Grand Bargains for Big Data: The Emerging Law of Health Information

Maryland Law Review Volume 72 | Issue 3 Article 2 Grand Bargains for Big Data: The Emerging Law of Health Information Frank Pasquale Follow this and additional works at: http://digitalcommons.law.umaryland.edu/mlr Part of the Health Law Commons, and the Privacy Law Commons Recommended Citation Frank Pasquale, Grand Bargains for Big Data: The Emerging Law of Health Information, 72 Md. L. Rev. 682 (2013) Available at: http://digitalcommons.law.umaryland.edu/mlr/vol72/iss3/2 This Article is brought to you for free and open access by the Academic Journals at DigitalCommons@UM Carey Law. It has been accepted for inclusion in Maryland Law Review by an authorized administrator of DigitalCommons@UM Carey Law. For more information, please contact . GRAND BARGAINS FOR BIG DATA: THE EMERGING LAW OF HEALTH INFORMATION FRANK PASQUALE * ABSTRACT Health information technology can save lives, cut costs, and expand access to care. But its full promise will only be realized if policymakers broker a “grand bargain” between providers, patients, and administrative agencies. In exchange for subsidizing systems designed to protect intellectual property and secure personally identifiable information, health regulators should have full access to key data those systems collect. Successful data-mining programs at the Centers for Medicare & Medicaid Services (“CMS”) provide one model. By requiring standardized collection of billing data and hiring private contractors to analyze it, CMS pioneered innovative techniques for punishing fraud. Now it must move beyond deterring illegal conduct and move toward data-driven promotion of best practices. With this aim in mind, CMS is already subsidizing technology, but more than money is needed to optimize the collection, analysis, and use of data. Policymakers need to navigate intellectual property and privacy rights skillfully. They must condition current (and future) government support for providers and insurers on better collection and dissemination of health information. If they succeed, the law of health information might better incorporate public values than information law generally. Copyright © 2013 by Frank Pasquale. * Schering-Plough Professor in Health Care Regulation and Enforcement, Seton Hall Law School; Affiliate Fellow, Yale Law School Information Society Project. I wish to thank Seton Hall’s Health & Pharmaceutical Law & Policy Program and Princeton’s Center for Information Technology Policy for giving me opportunities to conduct research on this project. The participants at Harvard University’s Law & Medicine Colloquium and Columbia University’s Law, Medicine, and Public Health Colloquium provided very helpful feedback, as did participants at the Health Law Professors’ Conference at Loyola Law School. I also greatly appreciate comments from Kathleen Boozang, Glenn Cohen, Carl Coleman, Sachin Desai, Einer Elhauge, Abbe Gluck, Dovid Kanarfogel, Jordan Paradise, Efthimi Parasidis, and Nic Terry. Research assistants Greg Mortenson and Alexander Raytman also helped a great deal. Finally, thanks to Simon Stern for insights on the history of information location services. 682 2013] GRAND BARGAINS FOR BIG DATA 683 I. INTRODUCTION Quantitative analysis of large information sets (“big data”) has spurred scientific and business breakthroughs. 1 Better collection and analysis of health data may save lives, cut costs, and expand access to care. Congress has allocated billions of dollars for health information 2 technology since 2009, but more than subsidies are needed to assure optimal collection, analysis, and use of data in medicine. Policymakers need to skillfully navigate areas of law often used to stop the sharing of data, including intellectual property rights and contractual obligations. By siloing data, health insurers and providers have impeded the types of large-scale analysis common in other industries. Providers have kept vital information about price, quality, and access secret to 3 maintain a competitive advantage or hide shortcomings. For exam4 ple, insurers keep secret many of the prices they pay. Each major 5 drug company’s “data exclusivity” may mean that rivals waste vast amounts of money pursuing leads that have already proven to be dead ends. Health information technology systems may not be interopera6 ble, leaving them unable to “talk to one another” and share data. Though the inherent inefficiencies of intellectual property (“IP”) law may be acceptable in ordinary markets, they raise serious ques7 tions in the life-and-death domain of health care. Federal and state authorities are pushing back against aggressive deployment of IP protections by health care providers and insurers. Sometimes the 8 pushback involves reporting requirements attached to subsidies; in 1. See Steve Lohr, The Age of Big Data, N.Y. TIMES, Feb. 11, 2012, at A1 (surveying “revolution[s] in measurement” made possible by an “explosion of data”). “Big data” is shorthand for advancing technological trends that allow for the collection, analysis, and use of an ever-increasing flood of data. Id. 2. See infra notes 113–116 and accompanying text. 3. See infra Part II. 4. See infra Part II.C. 5. See infra Part II.A. 6. See infra Part II.D; see also David Blumenthal, Implementation of the Federal Health Information Technology Initiative, 365 NEW ENG. J. MED. 2426, 2428 (2011), available at http://www.nejm.org/doi/full/10.1056/NEJMsr1112158 (describing how the technical requirements in the HITECH Act “are vital to ensuring that [electronic health records] can communicate with one another (or interoperate)”). 7. See infra notes 268–272 and accompanying text. 8. See infra notes 113–117. 684 MARYLAND LAW REVIEW [Vol. 72:682 other cases, IP law itself is simply declared inapplicable or directly lim9 ited in the medical context. Federal and state agencies are imposing a new bargain on insurers and providers: In exchange for persistent subsidies and government support, they must reveal key data about 10 Sometimes, as in the case of health information their activities. 11 technology’s “meaningful use” regulations, the activities themselves must change to reflect public values. Federal and state agencies need to require providers and insurers to reveal key data in exchange for government support, while minimizing the possibility of improper uses of that data. The proper balance between privacy and innovation, or openness and propertization, will depend on the end goal of particular government data initiatives. Sometimes the aim will be the creation of new—or repair of old—markets for data. In other instances, the goal will be an information commons. The challenge is to rationalize complex, often conflicting legal frameworks as the stakes rise. Increasing computer power means that both uses and misuses of data are becoming more important. The increasing power of data to be used for both good and ill arises from powerful trends within industry and computing (...truncated)