Peter L. Berger's Blog, page 624

Many health insurance companies across the country have requested large hikes in the premiums they will charge for their plans in 2016, arguing that they need to raises prices to cover the new costs they have incurred under the ACA (read: paying for the care of sicker Americans). In one case, an insurer is looking for a 51.6 percent increase, and even though that’s an outlier, other insurers are asking for rates that are high enough to cause concern. State regulators have the power to deny or reduce the increases, and, as the NYT reports, Administration officials are very much hoping they will, offering a slew of reasons why insurers don’t need the hikes to stay solvent.

According to the Times, Federal health care chief Kevin Counihan has written a letter to state regulators arguing, among other things, that the 2016 will see a healthier pool as higher penalties for non-compliance with the individual mandate go into effect and push healthier Americans into the arms of insurers. Not everyone is convinced, however. Insurers themselves claim, of course, that they need the increases, but they’re not the only ones who seem to be sounding a skeptical note:

But Scott Keefer, a vice president of Blue Cross and Blue Shield of Minnesota, which requested rate increases averaging about 50 percent for 2016, said his company had not seen an improvement in the health status of new customers.

“Our claims experience has not slowed at all,” Mr. Keefer said. “The trend has gotten a little worse than we expected.” […]

State officials said their agencies had been reviewing insurance rates for decades and generally knew local market conditions better than federal officials.

Monica J. Lindeen, a Democrat who is the Montana insurance commissioner and the president of the National Association of Insurance Commissioners, said the letter from Mr. Counihan was interesting, but “did not point to any new information that would impact how state insurance departments regulate their health insurance markets.”

So will rates skyrocket? That’s the big question observers of President Obama’s controversial health care law will be asking. The answer that emerges from the NYT piece is that we don’t really know yet. In at least one case, in Oregon, not only did the state Insurance Commissioner approve double-digit increases, she even required insurers that didn’t request increases to raise their prices. On the other hand, the NYT reports that Administration officials are confident rates will overall come in lower than requested when all’s said and done.

But framing the question that way distorts the broader picture. It’s to the Administration’s political benefit, of course, that the requests have been so high, since, if the actual increases are at least lower than those requested, it can claim a victory of sorts. We’ve seen that kind of dance before. But the big picture of U.S. health care is that it is too expensive and only getting more so. If premiums truly do skyrocket, that will be a political disaster for the Administration. If they increase only modestly, the Administration will make PR hay out of it. But in either case, the U.S. health care system will remain broken—and our parties remain without clear ideas about how to fix it.

Over at NewGeography, Joel Kotkin and Michael Shires remind us that despite the steep decline in manufacturing over the last few decades, the industry is by no means finished in America:

Manufacturing may no longer drive the U.S. economy, but industrial growth remains a powerful force in many regions of the country. Industrial employment has surged over the past five years, with the sector adding some 855,000 new jobs, a 7.5% expansion.

Several factors are driving this trend, including rising wages in China, the energy boom and a growing need to respond more quickly to local customer demand and the changing marketplace.

Kotkin and Shires’ report provides an excellent survey of where, exactly, manufacturing jobs have been popping up. They highlight four major trends: the growth of manufacturing jobs in the Rust Belt (as the auto industry recovers), the Southeast (thanks in part to “major investments from German and Japanese companies”), and the Energy Belt (falling oil prices are “an enormous boon for downstream industries such as refining and petrochemicals”), as well as the shift of manufacturing jobs to suburbs and small cities, away from once-major industrial centers like Los Angeles, Chicago and New York.

To be sure, mass manufacturing cannot reclaim the place in America’s economic life that it held in the 1950s and 1960s—that is, the basis of life-long employment and relatively high incomes for much of the country. Productivity has gone up so much, and global competition remains so keen, that there will always be strong pressures for manufacturers to build more stuff using fewer human hands. Even so, the revival of manufacturing employment is excellent news for the parts of the country that can host it (too bad, NYC and LA), boosting incomes and expanding employment even as the economy transitions to something new.But the fact that manufacturing is picking up steam is also a good sign for entrepreneurship in non-manufacturing parts of the economy. It suggests that many of the preconditions for new business formation are in place in many parts of the country: relatively cheap labor, real estate bargains, cheap energy, and a regulatory environment favorable to new business. Moreover, as the report says, much of the manufacturing surge—especially in Detroit and Houston—is being driven by engineers. So in addition to blue-collar workers, there are plenty of well-educated workers ready to join innovative new firms.This won’t work very well for those precious snowflakes among us who cannot survive in the harsh climate outside hothouse university environments, but if you are smart, quick, tough and determined enough, this is still a land of opportunity.

The assassination of Burundian general Adolphe Nshimirimana on Sunday has thrown the fraught nation back into violent turmoil. It was the latest in a series of downward spirals set off when President Pierre Nkurunziza evaded a national regulation to allow himself a third term in office. Burundi, like Rwanda, was torn by ethnic conflict between Hutu and Tutsi populations into a vicious civil war, which ended with a peace accord only a decade ago. Since then, Nkurunziza—formerly the leader of a Hutu militia—has been in power.

