The AIS Guide to Blue Cross and Blue Shield Plans: 2010

HOME

New on the Site

Customer Service

Sample Newsletters

MarketPlace
AIS Products & Services

Free E-Mail Newsletters

Health Business Daily

Government News

Sign Up for Free E-Mail Newsletters

Health Business Job Openings

Health Business Meetings

People on the Move

Health Plans

General Business Issues

Product News

Company Intelligence

Disease Management

Blue Cross and Blue Shield

Medicare Advantage

Managed Medicaid

Health Plan Products

Compliance

Compliance Strategies

HIPAA Resource Center

Government Resources

Compliance Products

Pharmacy Benefit

Pharmacy Benefit Mgmt.

Specialty Pharmacy

Drug Mgmt. Products

Consumer-Directed Care

Articles on CDH

CDH Data

Market Data

Health Plan Enrollment

Pharmacy Benefit Mgmt.

Data Products

Health Reform

Obama Administration

Federal Legislation

State Legislation

State Results

Association Positions

Research Organizations

MarketPlace

Newsletters

Web Services & Looseleaf Guides

Books & Reports, Directories & Databases

Meetings

Alphabetical Listing

Health Care Career Center

Health Care Links

Press Release Library

Visit AISEducation.com for more news and strategic information for today's business leaders

HIPAA Compliance Strategies

Featured Health Business Daily Story March 13, 2009

New Privacy Rules in Economic Stimulus Law Will Restrict Certain Pharmaceutical Marketing Practices

Reprinted from DRUG BENEFIT NEWS, biweekly news, data and business strategies for health plans, PBMs and pharmaceutical companies.

By Neal Learner, Managing Editor (nlearner@aispub.com)

Beefed-up patient privacy protections in the recently enacted economic stimulus package are expected to place significant new restrictions on how some players in the pharmaceutical supply chain, including chain drugstores and PBMs, gather and distribute prescribing information to pharmaceutical firms for what critics claim is the purpose of marketing drugs.

Medical privacy restrictions were included in the American Recovery and Reinvestment Act, which President Obama signed into law on Feb. 17. Among other things, the privacy provisions prohibit the sale of medical records without a patient's valid authorization. The law also for the first time applies HIPAA privacy regulations to the "business associates" of covered entities.

On marketing, the law now limits previous HIPAA exclusions that had allowed covered entities and business associates, including pharmacies, to furnish "communications" for the purposes of "health care operations," such as case management and furnishing information about treatment alternatives. Under the law, a communication "shall not be considered a health care operation" if the covered entity "receives or has received direct or indirect payment in exchange for making such a communication."

There are exceptions. According to law firm Sonnenschein Nath & Rosenthal LLP, a communication is no longer a health care operation — and, presumably, is a "marketing communication" that requires an individual's authorization — unless the communication:

Describes only a drug or biologic currently being prescribed for the individual, and the amount of payment received for making the communication (if any) is reasonable in amount; or
Is made by the covered entity and the covered entity has received a valid HIPAA authorization from the individual to whom it is making the communication.

While many point out the law still has to undergo an extensive rules-writing process, one patient privacy advocate says the privacy language could curtail some lucrative pharmaceutical marketing practices. This includes the practice of a pharmaceutical manufacturer paying pharmacy chains to gather information about patients who are taking certain medications, and then sending letters to these individuals urging them to consider the manufacturer's products instead.

"There is definitely a tightening of marketing," says Ashley Katz, executive director of the advocacy group Patient Privacy Rights. "It's been the chain drugstores that have just been wailing and bemoaning how burdensome that is going to be for them, that this is just going to stop their business in their tracks, which I find not true," she tells DBN.

One example of the marketing that this provision could restrict, Katz says, is CVS Caremark Corp.'s mailing last year recommending that physicians "consider prescribing" Merck & Co.'s diabetes treatment Januvia (sitagliptin) when appropriate. The letter, sponsored by Merck, contains a list of the physician's patients — including names, identification numbers and dates of birth — who are now taking the generic diabetes drug metformin. Industry observers say other large PBMs and chain drugstores also send these types of mailings.

