Medical Privacy

The place to discuss issues being debated in the 2009-2010 school year -- briefs, legislation and debate.

Moderator: Officers

JCasto

Medical Privacy

Post by JCasto »

Model Congress --- Medical Privacy
Debate: March 24, 2010
/ April 7th

“Whatsoever things I see or hear concerning the life of men, in my attentance on the sick or even apart therefrom, which ought not be noised abroad, I will keep silence thereon, counting such things to be as sacred secrets.” – Oath of Hippocrates, 4th Century, B.C.

Today you have more reason than ever to care about the privacy of your medical information. Intimate details you revealed in confidence to your doctor were once stored in locked file cabinets and on dusty shelves in the medical records department. Now, sensitive information about your physical and mental health will almost certainly end up in data files. Your records may be seen by hundreds of strangers who work in health care, the insurance industry, and a host of businesses associated with medical organizations. What's worse, your private medical information is now a valuable commodity for marketers who want to sell you something.

The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996 to set a national standard for electronic transfers of health data. At the same time, Congress saw the need to address growing public concern about privacy and security of personal health data. The task of writing rules on privacy eventually fell to the U.S. Department of Health and Human Services (HHS). After several modifications, DHHS issued the HIPAA Privacy Rule. The Privacy Rule was effective on April 14, 2003, for most health care providers, health plans, and health care clearinghouses. Small plans had until April 14, 2004 to comply.

The regulation implementing the Patient Safety and Quality Improvement Act of 2005 (PSQIA) was published on November 21, 2008, and became effective on January 19, 2009. PSQIA establishes a voluntary reporting system to enhance the data available to assess and resolve patient safety and health care quality issues. To encourage the reporting and analysis of medical errors, PSQIA provides Federal privilege and confidentiality protections for patient safety information called patient safety work product. Patient safety work product includes information collected and created during the reporting and analysis of patient safety events.

The confidentiality provisions will improve patient safety outcomes by creating an environment where providers may report and examine patient safety events without fear of increased liability risk. Greater reporting and analysis of patient safety events will yield increased data and better understanding of patient safety events.

OCR works in close collaboration with the Agency for Healthcare Research and Quality (AHRQ) which has responsibility for listing patient safety organizations (PSOs), the external experts established by the Patient Safety Act to collect and analyze patient safety information.

Furthermore, the 2009 Stimulus Bill put into law as of 2014 a national medical database of electronic medical records and provided for creation of a government panel to decide your medical treatment options based on “comparative effectiveness” and cost effectiveness. Or, according to the administration’s website, “The Recovery Act also invests $19 billion in computerized medical records that will help to reduce costs and improve quality while ensuring patients’ privacy.”

Overall, with the new era of Internet technology, there are more challenges, but more opportunities, in the field of medical privacy. Of course,



LINKS / RESOURCES:
Wikipedia:
http://en.wikipedia.org/wiki/Medical_privacy
http://en.wikipedia.org/wiki/Electronic_health_record
http://en.wikipedia.org/wiki/Health_Ins ... bility_Act
http://en.wikipedia.org/wiki/Patient_Sa ... vement_Act

U.S. Government:
http://www.whitehouse.gov/Issues/health-Care
http://www.hhs.gov/ocr/privacy/
http://www.hhs.gov/ocr/privacy/hipaa/un ... index.html
http://www.lbl.gov/Education/ELSI/privacy-main.html

Citizens’ Organizations:
http://www.privacyrights.org/fs/fs8a-hipaa.htm
http://www.aclu.org/technology-and-libe ... al-privacy
http://epic.org/privacy/medical/polls.html
http://patientprivacyrights.org/

“News” / Commentators:
http://newsblaze.com/story/201003151106 ... story.html
http://news.cnet.com/8301-13578_3-10161233-38.html
EWang

Re: Medical Privacy

Post by EWang »

Medical privacy is the topic that we are going to discuss and collectively write a bill about next week (March 24th) in our mentor workshop for bill-writing. Everyone, especially those who are going to be attending Rutgers Model Congress, should do research and be extremely prepared. Medical privacy is a very complicated topic and there are many facets that have to be addressed. Post information that you find and solutions that you come up with and starting debating here on the forums.