But unlike the Tutsi-led government in Rwanda, the administration in Burundi has yet to accomplish very much. From the NYT:

Burundi is in danger of collapse, its capital rocked by violence and divided by political intrigue. The country’s fragile democratic fabric has been shredded in recent months by President Pierre Nkurunziza, who brushed aside a constitutional bar to secure a third term in office and put down an attempted coup meant to stop him. As Mr. Nkurunziza struggles to retain control, his top officials accuse Rwanda of tacitly aiding his enemies. […]

Mr. Kagame, 57, has led Rwanda since 1994, when an offensive by his Rwandan Patriotic Front rebels put an end to a genocide campaign by Hutu extremists. He is widely credited with helping bring peace, stability and what the World Bank has called “impressive development progress,” visible in the spotless streets of Kigali, the capital, and the construction cranes dotting the skyline.Burundi, on the other hand, remains one of the poorest countries in the world, with a fragile economy and a dependence on foreign aid for half the national budget.

If Burundi becomes once again ensnarled in the intense ethnic violence which led to genocide in Rwanda, spillover is likely. That the neighboring nations are led by opposing factions—Hutus in Burundi and Tutsis in Rwanda—all but entails their involvement in internal conflicts which divide the two countries along the same ethnic line. One young Hutu leader in Burundi summarized the entanglement as such:

“Rwanda is a bad country,” Mr. Nkeshima said. “The Tutsis in the government there are helping the Tutsis in the Burundi opposition. We cannot allow the opposition to take our country.”

While it is still too soon to count out the possibility of a harmonious resolution, it is time for the international community to keep an eye on these troubled neighbors.

Since Vladimir Putin seized Crimea and kicked off the international crisis over Ukraine, it’s been popular to measure how bad relations between Moscow and the West have gotten by tracking how many times Moscow has sent bombers, jets, ships, and even subs into or around opponents’ territory. By that metric, July was the worst month on record, as IHS Jane’s 360 reports:

NATO fighters intercepted record numbers of Russian combat aircraft over the Baltic region during air policing alerts in late July, the alliance announced.

Fighters from Belgium, Italy, Norway, and the UK assigned to the Baltic Air Policing Mission were scrambled to intercept 22 Russian aircraft as they transited through the region in a number of different formations over a two-week period.In two of the largest interceptions ever seen, the UK Royal Air Force’s (RAF’s) Eurofighter Typhoons based at Amari Airbase in Estonia identified and shadowed four Sukhoi Su-34 ‘Fullback’ strike aircraft, four MiG-31 ‘Foxhound’ interceptors, and a pair of Antonov An-26 ‘Curl’ transport aircraft on 24 July, while five days later NATO fighters tailed four MiG-31s, four Sukhoi Su-24 ‘Fencer’ strike aircraft, as well as three An-26 and one Ilyushin Il-76 ‘Candid’ transport aircraft that had been flying close to Latvian airspace.As reported in the Financial Times , NATO officials said that the alliance has launched more than 250 scrambles against Russian aircraft so far this year over Europe – more than at any time since the end of the Cold War. Of these, 120 have taken place over the Baltic region.

One incident IHS Jane’s didn’t mention is instructive. On July 4, two Russian nuclear-capable bombers flew within ten miles of the California coast and delivered a greeting over the radio to the U.S. aircraft that intercepted them: “Good morning, American pilots. We are here to greet you on your Fourth of July Independence Day.” Russia’s provocations are only getting more frequent and severe.

The German energy mix has been radically changed in recent years, predominantly driven by two forces: a desire to expand renewables’ market share (a task accomplished by generous state subsidies called feed-in tariffs), and an aversion to nuclear power following the 2011 Fukushima disaster. Within Germany these changes have had a number of perhaps unforeseen and certainly unfortunate consequences, including jacked-up power bills for businesses and households and, somewhat bizarrely, an increased reliance on the particularly dirty type of coal called lignite. But the ripple effects of Berlin’s energiewende are expanding past national boundaries, and, as Politico reports, Germany’s neighbors are finding their own grids strained by intermittent solar and wind production:

The country’s move away from nuclear power and increase in production of wind or solar energy has pushed it to the point where its existing power grids can’t always cope. And it’s the Czech Republic, Poland, the Netherlands, Belgium and France that have taken the brunt.

“If there is a strong blow of the wind in the North, we get it, we have the blackout,” Martin Povejšil, the Permanent Representative of the Czech Republic to the EU said at a briefing in Brussels recently.

Germany has failed to beef up its energy transmission infrastructure at the same pace as its burgeoning solar and wind industries, that is, and on especially sunny and windy days it relies on the hospitality of its neighbors to distribute those supplies. Poland and the Czech Republic have been forced to pony up $180 million “to protect their systems from German power surges”, while within Germany itself NIMBY-ism is preventing the construction of some key transmission lines.

When examining the costs of boosting renewables, it’s a big mistake to leave out the expense of building out the grids needed to handle production. Germany seems to have made just that error with its energiewende, and central Europe is struggling to cope.

China has long been able to divide its neighbors on sensitive regional issues, but its latest aggressions in the South China Sea appear to have galvanized opinion against Beijing more forcefully than in the past. The Association of Southeast Asian Nations will meet this week in Kuala Lumpur, and tensions are rising in the run-up. Just one day after Chinese foreign minister Wang Yi warned ASEAN that South China Sea disputes should not be on the agenda, the Philippines’ foreign ministry has thumbed its nose at Beijing. Reuters reports:

“We see no let up on the unilateral and aggressive activities of our northern neighbor in the South China Sea,” [Philippines Foreign Minister Albert Del Rosario] said at a meeting in the Malaysian capital.

