Office Chatter: Your Doctor Will See You In This Telemedicine Kiosk

Original Post from KHN.org

By: Phil Galewitz

On the day abdominal pain and nausea struck Jessica Christianson at the office, she discovered how far telemedicine has come.

Rushing to a large kiosk in the lobby of the Palm Beach County School District’s administrative building where she works, Christianson, 29, consulted a nurse practitioner in Miami via two-way video. The nurse examined her remotely, using a stethoscope and other instruments connected to the computer station. Then, she recommended Christianson seek an ultrasound elsewhere to check for a possible liver problem stemming from an intestinal infection.

The cost: $15. She might have paid $50 at an urgent care center.

The ultrasound Christianson got later that day confirmed the nurse practitioner’s diagnosis.

“Without the kiosk I probably would have waited to get care and that could have made things worse,” she said.

Endorsements like Christianson’s demonstrate how technology and positive consumer experiences are lending momentum to telemedicine’s adoption in the workplace.

Less than a decade ago, telemedicine was mainly used by hospitals and clinics for secure doctor-to-doctor consultations. But today, telemedicine has become a more common method for patients to receive routine care at home or wherever they are — often on their cellphones or personal computers.

In the past several years, a growing number of employers have provided insurance coverage for telemedicine services enabling employees to connect with a doctor by phone using both voice and video. One limitation of such phone-based services is physicians cannot always obtain basic vital signs such as blood pressure and heart rate.

That’s where telemedicine kiosks offer an advantage. Hundreds of employers — often supported by their health insurers — now have them installed in the workplaces, according to consultants and two telemedicine companies that make kiosks, American Well and Computerized Screening, Inc.

Employers and insurers see the kiosks as a pathway to delivering quality care, reducing lost productivity due to time spent traveling and waiting for care, and saving money by avoiding costlier visits to emergency rooms and urgent care facilities.

Jet Blue Airways is adding a kiosk later this year for its employees at John F. Kennedy International Airport in New York. Other big employers providing kiosks in the workplace include the city of Kansas City, Missouri.

Large health insurers such as Anthem and UnitedHealthcare are promoting telemedicine’s next wave by testing the kiosks at worksites where they have contracts.

Anthem has installed 34 kiosks at 20 employers in the past 18 months. John Jesser, an Anthem vice president, said kiosks are a good option for employers too small or disinclined to invest hundreds of thousands of dollars in creating an on-site clinic with doctors and nurses on standby.

“This technology should make it more affordable for employers of many sizes,” Jesser said.

Kiosks are typically used for the same maladies that lead people to see a doctor or seek urgent care — colds, sore throats, upper respiratory problems, earaches and pink eye. Telemedicine doctors or nurse practitioners can email prescriptions to clients’ local pharmacies. Employees often pay either nothing or no more than $15 per session, far less than they would pay with insurance at a doctor’s office, an urgent care clinic or an emergency room.

Despite kiosks’ growing use in telemedicine, it’s unclear whether they will be supplanted as smartphones, personal computers and tablets enable people to access health care anywhere with a Wi-Fi connection or cell service. Some employers already offer kiosk and personal device options, including MBS Textbook Exchange in Columbia, Missouri, which has 1,000 workers.

Workplace kiosks’ appeal is they are quiet, private spaces to seek care. Consumers can get their ailments diagnosed remotely because the kiosks are equipped with familiar doctors’ office instruments such as blood pressure cuffs, thermometers, pulse oximeters and other tools that peer into eyes, ears and mouths. The instrument readings, pictures and sounds are seen and heard immediately by a doctor or nurse practitioner.

“The kiosk gives the doctor more tools to diagnose a wider range of conditions,” Anthem’s Jesser said.

The downside is that the machines cost $15,000 to $60,000 apiece, which may still be too much for some employers.

“Telemedicine kiosks look promising and may still take off, but I don’t see explosive growth,” said Victor Camlek, principal analyst with Frost & Sullivan, a research firm.

Employers’ experiences are mixed.

Officials in Kansas City, Missouri, estimate the kiosk placed in city hall almost a year ago has saved the local government at least $28,000. That’s what Kansas City hasn’t spent because employees and dependents chose the telemedicine option instead of an in-person doctor visit. The city also estimates it has gained hundreds of productive work hours — that’s the time employees saved by not leaving work to see a doctor.

