(Bloomberg) -- The clinician called a prospective customer who was applying for health insurance to pose a very direct question: Why had she left the names of several medications she was taking off the application she submitted to Aetna? The clinician rattled off the names of the drugs, the dates they were prescribed, and the doctors who had prescribed them.
The woman insisted the information was wrong. She recounted the story to her mom, looking for advice. The mother was shocked and embarrassed. Those prescriptions were hers, designed to treat medical conditions she’d been hiding from her daughter. The secret was out, and the women were forced into an emotional conversation about the mother’s ongoing struggles with her health.
The mother eventually filed a complaint with the U.S. Department of Health and Human Services, alleging that Aetna had violated her privacy. A government investigation uncovered the cause of the error: The women’s medical records had been mixed up in a database maintained by a supplier to the second-largest U.S. health insurance company. Bloomberg obtained a copy of the HHS investigation, along with nearly a dozen other cases, through a public information request. The details offer a rare look at how the health-care industry’s growing reliance on data mining can go awry.
Aetna blamed the mistake on Milliman, a data supplier. In its explanation to the government, Aetna said Milliman described the inaccurate linking of medications as a “very infrequent occurrence” that sometimes happens when pharmacies make mistakes in coding. Jeremy Engdahl-Johnson, a spokesman for Milliman, declined to comment, citing “a longstanding policy not to comment on our work for clients.”
Aetna says it no longer uses Milliman’s IntelliScript data service or other prescription information for determining an individual’s eligibility for insurance, a practice phased out across the health insuranceindustry as part of President Barack Obama’s health-care overhaul. Aetna says the company does use prescription databases for setting group rates and assessing risk.
Government documents show that Aetna hired RSA Medical to call patients about discrepancies between IntelliScript results and what patients had disclosed in their applications. The RSA Medical representative who called the daughter did not know or disclose that the medications belonged to the applicant’s mother. RSA Medical says it complies with all privacy laws.
Aetna told HHS that the mother and daughter figured out the link on their own. For this reason, the HHS investigation concluded that no privacy rule was broken. In addition, Aetna and Milliman had a business associate agreement that allowed them to share data on applicants, HHS said. HHS’s Office for Civil Rights closed the Aetna case without finding any wrongdoing.
Medical data is legally shared with more third parties than many Americans realize, said Ifeoma Ajunwa, an assistant professor of law at the University of the District of Columbia. Sensitive information about a patient’s prescriptions and conditions can bounce from one company to the next as part of routine billing or administrative processes. “A major concern with prescription databases is that they provide ample opportunities for invasions of privacy,” Ajunwa said. They are also prone to mistakes.
While the mother-daughter mix-up occurred in 2008, insurance companies’ appetite for patient information has increased substantially since then. The medical-data industry is projected to surpass $10 billion by 2020, according to McKinsey & Co. A major driver of that growth is Obamacare. The Affordable Care Act made it illegal for health insurers to reject applicants based on preexisting conditions, but they still use prescription data to set group rates, identify high-risk patients, and decide on corporate budgets. Life insurance companies remain free to use the data to turn away sick people and set higher premiums.
Obamacare penalizes health-care providers that don’t shift to electronic records, and it funds statewide exchanges to share the records. The goal is that digitization will eventually allow patient information to quickly synchronize between pharmacies, doctors’ offices, hospitals, and data suppliers, so that a person who normally picks up a medication in San Francisco could get the needed drug if she were to become comatose in a Los Angeles emergency room.
However, the emergence of shared medical records makes errors all the more dangerous because they can propagate more easily between providers. Bloomberg reported in 2013 on an 84- year-old woman whose family blames her death at an Abington, Penn., hospital on problems with her electronic health record, which inexplicably dropped a critical heart medication after she was admitted. Scot Silverstein, the woman’s son, filed a lawsuit against Abington Memorial Hospital, which is still pending. The hospital, which is fighting the allegations, declined to comment.
In 2010, the U.S. Department of Veterans Affairs took a key feature of its electronic health-records system offline after physicians found the system was slotting medication histories into the wrong patients’ files. The problem was discovered when a doctor noticed that a female patient’s record mistakenly showed a prescription for vardenafil, a drug used to treat erectile dysfunction, according to government documents obtained by Bloomberg. The Veterans Affairs system for accessing Department of Defense medical records electronically and sharing the records between facilities was disabled for three months until technicians could implement a fix. The Veterans Affairs didn’t respond to requests for comment. Problems extend outside the U.S. In Australia, a hospital sent the wrong discharge files to physicians in 2011, mixing up patients’ diagnoses and test results.
Americans file thousands of complaints a year to HHS claiming privacy violations, said Deven McGraw, deputy director for health-information privacy at the health department’s Office for Civil Rights. Many patients protest when they discover that their information is shared with third parties; a frequent target is survey companies, which send detailed questionnaires about treatment to people’s homes.
The business of providing and securing payment for health care involves potentially hundreds of thousands of entities around the country, said McGraw. Each company must comply with U.S. law covering the secure storage and transfer of electronic data, she said. McGraw encourages patients to request copies of their health records from local providers to ensure accuracy. HHS audits health-care companies’ compliance with privacy and security rules, but knowing where to look for potential problems is difficult. “Like any law enforcement agency, we need to know about violations so that we can help address any issues,” McGraw said. “And, of course, like all agencies, we have limited resources to work with, so we need to make sure that we’re maximizing our enforcement efforts.”
Deborah Peel, founder of Austin advocacy group Patient Privacy Rights, says U.S. law is lacking compared with that in Europe, where patients are given more control over what personal information is collected. Patients in the U.S. are entitled to contact holders of their prescription data and review the files for errors, but few know where to start. “The government may say it’s not a privacy violation, but that’s not how the people experience it,” Peel said. “Even if we wanted to check up on our data, we have no idea who these companies are.”
The names of the mother and daughter were redacted from the government documents, and their identities could not be learned. It’s also unclear whether they got their records fixed. “The databases are completely opaque,” Peel said. “They’re opaque to regulators, and they’re opaque to us.”
