[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Feb 2 AHIMA meeting on S. 1360
February 2, 1996 AHIMA meeting on S. 1360
These are my notes from today's meeting. (As usual, other accounts or
views are welcome) Jamie
The meeting has held at IBM's offices. It snowed last night, and
attendance was light. Bob Gellman announced that "he was asked"
to chair the meeting. Bob expressed a desire to keep on a tight
schedule, and more or less moved things along, even when there
were some fairly important loose ends, or opposition to closing
out a topic. There were no other consumer or privacy groups
present. The Bazelon Center for Mental Health Law was
represented by Leonard Rubinstein. The AMA and the American
Psychiatric Association were represented, as were more than a
dozen industry groups. The Clinton Administration was
represented by Dr. Bill Braithwaite from HHS.
We started the meeting with a brief rehash of a few points about
Sec 101, the INSPECTION AND COPYING OF PROTECTED HEALTH
INFORMATION. This is the second about patient access to their
own records. I asked if we could further discuss cases where
certain records, such as mental health treatment notes, were
treated differently. I had earlier (last week) asked if it made
sense to treate differently mental health treatment notes that
had not been disclosed to ANY other person. Today Bob Gellman
discussed two of the exceptions to patient access that were in
the Condit Bill (HR 435). These were for Mental Health Treatment
Notes and "information about others." [note, the language from HR
435 is given below:]
(1) MENTAL HEALTH TREATMENT NOTES- The information
consists of psychiatric, psychological, or mental
health treatment notes about the individual, the
trustee determines in the exercise of reasonable
professional judgment that inspection or copying of the
notes would cause sufficient harm to the protected
individual so as to outweigh the desirability of
permitting access, and the trustee does not disclose
the notes to any person not directly engaged in
treating the individual, except with the authorization
of the individual or under compulsion of law.
(2) INFORMATION ABOUT OTHERS- The information relates
to an individual, other than the protected individual
or a health care provider, and the trustee determines
in the exercise of reasonable professional judgment
that inspection or copying of the information would
cause sufficient harm to one or both of the individuals
so as to outweigh the desirability of permitting
access.
With regard to the mental health treatment notes, Bob said it was
basically a politically motivated provision, made in hopes that
the psychiatric community would find the bill more appealing. He
said that 15 years earlier there had been an exemption from
patient access for mental health treatment notes. The Condit
bill defined mental health treatment records as records that were
only used for only for treatment purposes. Leonard Rubinstein,
myself and others discussed the fact that under the Condit bill a
fairly large number of persons could have access to your records
without you having access, probably including nurses. There no
so support for the Condit bill language. Cathy Brady said that
there had been some work on the issue of mental health treatment
notes issue at the state level.
>From Bob's presentation, it sounded as though parts of the
"information about others" exemption were not satisfactory,
particularly with regard to genetic information, but this was not
discussed at length.
We then turned to Sec 102 of the bill, the "CORRECTION OR
AMENDMENT OF PROTECTED HEALTH INFORMATION." Gary Friend from Dun
and Bradstreet (D&B), representing the IMS subsidiary, said that
S. 1360 had built upon the lessons from the Fair Credit Reporting
Act, which regulates credit bureaus (a comment which was not
entirely reassuring to some). There was a long discussion about
this section of the bill. Thomas Gilligan from the Association
for Electronic Healthcare Transactions (AFEHCT) [the firms that
are the "lines" between the boxes in the flow charts], was quite
unhappy about the burdens on them to correct information that was
created by others. He made what I thought was an important
point. Right now many of the records that health information
services firms store are in raw formats, and not easily
accessible. If they were forced to "database" the records (store
them in searchable record formats) it would be easier to make the
corrections, but it would also make it easier to disseminate the
records, making the data more likely to be disseminated (or
subpoenaed). Apparently Mr. Gilligan has been making this point
for a while, since most persons had heard it before. There was
quite a bit of discussion over who should be making "corrections"
to one's health care records, particularly if it should be anyone
other than the provider. It did not seem to me that much was
resolved.
In discussing the enforcement of Sec. 102, it seems that one can
sue under Sec. 302, for $5,000 or actual and punitive damages
(whichever is greater), or ask the government to bring civil or
criminal actions against the firm.
I brought up the issue of pre-empt of a patients rights under
state or common law. Some patients have been severely injured by
errors in their treatment records. In these cases doctors or
other providers can be sued, under malpractice or other tort
claims. S. 1360 should not immunize providers from damages
caused by these types of errors. Bob Gellman said the bill
should not do that, and he would seek a clarification.
We then turned to Sec. 103, NOTICE OF INFORMATION PRACTICES.
Gary Friend from D&B said that in Germany, patients are given a
notice of how their records are going to be used, such as for
research, and given an opportunity to withhold records from a use
if they object. He said this was a type of informed consent
approach. I wanted the Sec. 103 notice to include a specific
discussion of how a provider (or other trustee) would respond to
the Sec. 204-212 exemptions, which are non-mandatory but
permitted (without permission or often without notice). I said
that if patients were told what a provider would do when faced
with a request for records under the 204-212 exemptions, it would
allow patients to choose doctors who favored privacy over
disclosure. It would create an incentive to have less
disclosures, through market forces. I asked for and seemed to
get an agreement that this was desirable. No one spoke against
this proposal.
