Wednesday, April 06, 2011

What They Know

Here's a picture of the back of my badge at the recent American College of Cardiology Conference held 2-5 April 2011 in New Orleans, LA:

And here's the scanners used to track those RFID tags above one of the conference rooms:

I wonder what they know about me and if I'll still get credit for the sessions that I walked out early on?

-Wes

Addendum 8 Apr 2011: here's an excellent take on these issues from Calvin Powers from IBM's blog.

18 comments:

  1. I'm glad you shared this bit about the 2011 ACC conference. What I wonder most is who "they" are.

    ReplyDelete
  2. Elaine-

    Not only "who" they are, but how much this costs and who paid for it, how the data is linked to our personal information, if the data were also collected at the industry booths we visited, etc. etc.

    Finally, shouldn't doctors be able to "opt out" of this?

    I can see the folks around a table thinking how great this will be and what the return on their investment for this data.

    Lots of unknowns here.

    If we care so much about patient privacy, maybe we should ask some uncomfortable questions about how much we care about physician privacy and the influence industry has in collecting this data.

    ReplyDelete
  3. Wes,

    I agree this is troubling and unpleasant.

    If you tore off the RFID from the badge, would you still be able to go in to sessions and the exhibit floor, or was there someone at the door looking at the scanned data.

    Is there any evidence that the CME application is tied to the RFID data?

    Was there any fine print that you can find disclosing how this data will be used? Did you "consent" to being tracked in the meeting application materials? Is there a published privacy policy?

    Did you see readers on the exhibit floor too? How closely are we being tracked?

    Have you expressed your questions and concerns directly to ACC leadership?

    I think this is potentially a big deal. (or maybe I'm just paranoid).

    Jay

    ReplyDelete
  4. A simple test of its requirement for attending the meeting would be to excise the transmitting parts with a razor blade, and park the transmitter in the bathroom the whole time ;)

    ReplyDelete
  5. Actually these RFID tags are from the bars in the French Quarter that monitor your consumption of Hurricanes.. sponsored of course by us equipment vendors who will wait until you are obtunded and show involuntary Opsoclonus
    signs so we can get you to put an X on a PO for an expensive non CMS reimbursable piece of equipment that will be obsolete 2 weeks after it is installed.

    ReplyDelete
  6. DrWes,

    I see your frustration, but you don't have my sympathy.

    I live in a world where an electronic device implanted in my chest counts my every heart beat, tracks my physical activity, looks at the build up of fluid in my chest, knows my implant date, and even the dates of visits to my EP's office. It also tracks its own performance and the possibility of its malfunction.

    Yet it shares none of this information with me, the originator of the data and its rightful owner.

    But wait, it doesn't stop here. The implantable device is wirelessly connected to a proprietary, closed network created and run by the same people who built it. And in addition to my data "they" also track data collected from half a million other people like me.

    Furthermore, the manufacturer has unrestricted access to all of this data and can use it however it sees fit. For example, it can look at how the leads of my ICD are performing in comparison to similar models implanted in other people and make adjustments or improvements to their product line based on this valuable information.

    No one ever asked me if I'd like to "opt out" of sharing this data with the corporation who sold me the gadget. And yet I am kept out of the loop and in the dark. (Sure, they'll humor my occasional request for a print out just to shut me up. But that's far from enough in my view.)

    Such is my world. I'm sure you'll agree it is, in some ways, like roaming the conference rooms of 2011 ACC not knowing how your RFID data will be used. But one thing can be said about remote patient monitoring. It sure seems a lot more like remote patient surveillance, doesn't it?

    Hugo Campos
    ICD User Group

    ReplyDelete
  7. Wes,

    A little bit of digging led me to this:

    http://www.alliancetech.com/dmdocuments/ACC%202011%20-%20Press%20Release%20FINAL%20FINAL%20(pdf).pdf

    Ourr privacy is being sold to marketers as you suspected.

    Please get the word out about this.

    I, for one, think this is highly inappropriate.

    Jay

    ReplyDelete
  8. Jay -

    Nice detective work! (I've saved a copy of this on my server in case this copy suddenly "disappears" from the internet.)

    I left a query about this on the ACC's Cardiosource blog (http://blog.cardiosource.org/) but the comment was not published - I suspect it won't be.
    I am sure they are aware of this thread, however.

    ReplyDelete
  9. This action also violates the FTC's Fair Information Practice Principles

    The core principles of privacy addressed by these principles are:

    1. Notice/Awareness: Consumers should be given notice of an entity's information practices before any personal information is collected from them. This requires that companies explicitly notify of some or all of the following:
    identification of the entity collecting the data; identification of the uses to which the data will be put; identification of any potential recipients of the data; the nature of the data collected and the means by which it is collected; whether the provision of the requested data is voluntary or required; the steps taken by the data collector to ensure the confidentiality, integrity and quality of the data.

    2. Choice/Consent: Choice and consent in an online information-gathering sense means giving consumers options to control how their data is used. Specifically, choice relates to secondary uses of information beyond the immediate needs of the information collector to complete the consumer's transaction. The two typical types of choice models are 'opt-in' or 'opt-out.' The 'opt-in' method requires that consumers affirmatively give permission for their information to be used for other purposes; without the consumer taking these affirmative steps in an 'opt-in' system, the information gatherer assumes that it cannot use the information for any other purpose. The 'opt-out' method requires consumers to affirmatively decline permission for other uses; without the consumer taking these affirmative steps in an 'opt-out' system, the information gatherer assumes that it can use the consumer's information for other purposes. Each of these systems can be designed to allow an individual consumer to tailor the information gatherer's use of the information to fit his or her preferences by checking boxes to grant or deny permission for specific purposes rather than using a simple "all or nothing" method.

