There are some things in Healthcare that are broken in ways that are just nuts. Given that the new Trump administration is likely to be willing to do things that are against the norm for politics, I think we should recommend that these broken things be fixed. Because fixing them means radical change, and it appears that radical change is what we are in for over the next four years.
I will note that this was not my vote, and I am scared as hell. But it is a forgone conclusion, so we either stick our heads in the sand and hope our ass survives, or we do what we can to make the best of the situation.
My three things that are broken and need radical fix:
- Patient Identifier -- We need a national patient identifier. It won't be perfect, but it is badly needed. I have tried to make the point that this patient identifier can be opaque, and thus it can enhance Privacy. Today we share highly valuable demographics as that is the only way we can make a cross-reference. This is NUTS. Lets fix it. There are technologies today to allow us to have opaque identifiers while also assuring that the identifier can be validated. There are technologies today that would allow purpose-specific queries for cases where the patient didn't bring in their identifier but there is an health critical reason we need to look it up by demographics. There are technologies that can keep private the use of that identifier. Technology can scale today. This technology might be Block-Chain, but I don't think so due to the second need.
- Universal Privacy -- The patchwork of privacy regulations is getting in the way of progress. Declare that all humans have a right of Privacy. Define what that Right means. Be reasonable (right to be forgotten is not reasonable, useful but not reasonable). Override the patchwork of federal privacy, healthcare privacy, state privacy, etc. Privacy is not an option, or something someone can sell. Violations of these Privacy principles must result in punishment regardless of who or how the violation happened. ONE set of rules, even hard rules, will be easier to deal with than the patchwork. This will result in less privacy failure, and less privacy denial. THIS should not be specific to healthcare. ONE right of Privacy. Note it should not include in the regulation any technology specific requirement, as technology changes and thus the regulation will break.
- Incident Response Community -- Way too much something bad happens and knowledge of it is suppressed. I am not asking for public disclosure of everything. BUT the community should be enabled to learn lessons from others failures. This is true of at least Safety, Privacy, and Security. There needs to be a way that authorized individuals representing every organization in healthcare can participate confidentially. That is they can expose a failure within their organization without adverse reaction (they must still meet regulated requirements). What I mean is that this is a peer group that will not use the information against their peers. What should happen is that their peers help diagnose what happened, come up with an action plan, and update the lessons-learned so that all the peers can implement that lesson. The result is a community that only gets stronger. This does NOT inhibit competition, as competition should be on health and experience outcomes. This does happen in some circles, but needs government endorsement an encouragement.