Moving right alone, we then turned to Sec. 111, the ESTABLISHMENT
of SAFEGUARDS section. Mr. Gilligan from AFEHCT seemed pretty
happy with this section. It seemed ok to me too. (Comments
welcome on this one).
The meeting ended in a long and I thought very important
discussion about Sec. 112, ACCOUNTING FOR DISCLOSURES. Bob
Gellman described this a "boiler plate" from the privacy act. The
basic provision is that:
A health information trustee shall create and maintain,
with respect to any protected health information
disclosure that is not related to treatment, a record
of the disclosure in accordance with regulations issued
by the Secretary. [Sec 112. (a) ]
The patient has access to this information, if you ask for it.
But this is not a simple matter when the accounting for
disclsoures are held by third parties. You have to hunt for it,
moving from one trustee to another, guided by a "trail" of
disclosure records (one leading to another, in theory).
I wanted two changes to Sec. 112. First, I wanted a provision
that required a type of homing device for disclosures, so that a
patient could more easily find out who had been given access to
records. This is an other example of how I believe a concept of
a custodian of a record may be useful. Under S. 1360, records
can "drift" from one trustee to another, often being transferred
under the 204-212 exemptions, without notice or consent. The
only way to find out who had the records is to go from trustee to
trustee, following a trail of reports about who had the record.
This could take years, and be frustrated by predictable gaps in
the record trail. I wanted the information about disclosures,
like a homing pigeon, to return to the original custodian, so I
could actually find out who had access. By making the
information about who had access practically available (rather
than just theoretically available), there would be a larger
disincentive to disseminate records. This would a greater
incentive for more privacy.
NOTE: On November 14, 1995, CPT recommended a new
Sec. 112 (c), which would required health care
trustees to provide copies of records of
disclosures to the person who maintains custody of
the original copy the protected health care record.
I also wanted regular statistical reports made to HHS, on how
often records were disclosed under the Section 204-212
provisions. I said we needed this data to figure out what was
really happening, and that this too would be a safeguard against
erosions of privacy. A question was raised about the accuracy of
the reports, and I suggested that a third party verify (audit)
the reports.
NOTE: our November 14, 1995 comments, which I did
not distribute today, suggested a new Sec. 112 (d):
"The health care trustee shall provide annual
statistical reports to the Secretary, in a format
which is specified by the Secretary, which
discloses the number of records that are accessed,
the types of persons or entities who obtain access,
the sections of the law under which access was
obtained, and the purposes for which the
information was used. The health care trustee
shall also obtain an independent audit to verify
the information provided in this report. The
Secretary shall make these reports available to the
public."
Bob Gellman addressed the group to say that in his view, the
purpose of S. 1360 was NOT to discourage disclosure of medical
records, and that he was opposed to both suggestions for changes
in Sec 112. Bob said the first suggestion would mainly benefit
the postal service, and the second would mainly benefit the
accounting profession. Bob said he saw no value in statistical
reports about disclosures whatsoever.
A discussion then began over the health information services
(HIS) companies. Mr. Gilligan said that there would be no audit
trail for data that was given to a HIS, because they would not
have the records. Sec. 112(b) requires that the accounting for
disclosures be held for seven years (down from 10 in the
pre-introduction draft). The question that surfaced, what happens
when a record is purged or destroyed. Do you keep a record of
the disclosure of the purged record long after the record itself
is destroyed? AND IF YOU DON'T, HOW DO YOU FOLLOW THE AUDIT
TRAIL?
Note: Suppose, for example, that a researcher obtains
records (identified, and obtained without consent), that are
further disclosed to a third party (possibly another section
204-212 entity). But then the researcher destroys the
records. If researcher keeps a record of the disclosures,
after the records or destroyed, its like keeping the record
itself, in some cases. But if it is destroyed, HOW DOES ONE
FOLLOW THE AUDIT TRAIL? Indeed, it would be easy to
"launder" the records through a temporary entity, who
"destroyed" the records, and the audit trail.
I observed that we had a problem, because we wanted persons to
destroy or purge records -- this was a practice that should be
encouraged. Thus there was a second reason why the accounting
for disclosure should be sent back to a custodian of the record.
Several other points were brought up. Gary Friend from D&B
talked about getting a third opinion on a surgical procedure. He
didn't want the first doctor to even know about the third doctor
(three doctors had access to the x-ray.) I suggested a simple
solution -- allow notice to the patient (the person seeking the
3rd opinion in this case) to be a substitute for disclosure,
since the important thing was to provide a mechanism for a person
to control access (or at least know about access) to their own
medical records. Thus, the trustee could choose to provide
notice of the disclosure to the patient or the custodian of the
records, whichever made the most sense.
At this point, with several rather important loose ends at play,
Bob Gellman announced that this concluded the Sec. 112
discussion, because "it was decided" that we would move on (next
week) to the next topic, Sec. 210, GENERAL RULES REGARDING USE
AND DISCLOSURE.
James Love, CPT, love@tap.org
February 2, 1996
----------------------------------------------------------------------
James Love, love@tap.org
P.O. Box 19367, Washington, DC 20036; v. 202/387-8030; f. 202/234-5176
Consumer Project on Technology; http://www.essential.org/cpt/cpt.html
Taxpayer Assets Project; http://www.essential.org/tap/tap.html