Medical Regulations. You’re paying, for what?

in Healthcare Regulations on by Adam Townsend
licensing regulations HIPPA Monopoly Pink Slip to Bullshit Jobs and the Gig Economy
From late 1990’s onward a core thesis for my investments was outsourcing. Some part of that was pricing ‘risk’ and building the mechanisms so that clients could transfer some part of that to a 3rd party, mine.

Regulations

Lets look at a problem but not its solution. HIPPA.

My general practitioner has a phone app that allows him to send texts. It is not cheap and it does nothing extraordinary that a phone cannot innately do, except be HIPPA compliant. It is his, and his staffs, and perhaps all the people on the other side of the app, a time sucker and adds little (or no?) value. But it is law.

Commercial off the shelf technology, is good enough, it’s cheap and effective. Specialized technology written to constantly evolving regulation is nightmarishly expensive, and favors cronyism and monopoly.

Interplay of new technology and regulation.

HIPPA is in that thicket of regulations that has as its vague purpose “security” to protect patent privacy. Those few companies who become specialists at meeting regulations become advocates for the regulations, which puts them in fine position with the army of bureaucrats who promulgate and enforce regulations.

Finding vendors who meet 1 hurdle is hard, finding ones that meet 30 is nigh unto impossible unless the vendor is engineering the firm to market solely to this niche and charging monopoly rates as their reward.

In everyday life, if you buy a tool and that tool is useful for anything other than the immediate purpose for which you bought it, that is a bonus.

In HIPPA, as with cyber security

Any behavior outside the minimum absolutely required for the intended application is a security risk, because history shows multiple examples of such behavior being exploited to cause the system to do things that it was not supposed to do. A secure system will deliberately be entirely inflexible, even if attaining that inflexibility while maintaining its intended function requires that a great deal of time be spent precisely determining the intended function and deliberately removing everything outside that intended function.

Security is a cost center. It is an externality, its costs not priced in and the spillover effects are large.

HIPPA, and its related quagmire Cybersecurity, is and will always be, mostly a services sector and is therefore subject to cost disease.

Security is not the goal. A well established audit trail is the goal. Being secure is not enough, you have to be able to demonstrate that everyone using the app is secure. The app my doctor uses has, as its only value, being a risk repository.

Medical consumers become a captive market facing greater monopoly as fewer firms can navigate the thicket of rules to even try to make money.
Government tag teams with industry and there is a tendency for people wary of legislative ‘excesses of Congress’ to lay a lot at their feet that is not really at their feet.

Compliance

When I speak of compliance I am talking not just about federal government regulations, but also about those from the insurance companies and other actors.

  • Question: Does all that regulation have any real impact on my privacy
  • Answer: Given the reality of corporate and government espionage on our data lives…

…I’m paying the HIPPA bill for privacy that…

I don’t actually have.

The end?