Slashdot Mirror
Your Privacy and Offshore Outsourcing
An anonymous reader sends in a link to this story about medical transcription work and patient privacy. You probably recall the original story (from around October 2003), but the Chronicle here does a great job of tracing the entire chain of sub-sub-sub-sub-sub-contracting.
Does anyone have a free-market solution to this? I would hate to see Democrats legislate this to hell. IMHO overlegislation will solve 1 problem but cause another...
But while the above point is interesting, it's somewhat irrelevant to this case: the breach of contract occured in the US:
Basically, while the article brings up the interesting concept of what offshoring information can do, this particular case of offshoring is really not the greatest example, since the breach of contract occured in the US. And yet we have sensationalist newspapers like the Chronicle and opportunistic politicians who call themselves privacy advocates; the current state of affairs is fucked. The comment leads me to believe that he didn't even RTFA:
Most transciption services are now computer-transcription now anyway.
You speak. Human transcribes. Computer learns. Human error checks... eventually the computer is good enough that the human is not needed at all.
We are using this system now. It, of course, sucks compared to a real transciptionist... but it is 10 times cheaper.
Davak
All docters should have their computers transcribe their dictations like my father does.
Well, hope God helps you when you get "an a cute case of men in vaginas".
Seriously, I haven't seen any natural-language software reach the point where I would trust it with medical information. I would rather get the right treatment than someone fucking up my patient records...
Not to mention the cost of a doctor having to sit down and error-check afterwards, etc. If you look at a doctor making $100/hr (hey, they went to 7+ years of school, residency, internship, etc) that would add even more to the current cost of health care.
On an unrelated note, my uncle (who is a doctor), works in the ER. He says that because persons on Medicare don't pay for amublance rides, he sees people in the ER who have cuts on their fingers, minor abrasions, etc, who have their ambulance rides paid for by us, the public. And considering one of my friends got billed $1000+ for a recent ambulance ride, I think we're getting screwed.
HIPPA stresses patient privacy--and goes way overboard. But that's a different discussion.
The question is not if this is a HIPPA violation... which it clearly is. But is it a violation of US law at all?
If the presidental candidates want to win over the working class, make companies that send jobs overseas follow the same rules we do. Pay taxes, not pollute, no child labor, and even HIPPA -- why should they get to drop the US rules just because they cross the border?
If I get a ticket in Texas, points still go against my license here at home.
Why should a big company be treated any differently?
Davak
If people perceive the offshoring to give some privacy risk then they will perhaps be prepared to pay an extra $5 or $10 or whatever each month to a service that guarantees your case will be handled by an American. Alternatively, a company that advertises that they guarantee American processing will get a competitive advantage over their offshoring competition.
It seems hypocracy to me that those that bitch about losing their jobs to India don't seem to mind wearing Nikes made in Philipines and having Korean RAM in their PCs.
Free market means paying for things you value, not just bitching about things.
Engineering is the art of compromise.
Well at least the majority of Americans are not raising the issue to either companies or their representatives. For the past few months, e-loan has been giving it's customers a choice of where their loan applications are processed (India vs US). Even though these customers knew their private info was going to be shipped overseas, 86% chose India because the processing time was 2 days shorter. Bottom line, American's have a fast food mentality ... ie the cheapest, quickest way will always win.
As for the story, I work as a consultant in the Health IT arena, and have all too often seen private data mishandled. However standards are greatly improving in the US, but this is only due to the threat imposed by legislation and civil lawsuits. Will 3rd party companies overseas have the same incentive if they are outside of US jurisdiction? Probably not
I have been doing technical support for IBMs dictation software for a while in 1996-97 and a substantial part of our customers back then were doctors and lawyers. Both used special purpose dictionaries and reported that it worked quite well. I would be really surprised if this has gotten worse in the last few years.
Things like medical transcriptions are a lot easier then general purpose transcriptions for a computer and can be a lot more accurate due to more specialized and limited dictionaries.
Seriously, I haven't seen any natural-language software reach the point where I would trust it with medical information. I would rather get the right treatment than someone fucking up my patient records...
