| |
|
PUBLICATIONS
M.D. Confidential
The government is intruding on patients'
right to privacy
Twila Brase, R.N., P.H.N.
The relationship with the patient hinges on trust. Patients
believe that words spoken, diagnoses given, and treatment provided
should be held in confidence. Unfortunately, the integrity of the
exam room conversation is now jeopardized by corporate contracts,
insurance policies and new laws.
Public awareness about outside access to private medical
records is having a clinical affect.clinical impact of growing
public awareness about outside access to private medical records.
Nancy W. Dickey, M.D., current president of the American Medical
Association put it well when she told Nightingale News in 1996,
"These days, insurance companies don't want summaries; they want
the whole record. So I think twice about what I include. Then I
hope I can remember it all...If patients fear that what they tell
me could come back to haunt them, they'll tend to be less
forthright. I may come up with the wrong treatment because I was
chasing the wrong clues."
Because patients can still use self-payment to avoid
disclosure to insurers and employers, the greatest concern is
federal and state access to medical records without patient
consent &emdash; a phenomenon in direct conflict with the Fourth
Amendment's protection against unreasonable government searches
and seizures. Under the ruse of cost containment, health care
reform laws across the nation are opening patient records to
government officials, designing new state and national tracking
systems, and developing electronic systems for instant access to
medical records.
Minnesota
In Minnesota, state access to private medical records has come
about through intertwined public-private initiatives. The 1993
MinnesotaCare bill mandated state collection of health care data
from providers and payers for cost containment. In 1995 the state
was given full access to all medical records (without patient
consent) for research, cost analysis, quality assessments,
utilization review, and outcome data. The Minnesota Health Data
Institute, a public-private arrangement involving payers,
employers and the Minnesota Department of Health (MDH), was
created to facilitate access to medical records. The Wisconsin
Medical Society has considered a lawsuit against the State of
Wisconsin for similar legislation.
As an example of the state's collection activities, in April
1998 Minnesota Health Commissioner Anne Barry testified that the
MDH collects individually identifiable information on more than 90
health care conditions without patient consent. Further
documentation revealed eleven disease- and injury- specific state
databases, and five community-based immunization registries.
Statisticians, politicians, and epidemiologists may find
disease databases useful, but the 1997 birth-defect-registry
debate in the state Legislature demonstrated a zealous disregard
of individual rights when "a greater good" for society has been
defined without consideration of constitutional limits.The MDH,
with the assistance of the March of Dimes, attempted to create a
birth defects registry to monitor and track all children with
birth defects &emdash; and their parents &emdash; without the
knowledge or consent of either. The bill was defeated when
concerned legislators amended parent and patient consent to the
bill, causing proponents to strip the registry language out of the
final omnibus bill because they feared a precedent for future
databases.
Immunization registries pose a more complex conflict. Many
physicians, who could understand the intrusiveness of the birth
defects registry, can easily define a public health benefit and
convenience factor for immunization registries. However, opponents
point out that mandatory enrollment of children and adults, rather
than an opt-in provision, could easily lead to a national patient
database. Consider that in 1997 the Pennsylvania Forum for Primary
Health Care's publication Immunization News said that unique
national identifiers, standardized code sets, and computerized
patient records "can contribute toward what could ultimately be
more comprehensive clinical and preventive data bases."
The Nation
The push for government access to medical data without patient
consent is strong at the national level as well. The 1996 Health
Insurance Portability and Accountability Act (HIPAA) expanded
federal powers to inspect medical records for fraud and mandated
four new national health care identification and tracking systems.
Although the patient identifier got negative media attention and
was stalled by the 1998 appropriations bill, provider, employer,
and payer identification systems are moving forward with little
public knowledge or debate.
The National Provider Identification (NPI) system has received
new federal funding for rapid implementation. The eventual rollout
of the system may leave health care professionals and medical
suppliers stunned by its intrusiveness.The proposed regulation
requires 43 data elements on each provider, application for a
federal number by all providers, "enumerators" to issue the
numbers, financial penalties for noncompliance or failure to
report changes in data and little restraint on outside access to
private data that the providers supply.
