Home Forums Discussions General Discussion AC Data Ownership/Privacy

Note: This post is written jointly by those who signed it below. The structure of the user board dictates that it must appear under someone?s name, so I agreed to post it under mine. While I fully agree with its contents, the post could equally have been put up by any of the other signers. Jon Schreiber (JBS).

Major changes have taken place in Amazing Chart?s privacy and confidentiality policy. The undersigned strongly disagree with those changes and want to be sure that all AC users are aware of this issue, and encourage you to express your feelings here and to company management.

There are a number of aspects of this issue, so please take a few moments to read and digest this information.

1. It has always been AC?s policy to give us, the providers, strict control and ownership over our clinical data. This policy was stated verbally and in writing by Jon Bertman, and until very recently appeared to be supported by the current management. The concept is most clearly stated in the company EULA.

2. This policy has several important implications. If AC goes out of business, the data belongs to your practice. If we change to a different EMR, the data is ours, and we cannot be charged to gain access to it. (Believe it or not, this is not the policy of some EMR?s; they charge large sums for you to get your own records and data). It also means that our data cannot be sold. (Again, this is not universal in the world of EMR?s). A strong privacy policy demonstrates the appropriate recognition of our hard work, since we are the ones who obtain the information from our patients, and we enter it into the program: this is our intellectual property, not the company?s. Company refusal to sell our data also demonstrates respect for our patients? privacy; it insures that we are the guardians of this private information, and we can be sure to take the steps that we believe are appropriate to protect it.

3. In mid-2013, AC revised the EULA which was presented to reflect the company?s purchase by Pri-Med. The company announced this, providing a list of the ?few substantive changes? that were made. This announcement mentioned that a BAA (business associate agreement) was added to the EULA, but made no mention of a change to the privacy policy. In fact, two changes occurred. First, the old version said ?AmazingCharts will not sell, trade, transmit, or provide any clinical data to insurers, pharmaceutical companies, attorneys, governmental agencies, or any other third-party except with your expressed permission?. The new version adds the phrase, ?or as permitted by law?". These five words fundamentally change the policy and allow AC to sell our data at will, to whomever they choose.
The second change comes with the addition of the BAA, which is added to the EULA. It states, ?"De-identified Information. Business Associate [that is, Amazing Charts] may use or disclose health information, which has been De-identified in accordance with 45 CFR ? 164.514, in order to create comparative databases or to perform statistical analysis and for such other lawful purposes.? This explicitly gives the company the right to sell our data.

4. Whether you are consciously aware of this or not, every time you log onto AC, you are agreeing to the EULA. This is stated just below where you enter your user name and password. The EULA is housed as a pdf file in the Amazing Charts folder in your program file. If you are currently on V6.3.3 or below, you are operating under the old EULA. If you are using or if you upgrade to any version higher than 6.3.3, you are agreeing to allow AC to sell all of your patient data to whomever they choose.

5. The undersigned feel strongly that this change in policy is wrong. Elements of the change may not even be legal (since the company is trying to apply the policy to all AC users, even those using versions where the old EULA was the only one they have ever seen). We believe that this data belongs to us, the physicians and other providers using AC, and that it is a violation of our trust for the company to change this policy. Even worse, it was changed without notification and buried in the EULA/BAA.

6. We encourage you to make your feelings known on this issue. Please do so in the following ways:

1. Post your opinions here
2. Jon Squire has asked that concerned users contact him to discuss the issue. Please email him at jsquireATamazingcharts.com (change AT to @) to express your opinion. In fact, he is willing to speak to people by phone; he allowed me to share his phone number for this purpose. If you feel strongly enough that you want to speak to him directly, please PM me and I will give that to you.
3. Go to AC?s facebook page and make your feelings known there (we have posted this message there as well.
4. Please contact other AC users that you may know and make them aware of this issue, and encourage them to express their opinions, as above.

If you have not yet upgraded beyond V6.3.3, you may not want to do so. When you log-on to AC after upgrading, the company says that you are agreeing to these changes (even if you have not read them).

