Revealing Healthcare Networks Using Insurance Claims Data

 

As I noted in my post last week, every healthcare accountable care organization in the United States is trying to understand provider networks. Common questions include:

  • What is the “leakage” from our network?
  • What medical practices should we acquire?
  • What are the referral patterns of providers within the network?
  • Does the path that a patient takes through our network of care affect outcomes?
  • Where should we build the next outpatient clinic?

Much of this analysis is being done by using insurance claims data, and this post is about how such data is turned into a provider network analysis.  Here, I’ll discuss how billing or referrals data is turned into graphs of provider networks.  Most of us are now familiar with social networks, which describe how a group of people are “connected”.  A common example is Facebook, where apps like TouchGraph that show who you are friends with, and whether your friends are friends, and so on.  These networks are build with a simple concept, that of a relationship.

To describe a physician network, we first make a table from claims data that shows which physicians (D) billed for visits or procedures on which patients (P).  This is shown in the figure below.  Next, we tally which physicians billed for the seeing the same patient, and how many times, giving a common billing matrix.  The billing does not have to happen at the same visit or for the same problem, just over the course of the measurement period. Notice that the matrix is symmetrical, with the diagonal giving the total number of patient encounters for each doctor.  This type of matrix is referred to as a distance or similarity matrix.

BillingNetwork

The provider network graph plotted from the above example shows the network relationship between four doctors.  The size of the circle shows total number of patients billed for by that doctor, and the width of the line shows the strength of the shared patient connection.

Network

Now, if we have this data for a large network, we can look at a number of measures using standard methods.  In the above example, we can see that the two orange providers are probably members of a group practice, sharing many of the same patients and referring to many of the same providers. See this humorous post by Kieran Healy identifying Paul Revere as the ringleader of the American Revolution using a similar analysis!  Providers in red are “out-of-network”, and with connections to a single in-network physician.  However, the graph itself does not reveal the reason that these out-of-network providers share patients with the in-network provider.   It could be that the out-of-network group offers a service not available within the network, such as gastric bypass, pediatric hepatology, or kidney transplantation.

It is not difficult to see that you could create network representations using many types of data.  Referral data would allow you to add directionality to the network graph.  You could also look at total charges in shared patients, as opposed to visits or procedures, to get a sense of the financial connectedness of providers or practices.  Linking by lab tests or procedures can show common practice patterns.  Many other variations are possible. Complexity of the network can increase with the more providers and patients in the claims data you have.

These simple graphs are just the beginning.  Couple to network graph with geospatial locations of providers, and you add another layer of complexity.  Add city bus routes, and you can see how patients might get to your next office location.  Add census data, and you can look at the relationship between medical practice density, referral patterns, and the average income within a zip code area.  The possibilities are incredible!

So why is this big data?  To build a large and accurate network, you  need to analyze millions of insurance claims, lab tests, or other connection data.  Analyzing data of this size requires large amounts of computer memory and, often cluster computers, and distributed computing software such as Hadoop (more on this in a future post).  We owe a very large debt to the “Healthcare Hacker” Fred Trotter, who created the first such open source, very large, network graph from 2011 Medicare claims data for the entire United States, called DocGraph. The dataset can be downloaded from NotOnly Dev for $1 here.  This graph has 49 million connections between almost a million providers.  Ryan Weald created a beautiful visualization of the entire DocGraph dataset, which I will leave you with here.

DocGraph

Geospatial Data and HIPAA

How have privacy regulations affected the use of GIS data?

Since 1854, when John Snow used geospatial mapping to locate the well spreading cholera in London, GIS data has been a cornerstone of public health and epidemiology research.  Today, a wealth of data sources are available for research.  For example, locate a patient within a census tract in the United States, and a variety of information such as average income in the area, demographic data, and other census information can be linked directly to your patient-specific study data.  Alternatively, in this innovative study from Brazil GIS mapping software was used to determine that the distance an expectant mother had to travel through urban transportation networks to reach healthcare was an important risk factor for death during pregnancy.  Similar studies have used GIS data to examine infant mortality, rural population HIV-mortality, and tuberculosis control measures.  While geocoding large amounts of data for medical epidemiology studies can be extremely informative, you need to be careful not to run afoul of government privacy laws, especially the HIPAA privacy rule in the United States.

The Health Information Portability and Accountability Act (HIPAA) rules define personal health information (PHI), which may include diagnoses, test results, payment or visit information.  The intent was to protect people against disclosure of health information in conjunction with information that could reveal their identity.  This identification information consists of 18 identifiers, such as name, social security number, and date of birth.  The definition of “identifiable information” also includes any data that would allow another person to re-identify a person directly or indirectly without access to a specific code or key.  For geospatial information, the personal identifiers include a person’s street address and ZIP code.  GIS coordinates are considered  an “equivalent geocode”, meaning that they are as good as a street address.  Imagine a map plotting the location of eight people infected with HIV in a sparsely populated rural area.  It would not take much to match that data up with a specific person.  The point is that all such information needs to be de-identified before it can be released or worked on outside of a HIPAA compliant data storage and analysis environment.

De-identification of GIS data in healthcare research can be thought of as a two part process:  de-identifying data while obtaining a set of coordinates used to plot a person’s location, called geocoding, and de-identifying the data when presenting the results of your research.

Geocoding is the process of translating an address into set of XY coordinates that can be used to plot a location on a map.  You could do this easily by feeding a list addresses into one several geocoding services on the internet such as bulkgeocoderGoogle, Mapquest, cloudmade, or  ArcGIS Online.  But, if you have lists of patient data, this could be a massive HIPAA violation. The best way to make sure you are HIPAA compliant is to use a geocoding firm with which you have a business association agreement (BAA) that will take your information and generate the geocodes in a HIPAA compliant and secure environment. An important best practice is to process a list of addresses that have been separated from any other information, and can only be linked by a secure, randomized key.  Once the geocoding service returns your data, you can link it back to your complete research file.  It is unclear, however, whether submitting a list of  addresses using an e-mail address containing information about a diagnosis (e.g. Researcher@DiabetesInstituteResearch.Org) outside of a BAA would constitute a breach, since one might infer the diagnosis of people at addresses on the list from the organization name.  Best to consult your organization’s privacy officer about this issue.

Once you have done your analysis, and wish to publish plotted geocoded data, it must be done in a way that you cannot identify an individual by examining the data set alone or in combination with other publicly available data.  Think of the map of firearm owners in Westchester county published by a local newspaper.  If it had been a map of people with a diagnosis of leukemia, it would have been a HIPAA violation.  Deidentification methods could be quite sophisticated, such as statistical de-identification.  An interesting workshop sponsored by the department of Health and Human Services discussing these issues can be found here.  Several methods are available to avoid this pitfall:

  • Point aggregation – combining points into geographic bins, such as zip code areas, counties, states, or other areas.  This way, no individual data point is identifiable as a person, but the bins must have a sufficient population and subject density.
  • Geostatistical analysis – One example is creating a probability map, where any area represents the probability of a study subject having a particular condition or value.  Again, no individual points are plotted.
  • “Jittering” data involves adding or subtracting some random values to a precise GIS location so that an individual point is not precisely located on a diagram.
  • Data point displacement by translation, rotation, or change of scale.

Resolution of the map is also important, as is the population density of the area you are plotting data for.  One needs to be careful, as well, that the de-identification methods do not change the validity of your research results.

So, the use of large GIS data sets is a tremendous opportunity for population health research, but requires specific practices with respect to de-identification when analyzing and publishing that data.  Geocode and aggregate carefully!