In contrast, fewer than 175 of the 2,000 employees at the Palm Beach County School District headquarters have used the kiosk there in its first year, said Dianne Howard, director of risk management.

Howard remains hopeful: “This is the future of health care.”

The district’s kiosk was supplied at no cost by UnitedHealthcare, as part of a test also involving two other employers in Florida.

Those kiosks connect employees to nurse practitioners at Nicklaus Children’s Hospital in Miami. The hospital employs an attendant at each kiosk location to help workers register and use some of the instruments, such as the stethoscope.

Other telemedicine kiosks, such as those made by America Well, are designed to be totally self-service for employees. They also offer users immediate access to a health care provider. American Well has deployed about 200 kiosks and is in midst of rolling out 500 more, mostly to employers, the company said. It also places kiosks in retail outlets and hospitals.

Telemedicine’s increasing sophistication is winning over some traditional-minded physicians.

The WEA Trust in Madison, Wisconsin, a nonprofit that offers health coverage to public employers, installed a kiosk for the benefit of its 250 workers last fall.

Dr. Tim Bartholow, a family doctor by training and chief medical officer for the trust, said he was cautious about physicians treating patients they haven’t seen in person. After observing employees using it, Bartholow is convinced it can help them get good care.

“I don’t think telemedicine is making a doctor being on site quite agnostic, but it is certainly reducing the premium on being in the same space as the patient,” Bartholow said.

Insurers declare they are moving carefully, too, recognizing that telemedicine has its limits and they must depend on practitioners to tell patients when they have to see a doctor — in person.

“We have to rely on their experience and judgment,” Jesser said.


Keep Employee Data Safe

Original post benefitspro.com

When a cyber breach occurs, lawsuits are usually not far behind. It’s a chain of events that has become de rigueur in the consumer realm when retailers experience a breach and it is bleeding over into the workplace, too.

Employees whose data is exposed are increasingly pointing the finger at failings in the technology employers use to secure their information and lapses in protocols that allow vulnerabilities to be exploited.

Who is responsible if your employees’ personal information is stolen on company time? Where does the company’s obligations begin and end under the duty of care laws? How might state and federal breach regulations impact an organization’s proactive and reactive data security efforts?

How a breach happens and how the company responds both play a major role in determining the potential legal ramifications. To mitigate the risks, it is critical for HR professionals to understand their responsibilities before a cyber criminal strikes.

Many employers aren’t even aware of either the enormous security risks their organizations face or the best strategies to protect the employee data they hold.

Ensuring that employers have access to the right tools and expertise to address data breach concerns is an important role for benefits managers and the brokers and agents who support them.

Know the risks, have a plan

Financial information is what comes to mind most frequently when businesses consider where breach risks exist, but that thinking is too narrow. It overlooks the incredible value inherent in employee data. Not only does financial information lurk within HR’s employment records in the form of salary histories and bank routing numbers used for automatic deposits, but standard consumer data is also present.

Full names, birth dates, addresses and social security numbers exist in every employee’s file. Health and benefit data may be present, too, such as carrier names, subscriber numbers, or details on beneficiaries and dependents. And where there’s smoke, there’s fire. The same servers and systems that host employee and customer data, likely hold data pertaining to trade secrets, M&As, business plans, and more. All the more reason to get your company’s cyber strategy in gear.

Adding complexity to the situation is the fact that employers must be concerned with two types of data breaches — those that are the result of a purposeful act, such as a hacker or a malicious insider, and those that occur by accident. Lost laptops and cell phones are just one common example where an inadvertent exposure could easily happen.

Each flavor of breach represents a different risk profile and each requires its own mitigation measures. A two-pronged approach to breach prevention that marries technology and best practices enables employers to address any existing security gaps while also providing improved protection for employee data.

Deploying technology tools to safeguard sensitive information assets is one part of a comprehensive data security strategy that keeps employers in line with duty of care laws and other breach regulations.

Firms have a range of solutions to choose from and they should tailor their approach based on their network and infrastructure architecture, the information types that are vulnerable to exposure, the volume of data that must be protected, resource availability — from funding to staffing — and any regulatory guidelines or compliance mandates that must be considered.

Encryption is a perfect example of a technology that is relatively simple, but still enormously effective when it comes to securing employee data. Free and low-cost encryption platforms are available which can help to protect confidential information from unauthorized access even if a hardware item (thumb drive, laptop, etc.) falls into the wrong hands.

