Startup Seeks To Hold Doctors, Hospitals Accountable On Patient Record Requests

When Kelly Shanahan had her OB-GYN practice in South Lake Tahoe, Calif., she was meticulous about providing medical records promptly to all patients who requested them, she said.

But since being diagnosed with metastatic breast cancer in 2013, an event that forced her into retirement, Shanahan has discovered that not all of her doctors are as attentive to such requests.

Getting copies of her records has been, as she puts it, “a colossal pain.”

With few exceptions, federal law requires that health care providers make copies of medical records available within 30 days after patients request them and, when possible, in the format they desire. Under California law, providers have 15 days to hand over the records if they are being sent directly to the patient.

But many patients, who may have records scattered across doctors’ offices, labs, hospitals and clinics, say responses from health care providers can range from sluggish to churlish. Assembling the records can be onerous.

Earlier this year, Shanahan turned to a Silicon Valley startup called Ciitizen, which requests medical records on behalf of cancer patients and redacts them for clarity and legibility.

Shanahan logged on to the company’s website and signed an electronic consent form, handing over to Ciitizen the task of requesting her records from multiple providers. The company emails her when a record is ready for her to view.

Ciitizen does not charge patients for gathering their medical information. Rather, it hopes to make money “in the near future” by taking a transaction fee for “matching third-party researchers with patients who wish to share their records,” said Deven McGraw, Ciitizen’s chief regulatory officer and former head of health care privacy policy at the U.S. Department of Health and Human Services. She said the company plans to offer its services to people with other serious illnesses in the future.

On Tuesday, Ciitizen, based in Palo Alto, Calif., released an update to a report card it first published in August that uses a five-star system to rate how health care providers comply with federal rules governing record requests. The scorecard, which Ciitizen plans to refresh every few months, can be viewed online at www.PatientRecordScorecard.com.

It shows that of the 210 providers from whom Ciitizen has requested patient records so far — including hospitals, doctors and specialty clinics nationwide — 51% have only one or two stars, meaning they were noncompliant or required significant intervention by the company to comply.

Ciitizen also published a report, based on the scores of those 210 providers plus telephone surveys of nearly 3,000 health care institutions, that found that more than half of providers were out of compliance with federal patient data access rules.

That is in line with a study by Yale University researchers last year showing that many top U.S. hospitals were not in compliance with patient records rules.

“Cancer patients do not have the time or energy to make two to three phone calls and argue with their providers,” McGraw said. “We did a lot of arguing. We encountered so many roadblocks.”

In a speech in August, Seema Verma, administrator of the Centers for Medicare & Medicaid Services, called the Ciitizen scorecard “a powerful tool for patients” that “will hopefully spur competition amongst providers to make patient data more readily accessible.”

Lois Richardson, vice president and legal counsel of the California Hospital Association, said the scorecard is too new to assess whether its findings are significant or just a collection of anecdotes based on a small number of records requests. “It could be either; I just cannot tell,” she said.

Some consumer advocates say enforcement of laws governing medical records accessibility is ineffectual.

“There have never been any cops who will go around and bust a hospital for failing to produce the data,” said Dave deBronkart, a pioneer of the patient access movement.

DeBronkart, 69, beat the odds after doctors gave him 24 weeks to live following a diagnosis of metastatic kidney cancer 12 years ago. Along the way, he has butted heads with the medical establishment over his health records.

When he was invited to speak at a medical conference in Toronto in 2009, the organizers asked him the title of his speech. He replied: “Just call it ‘Give Me My Damn Data.’”

That phrase quickly became a rallying cry, a hashtag, a meme, a coffee cup, a rock ’n’ roll song, and even a rap: “Give me my damn data/’cause it’s my life to save/give me my damn data /just like e-patient Dave.”

DeBronkart and others in the medical data access movement applaud Ciitizen’s report card but believe the real game changer will be a new federal rule that could eventually allow patients to see their medical data on their cellphones as easily as they can see their bank accounts.

“What we have been striving for is starting to happen,” deBronkart said. “For the first time in 10 years of advocating for patient access to our medical information, I am excited and optimistic.”

The new rule is expected to begin rolling out in 2020, a CMS spokeswoman said. It will require health care providers doing business with Medicare and Medicaid, and in the federally run Affordable Care Act marketplaces, to share their patients’ data through apps that are compatible with an international standard for sharing health care information known as FHIR (Fast Healthcare Interoperability Resources).

Unlike current federal law governing records access, the new rule will have some teeth, federal officials say. Just how it will be enforced is still being hammered out, but it will likely entail financial penalties.

Some patient advocates worry about consumers’ privacy when their medical data is shared so widely online. “Of course we want consumers to be more empowered, but it does seem like we’re rushing into this idea,” said Dena Mendelsohn, a senior attorney in the San Francisco office of Consumer Reports, adding that there are not yet laws in place to protect patient privacy.

But Shanahan, the breast cancer patient and former OB-GYN, said it should be her decision.

“I’m the patient,” she said. “I’m saying, share my freakin’ information.”

Exit mobile version