Signed,
Jon Schreiber
Bev Kelsey
Donna Dow
Wendell Wheeler
Jim Legan
Marty Holt
Ira Braverman
Dave Dickson
Gino Freeman
Pete Sundwall

I concur. I thought NOT selling our data set Amazing Charts apart from other EMR's.

Not surprised it is Pri-Med business model, just what to do about it is not clear i.e. not likely any number of complaints unless accompanied by cancellation of license is likely to do much(apologize for the negativity)
Since I care none about MU but do care about my patient data it will make me explore other options.

Well, at least now we know why it seems that AC has been spinning it's wheels and getting nothing done since 6.3.3. I wonder how many more tables and fields they had to add to get ready for selling data.

Jon, Marty, or any of the other signers of the Declaration of Outrage: What was Jon Squires explanation? Why shouldn't we be outraged from his standpoint?

I believe I have just as much right to privacy under the "minimally necessary de-identification" as my patients have. But the money is in getting enough detail to make or save money for the buyer, so I'm worried for us as well as our patients.

Does anyone know a good EMR that doesn't phone home all the time?

Agree with above. I request EULA rollback kindly. Marlon Weiss, M.D.

From emrandhippa.com:

De-identified Healthcare Data ? Is It Really Unidentifiable
Written by: John Lynn

There?s always been some really interesting discussion about EHR vendors selling the data from their EHR software. Turns out that many EHR vendors and other healthcare entities are selling de-identified healthcare data now, but I haven?t heard much public outcry from them doing it. Is it because the public just doesn?t realize it?s happening or because the public is ok with de-identified data being sold. I?ve heard many argue that they?re happy to have their de-identified data sold if it improves public health or if it gives them a better service at a cheaper cost.

However, a study coming out of Canada has some interesting results when it comes to uniquely identifying people from de-identified data. The only data they used was date of birth, gender, and full postal code data. ?When the full date of birth is used together with the full postal code, then approximately 97% of the population are unique with only one year of data.?

One thing that concerns me a little about this study is that postal code is a pretty unique identifier. Take out postal code and you?ll find much different results. Why? Cause a lot of people share the same birthday and gender. However, the article does offer a reasonable suggestion based on the results of the study:

?Most people tend to think twice before reporting their year of birth [to protect their privacy] but this report forces us all to think about the combination or the totality of data we share,? said Dr. El Emam. ?It calls out the urgency for more precise and quantitative approaches to measure the different ways in which individuals can be re-identified in databases ? and for the general population to think about all of the pieces of personal information which in combination can erode their anonymity.?

To me, this is the key point. It?s not about creating fear and uncertainty that has no foundation, but to consider more fully the effect on patient privacy of multiple pieces of personal information in de-identified patient data.

Paragraph below is from the article
"Who owns the data"

http://www.aaos.org/news/aaosnow/apr10/managing2.asp

Contractual rights for the vendor to use the data
Never accept a clause that gives the vendor the right to use your data for ?research? purposes. Not only is ?research? a vague term, it may be subject to Institutional Review Board issues.

Any agreement for vendor use of the data should specifically state how the data will be used and give you the right to review, audit, and approve their use of the data. The agreement must preclude the vendor from realizing any financial gain from the use of the data.

If you look at your email, you will see a letter from Amazing Charts stating:

"In the near future, Pri-Med and Amazing Charts will begin offering individualized CME recommendations based on practice patterns identified through information that clinicians provide from their EHR."

This, indeed, may be one way they intend to use the data.

If sharing data were optional amd could be restricted by the physician in extent and content, I would not have an issue.

The issue is that the EULA was changed and while other points of change were made clear, these were not. Shame on us for not reading the EULA carefully, but then we trusted that the important points of change were spelled out. Sharing of patient data is a big deal. Was that intentional or an oversight? It has not been corrected.

The transformation of AC over the past year has been nothing short of creepy. Agree with Dan, it's time we stopped thinking of them as bumbling but well intentioned, and started being vocal (such as this post) about their multiple deficiencies and the declining value of their product.

Why do commercial entities do this kind of data mining anyway? I often just have to shake my head on reading my EMR generated notes, with all the insurance/Medicare required jargon and excessive prose needed to pigeon-hole diagnoses into ICD codes, etc.

Note to AC: garbage in, garbage out.