Other technology tools may also be appropriate depending on the employer’s needs, including firewalls, mobile device management software, and multi-factor authentication to protect access to more sensitive systems.

Security best practices are the second half of a successful data protection strategy. These protocols largely deal with the ways humans interact with the organization’s information and they also cover what to do in the event of a breach. Employers will want to manage network and data access in a way to limits who is able to view and change employee information.

Methodologies for storing, processing, analyzing, archiving, and destroying employee data should be documented in detail and anyone responsible for those tasks must be trained on the organization’s security practices.

An incident response plan is another best practice employers should include under the data security umbrella. This doesn’t need to an exhaustive plan, but it should outline the steps employees are to take if they suspect a breach has occurred — everything from blocking access to compromised servers to contacting the company’s privacy or information security employee or consultant. (Don’t have one? Here’s why you should.)

A strong plan can significantly limit the potential harm that is likely to fall upon any employee whose data was exposed. And as risks evolve, so should the incident response plan – it should be a living, breathing part of a comprehensive cyber strategy with routine reviews.

Retain the right expertise

Another concern often faced by employers, particularly those smaller organizations where internal resources are lean, is that they don’t have good insight into the evolving cyber threat environment and the latest data protection strategies.

Efforts to craft, deploy, and maintain an effective privacy and security program are made more difficult when industry expertise is lacking. Without a strong understanding of where security vulnerabilities exist, or which new threat vectors are likely to be of concern, employers could find themselves directing their limited resources in too many directions and without much effect.

Because many breach scenarios involve little or no technology — hard copies of completed enrollment forms accidentally left in a shared conference room, for example — simply turning responsibility for data privacy over to the IT function isn’t going to work. It’s important that employers are able to seek guidance from someone experienced in data protection in all its forms.

Continuously educate the front line

Employees themselves may pose potential security challenges, so continuous training is essential to protect a company’s own data and that of its customers. Companies should consider implementing educational sessions about new scams and privacy and security refreshers as part of their annual compliance training.

By partnering with employees to help protect their data, the organization can maximize its technology investment and ensure that everyone is committed to the company’s culture of security.

Social engineering schemes are increasingly popular among hackers, effectively turning the workforce into either an employer’s first line of defense or its greatest weakness.

The most recent spoof comes courtesy of a company’s top executive — or so the scammer wants you to think. An employee will receive a request from the CEO — either by way of a hacked email account or an email address that closely resembles the real thing — to cough up documents, usually W-2s. With a few clicks, countless data about a company’s employees has been exposed.

Rather than quickly react, employees should be trained that if they see something, say something.

Identity management

Along with taking appropriate security measures internally, employers may also consider offering identity-related benefits to their employees. These packages bring a powerful suite of tools to the table that provide workers with proactive education and reactive support. Informational resources teach individuals how to spot corrupt websites and suspicious e-mail links.

They give details on what to look for when conducting annual credit report reviews. And workers concerned their personal data may have been exposed — whether at work or through a health care provider, retailer or other avenue — have access to identity theft experts able to help them navigate the resolution process.

The fraud team can assist them in replacing important documents that may have been lost due to theft, fire or flood. They can even monitor known black market websites to see if an employee’s stolen data is being used fraudulently.

Together, these strategies give employers a way to keep employees’ information safe while providing workers with assurances that they’ll have the support they need if the worst should happen.


Cybersecurity Should Be on Plan Sponsors’ Radar

Original post benefitspro.com

Cyber threats and attacks are so widespread that retirement plan sponsors are being warned to develop a cyber risk management strategy rather than a cyber risk elimination strategy.

That’s according to law firm Pillsbury Winthrop Shaw Pittman LLP, which said in an advisory that among other concerns, sponsors should be prepared to evaluate their third-party service providers’ cybersecurity programs and ensuring that the plans themselves have mitigated risks from losses in case of a cyberattack.

It shouldn’t come as a big surprise to anyone, considering that there’s a $5 trillion 401(k) market just sitting there waiting to be ravaged by hackers.

Considering that account holders often don’t check their accounts often enough to catch hacking attempts, and that the advisors and plan providers hold another wealth of information (pun intended) on those account holders, the retirement plan market is ripe for the plucking.

The trillions of dollars in 401(k) accounts are becoming particularly appealing to cyber criminals.