    3. Access/Participation: Access as defined in the Fair Information Practice Principles includes not only a consumer's ability to view the data collected, but also to verify and contest its accuracy. This access must be inexpensive and timely in order to be useful to the consumer.

    4. Integrity/Security: Information collectors should ensure that the data they collect is accurate and secure. They can improve the integrity of data by cross-referencing it with only reputable databases and by providing access for the consumer to verify it. Information collectors can keep their data secure by protecting against both internal and external security threats. They can limit access within their company to only necessary employees to protect against internal threats, and they can use encryption and other computer-based security systems to stop outside threats.

    5. Enforcement/Redress: In order to ensure that companies follow the Fair Information Practice Principles, there must be enforcement measures. The FTC identified three types of enforcement measures: self-regulation by the information collectors or an appointed regulatory body; private remedies that give civil causes of action for individuals whose information has been misused to sue violators; and government enforcement, which can include civil and criminal penalties levied by the government.

    It is time to pursue a class action suite against the ACC for this willful violation of member's privacy.

    ReplyDelete
  10. There was an Opt out. I saw it on the registration site. Anyone could have opted out when they registered.

    Cell phone companies today track your every location to establish trends and so does google on the web. Seems everyone is interested in analytics. For me, not a biggie. Anyone could have opted out.

    ReplyDelete
  11. Hugo, with respect, I don't think your comparison is valid.

    I couldn't think of a single reason why you (or any other individual with a similar device) would object to that information being made available, for the reasons you've stated.

    ICD User Group ?

    Are you being disingenuous, or is it truly an issue for you ?

    If so, why ?

    I'm intrigued.

    Because frankly, it makes you sound either "selfish" or paranoid or both...

    ReplyDelete
  12. I think Jay raised very valid questions.

    And no, I don't think an alleged opt out on a registration website necessarily cuts it.

    This should be a definite opt-in as per Jay's requirements, not an assumption of opt-in by virtue of potentially missing the fine print.

    ReplyDelete
  13. Ok, please opt out if you do not want to be part of a class action lawsuit against the ACC.
    Please. Opt out solutions simply do not work. Virtually all privacy policies require that you opt in.
    This is a big privacy violation and will come with a big penalty from the membership.

    ReplyDelete
  14. Let's review the ways in which the ACC is violating your rights as an American citizen:
    1. The first amendment guarantees Freedom of assembly, sometimes used interchangeably with the freedom of association, which is the individual right to come together and collectively express, promote, pursue and defend common interests. You do not have the right to have an organized assembly (meeting) in any hotel which has contracted with the ACC unless you pay the ACC. You no longer have the right to engage in CME activities, unless they are provided by the ACC.
    2. The first amendment protects the freedom of religion, speech, and the press. In removing satellite symposia, the ACC has decided that only the ACC and its designees can freely speak and engage in CME activities.
    3. You no longer have a right to privacy. Your individual movement at ACC is tracked and this information is sold to industry. The ACC has issued no policy statement outlining whether aggregate data or your individual data is being sold to industry.

    ReplyDelete
  15. I realize I maybe getting a little off topic here, but with DrWes's permission, I'd like to explain what I meant above.

    To Anony Thu Apr 07, 08:39:00 PM,

    This is truly an issue for me. But to clarify, I do NOT object to information being made available to industry and doctors. What I DO object to is limiting patients' access to their remote monitoring data, regardless of how unintelligible or complex we think this data might be to them.

    As it becomes increasingly expected of patients to take responsibility for their care, they will need unrestricted access to their data in order to do so.

    I hope that in a not-so-distant future patients will be able to combine data from their implantable devices with a diverse ecosystem of interoperable health and fitness devices for a complete picture of their health. We can start today by allowing patients to access remote monitoring data collected by their ICDs and pacemakers.

    The comparison is valid because an audience who's ostensibly familiar with remote monitoring should not resent the use of RFID at at professional conference such as the ACC. In my view, not much different than remote patient monitoring in its paternalistic, despotic and unfair way.

    Hugo Campos
    ICD User Group

    ReplyDelete
  16. Hugo,

    I agree. You should be made fully aware of the "process". Understand though that, you would not be able to parse any of your own data. Sure cardiology is full of data reads, but often as I am sure Wes would agree, all that stuff is useless without proper and especially experienced analysis. Having said that, sometimes, all the best tech/edu is not worth shit. Sometimes, all I have to do is glance at you and know that my call to Wes will change your treatment regardless. Yes it is that ever-changing target kind of thing. We have the data for support, but have to be ready to push it aside at any moment as well.

    I am listening to you. It must be hard to adjust to your constant companion. Maybe similar to those that struggle to find peace with a transplanted organ. I can't say that I have any idea what it really feels like for you. I can only listen and learn from you.

    -SCRN
    (just maybe for validity? I am a second career nurse with over 20 years in the corporate world, I still retain the abilities of a "normal" human to see and understand ;)

    ReplyDelete
  17. Dear DrWes:

    Thank you so much for posting on Dr. Lewin's blog about the RFID tags. I noticed the sensors immediately. While filling out my CME forms, I made damn sure that I was in each and every presentation from beginning to end (no bathroom breaks).

    I half expect a paper by Dr. Al Khatib analyzing the RFID data compared with the self reported CME certificates with the conclusion that cardiologists are lying scoundrels. The other option is Dr. Lewin building a file on each of us using Hoover techniques.

    Stay vigilant!

    ReplyDelete

Note: Only a member of this blog may post a comment.