Actually, I used to write medical software that had an autotranscription component using Dragon's software, and given a medical dictionary to select from and a proper training cycle, it was incredibly effective. The physician or a designated individual still had to approve the report, but very rarely were there any problems with transcription (we tracked corrections through the system so we'd know how effective it was, and after a proper training cycle it was better than 96% effective.)
on the subject of the cost of healthcare, doctors using our system loved it specifically because it allowed them to accomplish more work (for a lot of reasons, not just the Dragon software) in the same period of time, which helped the hospital keep costs down. Did that drive down medical costs for everyone? of course not--but not because things were more expensive. Face it, people are greedy. Insurance companies never cut rates, nor do doctors start working for less money. hospitals won't start charging appropriate costs back to the patients until they're forced to through legislation (which should be accompanied by a national healthcare system or a system to provide insurance coverage to the 40 million of us without it, to keep hospitals in business.)
So basically, what you are saying, is that if you want to do business in the US, you have to follow US laws all over the world? That smacks of cultural imperialism if you ask me! The US can keep its laws in its own damn country. Certainly, I'd hate to see anything like PATRIOT or DMCA get spread any further than it already has!
A deep unwavering belief is a sure sign you're missing something...
This information didn't go out in boxes that customs can search, it was sent down a wire at the speed of light. It went off-shore against the law because someone decided to charge local rates then pay for some under-protected borderline-slave labour person to do it at a fraction of the cost.
The companies involved are dead, destroyed by this act of stupidity. Short of jail time (costly to society and not especially approriate when someone isn't a physical risk to the community) things can't get much worse for the parties involved.
In Europe this would have never ever happened: our laws are very strong regarding to personal data and privacy.
I work for a German company where the personal data of German customers is 100% available to the customer support center in Singapore. There's nothing stopping a similar privacy leak happening to this European company.
Don't blame me, I didn't vote for either of them!
It's funny that the US is getting upset about data processing "beyond the reach of U.S. authorities", because already some years back, it used to be the other way round.
For several years now, some larger German companies used to offshore their customer data processing to the USA. Some claim this is also done because of the USA's less strict privacy laws that allow for far more data profiling than allowed in Germany. There is also growing concern in German media that it will be impossible to control such outsourced data and that there is no way to ensure that customer data will not be used by the American procesing company for other purposes or sold to third parties.
One such example was the Bahncard, a price rebate system for the national railway. For a few years, it came combined with a creditcard option and its data would be shared with an external partner of CitiBank US for customer profiling, including a photograph, a full credit history and all payment data of the user.
------------------
You may like my a cappella music
AFAIK, that's already happening for largish transcription jobs. ;-) :-)
Even without the patient identities, there are multiple ways to abuse such information, including selling it to drug companies as demographic data
The problem, as the article pointed out, is that the US laws cannot be used in most cases to control what people abroad do with the data. The solution there is to send out sensitive data only to established corporations, and not cheapen out to such an extent. Wipro or Infosys (two largest oursourcing companies in India) would never dare blackmail their clients or compromise their data, cause their skins would be on the line for other jobs they might want in the future..
Talking about privacy, why do people assume that data in the "third-world" is so insecure? Indians are even afraid of punching in their PINs in the telephone lest someone would decode them by listening to the beeps. Ever wonder about that here in the US?
Separating the data from the patient makes perfect sense. But consider this: someone has to match the data back up with the patient identification again later on. And that has to be *perfect*. Not pretty close, not five-nines close, *absolutely perfect*. One screwup and you've potentially killed someone. Do you trust your outsourced worker not to alter a digit of the patient identifier? Probably not, which means you're going to have to check the data constantly.
Where I work, we've looked at outsourcing our pathology transcription business. We decided against it, because we want to keep control of the entire process.
We keep our costs manageable by a fanatic concentration on efficiency and productivity. The process is as streamlined as it can be, and are constantly vigilant on how we can keep the process running smoothly.
We manage to stay profitable in a business that's as cutthroat as it gets. And we pay a decent salary (even by San Diego standards!) for good transcriptionists who can meet their accuracy and productivity standards.
A big L Libertarian wouldn't have a problem with this as they would argue that the companies involved would suffer when they were sued.
A little l liberarian (such as myself) realizes that the average joe can't afford to go up against a major corporation. Less government is good, no government is bad.
-- Will program for bandwidth
Since the US has been attacking the EU over its implementation of precisely the sorts of laws you're talking about the US would be in a poor position negotiating with the EU if it did so.
How long before they'd be attacked as a non-taffic barrier under NAFTA or WTO rules?