Oh, and don't forget to bring your helpful debate binders to the meeting (if you don't have one, just print out the Model Congress stuff here http://hhsdebate.org/debateguide/index.html).
athakker

Re: Medical Privacy

Post by athakker »

In Senator Casto's brief, there is a lot of negativity about the HIPAA Privacy Rule. However, I don't seem to getting all that negativity for the Rule after researching heavily on it. Don't get me wrong, I am not saying the Rule is perfect. It does have some issues that need to be fixed. I will list the issues that I feel contradict my views as I go along. However I don't think that any of the information given out to only certain groups will actually hurt a patient, but will actually help him/her. Not only will it help the patient, but also the medical industry!

Currently there are three groups that are allowed information. They are:
1) Health care providers that transmit health information electronically. This means that doctors, hospitals, staff involved in your treatment, laboratories, pharmacists, dentists, and many others that provide medical, dental, and mental health care or treatment can see this information. Well, if doctors, nurses, and dentists don't see stuff about your health then how are they supposed to treat you. Laboratories should be able to see information to be conscious that they do not give you any shots/medicines that you are allergic to. If pharmacists see your info, then they can be able to conduct research and give you the best medicine to treat you.

2) Health plan(anyone that pays for the cost of medical care.) This includes: health insurance companies, HMOs (health maintenance organizations), group health plans sponsored by your employer, Medicare and Medicaid, and virtually any other company or arrangement that pays for your health care. I think if these people are paying for all your medical needs then they are entitled to see the information. But only people who give you service should be able to see this info. Not Healthnet, if you are paying BlueCross BlueShield.

3. Health care clearinghouses who are any number of organizations that work as a go-between for health care providers and health plans. An example of this would be a billing service that takes information from a doctor and puts it into a standard coded format. Patients rarely deal directly with clearinghouses. I am opposed to clearinghouses being able to read my medical information. If I rarely deal with them, have no impact on my medical life and have no use of my medical info, then they should not be given my medical information.

Medical information may also be available to many who are not covered by HIPAA. Here are some examples of who is not covered:

* Life insurance companies.
* Workers Compensation.
* Agencies that deliver Social Security and welfare benefits.
* Automobile insurance plans that include health benefits.
* Internet self-help sites.
* Those who collect health data you give voluntarily for surveys or research projects.
* Those who conduct screenings at pharmacies, shopping centers, hometown fairs, or other public places for blood pressure, cholesterol, spinal alignment, and so on.
* Researchers who obtain health data directly from health care providers.
* Law enforcement agencies

I see no problem with having these people having my medical information (other than the one italicized. I don't trust internet sites with my health info.) Many of these agencies have been set up to help the citizens, not take their info and sell it to random people so that they can laugh about you being allergic to pollens. Many of these collect info so that they can help patients fight their illness/disease as fast and quick as they can. Law enforcement agencies can get info so as to realize that if in a time of emergency, they know the diseases/illnesses/allergies you have so as to realize why the emergency took place or what medications to give you if needed.
JCasto wrote: What's worse, your private medical information is now a valuable commodity for marketers who want to sell you something.


Whats so bad about this? How is this a commodity? What would a company get by selling the medical information of a certain Steve Bennett who lives in St. Louis, Missouri? At most, what companies will do is to spread word of their products to people who actually need it, rather than spend millions on ads to show millions of people their new medication if only there are 240,000 people in the USA with that specific disease which the new medication treats. I think this is way for a patient to find a way to find other and better medicines out there that can help cure his/her illness.
Last edited by athakker on Sat Mar 20, 2010 5:42 pm, edited 1 time in total.
Cmccloskey