In its first of a series of advisories on cybersecurity issues regarding retirement plans, the law firm said that an effective cyber risk management strategy would include thorough due diligence by sponsors of TPAs and vendors; periodic implementation and review of contractual protections and insurance requirements in arrangements with TPAs; periodic monitoring of TPAs’ cybersecurity compliance and related risks; and consideration of whether to utilize the SAFETY Act, a liability management statute managed by the Department of Homeland Security, and purchase cyber and privacy insurance.

According to the brief, “Retirement plan sponsors and administrators could utilize the SAFETY Act in one of two ways: (1) by having their internal cybersecurity plans and policies SAFETY Act approved, thereby significantly limiting the possible scope of litigation claims they would face after a cyberattack; or (2) by requiring TPAs to hold SAFETY Act protections, as that would allow retirement plan sponsors and administrators to be dismissed from a broad array of claims alleging negligence or poor performance attributed to the third-party security products and services.”


Trending: Virtual Healthcare Gains Broader Acceptance

Original post benefitsnews.com

The Cadillac tax may have been postponed until 2020 but that doesn’t mean employers have put healthcare cost containment measures on the backburner. In fact, new research shows 90% of employers are planning myriad measures to control rising healthcare costs.

The 2016 Medical Plan Trends and Observations Report, released today by DirectPath and CEB, highlights top trends in employers’ 2016 healthcare strategies. Overwhelmingly, employers are continuing to shift a larger share of healthcare costs to employees, often through high-deductible health plans, according to the report.

The use of telemedicine, meanwhile, continues to grow, with almost two-thirds of organizations offering or planning to offer such a service by 2018 – a 50% increase from the previous year.

“Employees often say that they go to the emergency room because it's hard to get a doctor's appointment. With telemedicine, you've got 24/7 access and you don't necessarily need an appointment,” notes Kim Buckey, vice president of compliance communications at DirectPath. “That's certainly a huge driver of avoiding those visits to the emergency room or even the urgent care clinic because telemedicine is typically less expensive than an urgent care visit, as well.”

Buckey says it “makes sense” for employers to investigate telemedicine – the remote diagnosis and treatment of patients via phone calls, email and/or video chat – because employees are increasingly accepting of virtual access to just about everything.

“How many employees now are just grabbing their phones, iPads, or computers when they need information? That's something that people are comfortable with using and they don't have to leave their house to get quality care,” she says.

Spousal and tobacco surcharges are also expected to grow, according to the CEB data. Twelve percent of employers surveyed already have spousal surcharges in place, while 29% expect to introduce them in the next three years. Twenty-one percent of employers already have tobacco surcharges in place, while 26% expect to implement them in the next three years.

“I think we're going to see more and more of those, particularly as employers focus more on wellness initiatives,” says Buckey, adding that a robust communications plan is needed before implementing tobacco or spousal surcharges.

“People don't understand basic concepts like deductibles, co-pays, co-insurance, let alone how to make a decision about what plan to choose, or frankly, what's the best way of receiving care,” she says. “As more and more of these provisions are added to plans, they have the potential of being even more confusing and off-putting to employees, so having a robust communications plan in place that addresses all of these issues [is important]. ... There certainly will be cases where these surcharges aren't going to apply to a large percentage of the population. You just want to make sure that the folks who are affected, understand how they're affected and why.”


Regulatory clarity makes ID protection a more attractive employee benefit

Original post benefitsnews.com

Identity theft is the fastest growing crime and consumer complaint in America, and benefit industry experts say concerned employees are seeking protection as an employer perk more than ever. New regulatory certainty about how identity theft protection benefits are taxed could increase the popularity of the benefit as an employer offering.

More than 13 million Americans fall victim to identity theft every year, which means every three seconds someone's identity is stolen. Increased concern about the crime has individuals clamoring for identity theft protection benefits. How that benefit would be taxed, however, had been a topic of some debate in the benefit industry, with some employers eager to offer the benefit but concerned about the impact on employee income taxes.

In its Dec. 30 announcement, the IRS said it will allow preferential tax treatment for employer-provided identity theft benefits, despite the absence of a data breach. Generally, all benefits provided to an employee by an employer must be treated as income, unless the Code provides an exclusion. Previous guidance from the IRS created an exclusion for identity protection services, but only after a breach and only for individuals whose personal information might have been compromised.

The IRS’s latest announcement notes that several commenters requested guidance regarding the tax treatment of identity protection services provided before a data breach. According to the commenters, these services are being provided with increasing frequency in order to allow early detection of data breaches and minimize the impact of breaches when they occur. In response, the IRS has concluded that its previous guidance should be extended.