“The massive reclamation activities … have undermined peace, security and stability in the South China Sea,” he said, urging Southeast Asian countries to address the issue with China. […]“The Philippines fully supports and will pro-actively promote the call of the United States on the ‘3 halts': halt in reclamation, halt in construction, and halt in aggressive actions that could further heighten tensions,” Del Rosario said in [an earlier] statement.“We will agree to be bound only if China and other claimant states agree to the same.”

Singapore’s foreign minister K. Shanmugam echoed that sentiment, telling reporters that the “South China Sea is an issue. We cannot pretend that it’s not an issue.” Similarly, Malaysian Prime Minister Najib Razak said Asean needed to “take a more active role” in dealing with regional security and “overlapping [territorial] claims.”

But perhaps most significantly, ASEAN itself as an institutions seems to be ready to step up to the plate:

But on Tuesday, Asean Secretary-General Le Luong Minh agreed with Mr. Najib’s call for a more assertive and collectively responsive Southeast Asia, criticizing Beijing for “eroding the very trust and confidence…between Asean and China” through its “reclamation activities, illegal fishing bans and the harassment of fishermen” in the South China Sea.

He urged Beijing to engage “in a really meaningful phase of consultations” with Asean to ease tensions.The U.S. has likewise encouraged Asean to impose itself on the South China Sea problem preoccupying several of its members. It would only be “natural” for Asean to address what is a “critical aspect of regional security,” State Department deputy spokesman Mark Toner told reporters in Washington Monday.

U.S. Secretary of State John Kerry arrives in Kuala Lumpur tomorrow for what could be a tumultuous meeting. Countries that are not party to the dispute (and countries like Thailand that have drifted towards Beijing under the new junta) might be able to blunt some of the language coming out of the meeting. But it sure sounds like all of China’s recent moves have finally ginned up enough annoyance among its otherwise fractious neighbors for them to put up a united front—and actually give Beijing some pause.

When Congress passes laws concerning health care, intentions and results do not always match up. Two cases in point are the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH). Understanding what happened to these two statutes as they passed from Congress to the reg writers and administrators might give us better insight into how we should expect the Affordable Care Act to play out.

