Pro-Privacy Will Continue to Grow

More and more genuine consumer pro-privacy groups —as opposed to privacy-lite, industry-supported, faux consumer organizations—are speaking out to restore privacy in electronic health systems. Support for privacy rights will build and build. There may be set-backs, but we cannot be stopped. See this recent article on Consumer Watchdog supporting patient privacy.

The real reason privacy will win is simple and practical: electronic systems will never be trusted or work unless consumers control personal health information.

In the words of Justice Brandeis: “The right to be let alone is the most comprehensive of rights and the right most valued by civilized men. To protect that right, every unjustifiable intrusion by the government upon the privacy of the individual, whatever the means employed, must be deemed a violation of the [Constitution].” Justice Brandeis 1928.
Olmstead v. United States, 277 U.S. 438, 478, 48 S.Ct. 564, 572 (1928) (Brandeis J., dissenting).

Brandeis dissented from the conventional wisdom of his time. Today we are the dissenters from the CW of our time, but like Brandeis’ dissent, ours will prevail.

DoD does WHAT?

It is fascinating that the DoD clearly believes it owns and can use the personal health information of 12 million active duty military personnel for whatever purpose it decides. In this case, the DoD is paying a for-profit corporation to do research on active duty military personnel without their consent.

Maybe when you join the military you lose all privacy and Constitutional rights. I don’t know, I’m not a lawyer. If so, that is a steep price to pay to serve your country: losing all health privacy for yourself and your relatives forever. Do those who join the armed forces know they are signing up to become medical guinea pigs? Do they really understand the consequences for their futures and their families futures?

Many questions abound:

• Are the electronic records adequately secured? What a rich target: 12 million health records! What if enemies hack the privately held data base to learn about key military leaders?

• Will Phase Forward continue to use and sell the records for other purposes as HIPAA authorizes? Other data management corporations (such as Thomson Medstat) the government pays to perform fraud and waste audits obtain millions of health records that they later aggregate and sell to employers without anyone’s consent.

• Furthermore–this is clearly medical research without informed consent. That is simply unethical and illegal. The US signed the Declaration of Helsinki after WW II because Nazis did human research without consent. Back then America recognized the need for informed consent before research takes place. Today, the codes of research and medical ethics still require patients to give informed consent before personal records can be used or disclosed. Why is this project not being done with informed consent when new ‘smart’ electronic consent tools could make it easy, cheap, and fast to obtain informed consent and explain all the risks and consequences?

Review this article from the Washington Post’s Government Inc. Blog for more information:
Data Mining for DoD Health

Electronic Health Records wired for abuse

“Oops! They did it to Britney again.” No, it’s not a song parody, but a reflection of the poor state of American health privacy – something Bay Staters should think about as their Legislature considers a bill to mandate Electronic Health Records (EHRs).

Staff members at UCLA’s Medical Center are under investigation over allegations staffers accessed Britney Spears’ medical records earlier this year. Sadly, this is not the first time individuals other than the paparazzi violated Spears’ privacy; staffers also took inappropriate peeks when her first child was born.

Most Americans think the Health Insurance Portability and Accountability Act (HIPAA) protects their privacy and that the HIPAA notice they sign at the doctor’s office lists all of their rights to privacy. In fact, that HIPAA notice lists the vast number of ways their private health information can be used, without asking and over objections.

HIPAA was originally intended to protect privacy. Regulators earlier in this decade rewrote the rule to sanction disclosure of medical information for treatment, payment or health care operations.

“Particularly troubling about HIPAA’s Privacy Rule is the governmental authorization for covered entities to use patients’ confidential information without their consent for health care operations that are unrelated to “payment or treatment,” writes Dr. Richard Sobel, senior research associate in the Program in Psychiatry and the Law at Harvard Medical School. Sobel explains that “health-care operations” can include using information for marketing purposes, which normally would require written consent.

Data-mining firms were given a gift by the rewriting of the HIPAA Privacy Rule. Data-mining firms can obtain information about your prescriptions, treatment for mental health and genetic predisposition to illnesses. That information can be passed on to credit firms, marketing firms and even prospective employers.


Patients need progress and privacy in this digital era. The only way to ensure we get both, and avoid the negative “celebrity treatment” Spears received, is to ensure the health IT bill signed by the governor fully recognizes the right of patient consent.

View the Full Story

Privacy concerns mount amid the ‘microchipping of America’: Businesses seek patents on more applications for RFID

RFID chips are being used more and more in health care. Today the main use proposed is to track whether you receive “authentic” or “fake” medications. The US pharmaceutical industry wants to track whether or not we take and refill brand-name medications. But this is a huge intrusion into the relationship we have with our doctors. If you don’t want to take a medication for whatever reason: side-effects, costs, fears, feeling it does not work, etc——the person to discuss this with is your doctor, not a drug company! There are many valid reasons to change or stop medications. The only people qualified to decide whether you should stay on a particular medication or not are you and your doctor.

The Health Record Paparazzi is Above the Law and In Bed With Congress

We learned today that all of us are a bit like George Clooney: the Health Record Paparazzi loves a celebrity, but it loves the average American just as well. Instead of intrusive cameras flashing and TMZ taping our every move, we have insurers, employers, hospitals, doctors, pharmacies, drug companies, marketers, creditors and banks digging around for our most personal, intimate information.

HIPAA protects no one, including movie stars. The HIPAA regulations were changed by a Bush appointee that defy the ancient doctor-patient promise that when a patient goes to their doctor, whatever they share will be kept private. No one can make that guarantee anymore. To see the fine print visit Patient Privacy Rights.

Over 4 million individuals and businesses can see and use our health records, without consent and over objections. HIPAA is so broad it is hard to imagine who doesn’t have a legal right to your most personal details.

The Health Record Paparazzi can be stopped — but only by an act of Congress. Right now, Congress is working on legislation that will open up your health records even more. Everyone will have control over your health information except the patient.

We must have federal legislation that guarantees our right to control our most personal information and requires meaningful, enforceable penalties for everyone who shares our information without consent.