Containing healthcare costs and streamlining healthcare delivery have been intractable issues in the U.S. for decades. According to a recent Kaiser Family Foundation employee health benefits survey, the annual cost of family health coverage in the U.S. for employers hit the $20,000 mark for the first time. The average employee contributes a little over $6,000 toward the family cost of coverage, another record for employee contributions. For many employers and insureds, the prospect of spending more while receiving less coverage has become a painful tradeoff. This cost increase, coupled with a recent Gallup survey stating a record 25% of Americans delayed medical care for a serious ailment in the past year due to cost, is putting many lives at risk.
The rising cost of prescription drugs further exacerbates this healthcare imbroglio. In 2015 the “Epipen Pricing” controversy dominated the headlines, followed later that year by the massive price inflation of the drug Daraprim. As detailed in a Businessweek article, Amgen’s recent price discount to insurers from $14,000 to $5,850 a year in order to kickstart weak sales of the cholesterol-reducing drug Repatha is yet another example of the crossroads between drug affordability, ethics, pharmaceutical profits, and regulatory pressures.
Technology to the rescue
Partnerships between technology firms and hospitals play an important role in addressing the rising cost of U.S. Healthcare. The Wall Street Journal reported that technology companies are partnering with hospitals across the country to store and research patient data. One such partnership involves Google and the Mayo Clinic, who jointly signed a 10-year partnership where Google stores medical, genetic, and financial data on its cloud system. The protected health information (PHI) of patients will be kept confidential because the data will be scrubbed such that it will not have any information linking back to a patient. Additionally, The Wall Street Journal reported that patient records will be under the watchful eye of the Mayo Clinic while Google can analyze and track the various ailments, treatments, and outcomes for patients in the aggregate and anonymously. The hope is that patterns can be identified to not only provide more effective treatments but find cures for certain diseases as well. Big data is the “new microscope” in healthcare.
If patterns can be recognized to identify and treat ailments quicker, aspects of the healthcare delivery process can be reduced, such as the length of stay in a hospital or the drug dosage prescribed. Shorter hospital stays and a decrease in the quantity of drugs needed can lift the burden on the healthcare system, potentially resulting in lower health insurance premiums that companies/employees pay due to the subsequent reduction in severity of medical claims. Technological innovation in the prescription drug industry can also put downward pressure on drug prices. Pillpack, a prescription drug delivery service purchased by Amazon, places drugs in convenient packages for patients to obtain via mail delivery. Pillpack’s strategy is threatening Pharmacy Benefit Managers (PBMs), middlemen whose opaque compensation structure has raised eyebrows in the industry. CNBC reported that the company aims to expand its mail delivery service to all 50 states, except Hawaii, and expand its user base by utilizing technology to automatically manage refills with health insurers.
Preparing for Unintended Risks
New technologies bring both positive benefits and negative consequences. As the healthcare industry increases its partnerships with tech firms, it must be prepared to address the growing problem of cybersecurity threats. According to CISION, 75% of the healthcare industry has been infected with malware at some point in time. This is not a surprise given the fact that, according to a 2018 Ponemon Institute Study, the average cost of a data breach for PHI is $408 per patient record, the highest of any industry making healthcare lucrative for cyber criminals. This past October, DCH Health Systems in Alabama was forced to stop admitting new patients at three of its hospitals after it was hit with a ransomware attack. Recently Hackensack Meridian Health (NJ) and Oahu Cancer Center (HI) were each hit with ransomware attacks disrupting their normal hospital operations. Cyber threats are now, literally, a matter of life and death and the healthcare industry must keep cyber resiliency high on its priority list as its reliance on technology grows.
In 2018, before Google announced its partnership with the Mayo Clinic, it began a similar relationship with Ascension. Based in St. Louis, Asencion is a hospital chain boasting approximately 2,600 medical facilities. According to The Wall Street Journal, Google has obtained diagnoses, hospital records, lab results, and other forms of PHI including names and addresses from the Ascension Partnership. The Health Insurance Portability and Accountability Act of 1996 (HIPPA) states that hospitals can share such data with business partners like Google, but the data collected must be used to help the hospital in its core function of patient care. Additionally, if such data is used to help the hospital with its core function, patients do not have to be notified of such sharing.
While the Google/Ascension Partnership may be acceptable according to HIPPA, healthcare and tech firms must balance the legal and ethical aspects of how they communicate their use of patient data for the sake of transparency, while simultaneously guarding against ever-present cyber risks. Care must be taken to ensure patient data is protected and Google does not utilize this PHI for other pursuits, such as cross-referencing this data with data from its recent Fitbit acquisition for example.
Planning for The Future
In no other industry is the access to critical information in real-time more important than in healthcare. Lives are at stake each day based on how quickly patient data can be accessed and utilized for treatments. While hospital systems continue to “harden” their cyber infrastructure to guard against breaches threatening the exposure of PHI, a delicate balance must be reached so that technological innovations relying on access to this information are not sacrificed. This scenario is analogous to living in a free and open society; guarding against terrorist acts should not sacrifice the daily freedoms enjoyed, otherwise the terrorists win. Beyond hardening cyber defenses, hospitals must invest in cyber hygiene training such that staff can better recognize potential breaches and practice proper hygiene techniques (changing passwords frequently, for example). In 2020 and beyond we can expect more patients to inquire as to how their PHI is being used, so hospitals should be prepared to rethink their communication strategy. The more trust society has with these partnerships, the easier it will be for technology to play a greater role in addressing critical healthcare issues.