HIPAA, passed during the Clinton Administration, had three goals: to allow insured individuals to change location and employment without losing health insurance coverage; to combat waste and fraud; and, ironically, to simplify the administration of health insurance. Initially, much of the work of the law involved standardizing the electronic filing of insurance claims. In 1997, the law established portability of coverage of pre-existing conditions and medical savings accounts. In 2003, compliance with the privacy and security rules in HIPAA became mandatory, establishing firmly the importance of protected health information. In 2006, civil penalties for violations of the privacy and security rules kicked in, but initially there were no prosecutions. In other words, it took a decade for the act to finish chewing reality, and when it did it little resembled its congressional sponsors’ initial vision.HITECH was enacted as part of the American Recovery and Reinvestment Act, which President Barack Obama signed into law on February 17, 2009. The main intent was to establish a nationwide intercommunicating electronic health record. It provided a financial subsidy to physicians who demonstrated meaningful use of one by 2015 and imposed penalties on those who did not do so by 2016. The program was supposed to reform medical care through public health-style research and surveillance of physicians’ practice patterns, but HIPAA privacy rules made it difficult to get the necessary data. In 2010, regulators allowed specific categories of researchers freer access to patient medical records. They also imposed stiffer reporting and notification requirements, especially for data breaches involving greater than 500 patients. In 2013, the Final Omnibus Rule updated HIPAA and HITECH by requiring stiffer penalties for data breaches, and coverage of contractors associated with doctors, hospitals, and other medical entities. It also required protection of private health information for fifty years after a patient’s death.These laws involve a series of discrete functions. One is electronic data interchange, which has helped to standardize medical billing. Historically, a physician would submit a company-specific paper claim, which required information that varied among insurance companies. With the evolution of electronic data interchange, practice management software in the physicians’ offices, internet transmission, and computerized claims management by the insurance companies have standardized and facilitated the claims process. The object of the physician’s office is to submit a “clean claim”, one that has all the required information filled out and is consistent with diagnostic and treatment codes. Several generations of elaborate diagnostic and procedural codes have evolved. The procedural codes determine the amount of payment the caregiver is supposed to receive. At least one diagnostic code must support the billed procedure code in order to establish a “determination of medical necessity.” This process is fairly well standardized for Medicare, although it can vary slightly by geographic region. Medicare administrators, however, constantly update these codes and requirements for “medical necessity”, making compliance with the rules very difficult.Most private insurers have also adopted electronic data interchange and with it the diagnostic and procedural codes. They often impose additional conditions, such as prior approval for treatment and exclusion of certain Medicare-covered treatments altogether. Medicare Advantage plans, for their part, essentially convert regular Medicare coverage to private coverage. These plans tout low copayments and deductibles with no additional premiums, but often impose payment restrictions very similar to private non-Medicare insurers.After filing the claim electronically, the physician receives an explanation of benefits from the insurance company. If the claims examiner at the insurance company (often a computer) determines that the physician is a participant in its plan, the patient has active insurance with it, and there is appropriate medical necessity, the insurance company may send payment in addition to the explanation of benefits. For Medicare and many private insurers this process works smoothly, demonstrating the successful implementation of electronic data interchange. Obtaining payment from some insurance companies can be difficult, but at least the disputes are framed by a standardized process.A second function concerns the portability of insurance. The earlier Consolidated Omnibus Budget Reconciliation Act of 1986 (COBRA) required employers to allow departing employees to purchase a continuation of their group medical insurance for up to 18 months. New employers could still exclude coverage of pre-existing conditions indefinitely. HIPAA changed this, preventing new employers from excluding an employee with pre-existing conditions for more than 12–18 months. In some ways this was more successful than COBRA, because until Federal subsidies were introduced only about 10 percent of departing employees purchased the insurance due to its high price. But HIPAA did not solve all the portability problems, to say the least.HIPAA also established the amounts that an employee could set aside in a pretax medical savings account for employers with high-deductible plans. The Medicare Modernization Act, signed by George Bush in 2003, replaced these with health savings accounts, which have the advantage that money spent on qualified medical expenses is not taxed. This has probably contributed a fair bit to the slowdown in medical consumption over the past few years. When a patient has to pay high deductibles and copays out of pocket, he spends less and consumes less, even though the expense would be covered by the amount in his health savings account.These three functional areas work, or are starting to work, reasonably well. The same cannot be said for the privacy protection provisions of HIPAA. I tried to read Public Law 104-191, but it is more than 72,000 words long. The law’s section 1177 privacy rule is only 121 words long, however, and is fairly clear in its intent to deter the “wrongful disclosure of individually identifiable health information” by fines of up to $250,000 and imprisonment for ten years. The Health and Human Services Secretary of the Department has wide authority to promulgate rules and regulations to carry out this and other aspects of the law. By 2003, protected health information had been defined to include both medical records and insurance information. This definition was eventually extended to cover any business entity that could potentially compromise the information. Complaints about violations accumulated, and the process began to yield significant fines and settlements. The evolution of electronic data sets, the internet, prevalent internet hacking, and the careless handling of private information has made this a surprisingly important part of the HIPAA law. Everyone agrees that protecting stolen medical information from nefarious uses is necessary, but there are more reasonable and cost-effective ways to do so.Relatedly, Section 1347 of the law specifies the penalties for health care fraud, including financial penalties and imprisonment, and a life sentence if the violation results in the death of a patient. This part of the statute is elaborate, and assigns investigative responsibilities and specific budgets for the first few years. The fraud program has grown gradually since 1996. The 2013 combined HHS/DOJ annual report on Medicare and Medicaid fraud showed total recoveries, fines, damages, forfeitures, and so forth of more than $4.3 billion. Special task forces now work in specific sectors, such as durable medical equipment and home health care. Also, geographically defined task forces are at work in Miami, Los Angeles, Detroit, and Chicago. This was a major intent of the original statute and appears to have been reasonably well realized.Section 192 of the statute requested a report from the Health Care Financing Administration about ongoing telemedicine services, with particular attention to their cost and a proposal for Medicare reimbursement for these services. Forbes estimated that the U.S. telehealth market will grow from $240 million in 2013 to $1.9 billion in 2018. Traditionally, individual states regulate licensure regulation and medical liability law; this creates some serious issues for Federal regulation of telehealth since these services often operate across state and even national boundaries. So far regulators have done little work on these issues.While HIPAA dealt with physicians’ payment and patients’ access to insurance coverage, HITECH deals more with the actual clinical medical records. When HIPAA was passed, there was no expectation that follow-on legislation would overtake its central founding purpose, but that is what happened.HITECH is found in Title IV of the American Recovery and Reinvestment Act. The bill contains very specific plans for private physicians, hospital base physicians, hospitals, critical access hospitals, and Medicare and Medicaid patients. The financial incentives for physicians are distributed over three years. The schedule of payments for private physicians is fairly specific, but those for hospitals and hospital-based physicians are subject to the discretion of the HHS Secretary.The software must be certified electronic health records technology as defined in the statute and ultimately by the Secretary. The physicians using the records must demonstrate “meaningful use” as defined by the Secretary, a requirement that will become gradually more stringent. The Secretary may also require electronic exchange of health information and various clinical quality measures pertaining to electronic health records. ­Almost all hospitals and large medical groups have adopted electronic health records because of the rebate incentives, which will be phased out after 2016. Furthermore, practices that don’t implement them will incur a 1–4 percent reduction in all Medicare reimbursement from 2015–17. There will be additional penalties for failing to meet clinical quality standards, which will be almost impossible to meet without having electronic health records. In 2019 and thereafter, a physician’s combined penalty for not meeting the various requirements will be a reduction of up to 8 percent of all Medicare reimbursement for that year. For larger groups there will be a third program, called the