Your Privacy and Offshore Outsourcing

An anonymous reader sends in a link to this story about medical transcription work and patient privacy. You probably recall the original story (from around October 2003), but the Chronicle here does a great job of tracing the entire chain of sub-sub-sub-sub-sub-contracting.

Weaker standards?

[LostCluster]

American law sets out very tight restrictions on what our doctors can do with our private records, and there are stiff penalties for any individual who violates trust with this data. Could sending these tasks overseas cause there to be less-strict laws regulating the handling of private medical info?

Re:Rather have it offshore

[robbyjo]

Well, if this person decided to publish the record on the web and do Google bombing to crank up the search on certain keywords, it would come worse than your gossipy old cow....

Re:Transcriptionist

[Ateryx]

All docters should have their computers transcribe their dictations like my father does.

From your comment, I hope your father does as well... a few letters can make a huge difference in what drug is given/how much drug is given. Especially if the pharmacist just blindly fills the perscription. (For more info please see: "High Malpractice Insurance")

Re:the point to be made here

[Rick+Zeman]

Before we get to all the anti-India comments

Can we bash Pakistan instead?

Re:Transcriptionist

[Scoria]

All docters should have their computers transcribe their dictations like my father does.

I'm a little incredulous. Yes, voice transcription software is becoming impressively accurate. In a scenario where just one discrepancy can potentially endanger a patient, however, should physicians be applying the current technology?

On the other hand, one could argue that a traditional transcriptionist is also capable of committing mistakes, and that argument is completely valid. However, there exists one difference: The transcriptionist is more likely to be held accountable than a software vendor, even if outsourced. ;-)

*sigh*

[TheCabal]

I work in a similar industry, handling patient claims information. This story has been circulating around for a while. What really grabbed my attention from this article was the statement of Transcribe Stat's owner.

"After 23 years in business, it took just one little e-mail to ruin me."

And there it is. These are the things that keep me up at night, watching firewalls logs and everything else that keeps me from getting a good night's sleep.

Re:*sigh*

[mandalayx]

I work in a similar industry, handling patient claims information. This story has been circulating around for a while. What really grabbed my attention from this article was the statement of Transcribe Stat's owner.

"After 23 years in business, it took just one little e-mail to ruin me."

And there it is. These are the things that keep me up at night, watching firewalls logs and everything else that keeps me from getting a good night's sleep.

Interesting. Looks like we just found the free market solution that will regulate the market by itself. (of course, assuming free press, lack of public apathy, and no monopoly)

But on a human-interest level, my sympathies to Transcription Stat.

contactors must be held responsible

[fermion]

The problem really is that subcontracting is meant to pass responsibility to another party. The person who contracts the work, as is the case woth, for example, Walmart or Nike, is allowed to feign ignorance and tends to be resolved of all responsibility. This situation, of course, gets worse as you move down the chain of subcontractors. It is a situation in which contractors are taking money for doing little more than taking a cut for mailing some paper.

The truly scary part is that the US government is trying to outsource everything as well. This includes the IRS, which means that your personal tax information is going to be in hands of some work-at-home person making $1 per transaction filed, stored on the computers on some half-assed system administrator. The original contractors will have no responsibility as the contracts will be written to require minimal due diligence and almost no penalties for infractions.

This of course has been defended as completely consistent with all current privacy laws. In addition, the somewhat friendly people at the IRS, a result of new regulations that resulted from the friends-or-Reagan audits, will be replace with the same people who call during diner asking you to buy their product, or yelling at your children because their parents did not pay a bill.

Re:the point to be made here

[be-fan]

You don't have to be a neo-con to believe in the free market. You just have to have a brain. I'm a yellow-dog democrat, and I still realize that protectionism is bad.

Re:the point to be made here

[be-fan]

India is doing great? In what alternate reality? Try to see beyond the tiny little area of IT work and see that India is really not doing very well.

China is, on the other hand, doing very well. However, they've also been moving strongly towards a free market economy. For example, they recently joined the WTO.

Historically, the countries that have embraced free trade (France, Great Britain, Germany, United States) have done better than those who have not. Indeed, if you study economic patterns in western Europe over the past six or seven centuries, you'll see a strong correlation between increases in free trade and increased economic power.