Because it is very valuable.
Read about this IPO from a couple of days ago.
"IMS Health Holdings Inc., a 60-year-old company that sells data on prescription use to drugmakers and analysts....IMS gathers data including on how drugs are marketed and prescribed and sells that along with analytical tools and services to clients including drugmakers, pharmacies and government agencies. Sales rose 4 percent to $2.54 billion last year, according to the filings."

Just before AC was sold I signed up to participate in a diabetes management study with AC. The letter or email asking me to participate came from Jon Bertman. I signed a single sheet of paper saying I would give them my diabetes info. About two months ago AC wanted to get my practice upgraded from 6.33 so that they could "get the data". We have always done our upgrades ourselves and I told her we didn't need AC to do it. After much thought we decided to upgrade because we were told that they wanted to move people into the newer version before there would be a rush to get everyone on board as the deadlines for MU2 and ICD10 approached. So we upgraded 2 months ago. Since the upgrade we have had major computer issues. This week we had a fried modem and multiple viruses. An occasional virus has crept in in the past but nothing that would infect the whole network like this did. The program is now slowing to the point that it is effecting our work processes. The weather and winter being a slower time for my practice were reasons that we upgraded now. We have contemplated going back to 6.33. I am not the IT person in my office. We are a micro practice though and troubleshoot on a daily basis. Our feel for our problems are in part seeming to come from how often the program is trying to phone home. I find this all to be very disturbing. I practice in a federal manpower shortage area with very high unemployment and large population in poverty. I am feeling intrusion into my prescribing not necessarily to write generics but to change brands from some back door deals behind the scene. Again, I find this very disturbing. I have always supported AC and feel it was one of the best decisions I have made. It helped me stay in business. Rethinking all of this right now.
Nancy

I agreed to participate in a pay for performance program with one of the big insurers and backed out when the deidentified data included first and last name and date of birth. Supposedly a third party was going to do the de identifying but a google search showed the third party (an entity frequently a government contractor) was wholly owned and operated by the big insurer. Turns out that what they were doing was against state law but some sort of fancy footwork went on. Most docs in my area dumped their data and got an enhancement in their reimbursement. Any respect for privacy, patient info protection, or upholding basic tenets of our professional ethic is/will be removing us from the game/practice of medicine/healthcare system. It is now all business. Government controlled business with that government picking insurance and pharmaceutical and device/ technology winners and losers. What do we do about this. Now I'm really depressed!

When you rent a house, you pay the landlord for the use of his property. This does not give him the right to walk around every day examining your furniture, even if only to give you decorating advice.
Dave

PriMed wants to pay AC for metadata to improve conferences.
Pharmaceuticals want to know why people stop using their drug.
Insurers want to identify high risk patients for intervention to save expenses.

PriMed wants to sell data on us to guide advertising by third-parties.
Pharmaceuticals want to know how effective their marketing is to each of us.
Insurers want to know if they should drop us from their panels.

I am a proud procrastinator with v6.3.3. Finally, my laziness has paid off.

Should I be asking for a $2000/yr rebate to upgrade or more?

There CAN be legitimate reasons to get the data:

Doing studies (like the diabetes study)

Recommending education, showing improvement and value

Jon Squire said he wanted feedback on this issue, which precipitated this thread.

The problems are that providers have been burned so many times, this is such a radical departure from the previous policy and while "major" changes to the EULA were stated, this one was not.

The issue to me is whether we can opt in/out and have control over what is being shared.

I received a response from John Squire (after I emailed him about my concern about data mining):

"I agree with you; we are planning a communication on this topic soon. By the way, no one has used your data. It's your data on your system. All that was done was a change to the wording of the EULA and the addition of a Business Associates Agreement (BAA). The BAA stated that we treat data according to HIPAA guidelines. HIPAA guidelines allow the use of de-identified data. Even though this change was made last year, this clause has not been exercised and no data has been used. It was a paper change only."

John,
No one is accusing them of violating HIPAA violations. The "violation" is of our trust: they made this change without informing us.
If John Squire says that have not yet used our data, then I believe him. If they have no intention of selling our data going forward, then why do they need to make this policy change?
AC has always had the right to ask for their use of our data; that was the old policy. The new policy is that we have no say in the matter; they can use it at will, and sell it for whatever purpose they choose.