“The IRS will not assert that an individual must include in gross income the value of identity protection services provided by the individual’s employer or by another organization to which the individual provided personal information (for example, name, social security number, or banking or credit account numbers). Additionally, the IRS will not assert that an employer providing identity protection services to its employees must include the value of the identity protection services in the employees’ gross income and wages. The IRS also will not assert that these amounts must be reported on an information return (such as Form W-2 or Form 1099-MISC) filed with respect to such individuals,” the guidance states.

Any further guidance on the taxability of these benefits will be applied prospectively, it adds.

“This guidance is welcome news for employers that want to offer identity protection services to employees as part of their data security strategy. They may now offer these services without increasing their (or their employees’) federal tax liability.  However, employers should be mindful of state and/or local tax laws as they may differ from federal tax law,” according to Tzvia Feiertag, a senior associate in the Labor & Employment Law Department of the global law firm Proskauer.

The preferential tax treatment does not apply to cash received in lieu of identity protection services or to proceeds received under an existing identity theft insurance policy, the guidance says.


Mobile gadgets, longer hours worsening sleep

Original post shrm.org

Lack of sleep hasn’t gotten as much attention as other well-known employee health-risk factors, such as insufficient exercise, poor nutrition and high levels of stress. But sleep deprivation results in poorer health and lower productivity, and the problem appears to be getting worse, according to an October 2015 report by MAXIS Global Benefits Network, a partnership between insurance providers MetLife, in New York City, and AXA France Vie, in Paris.

The report, Sleep: A Business Case for Bedtime, notes that corporate culture often confuses long hours on the job with high performance. But lack of sleep—typically, less than six hours nightly—significantly impacts workers’ cognitive abilities and overall health.

Researchers at Cornell University’s Institute for Health and Productivity Studies analyzed medical claims from 138,820 workers younger than 65 who were covered by self-insured, employer-sponsored health insurance plans. They found that both medical and indirect costs (such as those related to missed work, or lack of concentration while at work) were about $1,253 higher per individual for workers who had insufficient sleep than for those who got enough sleep.

Smartphones and tablets may be making the problem worse on two fronts:

  • They make it easier—and often expected—for employees to stay wrapped up in workplace issues late into the evening.
  • “They emit blue light that the eyes confuse with daylight, lowering the presence of sleep-inducing melatonin in the brain,” Dr. Lena Johns, MetLife’s global medical and wellness director, said in an interview with SHRM Online.

“Most of the time, employees don’t know how this is harming them,” Johns explained, “because when they look at their Facebook or their messages, they get a kick of dopamine, which is very addictive. But these blue-light devices also stop melatonin from being produced. You want to educate your employees that this is what’s happening and, as a consequence, they will struggle to sleep or won’t reach a deep level of sleep and will be fatigued the next day.”

What Employers Can Do

As an example of efforts employers can make to address sleep deprivation, Johns noted that French car manufacturer Renault provides sleeping pods and encourages employees who feel fatigued to take a 20-minute power nap between 1 p.m. and 3.p.m., “which it feels is the ideal time. Even if [employees] don’t sleep, just going in there and powering down lets people unwind and relax.”

Another example: Dutch-based Shell Oil has a fatigue risk-management program, Johns said. “This system looks at staffing levels and workloads to forecast if employees have enough time to sleep each night. And that information is factored into crew policies and shift-work overtime policies,” she noted.

Johns also recommended focusing on the following areas:

  • Education and awareness. Education can be provided by holding seminars with sleep-deprivation experts, sharing relevant online articles with tips on improving sleep, incorporating getting sufficient sleep into wellness program goals and making managers sensitive to issues relating to sleep-deprived workers.
  • Prevention and screening. Encourage managers to make schedules more predictable, or promote telecommuting. Health assessments can screen workers for sleep disorders. For employees who volunteer to take part in sleep-screening efforts, wearable devices can report back on how much sleep they’ve had, Johns said. “This [data collection] allows for individual assessments so individuals can determine what’s causing their sleep loss and provides for personalized interventions.” (For more on wearable devices, see the box below.)
  • Behavior modification. “Employers can help employees to change some of their habits, like late-night logging into computers and looking at Facebook or Twitter just before they go to sleep,” Johns said.

