[hellomyguys]

As a One Medical customer, the experience post IPO has been awful. Hard to get appointments and less and less MDs available with incredibly high turnover. I wouldn't say their interests are aligned with mine at all, but agree the customer data being in Amazon's hands isn't great.

[smith7018]

That's probably an industry-wide phenomenon. One Medical IPO'd in January 2020. You know what happened after that? Covid, mass deaths, high burn out amongst medical staff, and a lot of career changes away from meeting Facebook-informed clients face to face.

Fuck Amazon, though.

[mountainriver]

There was huge attrition when Amazon announced the acquisition. Lots of high level talent out the door

[hellomyguys]

Actually this predated the IPO even. A reply reminded me that it actually started getting bad around 2018.

[ejb999]

this is not a problem with just One Medical - it is a huge problem in primary care everywhere.

New doctors generally don't want to go into primary care anymore - it doesn't pay nearly as much as being a specialist does, and you are expected to be available to your patients 365 days a year, 24 hours a day (at least that is what many patients think).

It is a pretty miserable business to be in right now, and not sure what is going to make it better.

[TMWNN]

>this is not a problem with just One Medical - it is a huge problem in primary care everywhere.

>New doctors generally don't want to go into primary care anymore

An amazingly high portion of Canadians don't have a family doctor <https://www.ctvnews.ca/health/despite-more-doctors-many-cana...>. In Atlantic Canada (the four easternmost provinces) it is impossible, repeat impossible, to get a family doctor if you don't have one <https://web.archive.org/web/20190226051406/https://www.thete...>. It's one thing to have shortages in rural areas—that happens in the US too—but Halifax?!? I've heard the same occurs in Vancouver too.

[lr1970]

> In Atlantic Canada (the four easternmost provinces) it is impossible, repeat impossible, to get a family doctor if you don't have one ..[snip].. I've heard the same occurs in Vancouver too.

I am confused. Vancouver is on the West Coast of Canada while your statement is about "four eastermost provinces". Is it then a nation-wide problem?

[TMWNN]

I've seen news articles discussing the issue occurring in Atlantic Canada, and have been told that it is also an issue in Vancouver. I do not know about elsewhere.

[crazygringo]

> and you are expected to be available to your patients 365 days a year, 24 hours a day

Boy, I wish. I've never had a doctor with any kind of special availability. I can leave a message at their office but it's not like I'll get any kind of response until later the next business day, and that will just be from an assistant.

For 24/7 needs that's what urgent care is for, or the emergency room if it's more serious.

[ellisv]

I know a few doctors and they're not necessarily directly available to patients but have to be on-call for nurses, MAs, etc. It's not 24/7/365 but its more than I get pinged when I'm on-call.

[coredog64]

Let's segregate customer data from medical data: The US has some (IMO) pretty strict laws about protecting PHI. One Medical isn't going to keep your data in an open public S3 bucket, and random Amazon employees aren't going to be snooping around your medical records on their intranet.

[chimeracoder]

> The US has some (IMO) pretty strict laws about protecting PHI. One Medical isn't going to keep your data in an open public S3 bucket, and random Amazon employees aren't going to be snooping around your medical records on their intranet.

HIPAA provides far fewer protections than you probably think it does, and flagrant violations are frighteningly common.

Worse, HIPAA provides no private right to recourse, so even if your PHI is exposed, you're not entitled to a penny in compensation.

HHS may fine Amazon, but to Amazon, $1.5 million (the maximum cap for all violations of a provision due to negligence) might as well be the cost of doing business. And you won't receive one cent of that.

[crazygringo]

Can you give an example about fewer protections than people think?

[chimeracoder]

> Can you give an example about fewer protections than people think?

For starters, HIPAA doesn't actually prevent your doctor or health insurer from selling your data to a third party. It also doesn't prevent that third party from giving that data to a fourth party, who can give it to another, and so on.

What happens if one of those tertiary parties has a breach and ends up exposing your data? In theory they're supposed to report it back up the chain, but in practice it doesn't go more than one or two links, if that.

So in short:

- you have no way of enumerating the number of entities who have legal access to your health data

- you have no way of finding out when it's been illegally exposed by any of the parties who have legal access to it

- if by chance you happen to find out about an exposure[0] you have no recourse except to report it to HHS, who may apply a statutory fine, but the fine is typically minuscule compared to the size, revenue, and profit of the guilty party

- if by chance you find out about an exposure of your PHI, you are not entitled to receive any compensation

All things considered, it's easier to enumerate the very limited ways that HIPAA does actually protect you than to enumerate the protections that most people incorrectly think HIPAA provides.

[0] a real-life example is you Googling the name of your partner and stumbling upon a publicly visible Excel spreadsheet containing the name, SSN, addresses, and medical diagnoses of thousands of patients

[1] see above

[ROTMetro]

Used to be the Joint Commision took HIPAA violations seriously. Do HIPAA violations no longer cause risk of losing Join Commision accreditation? That used to be the big sanction everyone worried about.

