back to Niagara Falls Reporter archive
OLEAN -- Back in March, in this space, your trusty scribe fretted over a Bush administration proposal to change health care rules drawn up during the Clinton years, and change them for the worse.
The predicted revision was that patients would no longer be required to give explicit written consent for use of their treatment records and other personal health information.
At the time, Sue A. Blevins -- the tough-as-nails president of the non-profit think tank Institute for Health Freedom and a lady who knows as much as any one person in Washington about medical privacy -- objected strenuously to the Bush plan and the Health and Human Services secretary's blueprint for implementing it.
"What they're saying here is, 'We can do what we want, and then we'll tell you about it,'" she commented to the Reporter.
Well, last week -- as published Aug. 14 in the Federal Register -- the Bush administration pretty much did what it wanted regarding medical privacy, which was to basically erode it badly, then quietly tell us about it. Blevins was right.
A press release by HHS Secretary Tommy G. Thompson brags that his issuance of a "final regulation" regarding medical privacy "protects the confidentiality of Americans' medical records."
The "final regulation" -- which does not require congressional approval and is pretty much chiseled in stone at this point -- takes effect in April of next year. Instead of letting you decide who gets to learn about your lumbago, it would grant federal authority for all sorts of data processors, insurers, researchers, government officials and bookkeepers to gain access to previously private information about an individual's health or lack of it.
These include not only treatment records, but payment ledgers, evidence of operations, lists of medical procedures, prescriptions, health history transcripts, suspected illnesses, diagnoses, the works.
In issuing the "final rule," Secretary Thompson dusted off the Bush administration's standard line on the subject since it came in -- that patients are actually getting screwed by existing privacy rules, because they limit access to quality care in this age of easily obtained electronic information.
"For example," said Thompson in his press statement, "patients would have been required to visit a pharmacy in person to sign paperwork before a pharmacist could review protected health information in order to fill their prescriptions. The prior regulation, while well-intentioned, would have forced sick or injured patients to run all around town getting signatures before they could get care or medicine."
The secretary wasn't fooling Blevins. She would have none of it.
"How can HHS say patients' privacy is being enhanced when, in fact, HHS is actually granting legal access to patients' records without their consent? If Enron or WorldCom executives had distorted the truth the way HHS officials have about the federal medical privacy rule, they probably would be charged with false advertising."
By removing the requirement for specific written consent from the patient before a doctor can release personal health information, she says, such medical records may be transferred over the Internet without anyone but the sender and receiver having a clue.
"Most Americans won't know this is happening," said Blevins, "because under the federal medical privacy rule, citizens will not get an accounting of disclosures for routine uses of their personal health information."
"The HHS fact sheet about the federal medical privacy rule," she adds, "is very misleading. That's because while claiming to be committed to 'maintaining protections for the privacy of individually identifiable health information' the HHS privacy rule does not prevent government or the medical industry from compiling and sharing individuals' personal health information -- including genetic information -- without individuals' permission."
The truth is, it is fairly easy already -- even before this "final rule" is cemented -- for medical researchers, state and federal bureaucrats, military commands, police agencies, private detectives and plain old computer geeks to gain easy online access to such medical records.
And don't think this issue won't brush up against you in the most unexpected ways. Computerized information is notoriously fallible.
Louis Mizell Jr., a Maryland privacy consultant, had a recent client who was denied thrice for promising government jobs, despite a pristine employment record, a good professional reputation, a doctorate in her field and a boatload of commendatory references.
Something, she knew, must be wrong. She sought Mizell's help.
"Someone in government had improperly gotten ahold of her credit card records," said Mizell, "and noticed she bought an enormous amount of booze, and concluded she had a drinking problem."
So what was the real story?
"It turns out the woman ran a successful catering business on the side, in which she used ample recipes calling for alcohol," recalls Mizell. "It's scary that something like this can get into the system. It goes into a black hole and lives there forever."
The victim of this violation of privacy, who didn't want her name used, sued the prospective government employers and settled before trial or much publicity.
This is all basically the fault of Congress. Six years ago, the House and Senate -- amid much hoopla, bloviation, empty promises and speechifying -- acknowledged a need for national, codified medical privacy standards. As part of the important HIPAA (Health Insurance Portability and Accountability Act) legislation of 1996, Congress gave itself a three-year deadline to enact these protections.
By the time the deadline rolled around, of course, big pharmaceutical and data processing firms -- plus health insurers, telemarketers and just about anyone else with a vested interest in mooching medical records -- had spread so much campaign money around, and done such an effective job lobbying, that your intrepid elected officials decided to take a walk.
When medical privacy was mentioned, there were more intentional passes in the marble halls of Congress than even Barry Bonds sees in a year. The HIPAA law required that if Congress did not meet this deadline, the job would be up to HHS to adopt privacy protections by issuing regulations.
Hey, let the bureaucrats do it, figured members of Congress. That way, if we take heat from constituents, we can point at HHS as the culprit and make big fancy speeches about it when we run again for office.
Which is precisely what will happen once the public starts raising hell about this.
The world has changed so fast since a year ago this time, it's hard keeping up with this stuff. It's also dispiriting. But it's important. As tough as these times are, more insults to your privacy and sense of individual being are right down the pike.
Two years ago, I raised a minor fuss by writing about MicroStrategy founder and stock wunderkind Michael Saylor -- an early hero of the ridiculously inflated dot.commer bull market -- in which I explained his proposal to upload information directly into people's brains via a computer chip or tiny electronic transmitter placed near the ear bones or any other convenient location in the skull.
Saylor called this "telepathic intelligence" using sophisticated "customer intelligence channels" and thought it would be swell if ordinary folks could get real-time info 24 hours a day, seven days a week, just as they were doing things that needed quick decisions.
Your stock is tanking -- sell. Your spouse wrecked the Volvo -- call the insurance company. You took a wrong turn -- go back down the street and hook a right. You forgot the wine and cheese for the party -- stop at that little shop on the way home.
Saylor was ridiculed for his idea. Fordham law professor Joel Reidenberg, an information privacy expert, said such chip implants would destroy the foundations of a democratic society, and that "the information control aspects are beyond what George Orwell could have dreamed about."
Saylor on medical privacy was even more interesting. He wanted the federal government to simply make the mammoth Medicare database available online so it could easily be compiled and searched by his information-harvesting firm to discover medications and unsafe physicians.
"Give me your medical records," Saylor once said, "and I will give you more life."
MicroStrategy, of course, once worth over $300 a share, for reasons other than the above dropped so fast that Saylor personally lost $6 billion in a single morning. He no longer draws rapt attention when he puts forth these creepy ideas.
Secretary Thompson's "final rule" on medical privacy may be just a paving brick in that dire road to perdition. But one fine morning ...
| Niagara Falls Reporter | www.niagarafallsreporter.com | August 20 2002 |