As a result of those systems, HIPAA required Congress to pass
privacy legislation by August 1999 or accept as administrative
rule the U.S. Department of Health and Human Services Secretary
Donna Shalala's September 1997 recommendations. Those involved
unprecedented government access to medical records &emdash;
without consent &emdash; for law enforcement and "national
priority activities" such as oversight of the health care system,
public health, health research and state health data collection.
In response to Shalala's recommendations and in hope of negating
the August 1999 deadline, Rep. Ron Paul, R-Texas, tried
unsuccessfully to repeal the entire enumeration section of HIPAA
in the 1998 appropriations bill.
Leaders in Congress appear unwilling to pass meaningful
privacy legislation. The failed 1998 Republican Patient Protection
Act (PPA) would have increased sharing of patient information for
any purpose classified as "health care operations," and a 1998
copyright bill would have granted federally protected corporate
ownership of database information. Opponents feared ownership
could allow the exchange and sale of medical data without
discretion. Although both data proposals failed, the likelihood of
strong privacy protections appears slim.
Some members of Congress, such as Rep. Bill Thomas, R-Calif.
(who while in Minnesota publicly chastised Minnesota legislators
for restricting access to medical records), appear poised to use
federal legislation to dismantle any state law that protects
patient privacy. Minnesota's minimally protective medical records
law, passed in 1996, pertains only to those records generated
after January 1, 1997, and only to requests for the entire medical
record. It is, however, one of the only medical records law in the
nation that strives to require written patient consent before
medical records can be accessed by medical researchers from
outside the institution that holds the records.
Computerized Access
Another alarming trend is government officials' advocacy of
computerized medical records and computer chip technology &emdash;
smart cards. Minnesota's 1997 legislature considered a
governor-supported smart card proposal called the "MNCard." Had it
passed, it likely would have become the mandatory identification
and access card for all Minnesotans. Documents describing the card
suggested many uses beyond medical records including phone and
bank functions, workstation access, and drivers license.
The recent Western Governors' Association (WGA) decided to
test a smart card in Bismarck, N.D., Reno, Nev., and Cheyenne,
Wyo. &emdash; a health care card focused on immunization. Privacy
advocateds fear that the Health Passport Program (HPP) could be
used to access individually identifiable medical records and
perform medical research without patients' consent. According to
the WGA, the HPP "is one dimension of a much broader public health
strategy for the next century [and] will ensure convergence with
financial and retail industry plans for a universal transition to
smart cards by the year 2000." In the future, the health passport
may become as mandatory for health care as a citizen passport is
for international travel.
A less obvious threat is the U.S. Commerce Department's recent
grant to Sequoia Software Corporation for development of a master
patient index (MPI). Piloted at Johns Hopkins Health System, it is
designed to achieve systemwide linkages among an individual
patient's medical record &emdash;in all places they are located
&emdash; by using demographic information such as Social Security
numbers. Given the media reaction to the medical ID proposal,
government officials may see MPI as a less obvious and therefore
more acceptable method of tracking individuals through the health
care system.
Beware
Physicians are now in a difficult position. Their ethical
obligation to patient confidentiality runs in direct opposition to
state and federal laws demanding greater access to patient
records. Clinics run the risk of becoming government research
laboratories. At this rate, patients may soon find that they are
research subjects under a government-imposed obligation.
Most people make health care access decisions based on fear.
Fear of death, fear of pain, fear of the unknown. If the fear of
public exposure, political blackmail, employment discrimination or
government surveillance is greater than the fear of potential
disease and incapacity, the result could be incomplete patient
disclosure, costly delay, skewed research results, and unwanted
medical outcomes.
Physicians must not be willing or powerless accomplices. The
trust necessary for good medical care is the heart of the entire
medical system. Government officials and legislators are rapidly
moving toward an open season on patient information, and
physicians must respond.
Twila Brase, R.N., P.H.N., is president of the St.
Paul-based Citizens' Council on Health Care, a non-profit
organization focused on policy affecting health care access, cost,
and delivery.
Reprinted with permission of the Minnesota
Physician magazine, which holds the copyright on this article. No
copies, reprints, or reproductions of this article may be made
without the express consent of Minnesota Physician Publishing: #612-728-8600 or mpp@mppub.com.
|
 |
Citizens' Council on Health Care
1954 University Avenue West, Suite 8, St. Paul, MN 55104
Phone: 651.646.8935 / Fax: 651.646.0100, e-mail
|
| |