Addressing Shift Issues

Late-night shift workers are more prone to getting sick. “There’s a disruption of their circadian rhythm, which is the natural time clock,” Johns said. “People who work in shifts have poorer immunity and are 2.9 times more likely to get colds and infections. There’s higher risk of hypertension and stroke.”

When night workers finish their shifts, it’s often daytime, “so they could use something to block the sunlight from entering their eyes,” Johns said, such as by wearing a blue-light blocking sunshade that looks like amber-colored sunglasses. By reducing exposure to daylight, night-shift workers are more likely to be able to sleep, and sleep soundly, once they’re home in bed.

Education can be targeted directly to the shift workers about when they should go to sleep in the morning, when they should wake up prior to their shift and what kind of light they should have during their night shift.

“It’s time to draw attention to this,” Johns said.


Technology-free moments you should add to your workday

Technology cannot be tossed out of the workplace. For many, it is seen as a lifeline to get work done. But there are times the clacking of keyboards or the latest Twitter update needs to be set aside.

Tony DiCostanzo, a frequent Forbes contributor and president and founder of BookPal, cites moments in your workday where technology could and should be left behind.

Make eye contact

If your colleague comes to you with a question, look them in the eye and skip the Facebook skimming. Flipping through text messages and social media while someone waits on you is the equivalant of turning your back on that person.

Bring the notebook

At your next meeting, leave your laptop at your desk and grab pen and paper. Studies suggest those who go old fashion remember important ideas and conversations better than those that break out the laptop. When you get back to your desk, copy your handwritten notes into a Word document or Excel spreedsheet.

Silence

A crucial moment interrupted by a ringtone could create a different outcome depending on the situation. For example, an interview. It's best before walking into any meeting or interview to silence your phone.

Practice what you preach

A tip for managers. If you get agitated at someone bringing their laptop to a meeting or forgetting to silence their phone, remember to do the same. Employees follow your example.


Protect trade secrets, avoid the burn

Original story posted by Roy Maurer on Society for Human Resources Management website. 

An appellate court recently struck down a company’s trade secrets misappropriation claims because the company failed to protect its intellectual property (IP) as confidential or proprietary.

The Massachusetts Appeals Court ruled in Head Over Heels Gymnastics Inc. v. Ware that defendant Harriet Ware did not steal her former employer’s trade secrets because the information at issue was never identified as such.

Ware was hired as an at-will employee in 2006 to work with gymnasts at Head Over Heels gymnastics academy in Norwell, Mass. When she accepted the position, Ware acknowledged that she had received and understood the employee handbook, which failed to include a noncompetition covenant or any mention of trade secrets.

Head Over Heels maintained a list of the people who trained at the school, including their names, addresses, telephone numbers and e-mail addresses. The information was available to all employees and was never identified as confidential or proprietary.

When Ware was terminated in 2012, she opened an academy of her own, taking approximately 30 Head Over Heels gymnasts with her.

The company sued, alleging that Ware misappropriated its trade secrets, violated her duty of loyalty by contacting its customers and unfairly competed with it.

The court held that because Ware was an at-will employee, she owed Head Over Heels no particular duty of loyalty and was free to “plan to go into competition with ... her employer and take active steps to do so even while still employed.” Further, absent a noncompetition agreement, Ware’s ability to compete with Head Over Heels was not constrained. Lastly, the court determined that Ware did not misappropriate her employer’s trade secrets because the school’s customer list was not legally considered a trade secret.

The court said that in determining whether information is proprietary to a business, “we look to the conduct of the parties and the nature of the information.” A determination about confidentiality is based on several factors, “including the extent to which the information is known outside of the business, the extent of measures taken by the employer to guard the secrecy of the information and the ease or difficulty with which the information could be properly acquired.”

Head Over Heels argued that everyone at the company understood that its customer list was intended solely for the purpose of the business and was neither publicly known nor available.

Nevertheless, the court ruled that, “as a matter of law, the [customer lists] are not trade secrets or confidential proprietary information. It is undisputed that the [customer lists] were available to all staff and employees and were distributed to Head Over Heels’ gymnasts and their families. The broad dissemination and availability of the [customer lists] indicates that Head Over Heels was not trying to guard the secrecy of the information. Importantly, much of the information found in the [customer lists] was readily available in the public domain and could have been easily obtained.”

The court therefore deemed Head Over Heels’ trade secret claims “unrealistic.”

