, require purchasers to sign affidavits saying that they won’t use information to identify individuals. Washington has no such requirement.

$2.7 Trillion

The medical-data industry is projected to surpass $10 billion by 2020, according to McKinsey & Co., driven largely by President Obama’s health-care overhaul, which mandates the maintenance of electronic medical records and data sharing to rein in growth of U.S. health care costs, estimated at $2.7 trillion in 2011.

Companies that benefit from buying states’ hospital records include IMS Health Inc., the provider of prescription data that was taken private by TPG Capital and Canada Pension Plan Investment Board for $5.1 billion in 2010. Other buyers are OptumInsight, a division of UnitedHealth Group Inc. (UNH), the biggest U.S. health insurer, and WebMD Health Corp. (WBMD), which supplements its consumer website with services advising companies and insurers.

Buyers can use the information to better understand hospital costs, analyze prescription-drug use and help recruiters identify top-performing physicians. A major target is helping the pharmaceutical industry tailor ads to doctors and potential patients. Drug companies spent $10.5 billion on advertising last year, according to IMS.

‘Nuclear Energy’

“Electronic health information is like nuclear energy,” said Jim Pyles, principal of Powers Pyles Sutter & Verville PC in Washington, who specializes in health law and policy. “If it’s harnessed and kept under tight control, it has potential for good. But if it gets out of control, the damage is incalculable.”

Using only public record searches, Bloomberg News collected information about how hospital data is distributed from the most populous states and, with Sweeney’s help, analyzed it. Her research will be presented today at the International Summit on the Future of Health Privacy in Washington.

Along with Washington, records in New York, New Jersey, Tennessee and Arizona were particularly vulnerable. Those states also include some combination of age, ZIP codes and admission and discharge dates.

No breaches of personal privacy were uncovered. Still, the information would have enormous value in the wrong hands, said Jim Adler, former chief privacy offer of Intelius Inc., an online background-check provider.

Data ‘Leverage’

“People will use that information if they can move the needle with it,” Adler said. “It’s all about leverage, and medical data is leverage.”

Health information obtained through other means, such as computer hacking or insider theft, is already abused for insurance fraud and identity theft. Data breaches have also exposed millions of patient records. The ability to find a person’s medical file in public data represents a new danger.

Boylston is one of several dozen people who could be identified by reference to public records, which were purchased by Harvard’s Sweeney in a bundle for $50.

Many other identified patients requested anonymity.

An executive treated for assault was found to have a painkiller addiction. A businessman who had gone missing was shown to have poisoned himself in a suicide attempt and had been diagnosed with pancreatic cancer. A retiree who crashed his motorcycle was described as arthritic and morbidly obese.

Blood Clotting

Dick Zais, 63, a former city manager of Yakima, Washington, was in there too — for a blood-clotting emergency. He said he wasn’t concerned that details of that incident were disclosed, since he himself revealed the condition to the press. He did ask that an older condition included in his record remain private.

“It’s come to the point where we need to think long and hard about whether we can actually expect privacy anymore,” he said.

The people identified had only two things in common: there were news briefs written about their incidents, usually involving auto accidents or assaults, and they were treated in Washington. A total of 35 patients were identified from 81 subjects of news stories that contain the word “hospitalization.”

Ordinarily, the information patients divulge to health-care providers remains confidential. Doctors, hospitals, insurers and their contractors are tightly restricted in what they can provide third parties under the privacy law.

Strict Guidelines

Patient information that is shared typically has 18 key identifiers removed under a standard known as Safe Harbor.

When applied properly, the standard makes it difficult to link a patient’s name with a health record, said Dan Barth-Jones, an infectious-disease epidemiologist at the Columbia University Mailman School of Public Health who researches health privacy.

A 2011 study by University of Chicago researchers found that of 15,000 hospital records stripped to the Safe Harbor standard, only two could be matched to a marketing list obtained from a third party.

Before HIPAA, there were no federal restrictions on the sale of health records, and only half the states had any rules, according to Peter Swire, who led the creation of the privacy protections under President Bill Clinton.