[Clubber]

HIPAA has some teeth, but I was surprised at the annual caps, which are insignificant to larger companies, like Amazon.

https://www.ada.org/resources/practice/legal-and-regulatory/...

[sklargh]

Your consent to be used in research is basically baked into anything you’ve whipsaw signed at a doctor’s office.

[chimeracoder]

> Your consent to be used in research is basically baked into anything you’ve whipsaw signed at a doctor’s office.

Eh, that's not exactly true. HIPAA isn't the only (or even primary) vehicle for safeguarding patients from research, and most research is conducted under the auspices of large (usually academic) institutions that have processes to ensure informed consent, which are in turn backed by other legal statutes or contracts. Those aren't perfect, but it's not correct to say that patients provide blanket consent when they begin at a new practice, or that HIPAA is responsible.

[JohnFen]

Doctors and hospitals can and do share sensitive patient data with drug companies for marketing purposes, for instance.

[ejb999]

Not to mention that there is already a better than decent chance that no matter who has your medical records, they are already being stored or backed up into one of the major cloud providers anyway.

[JohnFen]

> The US has some (IMO) pretty strict laws about protecting PHI.

But it has some pretty huge holes in it. A lot of telemedicine services aren't covered by HIPAA, for instance.

I'm not worried about Amazon keeping my data in a public bucket, nor about Amazon employees snooping in it -- but I am 100% worried about Amazon pulling some "anonymization" BS and using my data for purposes other than providing health care to me.

I don't trust Amazon with my less sensitive data as it is -- I absolutely wouldn't want Amazon anywhere near my health data.

[Mistletoe]

I’m imagining a utopia now where my privacy was protected as well as my medical data is with HIPAA.

Some of my family works in medicine and there is nothing that scares the pants off of medical administration more than a HIPAA data breach. There are real penalties for it from the government and they have to be reported. People responsible get fired.

[chimeracoder]

> I’m imagining a utopia now where my privacy was protected as well as my medical data is with HIPAA.

I'm imagining a utopia in which our medical data is as well protected as people think it is under HIPAA.

> Some of my family works in medicine and there is nothing that scares the pants off of medical administration more than a HIPAA data breach. There are real penalties for it from the government and they have to be reported. People responsible get fired.

The penalties are usually in the tens of thousands of dollars. That sounds like a lot, but it's really not when you consider that most breaches for which fines are levied usually affect many patients, not just one, and when you consider the annual revenue and margins of most of these responsible parties.

The fines are capped by statute at a value (about $1.5 million for all violations of a provision in a single year) that is laughably low.

[qclibre22]

>my medical data is with HIPAA.

Except your searching for medical conditions on google or amazon is not protected. They know.

[NickC25]

Strict yes, but a company with the lobbying budget of Amazon can easily get around those laws.

The USA has demonstrated time and time again a pattern of fining corporations a minuscule amount in comparison to the damage done.

Besides, even before it comes to fines and it's in discussion in Congressional chambers, Amazon lobbyists can say to practically any senator or congressman/congresswoman: "you want to go against us for antitrust reaons? Oh well, guess we're going to have to close that Amazon warehouse in your district that creates so many jobs...and oh yeah looks like that Whole Foods in your district isn't profitable, we're going to have to close that one up too."

[chimeracoder]

> Strict yes, but a company with the lobbying budget of Amazon can easily get around those laws.

They don't even need to lobby. They can just pay the fines. The fines are capped by statute at an egregiously low value, which to Amazon is chump change.

[NickC25]

And that's just disturbing to me - that a corporation can willingly and knowingly break the law, and the money they'll make from doing so is significantly larger than the fine they'll pay.

Why is that even remotely acceptable in a democratic society?

[ars]

You get your entire argument is imaginary right?

Amazon isn't actually doing this, and it isn't actually acceptable.

HIPPA fines are public, if they did this even once everyone would know.

[NickC25]

Imaginary? Not acceptable?

See the big banks collective responses to regulations placed on the financial industry in the aftermath of 2008 - if the fine is significantly smaller than the potential for profits, they will do those activities and pay the fine 100% of the time. This mentality is evident in many other sectors as well, especially with publicly traded companies.

Yes, I know HIPPA fines are public. However, Amazon has enough money to not care, and to never care. You know how many labor laws Amazon has blatantly violated and not cared? If they can capture an entirely new vertical (healthcare), their share price will increase despite looming lawsuits and pesky regulations. Amazon is a multi-trillion dollar company that focuses on growth at any and all costs.

[JohnFen]

It shouldn't be, but that's how the game has been played for longer than you or I have been alive.

The fact that the penalty for many serious violations consists of fines that represent a tiny fraction of the company's worth means that breaking the law is an easy economic decision for companies. Fines are just a cost of doing business, and not even a major one.

[BlackjackCF]

That's really disappointing to hear. I stopped using One Medical because I moved out of the country. I loved One Medical and was thinking about moving back to it this year now that I've returned to the US. Good to know that it's not a good idea.

[haliskerbas]

Also hidden fees. I never know what is free through insurance and the $200 video call they'll send me a bill for a long time later.

[lokar]

The turnover rate was really high in 2018/2019