Employer Takeaways

What can employers do to protect against confidential information being used by a former employee? “For starters, if you have confidential information, let everyone with access to it know that it is confidential, either through a designation in the company handbook, when they are given access to the information for the first time or any other obvious way,” said Shepard Davidson, a partner at Burns & Levinson LLP based in Boston.

Limiting access to the information and keeping it secure are additional ways to preserve confidentiality, he said. Training and reminding departing employees about their confidentiality obligations during exit interviews are also good ideas.

“The good news is that a company’s efforts in this regard are measured by a standard of reasonableness, not perfection. So if you have information that you believe is important, confidential or propriety, take some time to set up reasonable systems to protect that information,” Davidson said.

Follow Roy Maurer on Twitter at @SHRMRoy


The App Will See You Now, But May Not Get The Diagnosis Right

Originally posted by Martha Bebinger on July 9, 2015 on khn.org.

There’s a warning out today for those who go online or to apps to figure out why they have an upset tummy or nagging cough or occasional chest pain. Symptom checkers, those tools that ask for information and suggest a diagnosis, are accurate only about half of the time.

The finding is from a Harvard Medical School study that reviewed 23 sites, such as WebMD, the Mayo Clinic and DocResponse. One third listed the correct diagnosis as the first option for patients. Half the sites had the right diagnosis among their top three results, and 58 percent listed it in their top 20 suggestions.

Dr. Ateev Mehrotra, one of the study’s authors, urges patients to be cautious when using these tools.“These sites are not a replacement for going to the doctor and getting a full evaluation and diagnosis,” he says. “They are simply providing some information on what might be going on with you.” About a third of U.S. adults use the sites, although not necessarily in place of going to the doctor.

Some of the diagnostic questions are also used by nurse triage phone services and, Mehrotra says, these online tools are about as accurate as the call-in lines offered by many insurers and physician groups. “[They are] better than just a random Internet search,” he said.

Researchers entered the symptoms of 45 patients from vignettes used to train medical students. The Mayo Clinic’s first online diagnosis was right only 17 percent of the time, but had the correct diagnosis on a list of 20 in 76 percent of cases.  Dr. John Wilkinson, who works on Mayo’s symptom checker, says the tool directs patients to medical research and prepares them to talk to their doctor.

“We’re always trying to improve but if most of the time the correct diagnosis is included in the list of possibilities, that’s all we’re attempting to do,” he says.

The diagnosis accuracy rate for physicians is 85 to 90 percent. But Jason Maude, who runs a high performing tool called Isabel, says he does not want a Web versus doctor showdown.

“The whole point is not to set the patient against the doctor or replace the doctor, but to make the patient much better informed and to ask the doctor much better questions, and then together they should do a much better job,” he says.

Isabel ranked well in the study, showing the correct answer more than 40 percent of the time in the first diagnosis and 84 percent in the top 20 answers. Those high results, Maude says, may be because the site lets patients type in their own description of symptoms. They might describe a “tummy ache” or “stomach cramps” rather than the more clinical choice of “abdominal pain” used by many online symptom checker tools. And Isabel asks just two or three questions before patients describe their problem, as compared to sites that ask patients to click through 20 questions — steps Maude said may discourage use.

Clarifying how and why patients use these tools is critical, say the study’s authors. They could reduce unnecessary office visits or inform patients as they talk with their doctors.  But for some, the tools may encourage people to seek unnecessary care.

Mehrotra says patients used symptom checkers more than 100 million times last year, a fact that may stun some physicians.

“While most doctors know patients are going to the Internet to search for medical advice, in terms of these symptom checkers, I’ve been surprised that few of my colleagues even knew they existed,” he says.


Can your smartphone tell you if you have depression?

Originally posted by Carina Storrs on CNN.com on July 15, 2015.

Getting a diagnosis of depression usually involves filling out questionnaires about your mood and undergoing lengthy interviews with a psychiatrist. But smartphone apps might be able to handle some of that work, and at least tell you if you are at risk of depression, simply by collecting GPS and other data, according to a new study.

Researchers at Northwestern University in Illinois tested an app they developed called Purple Robot. It uses data from a number of sensors in the smartphone that detect location, movement, phone usage and other activities to assess if a user is likely to have depression.

"The main reason for the development of the app is to see if we can objectively and passively identify if people are depressed," said Sohrob Saeb, a postdoctoral research fellow at the Feinberg School of Medicine at Northwestern University who is one of the developers of Purple Robot.