That is my concern as well. And John Squire may not be making that decision at some future point.

Would this use of patient data just affect AC-Cloud docs? How would AC be able to use data that was not on their servers?

At the end of the day, cloud users are at the mercy of the hosting company. You can have agreements until the cows come home, but if you don't have physical security of your data, you don't have any security. This is also why gaining access to the database, even if only read-only is important. If an Evil Empire takes over AC, you need to be able to cut the internet connection, get help from a third party, and export your records in a form you can at least read.

No, John. This would not just affect those with a cloud-based version. Every time you turn on Amazing Charts, it connects to the company computers. The newer versions of Amazing Charts give them the capability to extract data from your computer. I will leave it to the more tech savvy to explain how they can do this when the databases on your desktop. This is not just a paranoid fantasy. I assure you that if you talk to the company, they will confirm that this is true.

I just bought a new server, was going to upgrade. I can not take it back now. Almost 2k is wasted. Wtf! I am staying on 6.3.3. Will call support tomorrow. It is riduculous.

Look at it this way. First, every time you sign in, you may get a message that says 6.6.5 is the latest version. Or you haven't backed up to the cloud in 50 days. This is because, when you install AC, it is designed to talk to the "mothership" Same as when you download a free piece of software, each day it says 1 day out of 30, 2 days out of 30.

Now they don't get info from your desktop, there is no info. When you log in, you log in to your databases. If they can get to your EMR, then can get to your databases same way.

Makes me wonder, when at Pri-Med this past fall in Boston talked to the tech folks about upgrading to 6.5 and complained about the slight delay I have been noticing whenever I flip in and out of different field in AC despite just building a new computer overclocking a new processor having 16 GB Fast RAM and no other RAM hogs(well Windows 7 Pro)they said ...it will only get worse. Wonder if the collect your data in the background has something to do with it???

Is there some firewall block we could implement?

Thanks Jon for all the info about this. While it saddens me to see, it is not surprising that Pri-Med would want to try to profit from its acquisition of AC by using our data in various ways. Isn't that what Facebook is trying to do with WhatsApp?

My hope is that the powers that be will realize that in the long run the company can be most successful by respecting the privacy of patients, the integrity of physicians, and above all the primacy of the care of the patient. I pray that Pri-Med will not seek the quick buck but will look for the long-term good of all involved. I'll send a note to John Squire. As you suggest, I think it's a good idea for all of us to let him know our feelings on this issue.

Well, if it is a part of Pri-med business model, then there is nothing CEO can do. He is there to make money for Pri-Med, to think otherwise is preposterous. We need to contact and get loud with Pri-med.

Here is a link to Pri-Med's privacy policy, worth reading. Their contact information is at the end.

http://www.pri-med.com/PMO/Flex.aspx?short=PrivacyPolicy

We should at least have the option to "OPT OUT"

For those of you who still have any question about who owns the data in our EMR, please think for a moment about the following analogy. Microsoft Office sits on your computer and it "phones home" regularly to check for updates, security issues, etc. just like Amazing Charts does. Imagine the response if Microsoft announced that some time ago they inserted into their user agreement a clause stating that all documents entered into Microsoft Word and all spreadsheets entered into Excel were being extracted from your computer and de-identified, and could then be used for whatever purpose Microsoft saw fit.
What would be the reaction? Would lawyers say that the contracts, letters, and other documents they created belonged to Microsoft? Would accountants and financial analysts say that all the material in the Excel spreadsheets belongs to Microsoft?

How about if Quicken took this approach, and said that all of your financial data belonged to you, but they could take it and sell it for marketing purposes to whomever they chose?
Would it make any difference when they told you the information was de-identified?
Why should that intellectual property be any different than the information we put into amazing charts?

well put Jon

Does anyone know of a certified successful ehr that doesn't require connection to it's mother?
Does anyone know of a certified successful ehr that has the eula that AC used to have?

My point is that it is only competition from another ehr vendor or governmental regulation that will get AC to change back to their previous eula.