Interesting update to the original story

[geekwench]

The story was first posted back in October, before the investigation was completed. The facts that have since come to light add a whole new dimension to this outsourcing fiasco. (You can read the original Slashdot article here.)

I'm trying to decide if Ms. Newburn is an out-and-out hypocrite, or just spectacularly inept at fraud. She apparently sends the work to Pakistan, ignoring any concerns about professional ethics, and creates "Tom Spires" to cover her posterior; then cries about how awful it is that American jobs are going overseas, once her house of cards comes crashing down. This situation really calls for the old question: "What the hell were you thinking?!"

Re:Interesting update to the original story

[eclectro]

I think you hit it. "Tom Spires" and Newburn are one in the same.

She new that what she was doing was wrong. But greed pretty much overrided that.

I really think that a prosecutor somewhere needs to make an example of her.

Re:Transcriptionist

[thedillybar]

Seriously, I haven't seen any natural-language software reach the point where I would trust it with medical information.

Would you rather have it outsourced to someone overseas who your doctor met on the Internet? That more-or-less happened here. The person can't be held responsible.

US authorities would have a hell of a time finding them, and, if they did, there's not much they could do anyway. Do you still think this person is more reliabile than computer software? I don't think either is reliable enough.

I warned people about this last year

[HangingChad]

This is only the beginning. Do you think foreign governments are going to respect your privacy? Imagine going to a meeting and the person on the other side of the table knows all the meds you might be taking and all your credit card transactions for the last six months. Sure, sign with us and we can keep your little secret about that apartment across town out of the news.

Let's see them prosecute identity theft in Bangladore. It's only a matter of time before people who make 3 dollars an hour start figuring out how to turn your financial data and credit card numbers into $$$$$.

Re:I warned people about this last year

I don't understand why some blackmailing being done in a terrorist country is being stereotyped to a different culture altogether.
Pakistanis are known as backstabbers everywhere and if they don't change their habbits, that doesn't mean that all civilized nations India, Canada, Philippines, Mexico are like that.
From experience, Indian and Canadian governments, in particular, have very strict laws to protect any kind of security leaks.

Re:Rather have it offshore

[rodgerd]

And you could then have her dealt with under US law. What's the US going to do to get the Indian? Invade? Shit, most of your Army's tied up in a country with 20 million people and no WMDs; the Pentagon isn't going to go after a nuclear power for the sake of your medical records.

Re:the point to be made here

[rodgerd]

I'm sorry, your present legislative representatives are busy making it harder to sue and capping awards under the guise of so-called tort reform; they're not interested in making it easier for you to sue an insurance company for fucking you over.

Nor will they be, until you can ante up a few million in bribes. Sorry, donations.

Those are the risks of outsourcing...

[baywulf]

A medical transcription company outsourced its core business of transcription and lost control over the details. Now they pay the price.

Separate medical data from patients?

[fembots]

Wouldn't it make sense to separate data from patients? This is like Database Design 101.

So patient medical records can be transcribed by anyone without leaking the identities, and the patient details are held in another database.

So if someone wants to post a medical record, it can only go as far as "Patient DFA12435 has xxx, HA! HA!".

Re:Separate medical data from patients?

Wouldn't it make sense to separate data from patients?

I'm no expert on medical transcription, but this approach seems fundamentally flawed. The doctor dictates his findings into a computer microphone - wouldn't he want to include the patient name in there? Identifying the patient only by number might work, but what if one number is wrong or unintelligible? Wouldn't the medical info be assigned to the wrong patient? OK, you could cross-check the records after transcription with the people who were actually treated by this doctor on the day in question, but I'd bet this would be more of a PITA than the current system.

Instead of failure at Database Design 101, it's more likely an application of KISS - Keep It Simple, Stupid. Doctors don't mind using patient names, and neither do transcriptionists (it's not their names). So names it is.

She is lying.

[SmallFurryCreature]

What it took to ruin her was her own greed. She was hired to do the transcribing. But instead of hiring her own people, checking those people, checking their work she outsourced it to a lower bidder.

This has nothing to do with countries and law this has to do with your privacy being handled by the lowest bidder.