In the study of Purple Robot, Saeb and his colleagues at Northwestern and Michigan State University looked at GPS or phone usage data among 28 participants for two weeks.

They found that Purple Robot could identify 87% of the participants in the group who were determined to be at risk of depression according to PHQ-9, a nine-question test for depression, based only on GPS data on how much users moved between their regular locations. The more users moved around, the less likely they were to fall into the at-risk category.

In addition, by identifying the participants who used their phone the most, including everything from texting and playing games but not talking on the phone, Purple Robot could detect 74% of those in the at-risk group. Data on both GPS and phone usage were not available for enough participants to let the researchers see how well Purple Robot performed when both data sets were available, Saeb said.

However, PHQ-9 is only a screening tool that tells you if you have an above-average chance of having depression and is not enough to diagnose depression, said Dr. Scott Monteith, clinical assistant professor of psychiatry at Michigan State University, who has not been involved in developing or researching Purple Robot or other smartphone apps.

The way the test was used in the study, with a low cutoff score, it probably incorrectly identified many of the participants as being at risk of depression who were not, he added.

To get a better idea of the effectiveness of Purple Robot, the researchers are going to do a study involving more participants over a longer period to see if the app can detect changes in behavior over time, Saeb said. In addition, the group will see if they can improve Purple Robot's ability to spot depression by including additional data, such as how long people talk on the phone and who they talk to.

Depression is a debilitating illness that affects about 17% of people at some point in their lives. Meanwhile, it is estimated that by 2025 more than 5 billion people in the world will have a smartphone, and their sensing capability will be above and beyond that of today's iPhones, Androids and Blackberries.

There are probably hundreds of apps that promise to improve your mental health, from offering tests to gauge your depression risk to providing information about depression treatments. Others, like Purple Robot, are in the development stage.

Optimism and DBSA Wellness Tracker are two of the apps on the market that track your mood. Ginger.io goes further and analyzes data such as how much users move around on the weekends and how long they talk on the phone, as well as users' reports of their health, to alert them and their health care providers about concerns with their behavior and mental health. Ginger.io, which is in use at about 30 medical centers, is available through health care providers and as part of research studies.

However the problem with all the apps that are designed to warn about depression risk is that their effectiveness has not been demonstrated, Monteith said.

It is not clear how good these apps are at picking out people who have depression, Monteith said. What's more, it is not clear how these apps would be "embedded into a broader continuum of care" to ensure that a person or their doctor went from getting an alert from the app, for example, to that person getting a diagnosis of depression and getting proper care, he added.

Even if researchers can get a better handle on the effectiveness of these apps, there are still numerous questions regarding risks, especially about the data they collect not being secure and private, Monteith said.

"The data from these types of apps could potentially end up in anyone's hands, if the data are moved offshore, which a lot are," said Monteith, who co-wrote a recent article on health care data privacy. Another way data security could be compromised is that when a company is bought, the buyer may not have to adhere to the original terms and conditions about how the data are used, he added.

Experts including Monteith worry that once data get into the wrong hands, that could potentially jeopardize a person's ability to get a job, get life insurance or get a loan.

The best way to keep data secure, at least from hackers and thieves, would be to make sure the users control their data, such as by keeping it stored encrypted on their phone, and have apps analyze the data on phones, and never have it sent back to the app developers or other companies, according to Dr. Deborah C. Peel, leader of Patient Privacy Rights, a nonprofit advocacy organization. Monteith is on the advisory board of Patient Privacy Rights.

As for Purple Robot, some of these concerns may not apply for now. Saeb and his colleagues work with encrypted data. However if they eventually make the app public, if they can demonstrate its effectiveness, they would have all the data on secure servers at Northwestern. This type of data centralization, even on secure servers, is a "honeypot" for hackers, Peel said.

So far, the analyses that Purple Robot is doing are really only for research purposes, Saeb stressed. In addition to the work he is involved in, there is also research on whether the app can pick up signs of bipolar disorder among users.

The app gets its name because the color of Northwestern University is purple, and because the developers hope the app can act like a robot and automatically alert a user of his or her mental health risk and also make recommendations to possibly mitigate the risk, such as using the phone less or getting out of the house, Saeb said.

Despite concerns surrounding these apps, Monteith said he is "totally in favor of research [on them], that's what we need to do." However, he urged that researchers consider both effectiveness and risks in their studies. "We need to look at what the FDA looks at" when deciding whether to approve medical treatments and devices, Monteith said.