The government is encouraging the vendors to get away with this, because the government wants to mine our databases as well for their own utopian reasons.

Basically, I think the most likely effort to succeed is to get statehouses to restrict the practice in your state by limiting it to governmental and insurers only. This is an issue that can drive votes with the same passion as witnessed here.

Until there is another ehr that does what we want, and I'm hoping for info on that, I think AC will look at this as a tempest in a teapot.

All the big ehrs are doing it, so why shouldn't the nicest one do it too?

Dan, I understand your point, and it may very well be the approach that Amazing Charts takes. I would argue that it would be a mistake.

First of all, there are other options. Most of us have already decided that we are not participating in MU 2. In that situation, an EMR need not be certified. There will be other ways to go. Hopefully, we won't need to go there, but if the need arises we can discuss those choices at another time.

More importantly, I would argue that the scarcity of other EMR's creates a great niche opportunity for AC. Our EMR already occupies this space. AC has a loyal following of users, for many of whom the company's respect for us and our patients was an important distinguishing feature.
AC has always been the EMR that was developed by a physician. The EMR that looks out for doctors' intellectual property. The EMR that protects our patients' privacy. Perhaps they will be the only EMR that can make those claims. To me that is a tremendous marketing point.
Look. I think we can except the fact that AC will never be an Epic or a Cerner with hundreds of thousands of users. It is designed for small practices and attracts a somewhat iconoclastic following. The marketplace is plenty big enough to allow Amazing Charts to stake out this space and make it their own, and be quite successful, in my opinion.

I agree with you Jon, and support the cause!

I think and hope that the tide is turning on meaningful use with physicians who control their own practice. I'm not going for MU2 either. Spending my time making the practice more efficient ala jimmie.

Certified is only important because of the process is narrowing down the ehrs. It would be a huge gamble for AC to quit certification torture to focus on being the best small practice ehr. Unfortunately, successful means certified I think.

I think that the government is fine with ehrs making some profit from the data in exchange for the certification process and making it better for the government to mine our data.

I think that independent physicians just don't have much power in the marketplace or statehouses now. We're screwed trying to stay old school as the niche gets smaller.

I tried reading the product update posted by Chris to see if this was addressed, but honestly could not make heads or tails of it. Would someone who can wade through legal jargon care to comment if this issue persists?

Tried to read the EULA and as noted by JBS the 5 words "or as permitted by law" seems to give them free reign as long as they abide by the HIPAA stuff.
Then read the federal register stuff concerning it and to loosely paraphrase it says the de-identified info can be used by other entities as long as a BAA is signed and that the information is to be used in a limited and defined scope(which is required to be stated) and safeguards and remedies are in place in case there is a data breech.
So where does that leave us since we are data generator #1 on the chain, don't know.

AC has sent emails about this topic that hopefully should satisfy most of us. It's always difficult to get 100% of anyone onboard, much less physicians.

The CAB and the AC staff have been working on this for a while. There may still be some details to be ironed out, but I think both a clear explanation, as well as a remedy have been put forth.

sorry to ask Wendell but could you point the direction to the 'remedy' and 'the clear explanation' and btw do we the 'data generators' get to see the BAA between AC and whoever is getting the scrubbed data along with the stated use of that data and the plans those 'users of the data' have to deal with breech and misuse?
Perhaps getting older leads to more paranoia (or is it more life experience gives a broader perspective) but when my diabetic patient(for example) start getting targeted banner ads and popups for specialty drugs ,products and services might want to say...hmmmm.

It came as an email. I have requested a link for those who might not have received it.

Our EULA and BAA agreements are here: http://amazingcharts.com/EULA.pdf?u...tm_term=0_350c02d76a-a792198718-64851493

But I would agaree life experience gives a broader perspective and I think you hit at least one nail on the head. While I feel AC is above board, what about Surescripts?????
(and there is no workaround, they have at least a functional monopoly)

Providing the ability to opt-out of data sharing seems very "above-board" to me, and frankly I was proud of our little EMR for including this choice to allay concerns. And thanks to all you watchdogs out there who helped keep AC awesome (in other words, I'm still a fan...).

Now, get back to work on MU certification and ICD-10!