This kind of marketing, Katz contends, is worse than if it comes from the manufacturer. "It comes from your pharmacist, which is someone that you know and potentially trust," she says. "But it was paid for 100% by the drug companies pushing their new drug, and not in coordination with the doctor."

The CVS Caremark letter clearly states that funding for the communication was paid for by Merck, and that no personal information was given to the drug maker.

CVS Caremark did not respond to DBN's request for comment on the new law.

Critics Warn That Rx Data Are Still Accessible

Meanwhile, some pharmaceutical industry critics are skeptical that the new law will stop another marketing practice that they contend drives up the cost of drugs. So-called pharmacy "data mining" involves PBMs, pharmacies and other firms gathering and distributing physician prescribing data to pharmaceutical firms for what critics call marketing purposes.

The privacy provisions do not address the issue of prescriber data, says Sharon Treat, executive director of the National Legislative Association on Prescription Drug Prices, a nonpartisan organization of state legislators who have focused on passing anti-data-mining legislation, among other things. In fact, the law's $2 billion for expanding health information technology (HIT) could actually exacerbate the data mining by providing pharmaceutical sales representatives with more complete prescribing and medical histories of physicians' patients, she tells DBN.

"The concern here is that not only does it not limit [access to prescriber data], but the fact that it's electronic makes…it very, very easy to transfer that information," says Treat. "And secondly, the kind of information that is going to be available in that record is going to be far greater than simply prescription information," she tells DBN

Pharmacy data mining now consists only of Rx data, says Treat, a Maine state representative who has sponsored landmark state legislation restricting certain business practices of pharmaceutical firms and PBMs. "So you know that Dr. X has prescribed a particular drug 25 times in the last month," she adds.

"With this electronic record, you'll know that as well as the fact that there were 24 patients that had disease X and one had disease Y, and their histories were the following," she explains. "It won't have the name of that particular patient, but it's going to have all of that other information associated with it," Treat says, noting that such information may be used to develop profiles of individual doctors for marketing purposes.

Ensuring That Privacy Doesn't Hamper HIT

Some leaders in the pharmacy and PBM industries point to the fact that the government still has to undergo an extensive process of writing rules and regulations for the law, and that many details are still unknown. They also want to ensure that the new privacy provisions don't hamper the implementation of HIT.

The National Association of Chain Drug Stores (NACDS), for example, asserts that the debate surrounding patient privacy has been distorted and in some cases untruthful.

"Unless a patient gives prior authorization, a pharmacy cannot sell health information that identifies the patient to drug manufacturers for the purpose of helping manufacturers send marketing materials to the patient," Steven Anderson, president and CEO of NACDS, said in a prepared statement before the final stimulus bill was passed. NACDS spokeswoman Chrissy Kopple tells DBN that such restrictions have been true under HIPAA as well.

Anderson points out that pharmacies are able to sell de-identified data, which can be helpful for research and quality-assurance purposes, including analysis of health care spending trends for public policy.

Other industry players note that some of the provisions will require changes in business practice.

John Coster, senior vice president of government affairs at the National Community Pharmacists Association, says some of the new provisions that will require changes include the contracts between pharmacies and business associates, which will now be covered under HIPAA.

"Pharmacies are covered entities, but we also have business associates like PBMs or 'switches' that direct the claims to the individual PBMs," Coster tells DBN, adding that pharmacies will not be required to enforce the law with these partners. "But some of the security and privacy provisions will apply to business associates in the same way they apply to covered entities." These and other provisions will result in operational changes that will require resources and additional costs over the next few years, he says.

Mark Merritt, president and CEO of PBM trade group Pharmaceutical Care Management Association, says the key to this legislation is making sure that the "tail doesn't wag the dog" when implementing HIT, including e-prescribing. Merritt says e-prescribing served as the foundation for policies around broader HIT utilization. "The goal ought to be protect privacy, but do so in a context that does not discourage adoption whatsoever," he says. The question will be, 'What's going to work for providers, not what's going to work for advocates for groups who are not health care folks.'"

Contact AIS

About AIS

Advertise With AIS

Privacy

Site Map