[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Deirdre Mulligan's defense of Bennett Medical Records Bill

To: tap-info@tap.org
Subject: Deirdre Mulligan's defense of Bennett Medical Records Bill
From: James Love <love@tap.org>
Date: Wed, 1 Nov 1995 16:00:37 -0500 (EST)
-----------------------------------------------------------------
TAP-INFO - An Internet newsletter available from listproc@tap.org
-----------------------------------------------------------------
TAXPAYER ASSETS PROJECT - INFORMATION POLICY NOTE
November 1, 1995


---------- Forwarded message ----------
Date: Wed, 1 Nov 1995 15:08:41 -0400
From: Deirdre Mulligan <deirdre@cdt.org>

Jamie-
In the interest of free and fair discussion I ask that you post this to the
tap-info list.  Thanks, Deirdre

        The Center for Democracy and Technology, AIDS Action Council, The
Legal Action Center, The New York Public Interest Research Group, the
American Association of Retired Persons, plus a number of other groups,
have all registered their strong support for  the Bennett-Leahy bill (S.
1360), "The Medical Records Confidentiality Act."   The groups represent
privacy concerns, consumers concerns, the concerns of those living with
HIV, alcohol, and drug dependency, and the concerns of the elderly.  In
addition, the sponsors of the bill include a number of Senators who have a
good record on privacy, such as Leahy, Kohl, Kennedy and Daschle, to name a
few.  No bill is ever perfect, and many of these organizations, including
CDT, would like to see certain sections of this bill improved.   CDT is
working to strengthen the standard for law enforcement access, the limit
the breadth of the oversight exception, and require consent for
researchers' to personally identifiable data.
        
        Nevertheless, there is no doubt that the Bennett-Leahy bill fills a
gaping hole in current privacy protection.  Even acknowledging that it
should be strengthened, the bill for the first time establishes a federal
warrant requirement for access and a host of other privacy protections.

        Critics of the bill seem to believe that its greatest flaw is that
it does not prohibit health information from being computerized.   This
criticism lacks any connection to reality.  The bill attempts to address
reality.  Automation is here and expanding.  Equifax, TRW and the many
smaller companies involved in the information industry have been, and will
continue to enter the health information field with or without legislation.
Today, 90% of all the information needed to process insurance claims
containing diagnosis and test results move electronically.  Currently these
companies/information systems operate without any legal limits on their
actions.  The only rules governing their behavior are a result of contracts
with hospitals.  

        The Bennett- Leahy bill will regulate their actions to protect
privacy.  It will prohibit information systems providers with whom
hospitals contract -- to complete billing and claims transactions for
example -- from capturing and using information for any other purpose
without the consent of the patient.  

        We don't need protection from computers.  We need privacy
protection.  Ensuring privacy protection is fundamental regardless of
whether personal health information systems are automated or paper-based.  
The classic example of technology being branded as evil, when the true
culprit is a lack of comprehensive privacy policy is offered by the Harvard
Community Health Plan fiasco. Everyone started screaming about mental
health treatment notes being automated.  The real story wasn't whether they
were online.  The real problem was that every provider in the HMO had
access to the records.  The Bennett-Leahy bill deals with this issue.  The
general rules regarding use and disclosure of information contain a
"minimization" rule.  Trustees can disclose only the minimum amount of
information necessary.  Moreover, CDT and a number of other organizations
are not luddites. We are attempting to reap the privacy potential that is
in new technologies if they are designed to respect privacy at the
frontend.  Audit trails, encryption technologies, digital signatures,
masking and other technological tools offer methods to secure information,
track access to records, and enforce privacy policy that are non-existent
in a paper based system.   

        The creation and use of health information systems poses
substantial risks to individual privacy.  So does the current lack of
federal legislation.   The Bennett-Leahy bill acknowledges both the
existing threat and the increasing threat that automation without
regulation poses to people's privacy.  The bill protects information
whether in paper or electronic form.  It limits disclosure, requires
consent, establishes a warrant requirement, and calls for security
standards.  Most importantly it establishes a private right of action for
violation of the act, imposes hefty civil fines -- including expulsion from
all federally funded programs such as Medicaid and Medicare -- and criminal
sanctions ranging from $50,000 to $, 250,000, exclusion from federally
funded programs, and substantial prison terms.

        I invite anyone who is interested or has further questions or
comments on the bill to contact us.  A section by section analysis and
frequently asked questions document are available at our web site.  

Deirdre Mulligan
Staff Counsel
Center for Democracy and Technology
1001 G Street NW
Suite 500 East
Washington, DC  20001
USA
(202)637-9800
(202)637-0968 fax
http://www.cdt.org/

 
---------------------------------------------------------------------
TAP-INFO is an Internet Distribution List provided by the Taxpayer
Assets Project (TAP).  TAP was founded by Ralph Nader to monitor the
management of government property, including information systems and
data, government funded R&D, spectrum allocation and other government
assets.  TAP-INFO reports on TAP activities relating to federal
information policy.

TAP-INFO is archived at gopher.essential.org in the Taxpayer Assets 
Project directory, and at http://www.essential.org/tap/tap.html

Subscription requests to tap-info to listproc@tap.org with
the message:  subscribe tap-info your name
---------------------------------------------------------------------
Taxpayer Assets Project; P.O. Box 19367, Washington, DC  20036
v. 202/387-8030; f. 202/234-5176; internet:  tap@tap.org
---------------------------------------------------------------------
Prev by Date: Controversy Over Medical Records Legislation
Next by Date: Bennett Medical Bill - New action list created - Cook reponse to Mulligan
Prev by thread: Controversy Over Medical Records Legislation
Next by thread: Bennett Medical Bill - New action list created - Cook reponse to Mulligan
Index(es):
- Date
- Thread