From: JWRCLUM <JWRCLUM@aol.com>
To: cypherpunks@toad.com
Message Hash: 425586d5c5119a9d2a48549bfe1bfac533804e5519966a0da0dcdf5ebb843511
Message ID: <476eb078.34f7399b@aol.com>
Reply To: N/A
UTC Datetime: 1998-02-27 22:10:12 UTC
Raw Date: Fri, 27 Feb 1998 14:10:12 -0800 (PST)
From: JWRCLUM <JWRCLUM@aol.com>
Date: Fri, 27 Feb 1998 14:10:12 -0800 (PST)
To: cypherpunks@toad.com
Subject: Medical Privacy Alert --- please redistribute to all concerned
Message-ID: <476eb078.34f7399b@aol.com>
MIME-Version: 1.0
Content-Type: text/plain
AMERICAN CIVIL LIBERTIES UNION OF MASSACHUSETTS
99 Chauncy Street, Suite 310, Boston, MA 02111
(617) 482-3170 Fax (617) 451-000
CONTACT: John Roberts
(617) 482-3170 http://users.aol.com/mcluf/home.html
BENNETT-JEFFORDS BILL PLACES MEDICAL RECORD PRIVACY AT RISK
The confidentiality of the doctor-patient relationship will be totally
undermined as medical records become widely available without patient
knowledge or consent.
BOSTON - February 27, 1998. On Thursday 2/26/98 the United State Senate's
Labor and Human Resources Committee heard testimony concerning a bill proposed
by Senators Bennett and Jeffords that, if passed, would license the widespread
disclosure of personal medical information contained in files held by doctors,
hospitals, employers, educational institutions, and others.
The bill which purports to be a privacy bill is, in fact, just the opposite.
It places virtually no restrictions on the disclosure of personal medical
records within health care entities (no matter how large and geographically
widespread) or to a long list of other entities and agencies including the
following:
- any agents or contractors of the health care entities
- Public Health Agencies, Oversight Agencies
- Health Care Accreditation Agencies
- State Health Care Databases
There are major loopholes in access provisions for
- Health Care Researchers
- "Outcome" analysts ("cost/benefit" analysts for hospitals, HMO's,
insurers, etc)
Even law enforcement agencies will have easy access to browse computerized
medical record systems for so-called "legitimate" investigatory purposes.
This will make every American's medical record part of a new massive law
enforcement database.
The bill will destroy the confidential "doctor-patient relationship" and
replace it with a new "patient-health care industry relationship."
"This bill serves only the interests of the burgeoning health care industry,"
said John Roberts, Executive Director of the ACLU of Massachusetts. "It
allows the transfer of your medical records to many entities that stand to
profit from its information. Gone is doctor-patient confidentiality. Your
doctor cannot protect your most sensitive medical information from many
entities outside your medical facility. Even employers who have health plans
are considered 'health care providers' in the Bennett-Jeffords bill. How many
of us want our employers to have access to any of our medical records without
our knowledge or consent?"
The bill will also
- Impose requirements that patients sign blanket consent forms for release
of information as a condition of getting treatment, even for self-pay patients
- Redefine "treatment" to make the patient's record a subject of continuous
research
- Blur the boundaries between individual patient care and the so-called
"Population Management" and "Disease System Management"
The bill will pre-empt all state laws which may be more protective of the
confidentiality of medical records.
The bill will not apply even its own minimal privacy protections to so-called
"non-identifiable" medical records information. But...interestingly, the bill
also refers to issuing "keys" to re-identify previously purportedly "non-
identified" information. A formal logical analysis of this reveals that the
bill itself admits that what it calls "nonidentifiable" medical record
information is actually identifiable (i.e. containing patient information).
The ACLU of Massachusetts believes that what is really needed for medical
privacy protection would be the following:
- Federal law should set a foundation or floor of privacy protection
- State laws which are more-protective of patient's rights should not be
preempted
- No "Unique Patient Identification Numbers"
- No electronic "linkage" of patient records stored in various sites
- Computerized patient records must be encrypted with keys provided only to
those directly involved in the individual patient care
- The right of the individual patient to contract directly with physicians
and health care providers regarding the privacy of the patient's medical
records.
-end-
Return to February 1998
Return to “JWRCLUM <JWRCLUM@aol.com>”
1998-02-27 (Fri, 27 Feb 1998 14:10:12 -0800 (PST)) - Medical Privacy Alert — please redistribute to all concerned - JWRCLUM <JWRCLUM@aol.com>