Implementing a universal informed consent process for the All of Us Research Program

The United States' All of Us Research Program is a longitudinal research initiative with ambitious national recruitment goals, including of populations traditionally underrepresented in biomedical research, many of whom have high geographic mobility. The program has a distributed infrastructure, with key programmatic resources spread across the US. Given its planned duration and geographic reach both in terms of recruitment and programmatic resources, a diversity of state and territory laws might apply to the program over time as well as to the determination of participants' rights. Here we present a listing and discussion of state and territory guidance and regulation of specific relevance to the program, and our approach to their incorporation within the program's informed consent processes.

The Dark Data Quandary

The digital universe remains a black box. Despite attaining high-technology capabilities like artificial intelligence and cognitive computing, "Big Data" analytics have failed to keep pace with surging data production. At the same time, the falling costs of cloud storage and distributed systems have made mass data storage cheaper and more accessible. These effects have produced a chasm between data that is stored and data that can be readily analyzed and understood. Enticed by the promise of extracting future value from rising data stockpiles, organizations now retain massive quantities of data that they cannot presently know or effectively manage. This rising sea of "dark data" now represents the vast majority of the digital universe. Dark data presents a quandary for organizations and the judicial system. For organizations, the inability to know the contents of retained dark data produces invisible risk under a spreading patchwork of digital privacy and data governance laws, most notably in the medical and consumer protection areas. For courts increasingly confronted with Big Data-derived evidence, dark data may shield critical information from judicial view while embedding subjective influences within seemingly objective methods. To avoid obscuring organizational risk and producing erroneous outcomes in the courtroom, decision-makers must achieve a new awareness of dark data’s presence and its ability to undermine Big Data’s vaunted advantages.

Social workers have an obligation to all patients regarding confidentiality … however, for some patients, the obligation is greater

Social workers are held to many ethical obligations regarding patients including maintaining patient confidentiality and staying up to date on confidentiality laws, statutes, and regulations. As the landscape of health care continues to change, including the increased use of technology to maintain patient records, highlights this need. The changes in the regulations on confidentiality of those who are receiving substance use treatment, 42 CFR Part 2, are presented. The other regulations and laws covered include HIPAA, HITECH, and the ACA. This includes the changes that have taken place, how to be compliant, and which to follow when.

Recognizing and Caring for the Intoxicated Patient in an Outpatient Clinic

Recognizing an intoxication syndrome in patients presenting to an outpatient clinical practice with behavior or mental status change requires initial consideration of a broad differential diagnosis. After a thorough evaluation, management may include treatment of the presenting concern, triage to a higher level of care, and management substance withdrawal. Providers should be aware of the medico-legal aspects of caring for intoxicated patients related to privacy, informed consent, and risk of harm to self and others upon leaving clinic. An essential aspect of care for patients presenting to clinic intoxicated is the follow up assessment and management of substance use disorders.

Equal Employment Opportunity Commission. Regulations Under the Americans With Disabilities Act; Genetic Information Nondiscrimination Act. Final rule

The Equal Employment Opportunity Commission (EEOC or Commission) is issuing its final rule to amend the regulations and interpretive guidance implementing Title I of the Americans with Disabilities Act (ADA) to provide guidance on the extent to which employers may use incentives to encourage employees to participate in wellness programs that ask them to respond to disability-related inquiries and/or undergo medical examinations. This rule applies to all wellness programs that include disability-related inquiries and/or medical examinations whether they are offered only to employees enrolled in an employer-sponsored group health plan, offered to all employees regardless of whether they are enrolled in such a plan, or offered as a benefit of employment by employers that do not sponsor a group health plan or group health insurance. Published elsewhere in this issue of the Federal Register, the EEOC also issued a final rule to amend the regulations implementing Title II of the Genetic Information Nondiscrimination Act (GINA) that addresses the extent to which employers may offer incentives for an employee's spouse to participate in a wellness program.