Re: Medical Privacy

Post by Cmccloskey »

athakker wrote:In Senator Casto's brief, there is a lot of negativity about the HIPAA Privacy Rule. However, I don't seem
I see no problem with having these people having my medical information (other than the one italicized. I don't trust internet sites with my health info.) Many of these agencies have been set up to help the citizens, not take their info and sell it to random people so that they can laugh about you being allergic to pollens. Many of these collect info so that they can help patients fight their illness/disease as fast and quick as they can. Law enforcement agencies can get info so as to realize that if in a time of emergency, they know the diseases/illnesses/allergies you have so as to realize why the emergency took place or what medications to give you if needed.
The reason you don't care if people have your medical information is because you probably don't have any stigmatized diseases. Not everyone who has AIDS, anorexia, bulimia, Alcoholism, narcotic addiction, cancer, herpes, or other diseases want the world to know about them. The fact that your medical information is a commodity is arguably worse than simply having your information on the internet. If your medical information is a commodity, there is actually incentive for organizations to spread your information to as many people as possible if it will be profitable. It’s bad enough that hundreds of people can potentially see your most confidential of personal information without having to worry about it being sold to the highest bidder.
athakker

Re: Medical Privacy

Post by athakker »

I state as I did before:
athakker wrote:What would a company get by selling the medical information of a certain Steve Bennett who lives in St. Louis, Missouri?
Cmccloskey wrote: Not everyone who has AIDS, anorexia, bulimia, Alcoholism, narcotic addiction, cancer, herpes, or other diseases want the world to know about them.
According the HIPAA Privacy rule, only people in the Medical field can see medical information of a certain person. Not any person can see your medical information by searching your name on Google. And like I also stated before, I am against the posting on medical info on even self-help internet websites.
galukal

Re: Medical Privacy

Post by galukal »

The federal government of the United States has more or less recognized a right to privacy in such cases as Griswold v. Connecticut and Roe v. Wade, stemming from the Fourth, First, Ninth, and 14th Amendments. Primarily, this right to privacy deals with noninterference by governments, though it is possible to sue someone for violating a reasonable expectation to privacy and disclosing private facts. Of course, this is balanced against the 1st Amendment (freedom of speech and the press), but there is no conceivable reason why a nonpublic figure ought to have his or her medical info freely available.

As such:
a) The only government agencies that ought to have access to your medical info are those whose services you're using. If I'm not on welfare, the relevant agency need not look through my records.
b) Only insurance companies whose services you want to purchase should be allowed access to your health records, since insurance is based on risk and they have a right to know the risks of insuring you.
c) Only those medical personnel who treat you or provide medicine for you ought to have access to your medical records. Even if they are electronically available to the whole medical community, they only ought to be accessed at that time.
d) It hurts no one if researchers collect information anonymously.
e) Anyone you voluntarily provide the information to can have it but not distribute it without permission.

Basically, your medical life is very personal, and anyone who violates this incredibly private area should be hit with a lawsuit. Any bill we create needs to enshrine the right to privacy.
Cmccloskey

Re: Medical Privacy

Post by Cmccloskey »

athakker wrote:I state as I did before:
athakker wrote:What would a company get by selling the medical information of a certain Steve Bennett who lives in St. Louis, Missouri?
Large quantities of money. Information is a valuable commodity.
According the HIPAA Privacy rule, only people in the Medical field can see medical information of a certain person. Not any person can see your medical information by searching your name on Google. And like I also stated before, I am against the posting on medical info on even self-help internet websites.
That was in direct response to this:
At most, what companies will do is to spread word of their products to people who actually need it, rather than spend millions on ads to show millions of people their new medication if only there are 240,000 people in the USA with that specific disease which the new medication treats. I think this is way for a patient to find a way to find other and better medicines out there that can help cure his/her illness.
athakker

Re: Medical Privacy

Post by athakker »

I still an extremely confused why anybody would want to pay millions of dollars to see if or not Steve Bennett has diabetes or not? This is not like credit card info or passwords that a hacker or some computer-crazy guy would pay for or try to get. I don't think anyone will pay a huge amount of money to see if anyone has a certain disease or not. I don't know why Senator McCloskey and Casto would think that this is a commodity
SRaghavan

Re: Medical Privacy

Post by SRaghavan »

The issue of medical privacy has actually never been a major threat or even capable of causing major problems until the 1950's, approx. The computerization of information has enabled information to be spread quickly, more efficiently, and to a wider audience.

