This space has at least twice before warned of the anti-privacy rules embedded in the 1996 Health Insurance Portability and Accountability Act (HIPAA). As the Congress debates whether and how to incorporate prescription drug benefits into the Medicare leviathan, Sue Blevins, president of the Institute for Health Freedom, has pointed out the chilling implications such a scheme could have for the privacy of American senior citizens.

The first step in this diminution of privacy, as reported by the Congressional Budget Office is that, "Some employers likely would see enactment of a Medicare drug benefit as an opportunity to reduce the costs and risks of providing drug coverage and would choose not to supplement [the Medicare drug] benefit."

And as these patients move into the government system, federal rules will now permit that their drug purchases be reported to the federal government, says Blevins. And unless the bills being debated on Capitol Hill are changed, a 1997 law passed as part of a balanced budget provision, of all things, could even thwart efforts of seniors who try to stay out of the reporting system by paying for drugs out of pocket. Medicare private contracting rules require doctors who accept Medicare patients to only get payment from Medicare for covered services -- thus mandating that the records of the purchases be inputted into a federal database.

There is "no guarantee" this won't happen "unless the law states clearly that they can contract privately" outside of the Medicare system, Blevins told NCC. As Blevins pointed out, even that may not be enough in the long run. The original Medicare law promised Medicare would not interefere with seniors' freedom to choose their health insurance. But now, seniors must enroll in Medicare Part A (hospital insurance) unless they want to forgo all of their Social Security benefits.

Thus, the prescription drug "benefit" will just bring more people and more transactions under the anti-privacy HIPAA rules. Those privacy rules require doctors and hospitals to open up their records to HHS and other government agents without so much as a court order. The HHS, given the power to write the law, naturally decided that the most important thing in medical privacy law is a provision opening individual medical records to the HHS any time it asks. To be fair, HHS also gave this power to the FDA, foreign governments "acting in collaboration with a public health authority," and various and sundry other government agents tasked to "public health."

And no federal privacy regulation would be complete if it did not try to override private contracts on information gathering and dissemination. "Covered entities" under HIPAA must substitute private contract between doctor and patient with a rule that turns the long-held assumption of patient-doctor confidentiality on its head, essentially mandating an "opt-out" situation when it comes to sharing or selling your information to non-government entities. Patients receiving the "benefit" could not assume that an implicit part of the doctor-patient contract is the presumption of confidentiality contained within the Hippocratic Oath their doctor has sworn to. HIPAA regulations also mandate a specific coding and database for virtually every possible ailment or condition, coded down to your individual visits.

The Association of American Physicians and Surgeons provides information to physicians on how they can opt out of being a "covered entity" under HIPAA. Finding and patronizing a doctor with the courage to work outside the system is a fine option for consumers who are seeking to protect their privacy from "public health" info-sweeps -- and also a way to send a signal to doctors who all too easily let the state rather than themselves and their patients decide what works best for them. But Blevins points out that as the Medicare program continues to expand, such as with the prescription drug coverage, it will be harder and harder for doctors to pull out of the system.

For rushing to hand out taxpayer-funded pharmaceuticals like Halloween candy without carefully considering the implications for the privacy of health consumers, the Medicare drug-pushers of all parties are this week's Privacy Villains.

By James Plummer

government surveillance

medical privacy

financial privacy

online privacy

News | Press Releases | Online Privacy Tools | Privacy Principles | Experts | Links
About NCC | About Consumer Alert | Contact Us | NCC Privacy Home