Luis Ospina (lospina@ketchum.edu) is the Compliance Officer at Marshall B. Ketchum University-Ketchum Health in Anaheim, CA.
An individual needing assistance is excited about using Alexa for his medication refill needs. No more phone calls to the pharmacist; no more emails to his personal care provider (PCP); and best of all, no more trips to the pharmacy to get the medication he needs. He just sends a command to Alexa, asking “her” to place a refill of his prescription. This technology is impressive, however, nothing out of ordinary, knowing the capability of technology today. The scary part comes with what Alexa could do next. Based on an algorithm Amazon engineers are testing, Alexa will eventually be able to identify patterns in the user’s voice to determine, with a high degree of accuracy, the mood of the user. This new algorithm uses emotional intelligence in addition to artificial intelligence (AI) models in the coding, empowering Alexa to make quick decisions on the user’s behalf.
Depending on how stressed or anxious she “feels” the voice of the user is, Alexa will connect the dots, and in this particular case, will call the user’s PCP to notify him that this patient is having an episode of anxiety, or might contact 911 to address a distressed individual who might be ready to commit suicide. All of this without consent from the individual, and even without the user knowing that this is actually happening — until the paramedics and police arrive at the door. Perhaps when this article is published, this story could be already outdated, because another, more impressive feature in Alexa’s arsenal was developed and implemented.
The new reality
As farfetched as this might sound, this is not far from reality, and compliance professionals are now being challenged to operate in a completely new ecosystem. This new environment involves compliance decisions that are increasingly related to technical knowledge and software coding expertise, rather than the traditional model of reliance on human behavior and conventional learning.
It is well known that when the Health Insurance Portability and Accountability Act (HIPAA) was enacted in 1996, the concept of privacy was applied to an industry in which the technology ecosystem was in its infancy; therefore, it was impossible to regulate something that did not exist. This is especially relevant when we talk about mobile devices and remote connectivity. As innovation continued to evolve, and despite early signs of technological disruption, industry regulators and stakeholders remained passive, and few “upgrades” were introduced to existing laws. They might have thought that healthcare was completely isolated from technological advances, and patient information was going to be forever confined inside the walls of the provider’s office. Alternatively, perhaps technological advances simply outpaced our ability to keep up with rules and regulations.
More than 20 years after the launch of HIPAA, we are confronting a completely different reality. First, there was the arrival and consolidation of the algorithm as the tool of choice to resolve every challenge and expectation in the industry. Second, because the life cycles of technologies tend to be shorter and shorter as new platforms are invented or existing ones are enhanced, it becomes very difficult to regulate something that is perennially changing. Third, connectivity has allowed users to share data to a level never seen before. At the core of these three developments, the concept of privacy remains paramount and in desperate need of redefinition and protection.
Although the concept of AI is not a new one, only recently has it started to be considered a key component of the industry. Obviously, no legislator in 1996 had in mind machine learning, neural networks, or predictive analytics as guiding elements to enact HIPAA. Today, it is almost unthinkable to have a meaningful conversation about the state of the industry without making reference to at least one of the latter concepts.
Regarding the life cycles of technologies, it was never anticipated that innovation would forever change the patient care ecosystem and the industry as a whole. According to a recent study, there are approximately 318,000 mobile health apps now available in app stores, with roughly 200 new apps added daily.[1]
Finally, interoperability is starting to take hold, as more and more providers, agencies, payers, and patients are able to exchange protected health information (PHI) with fewer obstacles. Connectivity has also opened the door to an unexpected potential trend. Think of the Internet of Things (IoT) for instance, with advances in technology allowing medical devices and equipment to be interoperable and able to share patient information in real time. This means patient data will be ubiquitous across the continuum of care, improving patient outcomes.