Value-Based Payment Modifier, which could bring the total penalty up to 9 percent for all Medicare billing for the year. The new modifier was mandated by section 3007 of the Affordable Care Act. The Secretary may increase the penalties if less than 75 percent of practitioners are meeting meaningful use criteria.In 2013, the Centers for Disease Control and Prevention reported that 48.1 percent of office-based physicians had a basic system that could potentially meet meaningful use criteria, while 78.4 percent used at least some electronic records. Some 69 percent of them expressed an intent to meet the criteria. In 2014, the American Medical Association estimated that up to 50 percent of physicians will be socked with some Medicare penalty in 2015. Then there is certification. Medicare maintains a comprehensive listing of certified complete electronic health records and modules. As of 2014 there were about 1,400 office-based products available and 950 inpatient or hospital products available. Many of the products are just different editions by the same vendor that accumulated as the software developed. Earlier editions, however, are still being used by practices that implemented electronic records earlier.Medicare does not rate or indicate the suitability of software in any other way. Physicians are left entirely on their own to pick an expensive, complex product for a task with which they are fairly unfamiliar. An American College of Physicians poll found that in 2012, 34 percent of respondents were very dissatisfied with their software, and 37 percent noted that it was not easy to use. Some physicians have completely abandoned systems they purchased. Now that the cash incentives have been phased out and the majority of physicians and hospitals have purchased their electronic records software, we can expect to see considerable consolidation. Medical Economics predicted that by 2018 20 companies will serve the majority of the market. In 2014, about 400 companies sold this software, and the top ten providers had 90 percent of the hospital market in hand. In the ambulatory or office sector, the top ten served only 60 percent of the market.Meanwhile, HHS has parsed “meaningful use” into three stages: stage 1, in 2011–12, focused on data capture and sharing; stage 2, in 2014, deals with advanced clinical processes; and stage 3, in 2016, will focus on improved outcomes. Achieving meaningful use during stage 1 required meeting both “core” and “menu” objectives, which were different for hospitals versus physician practices. In 2013, 59 percent of physicians “attested” to complying with stage 1, and 67 did so by May 2014. Stage 2 is structured the same way, with core and menu objectives. One core objective that is particularly troublesome to physicians requires getting patients to sign on to the practices’ medical records website and view or download the information; at least 5 percent must submit a question or comment to the physician. While this would be a no-brainer for a practice dealing with teenagers and young adults, many seniors in the Medicare program don’t have computers or otherwise use the internet. So far the HHS response is that the physician should sit down with patients and show them how to use the internet— specifically this feature of it. Since this is a core criterion, a practice that fails to meet it could lose up to 5 percent of all Medicare reimbursement. According to early estimates, only 35 percent of hospitals were able to comply with stage 2 in 2014. Not all physicians had to comply in 2014, but they will in 2015. There is no final rule yet for stage 3 criteria, but it will likely feature the same core and menu structure, with increased percentage thresholds for many older criteria. It may incorporate a few new criteria and drop the requirement that patients use the patient portal.When it comes to the electronic exchange of health information, implementation has been underwhelming. With 400 different software providers, 1,400 versions of office software, and 950 versions of hospital software, meaningful and legal exchange of health care information is practically impossible. Nevertheless, stage 2 requires that all providers provide patients a portal to medical records, and penalizes them if patients fail to use them sufficiently. Stage 3 drafts indicate that providers must give patients “relevant and actionable” office visit summaries in the form they prefer, which includes online. One can imagine a day when with an appropriate token indicating patient permission, electronic records from any source would be immediately available at any other facility. Both the Veterans Health Administration and the U.S. Military have prototypes of such a system, but difficulties have arisen in merging or sharing information between them. The military system is out of date, and replacing it with one that shares information well with its counterpart is estimated to cost $11 billion. Hapless practitioners may be required to fund this extravaganza in stages 4, 5, or 6.There is more, much more. The Physician Quality Reporting System (PQRS) in 2010 allowed eligible professionals to qualify for an incentive payment for reporting via electronic records. In 2014, officials applied quality measures to multiple programs, including the electronic reporting option for the PQRS and Medicare’s electronic records incentive system.For 2015 there are 256 specific measures and 233 groups of measures. This sounds comprehensive, but problems remain with specific, often highly specialized areas of medicine and surgery. Medicare is working with 12 specialty societies to develop measurement sets. In my specialty, ophthalmology, there are also very highly developed subspecialties. To keep it simple, our association has requested only 15 additional measures. Some of these measures can only be reported on an electronic “registry” managed by the American Academy of Ophthalmology.By the end of 2015, Medicare will provide feedback to HHS on its progress. Most anticipate increasing percentages of reimbursement for Medicare and Medicaid to be tied to these quality measures. This, anyway, is one way to bring down costs: burden doctors with nearly impossible compliance demands, and then punish them financially when they can’t keep up. If too many seem to be keeping up, HHS can always heighten the demands or change the regulations in other ways.Given all this bureaucratic minutiae, one could be forgiven for forgetting that privacy and security are the seminal purposes of these laws. HITECH contributed to these goals by establishing the Office of National Coordinator for Health Information Technology (ONC), which has developed elaborate security and privacy requirements for electronic health records and health care information technology. These requirements have in turn shaped quality measures and programs encouraging compliance with meaningful use standards.HIPAA’s formidable penalties for hospitals and physicians are still in effect, despite the increased risk of data theft posed by hackers. Ironically, the proliferation of compliance rules has in some ways actually worked against protecting the privacy of medical data, because there are vastly more files and software systems to target. A recent hacker attack on Anthem Health Insurance’s database compromised the identities of roughly eighty million patients. Will the ONC hold Anthem responsible? We will soon find out.Meanwhile, regulators allow the use of “de-identified” patient medical records in public health and medical research projects, which was a laudable goal specified in the original HIPAA statute. Market research also makes use of de-identified data, however. IMS Health, for example, collects de-identified data directly from the medical records of software vendors and health care providers. The company has compiled information on more than 33 million unique de-identified patients from 85,000 physicians around the world, which, it claims, allows it to analyze interconnections among patient care, disease progression, medical claims, and prescriptions dispensed.The ONC places responsibility for securely de-identifying a patient squarely on the provider or vendor, but offers guidance. A list (really an algorithm) of 18 identifiers must be removed—or, in the case of zip codes and age-groups, lumped together so that a patient with an unusual disease could not be identified in a small group based on zip code or age. Clearly, large companies interested in this data for market purposes are in a much better position to use it than are medical researchers doing epidemiological work.So what is the upshot of all this? Overall, HIPAA successfully has implemented electronic billing between insurance companies and providers of medical care. The electronic data interchange and associated code sets continue to evolve with reasonable effectiveness. A new diagnostic code set, called ICD-10, is scheduled for implementation this year. While its predecessor had around 14,000 diagnostic codes, ICD-10 will have 68,000. Providers will be able to make more precise code designations, but will have to search through almost five times the codes to find them. In order to do this in real time during a patient visit, a computer search algorithm is required. In subspecialties, even these detailed codes never seem to capture accurately the subtleties of disease variability and new disease categories.The “official lists” approach, moreover, has encouraged the impression that medical services are a commodity rather than a personal service. Compensation is determined by the linkage of certain diagnostic codes to specific procedure codes. This approach to medical service billing invites gaming, and a whole industry of up-coding by hospitals and physicians and down-coding by insurers and other third-party payers has developed around this system.Physicians have complained that there is no consideration here of medical expertise or surgical skill. A family practitioner, for instance, is paid the same amount as an endocrinologist for tending to a diabetic or hyperthyroid patient. The two to three years of additional fellowship training required to be eligible for board certification as an endocrinologist may help explain the present shortage of 1,500 professionals in the field.The Affordable Cart Act, meanwhile, has largely superseded COBRA’s and HIPAA’s provisions for insurance portability. Insurers cannot charge higher rates or deny coverage for pre-existing conditions. Complete coverage