Each step in the chain shows someone wanting lots of money for not doing anything. If hospitals and others were serious they would do the transcribing in house. But of course that is no longer allowed. Focus on your core capabilities has become the watch word. So that a place like a hospital is now really a meeting hall for outsourcing companies. From temp nurses to cleaners, from caterers to office staff. No one works for the hospital, they all work for the lowest bidder.

Neat eh? And the funny thing is? Medical bills only seem to go up. Why am I paying more insurance when all this cost saving is going on?

Why?

[SmallFurryCreature]

She was payed to transcribe. Instead she outsourced. She got paid to keep records confidential, she didn't instead going with the lowest bidder to maximize her profits. No doubt offering the lowest bid herself making other respectable companies loose out on the contract.

No this whole story is one of greed and it starts right at the patients. After all they want low low insurance and medical bills. So the hospital saves by outsourcing instead of doing it in house. The outsourced company outsources again instead of doing it in house and so on.

Feeling sympathy here is misplaced. Each and everyone involved, including the patients, is a victim of their greed.

Maybe I am just a cynical bastard.

This is insightfull?

[SmallFurryCreature]

This story is about doctors SPOKEN notes being put in writing. The doctor is supposed to do database abstraction while doing surgery? I know doctors are not the dumbest people, although their blunder kill thousands each year, but that might just be a little bit diffiult.

Seperarting database records like you suggest is indeed possible. You could easily seperate a patients credit history from their medical history. Doctor don't need to know payment details and the collectors don't need to know medical details.

But in this case that is impossible. Medical details do belong with the name.

Re:Bottom Line ... Americans Don't Care

[WindowlessView]

86 percent of the customers...are choosing to take advantage of the faster processing time...the ability to close their home equity loan in ten days versus twelve days.

Why is overseas processing two days faster? Does e-Loan not have sufficient staff in the US? Are the computers faster in India? Is the company unwilling to pay for a 2nd and 3rd shift to facilitate domestic production around the clock?

If they want to make this comparison then job exporters need present the real choice faced by consumers in most offshoring situations: are you willing to ship your private documents overseas if it is no faster than domestic processing and e-Loan will keep all of the labor savings for their executives' year end bonuses and stock option plans?"

Poorly hidden protectionism

[mi]

From the article:

"There's no remedy for a U.S. citizen if his information is compromised." [California Sen. Joe Dunn, D-Garden Grove]

Nonsense. Plenty of countries have perfectly good laws on privacy -- especially, the privacy of medical records. This is just an attempt to score some points with outsorcing-scared electorate without upsetting the pro-business part of it too much.

Even if so, as long as the original customer (the hospital in this case) is in US, the victims have someone to sue. It should be left up to the hospital to decide, not mandated by law. Sooner or later WTO will demand, California drops this law... And I'll support them.

Plenty of vitally important stuff is being made abroad -- medical equipment, cars, food. By this Senator's logic, we should not be importing any of it because "there is no remedy" in case the manufacturer screws up.

Re:The free market solution

[cyril3]

if there is a perceived value for a service, then it will come into existence and people will pay for it

I think the theory says that if there is a perceived profit to be made in providing a service then it will come into existence. A small but telling difference.

Services exist because someone offers them in the hope of making a profit. Advertising exists to ensure people understand they have a need for the service.

If people perceive the offshoring to give some privacy risk then they will perhaps be prepared to pay an extra $5 or $10 or whatever each month to a service that guarantees your case will be handled by an American.

This confuses two separate groups; the hospital (people in the quote above) and the patient (your in the quote). The patient doesn't have any say in what happens to their records within the hospital system neither do they pay for the service anyway. The hospital is only concerned in the long run with confidentiality because of laws and potential lawsuits. If they can save a few $ then they will make the decision about risk of breach of privacy based on that rather than directly on the desire of the patient.

Everywhere you look in the Healthcare system you run into head snapping examples of moral hazard at work.

It seems hypocracy to me that those that bitch about losing their jobs to India don't seem to mind wearing Nikes made in Philipines and having Korean RAM in their PCs.

That is a very simplistic view of the role of international trade. Are you prepared to stop importing and exporting goods and services. If not then it's perfectly reasonable to question the extent of movement of capital and labour across borders. Especially if you are direct effected by it.