Take the Human Genome Project, for example. Various DNA from a variety of people is used by millions of researchers worldwide to figure out the secrets still uncovered about the DNA molecule. Yet, just ONE scientists working in one of these high-tech facilities could easily disclose information regarding a certain human who had given his DNA.

Aman asked why it would be important if someone knew the medical records of a certain unknown guy. Keep in mind that medical status and records can influence several factors in a person's life: Just to name a few: Social Relationships, Relationships with the family, Job Opportunities, etc.
SRaghavan

Re: Medical Privacy

Post by SRaghavan »

And to add, I think medical privacy should be split into sections. There are certain pieces of medical information that are acceptable to be viewed, such as hair color, for example, but more sensitive issues such as a chronic illness, should be off-limits and highly provate as George had mentioned. There has to be some method of differentiating which pieces of medical information and public and which must be kept highly private.
athakker

Re: Medical Privacy

Post by athakker »

But I repeat like I said:
athakker wrote:According the HIPAA Privacy rule, only people in the Medical field can see medical information of a certain person. Not any person can see your medical information by searching your name on Google. And like I also stated before, I am against the posting on medical info on even self-help internet websites.
I don't think that my girlfriend will buy information worth a million dollars to find out if i have bulimia. Not mine, i don't think anyone's girlfriend would. I don't even think eHarmony would pay so that when one is matched with someone, that it pops up. "MEDICAL CONDITIONS: Has diabetes, high cholesterol, hyper-tension, and a high blood pressure."

Even Microsoft will not spend that much money to know if their newly-employed assistant software designer who works in the Hartford, CT branch has diabetes, bulimia or a heart problem. I think the main argument will be Health Care coverage, but don't worry. Obama's health car reform bill mandates big companies (i forget exactly how many employees they must have to be mandated to do this) will have to cover all of their employees. I see no problem there.

However, I do agree with Shree that medical privacy should be split into sections which I agree helps in ensuring the privacy.
VSharma

Re: Medical Privacy

Post by VSharma »

Presently, some personal medical information is being given awy to research. Since this asct will most likely continue, a recomendation is that the patient should be given a list of which organizations or people have accessed his or her records.
kdave

Re: Medical Privacy

Post by kdave »

A certain Steve Bennett who lives in St. Louis, Missouri happens to be a dealer in illegal medications. Maybe Mr. Bennett is heavily involved in black market organ dealings. What if Mr. Bennett works for a business that makes the medications you need, and targets you? All of a sudden, Mr. Bennett has an endless amount of opportunities where your medical profile is of value.
tzobele

Re: Medical Privacy

Post by tzobele »

Good Breif Josh, you are spot on about the goverment panel and what care they will tell what to have. Also with ObamaCare just passing, the goverment will have more control of the Amercian people's medical records. I have a problem with goverment handling my medcial records because what does goverment know about healthcare. :D :D :D :D :D :D :D :D :D :D :D :D :D :D
athakker

Re: Medical Privacy

Post by athakker »

I think Senator Dave misunderstood my point. It is the Medical Information of Steve Bennett that is in question, not him getting other people's info.

However, if Steve Bennett is a corrupt medical professional, which is entirely possible and gets info to "target" others, then I think it is a good idea that a list of organizations of where the info goes be given to a patient (like Senator Sharma said). This way, if infomation is being used to "target" him then he can talk to his doctors about it.

However, I still stand for medical privacy being split into sections which helps in ensuring the privacy. So this way, like Senator Raghavan said, we can give acceptable infomation such as hair color, eye color, skin color, etc. But more sensitive should be seen only be doctors, and the patients' health insurance provider. And I also believe that there should be a non-disclosure agreement between the patient and the parties that can see the sensitive information so that these parties will not disclose this info.
Locked