for new or longstanding conditions can be purchased at any time despite a lapse in insurance or no prior insurance. Hospitals allegedly purchase insurance for non-covered indigent patients at the time of admission, and then allow the insurance to lapse after discharging the patient. Physicians see patients who present an insurance card issued a month or two earlier, during a hospital stay. The insurer does not confirm or deny coverage while the patient is in the office, but later declines to reimburse for services rendered because the patient has not made any further payments. The Affordable Care Act specifically forbids the provider to bill the patient directly in this situation. Apparently, the law has replaced a portability problem with an “un-report-ability” problem.Health Savings Accounts, on the other hand, have been successful and popular. They encourage personal responsibility through tax deductions. In July 2014, 17.4 million people had one. This helped soften the impact of the new trend toward higher deductibles and copays for younger people who are basically healthy but would require a lot of medical care in the event of sudden illness or injury. Progressives and liberals argue, however, that these accounts are merely a tax shelter for the wealthy and middle-class and complicate efforts to promote what amounts to socialized medicine. Obviously, few individuals who live from paycheck to paycheck will be able to implement a health savings account.HITECH’s privacy rule and security promulgation constitute an elaborate and still-evolving area bound up with the threat of cyberattacks, which large corporations and government agencies are barely able to manage. Individual practitioners and small groups have minimal resources to counter this threat, but the very diversity and isolation of small health care databases make them less interesting to ego-driven hackers. Hopefully, cyber defenses will be stronger by the time health care databases become even more interconnected.Consider, too, the alarming news that credit card data now can be de-anonymized with just three or four pieces of information. Although there have been no reports of this in the HIPAA area, one wonders about the fact that pharmaceutical companies always seem to know which physicians are prescribing how much of their products. Crossing these personalized data sets with the de-identified data sets could conceivably de-anonymize them. It seems like a general benefit to allow health care researchers access to de-identified data and, perhaps, a necessary evil for professional societies to use registries to permit compliance with quality measures. Although most of us could accept restriction of commercial access to this database, it is difficult to imagine the commercial lobbies agreeing to that distinction.The campaign against fraud and abuse in Medicare and Medicaid has been relentless. However, the balance between overzealous prosecution and inadequate enforcement of the statutes is obviously a central issue now. The actual statutes regulators have enforced include the False Claims Act, Anti-Kickback Statute, Physician Self-Referral Law, Social Security Act, and the United States Criminal Code. The Office of the Inspector General has the authority to exclude providers from HHS programs and to impose civil monetary penalties. DOJ and HHS have jointly formed the Health Care Fraud Prevention and Enforcement Action Team. Medicare has contracted audit and investigation with outside contractors in several different programs, including comprehensive error rate testing contractors; Medicare administrative contractors, which pay claims and enroll providers and suppliers; Medicare drug integrity contractors; recovery audit program recovery auditors; and zone program integrity contractors. Between 2008 and 2012 Medicare recovered $16 for every $1 invested in the effort. Recovery auditors’ payment is based on the bounty system, which has led to the perception that they are often overzealous. In 2013, Senators complained that the drug integrity program had been ineffective in detecting fraud and abuse in Part D and Part C of Medicare, since most of the investigations were referrals from a patient tips hotline.The implementation of electronic health records is incomplete, fragmented, forced, expensive, and, in the end, more focused on rules than patients. Treating a patient requires a physician to synthesize a large amount of information gleaned from talking to the patient, physical examination, classical education, recent literature, interaction with peers, and personal experience. The better and more experienced a physician is, the more efficiently he or she can narrow the relevant priorities for diagnostic testing, differential diagnosis, treatment, and patient explanation. By contrast, most health records software is encyclopedic in nature. It involves entering huge amounts of documentation into computer templates that must meet the criteria of the “certified” software. Since most of this must be entered manually, this has had the effect of turning physicians into data entry clerks. Some physicians began to use “scribes” to enter data. At first Medicare forbade this, but eventually relented. No funds, however, are provided for this additional personnel expense by the physician.Much of the “certified” electronic records must be “structured”; that is, they must consist of branching punch lists of medical history, physical examination findings, diagnostic codes, and procedure codes. Additionally, now that the government has seen that a reasonable fraction of physicians can handle this, they are adding more lists certifying specific quality measures and meaningful use. Physician judgment doesn’t fit into any of the boxes in the punch lists, and yet physician judgment is the most crucial element for successful treatment.If doctors spend more time recording marginally relevant and irrelevant data while jumping over Medicare’s imposed hurdles, they have less time to interact with patients and consider higher-level judgments. Since decreasing payments have forced physicians to be more efficient, there is only so much time that can be spent on each patient. The whole process has been hugely expensive. Most practitioners have delayed implementation as long as possible. Incentives were offered for early implementers, but they will be phased out next year, and initial incentives are not enough. Providers think electronic records are an immediate money-loser with increasing loses the longer they are used. Significant penalties for not using them are to be implemented progressively over the next five years, and hospitals and physicians will bear the bulk of this cost. Electronic records have a significantly negative net present value, meaning that the individual is immediately poorer as soon he decides to proceed with the project. Many older physicians understand this and have decided to continue with paper records until the penalties drive them out of business.The future is very uncertain. HHS is committed to ever more stringent meaningful use criteria, which will call for continued rewriting of the software. An enormous consolidation of software vendors is coming; what happens if your software vendor goes bankrupt or just loses interest? The provider is in the position of paying the software vendor to update the software and may need to buy a whole new system from a surviving vendor.HIPAA is about insurance payment and coverage, accounting and electronic transactions, privacy, and the prevention of fraud. It was successfully implemented because these are all familiar functions of business, finance, and government. These familiar functions were easily adapted to the health care industry, Medicare, and Medicaid. It is essentially finished business.HITECH is about the computerization of medical records, public health research, and improvement of medical care by enforcing standards set by the HHS Secretary. It is doing now what HIPAA thought it was going to do years earlier. HITECH is optimistic, grandiose, forced, and, to date, only marginally successful. By its very construction, it is vulnerable to administrative overreach and political whim. One can see how the relative success of HIPAA would lead bureaucrats and technocrats to believe that HITECH was the logical next step. If physicians can match up a list of diagnoses to their billable diagnostic tests, treatments, and procedures, surely they can match lists of symptoms, physical exams, test results, and differential diagnoses to the diagnostic codes. This line of reasoning is a common fallacy among public health physicians and others interested in “the big picture.” All the while, physicians were grumbling about fitting odd-sized diagnostic feet into standard-sized diagnostic shoes. Similar problems apply to the procedural code sets. Physicians and hospitals were paid well to go along with this charade, so they grumblingly complied.Extending this line of reasoning to the actual management of patients is a step too far. “Meaningful use” of electronic records is debilitating to meaningful patient management. The “quality measures” often bear the stamp of public-health-style thinking. They are often trivial, mechanical, and superficial. Sometimes they hold physicians accountable for the behavior of patients that is really the patients’ own responsibility.The overwhelming cost of this program is forcing physicians to retire early, abandon private or independent practice, and reduce capital investment in ordinary equipment needed for their practice. The costs are not monetary alone. They also make misguided demands on physicians’ time and require too much attention to list checking. This leads to shallower clinical effort and less personal treatment of patients.HITECH is fascinating in many ways and has advanced the computerization of medicine greatly. However, a truly meaningful goal would be to slow the implementation rate and cut back its financial penalties while allowing computer technology to be adopted in a less regimented way. The program does not need to be completed in three years or by any specific deadline. Let us recognize the limitations of “cookbook medicine” and stop the trivializing “quality measures.” Physicians who actually see patients and suffer the consequences of this system should at least be equal in management authority with the non-clinical public health doctors and overreaching technocrats who, it seems, could not care less about actual health care.