Weld’s Records

Sweeney, the Harvard researcher, exposed flaws in the system in 1997 by finding the medical records of former Massachusetts Governor William Weld in a redacted dataset. Her finding served as a catalyst for tighter rules.

States were deliberately exempted from the rules when additional privacy protections were being hammered out more than a decade ago. While the medical establishment wanted states to have consistent rules, consumer advocates pushed for an exemption, said Janlori Goldman, co-founder of the Center for Democracy and Technology who was involved in the process.

The argument: states were likely to impose stronger restrictions to protect vulnerable populations, such as people with AIDS, she said.

Boylston’s record contains every diagnosis and medical procedure following his accident, from a broken pelvis that forces him to use a walker to a ruptured spleen, kidney failure and conditions that led to the removal of his bladder. His doctors, ethnicity and payment information are all there.

Snooping Strangers

A two-tour veteran of the Vietnam War, Boylston said he isn’t concerned about insurance or employment discrimination because he has health-care coverage and is retired. But he said he is worried about pharmaceutical and medical-device marketers and snooping strangers obtaining the information.

Boylston was one of nine patients from Providence Sacred Heart Medical Center whose records were identified.

“Providence has significant safeguards in place to protect our patients’ information,” said Brenda Gramling, privacy officer for Eastern Washington and Montana with Providence Health & Services, which owns the hospital. “We are talking to the Washington State Department of Health to determine if additional safeguards are needed.”

Washington chose to release more data because it is not bound by HIPAA and wanted to make its Comprehensive Hospital Abstract Reporting System, or CHARS, more useful than the federal standard allows, said Donn Moyer, spokesman for the Washington State Department of Health.

Washington Reconsiders

Knowing patients’ ages helps researchers study health trends affecting infants, while ZIP codes and hospitalization dates help track seasonal patterns, such as the flu, Moyer said. Removing all the identifiers required under Safe Harbor would render the data “useless,” Moyer said.

After learning from Bloomberg that data could be traced to individuals, Washington State Secretary of Health John Wiesman said the state is considering limits on the information it discloses and may stop releasing data until a decision is made.

“Patient confidentiality and privacy are priorities for us, and I take it very seriously,” Wiesman said in a statement. “We’re re-looking at the information included in the public data set to determine if changes can legally be made.”

Peter Constantakes, spokesman for the New York State Department of Health, said he could not immediately comment.

Washington and other states don’t make much money selling hospital records. They started collecting the records decades ago to facilitate public health research, and costs were intentionally kept low.

Scant Revenue

Twelve of the most populous states generated $1.91 million from 1,698 requests for data from 2011, the latest year for which figures are available, according to state records reviewed by Bloomberg News. Washington sold its database 95 times in 2011 and generated just $15,950.

One company that purchased Boylston’s record was IMS Health, owner of one of the world’s deepest pools of medical information. IMS, based in Danbury, Connecticut, has prescription-drug dossiers on 260 million people, said Jody Fisher, U.S. marketing director for IMS.

The data is all anonymous, and IMS doesn’t try to re-identify patients, Fisher said. IMS’s revenue was $2.19 billion in 2009, the year before the company was taken private. About 85 percent of the total came from pharmaceutical companies, which use the data to design sales pitches for doctors and craft direct-mail and online-ad campaigns for consumers.

Boylston’s record also wound up with iVantage Health Analytics, a Portland, Maine-based firm that measures hospital performance.

‘Risky’ ZIP

While precise geographic data about patients is useful, disclosing ZIP codes in public records creates unnecessary risk, said John Morrow, executive vice president at iVantage. The company routinely scrubs such information from its files, he said.

“You might as well have the patient’s electronic medical record number,” he said. “We think it’s potentially as risky to have a patient’s ZIP code.”

The U.S. Department of Health and Human Services Office for Civil Rights, which investigates HIPAA violations, has not received complaints about companies identifying patients, said Rachel Seeger, a spokeswoman for the agency.

Boylston, who lives in the tiny town of Soap Lake in central Washington, has a suggestion for organizations that want to release his health data in an insecure way: ask first.

“If they’re going to release that kind of information, they should consult with the patient,” he said. “That’s personal information about me. It’s just not right.”