Equal Employment Opportunity Commission. Genetic Information Nondiscrimination Act. Final rule

The Equal Employment Opportunity Commission (EEOC or Commission) is issuing a final rule to amend the regulations implementing Title II of the Genetic Information Nondiscrimination Act of 2008 as they relate to employer-sponsored wellness programs. This rule addresses the extent to which an employer may offer an inducement to an employee for the employee's spouse to provide information about the spouse's manifestation of disease or disorder as part of a health risk assessment (HRA) administered in connection with an employer-sponsored wellness program. Several technical changes to the existing regulations are included. Published elsewhere in this issue of the Federal Register, the EEOC also issued a final rule to amend the regulations and interpretive guidance implementing Title I of the Americans with Disabilities Act (ADA) that addresses the extent to which employers may use incentives to encourage employees to participate in wellness programs that ask them to respond to disability-related inquiries and/or undergo medical examinations.

HIPAA Compliance with Mobile Devices Among ACGME Programs

To analyze self-reported HIPAA compliance with mobile technologies among residents, fellows, and attendings at ACGME training programs. A digital survey was sent to 678 academic institutions over a 1-month period. 2427 responses were analyzed using Chi-squared tests for independence. Post-hoc Bonferroni correction was applied for all comparisons between training levels, clinical setting, and specialty. 58 % of all residents self-report violating HIPAA by sharing protected health information (PHI) via text messaging with 27 % reporting they do it "often" or "routinely" compared to 15-19 % of attendings. For all specialties, 35 % of residents use text messaging photo or video sharing with PHI. Overall, 5 % of respondents "often" or "routinely" used HIPAA compliant (HCApps) with no significant differences related to training level. 20 % of residents admitted to using non-encrypted email at some point. 53 % of attendings and 41 % of residents utilized encrypted email routinely. Physicians from surgical specialties compared to non-surgical specialties demonstrated higher rates of HIPAA violations with SMS use (35 % vs. 17.7 %), standard photo/video messages (16.3 % vs. 4.7 %), HCApps (10.9 % vs. 4.9 %), and non-HCApps (5.6 % vs 1.5 %). The most significant barriers to complying with HIPAA were inconvenience (58 %), lack of knowledge (37 %), unfamiliarity (34 %), inaccessible (29 %) and habit (24 %). Medical professionals must acknowledge that despite laws to protect patient confidentiality in the era of mobile technology, over 50 % of current medical trainees knowingly violate these rules regularly despite the threat of severe consequences. The medical community must further examine the reason for these inconsistencies and work towards possible solutions.

Recent Developments in Medicine and the Law

This article discusses recent developments in three areas, all of which relate to discovery in medical malpractice cases. The first topic is claims of spoliation in the context of medical malpractice. The second topic is the evolving peer review privilege and its limitation or expansion by state courts. Finally, we discuss two important cases in which state courts have interpreted HIPAA’s privacy rules and applied them in the context of ex parte communications with treating physicians and pre-suit discovery of a plaintiff's medical information.

Legal Considerations for Electronic Health Records

Electronic health record (EHR) solutions provide many potential benefits for dental practices, whether those programs run internally on a dental practice's computers or are cloud-based solutions. However, these programs also create new risks for a dental practice, which may be mitigated through due diligence and adequate contractual provisions to ensure protection for dentists. This article addresses the legal considerations associated with a dentist entering into a service contract with an EHR vendor.

Patient Access to Personal Health Information: Regulation vs. Reality

Patient-centered healthcare initiatives are underway to enable patients to take more responsibility for their healthcare. To do so, patients must be able to access, utilize, and share their health information. Access to health information through patient portals and other electronic means is increasing with the adoption of electronic health records (EHRs), but not all providers have EHRs or patient portals and not all information may be available electronically. Patients are expected to continue to request paper and electronic copies of their medical records. This research project was initiated to obtain up-to-date data regarding health information management (HIM) practices related to patients' access to their health information.

HIPAA for physicians in the information age

The increased prominence of electronic health records, email, mobile devices, and social media has transformed the health care environment by providing both physicians and patients with opportunities for rapid communication and knowledge exchange. However, these technological advances require increased attention to patient privacy under the Health Insurance Portability and Accountability Act (HIPAA). Instant access to large amounts of electronic protected health information (PHI) merits the highest standard of network security and HIPAA training for all staff members. Physicians are responsible for protecting PHI stored on portable devices. Personal, residential, and public wireless connections are not certified with HIPAA-compliant Business Associate Agreements and are unsuitablefor PHI. A professional and privacy-oriented approach to electronic communication, online activity, and social media is imperative to maintaining public trust in physician integrity. As new technologies are integrated into health care practice, the assurance of privacy will encourage patients to continue to seek medical care.