My “compliance officer” (required by the OCR for each practice) seems to have the idea that patients can only be called by their first name from the waiting room. This policy can cause some awkward moments when a twenty-something is summoning an octogenarian by his or her first name. Patients perceive it as disrespectful and demeaning, adding to the feeling of depersonalization creeping into medicine. This seems especially ironic in one smaller town where most people seem to have known each other since grade school and appear to be actively catching up on gossip in the waiting room. Also, there can be several Roberts and Janets in a good-sized waiting room at any one time. Fortunately, our portable EHR incorporates patient photos with the potential to sort this out.

I estimate NPV for EHR implementation for my three-physician practice to be a net loss of $449,000 over the first ten years at a 7 percent discount rate. This calculation includes software, hardware, incremental internet costs, a 15 percent risk of having to replace our software, and incremental IT support, as well as supposedly off-setting incentive payments for qualifying EHR. This will allow us the option of avoiding $618,000 in penalties over the next ten years. You can look at this as a net gain of $170,000 or a net loss of $449,000 for the EHR and a further loss of $618,000 due to provision of unproductive and uncompensated compliance services provided to CMS, for a grand total loss of $1,077,000.

The UK’s National Health Service is facing a potential £2 billion shortfall for 2015-16, with about 80 percent of hospital trusts expected to post losses. This is raising concerns that the system’s finances are currently unsustainable. David Bennett, a chief regulator in the UK’s health system, has instructed NHS foundation trusts to review their budgets for places to cut money and has said that they should only fill “essential” vacant staff positions. The government has promised to spend £8bn more annually on the service, but also requested £22bn in cuts.