To contact the reporter on this story: Jordan Robertson in San Francisco at
To contact the editor responsible for this story: Tom Giles at

Posted on

HSBC is sued by NY for foreclosure law violations

[preamble]Banks made billions selling bad mortgages, get bailed out by the government, borrow money from the government for free, make loans impossible to get for people, get out of the mortgage business, and sell off the mortgages to people where no one knows who owns the money. Now they delay refinancing because they want to make more money from us. What a recovery for the economy! What a government. Where are the feds slamming them with fines?[backtopost]

New York Attorney General Eric Schneiderman sued Europe’s largest bank Tuesday for breaking the law and putting homeowners at risk.

Bloomberg News
Published: June 4, 2013 – 8:27 am

(Bloomberg) — HSBC Holdings Plc was sued by New York Attorney General Eric Schneiderman, who accused Europe’s largest bank of breaking state foreclosure law and putting homeowners at greater risk of losing their homes.

A state investigation found that HSBC has left homeowners languishing in foreclosure by failing to meet requirements for giving them an opportunity to negotiate loan modifications, according to Mr. Schneiderman’s office.

“Companies like HSBC are brazenly ignoring state law, leaving homeowners across New York stuck in a legal limbo where they can’t even get the legally required settlement conference that could help them keep their homes,” the attorney general said in a statement.

The lawsuit, filed today in New York Supreme Court in Buffalo, comes as state attorneys general nationwide have targeted banks over foreclosure practices, last year reaching a $25 billion settlement with five mortgage servicers including Bank of America Corp. and Wells Fargo & Co.

HSBC wasn’t part of that settlement.

Mr. Schneiderman said in May that he was prepared to sue Bank of America and Wells Fargo for allegedly violating terms of the nationwide settlement, which set requirements for servicing mortgages and provided monetary relief for homeowners. Mr. Schneiderman said the lenders have failed to comply with standards for processing applications from homeowners for loan modifications.

The HSBC case stems from a New York law pertaining to foreclosures and court-supervised settlement conferences in which homeowners can try to negotiate alternatives to foreclosure such as a loan modification that lowers their monthly payments.

Diane Soucy Bergan, a spokeswoman for London-based HSBC, declined yesterday to comment on the matter. Ms. Bergan didn’t immediately return e-mails and a telephone message seeking comment on the lawsuit filed today.

Lenders and servicers who sue to foreclose in New York must file paperwork that triggers a requirement that a settlement conference be held within 60 days.

The state found that HSBC failed to file the required paperwork in hundreds of foreclosure cases in New York, in some cases putting off the document filing for more than two years. HSBC continued to charge interest and fees, increasing the amounts owed by homeowners. Those charges reduce the likelihood a person will qualify for a loan modification because their principal balance has increased, according to the state.

The attorney general will seek to recover restitution and damages for homeowners and force HSBC to file the required papers in pending foreclosure actions and future cases.

Posted on

FREELANCERS – another corrupt union supported by our government

[preamble]The freelancers won a 200 million grant from the federal government to support Obama care and “take care” of our health. Just another corrupt union.[backtopost]

NY State is considering a bill to continue a health-insurance pilot program for the Freelancers Union.

They said the bill would give the union an exemption from taxes and allow for financial flexibility not provided to businesses and chambers of commerce that also offer health insurance.

“You have associations, organizations, chambers of commerce that provide health-care insurance now that are not being afforded this extension or any preferential treatment,” said Mike Durant, state director for the NFIB. “I think it’s inequitable.”

Oh – did I mention that Freelancers Insurance – a for-profit enterprise – has one of the worst, if not the worst records of any insurer in NY State?

In 2011, the New York State Insurance Department ranked FIC last among commercial insurers with the most complaints and 49th of 50 among all the state’s insurance providers, including health maintenance organizations.

In 2012, the Empire State insurance regulator again ranked Freelancers “worst” in complaints and 51st among 54 rated New York-based insurers.

The department ruled that “the health insurer did not comply with statutory or contractual obligations” in half the cases filed against Horowitz’s company by consumers.