[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CPT letters to NYT

To: Robert Gellman <rgellman@cais.cais.com>
Subject: Re: CPT letters to NYT
From: James Love <love@tap.org>
Date: Mon, 20 Nov 1995 19:54:06 -0500 (EST)
cc: Multiple recipients of list <med-privacy@essential.org>
In-Reply-To: <Pine.BSI.3.91.951120190328.21311G-100000@cais3.cais.com>

On Mon, 20 Nov 1995, Robert Gellman wrote:
> Jamie:  Could you clarify what you mean when you object to insurers
> putting information in databases?  I don't understand exactly what you
> object to and what you propose instead.  Health insurers get information
> with the consent of the patient under the Senate bill.  Are they to be
> prohibited from putting that data in a computer?  What exactly constitutes
> a "database"? 

      Bob, in our comments to the Senate, we said that the insurance 
companies should not be permitted to use the records except for purposes 
of authorizing payment.  Once payment is authorized, companies should 
destroy or return records.  I don't mind if insurers ask for consent to 
put records into databases to be used for other purposes, nor do I object 
to the data being de-identified and used by the insurers.  I do object to 
the insurance company maintain personally identified records of everyone 
they insure, or hiring someone to maintain these records for them, unless 
they obtain non-coercive consent.  


> 
> How do you envision the payment and oversight process working under your
> scheme?  There are lots of people in oversight, fraud control, and cost
> containment activities.  All of these programs have been developed to
> control the costs of the health care system.  Do you object to these
> activities?  If not, under what conditions can these players obtain the
> information that they use to conduct their activities? 

   The insurer obtains the records for payment authorization - fine.  A 
record is made that payments have been made.  If further oversight is 
needed, let them go back to the source, and take a second look at the 
records.  They shouldn't be given an automatic right to maintain vast 
databases of all medical information, including items which the doctors 
and patients want private.


> It seems to me that how the information is stored is irrelevant.  

    I couldn't disagree more.  The automation of records is extremely 
important, in terms of privacy.  Increased efficiency of records 
management is usually not good for privacy.

> The 
> issue is what USES can be made of the information.  Both the Bennett and 
> Condit bills include restrictions on use and disclosure.  The same 
> restrictions apply whether the information is in a "database" or not.
> It would also help if you could explain your objections to the 
> restrictions in the bills.  Are there specific uses that are permitted 
> that should be prohibited?

     Bob, I have written two rather long sets of comments about this, nov
2 and nov 14.  In each set, I have identified areas of the Bennett bill
which provide too much in terms on access without consent, and I have also
said that in some cases, persons shouldn't be allowed to search automated
records, when those records are identified.  For example, I don't think
that law enforcement should use these databases as investigative tools. 
Even though I would not object in general to the right of police to seek
access to some records directly from providers, with appropriate burdens
for cause, and privileges for mental health.  Getting the records from
Equifax or AT&T is something different in terms of efficiency, and it will
lead to far more access. (these companies don't make money by limiting 
transactions on records).

> I am trying to understand what you are for and against, and it would be 
> helpful if you were more specific.

    I hope this makes my concerns clear to you.  I think that automation 
is important, and that access rights should not be technology neutral.

    The technology is not neutral, with regard to privacy.  It makes it 
easier to search for information, to retrieve information, and to 
disseminate information.  This is a fundamental problem with computers 
today.  If this hasn't occurred to you, I'm a bit surprised, given your 
background on privacy issues. 

  jamie



----------------------------------------------------------------------
James Love, love@tap.org
P.O. Box 19367, Washington, DC 20036; v. 202/387-8030; f. 202/234-5176
Consumer Project on Technology; http://www.essential.org/cpt/cpt.html
Taxpayer Assets Project; http://www.essential.org/tap/tap.html

Follow-Ups:
- Re: CPT letters to NYT
  - From: Robert Gellman <rgellman@cais.cais.com>

References:
- Re: CPT letters to NYT
  - From: Robert Gellman <rgellman@cais.cais.com>

Prev by Date: Re: CPT letters to NYT
Next by Date: Notes on Industry Support for S. 1360
Prev by thread: Re: CPT letters to NYT
Next by thread: Re: CPT letters to NYT
Index(es):
- Date
- Thread