[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Feb 2 AHIMA meeting on S. 1360
I appreciate Bob Gellman offering his thoughts on the Feb 2 meeting.
Indeed, I would encourage him to regularly post his own notes about the
meeting, as I have done. Bob seems upset that I noted, without much
comment, that decisions about agenda and what we discuss are not decided
by the group, and that there is some outside the group decision making
going on, such as the decision to make Bob the chair of the
deliberations. I think this should be reported, for those who cannot
attend, and don't know what's going on in the meetings. I'm glad that
Bob thinks he's doing a good job. He does move things right along, thats
for sure, and this isn't entirely a bad thing. I just want to note that
several important loose ends are left unresolved, like the problems with
an audit trail for disclosures, when records are purged (if indeed they
can be purged).
On Sat, 3 Feb 1996, Robert Gellman wrote:
> Jamie did not tell you that he dominated the meeting, speaking
> more than any other participant. He had plenty of opportunity to
> say what he wanted. Most of his ideas attracted little support.
Well, Bob is right, in the sense that I has given an opportunity to
express my views, as was everyone else. As Bob knows, several of the
industry observers are not saying too much in these meetings. I tried to
indicated when contributions were made, many of them quite useful and
> Some other comments and observations:
> Jamie's description of my comments on the "information about
> others" exception to patient access is not complete or accurate.
My reference to this consisted of a quote of the Condit language from
HR 435, and a one sentence note, that there seemed to be some problems in
the language, which was a point that Bob himself made, since with genetic
information, all genetic information, is "about others." This would have
had the effect of denying patients a right of access to their own genetic
information. I think its good if Bob wants to elaberate on this, here or
at the AHIMA meetings. If Bob doesn't feel my 2,070 word account is
complete, please add his own thoughts.
> Jamie did not report my comment that the Bennett bill did not
> include an exception for records compiled in anticipation of
> litigation, a well recognized exception to access.
Sorry to have missed that Bob. I probably missed some other
important points as well. Maybe I was getting a bagel from the next room.
> Jamie quoted Gary Friend as drawing a comparison between the Fair
> Credit Reporting Act and the Bennett bill. Jamie's comment here
> reflected his continuing attempt to suggest that there is some
> relationship between the FCRA to the medical bills, with the
> implication that this is a terrible thing because the FCRA is so
Bob, I wasn't reporting "Jamie's comment," but rather Gary Friend's
comment. The comment was his not mine. Ok with you if I report what
people say at these meetings? I though Gary's contributions were pretty
helpful during the meeting, particularly with regard to his comments on
the "author" of a record, and also his comments on Germany's notice policies.
> The FCRA is flawed, but I can testify from direct
> experience that the FCRA was not used as a model for the Condit
> bill. The FCRA was not consulted during the drafting process,
> and there was no attempt to make the bill look anything like the
> FCRA. The Bennett bill appears to have been mostly derived from
> the Condit bill so the same statement is likely to be true for it
> as well. Of course, there are similarities between all privacy
> bills because they all tend to contain the same elements of fair
> information practices. If you don't have any specific evidence
> that it is anyone's goal to make the medical bill be another
> FCRA, then get off this point Jamie.
Actually Bob, quite a few privacy experts thought that both bills
used approaches that were often similiar to the FCRA. I haven't made
much of this myself, because I'm not that familiar with the FCRA.
> Jamie offered two proposals. One related to his concept of a
> custodian. However, Jamie was unable to describe precisely how
> this would work. For a patient with multiple doctors, hospitals,
> labs, and other care providers, he did not explain how anyone was
> to determine who was the custodian for any particular patient at
> any particular time.
Gary Friend made what I thought was a useful comment about thinking
about who is the "author" of a record. I would have the "author" of the
record designate a custodian of thier choice, who would be responsible
for the accounting for disclosures.
> Jamie failed to respond to the expressed concern that the
> custodian's record of subsequent uses and referrals would
> actually be a new privacy-invading database that does not exist
> today. It could be exploited by the custodian or used as a
> surveillance device by law enforcement, for example.
I didn't know Bob was so concered about surveillance. There is
something wrong with his comment here. If the present system in S. 1360
(the bill we are working on) relies upon the Sec. 112 records of
disclosures, and that system works, why wouldn't that present the same
law enforcement problem? Simply because Bob, like me, thinks the present
system is very inefficient. But if the Sec. 112 records of disclosures
are going to build in accoutability (something that Bob may have
different views on), they should work for the patient, at
a minimum. Maybe the patient should be allowed to purge the records of
disclosure, at his or her descretion, having the benefits of the
information, but also the ability to make the information more private.
> Further, if
> you read Jamie's reported answer to Gary Friend's comment, you
> will see that it makes no sense. His response to the concern is
> to provide notice to the patient of a disclosure that the patient
> expressly authorized. Why?
Actually, it does make sense. Gary was suggesting that he didn't
want some records of disclosures given to his primary doctor. But if he
authorized the treatment and the records transfer, then a record of the
disclosure of the records isn't necessary, because Gary (the patient),
knew what happened. (received actual notice of the disclosure).
Regarding statistical reports of disclosures, Bob wrote.
> I don't find it very useful
> to spend money to determine precisely whether the number of
> records accessed is one million, five million, or ten million.
Sorry, but I do. I would particularly like to know what particular
trustees are doing, with regard to access without consent.
Bob wrote [I don't think]
> Jamie's statistical proposal is useful, but at least it is coherent and
> understandable. I can't say the same for the custodian notion.
One suggestion regarding the custodian that I have been thinking
about lately is whether or not the patient should be allowed to hire his
or own custodian to manage personal medical records. If the records are
in digital format and networked, why not?
> This message is long enough already so I will not go on. You get
> the idea.
Bob, when I report what you say, you often retort that I'm engaged in
some type of underhanded attack on you. You are an articulate person who
likes to say provocative things, and you shouldn't complain when people
respond (or report them). For example, some persons who read your note
might get the idea that I was putting words in your mouth when I mentioned
that you said that the purpose of S. 1360 was not to discourage the
dissemination of medical records. I've heard this enough from you to
understand (I think) what you are trying to say, and strickly from a
factual point of view (what S. 1360 would do in its present form), I would
agree. However, I think we disagree on what the bill should do, or at
least what is politically possible to acomplish. Since you are no longer
a staff member of the Congress you may be surprised at how people, not
only myself, react to some of these provactive statements.
Bob, who exactly makes these decisions, like who chairs meetings, and
when a subject is "finished" and no longer discussed? Isn't this the
kind of thing I should be allowed to question or even ask? jamie
James Love, firstname.lastname@example.org
P.O. Box 19367, Washington, DC 20036; v. 202/387-8030; f. 202/234-5176
Consumer Project on Technology; http://www.essential.org/cpt/cpt.html
Taxpayer Assets Project; http://www.essential.org/tap/tap.html