The challenge in the UK, as in the U.S., is that an inexorably rising demand for health care is bringing higher costs with it. The Times (of London):

Chris Hopson, the chief executive of NHS Providers, which represents NHS trusts, said: “What’s happened is that demand in the NHS has grown by 4 per cent per year—and it’s done that ever since the NHS was first founded—and whilst the government has increased funding over the last six years, it’s only been by 1 per cent, so we now have this 3 per cent gap,” Mr Hopson told BBC Radio 4’sToday programme.

“We’re now in a position where if we’re going to make the NHS budget in 2015/16, we need to do some really urgent things and what the letter from Monitor says is, to all trust chief executive and to trust boards, is to think carefully about any vacancies that are currently not filled and whether they should be filled or not.”

Hopson added that the NHS’ financial situation will become even more pressing during the coming winter.

The health care crisis, as we’ve pointed out before, is to some degree a global phenomenon. No matter what kind of system one has, costs are rising across the industrialized world. Having a more public system doesn’t appear to halt that trend. The U.S. and the rest of the West are in the same position in that respect: Governments need to find ways of making health care cheaper and better by revamping outdated and dysfunctional service delivery. If they don’t, the NHS fiscal crisis may seem mild next to what the future holds for the health care systems of the industrialized world.

It’s all over the wires: Puerto Rico has defaulted on its $58 million payment to creditors of its Public Finance Corporation, which was due by the end of day. San Juan’s treasury only managed to scrape together some $628,000 towards the total. The government had tried to argue that the PFC bonds were of a different category—and had a different legal status—than general obligation debt. Credit rating agencies rejected the argument. “Moody’s views this event as a default”, Moody’s analyst Emily Raimes said in a statement, according to Reuters. “This is a first in what we believe will be broad defaults on commonwealth debt.”

What now? A whole lot of mess, more than likely. WRM wrote at length on Friday about what needs to happen next, in case you missed it. The kicker from his piece:

The United States faces some serious issues as the 2016 election cycle begins; the blue model meltdown is bigger and in its way more toxic than anything that happened at Chernobyl. Reporters and voters should be asking candidates what they plan to do about it.

The Republican debates start this week. We hope the fourth estate will be rising to the occasion.

The White House is finally putting the blame squarely on China for the recent hack of the Office of Personnel Management that compromised sensitive data for over twenty million Americans. The attack was the biggest breach of U.S. government data ever. Coupled with repeated statements by top White House and DoD officials to the effect that cyber attacks could, in theory, constitute acts of war or aggression, this leaves Washington with a difficult question: To retaliate, or not to retaliate?

According to the latest announcement from the Obama Administration, it appears we’re going with “retaliate,” though we don’t know how and when. The New York Times reports:

The decision [to retaliate] came after the administration concluded that the hacking attack was so vast in scope and ambition that the usual practices for dealing with traditional espionage cases did not apply.

But in a series of classified meetings, officials have struggled to choose among options that range from largely symbolic responses — for example, diplomatic protests or the ouster of known Chinese agents in the United States — to more significant actions that some officials fear could lead to an escalation of the hacking conflict between the two countries.

That does not mean a response will happen anytime soon — or be obvious when it does. The White House could determine that the downsides of any meaningful, yet proportionate, retaliation outweigh the benefits, or will lead to retaliation on American firms or individuals doing work in China. President Obama, clearly seeking leverage, has asked his staff to come up with a more creative set of responses.

This underlines just how grey an area cyber attacks are. Given the stakes, it’s alarming that we have nothing but vague answers about what to do when an opponent steps onto our virtual turf. For now, all anybody knows is that we are playing a new game—and no ones’s quite sure what the rules are.