[Med-privacy] Medical Monitoring Databases

[Peter Marshall]

FDA Urged to Examine Medical Monitoring Databases
========================================================================

The Food and Drug Administration is intensifying scrutiny of
direct-to-consumer marketing of medical products.  Most of the focus is
on television commercials and mass-circulation print advertising of
drugs and other regulated medical products. This week, EPIC warned the
agency that heightened attention to these mass-media areas may result in
drug companies increasing their reliance on databases of personal
information to target individuals for medical products.

EPIC urged the FDA to consider three risks associated with targeted drug
marketing. First, data brokers, companies that amass personal
information and sell it to marketers and others, can enable targeting of
direct-to-consumer advertising to vulnerable populations. For instance,
data brokers have sold "sucker" lists--databases of individuals labeled
as "impulsive," those who have fallen for scams, or those otherwise
lacking the capacity to evaluate a marketing representation. In
September, a major direct marketing publication listed a database of
"impulsive" consumers who purchased a pendant "advertised as having a
fragment of the Eye of Ra inside it," with the belief that the pendant
will "change their life, awaken their inner consciousness and bring them
wealth."

Walter Karl, a list broker that was probed by the Iowa Attorney General,
market a lists of consumers described as: "impulsive buyers: primarily
mature" and "highly impulsive consumers: sure to respond to all of your
low-end offers."  There is a risk that sucker databases will be used
more frequently if the FDA does not scrutinize marketing practices. This
risk is exacerbated by the fact that, unlike mass-circulation print and
broadcast advertising, targeted solicitations are harder for public
health authorities to monitor.

Second, medical information is often gathered in a deceptive fashion.
Consumers are often presented with product warranty or registration
cards that solicit medical information, with the false implication that
completing the card is necessary to enjoy protection for a product.

Finally, this medical information is being gathered outside the
protections of the Health Insurance Portability and Accountability Act's
Privacy Regulations.  Hippo Direct, a company that markets over 100
lists categorized by ailment, gathers medical information in contexts
where privacy law doesn't apply, including: "telephone and mail order
purchase information, rebate coupons, subscription order forms, warranty
card registrations, 800# respondents, sweepstakes entry forms, trade
show/conference attendee rosters, and consumer surveys &
questionnaires." Individuals who give their medical ailment information
to marketers in these contexts have no ability to "opt-out" of the data
collection, to access their data or correct it, or order that the data
be deleted.

The FDA's public forum on these issues is scheduled for November 1st and
2nd in Washington, DC.  Any member of the public may provide written
comment on these issues until February 28, 2006 through the FDA's
website.

EPIC Comments on Medical Marketing Databases:
      http://www.epic.org/privacy/medical/dtcltr10.11.05.html

[EPIC]