In response to Joseph Conn's "Rx groups' drug history database emergency-ready
Why is a collaborative made up of the AMA, Informed Decisions, National Association of Chain Drug Stores, National Community Pharmacists Association, RxHub, state Medicaid and other government agencies setting up ICERx.org to violate our rights to control who sees our prescription records?
We (consumers and patients) have the right to choose who can see our prescription records and the right to decide if our prescriptions should even be placed in yet another giant health database. Our privacy rights are guaranteed under strong state and common law, and centuries of medical ethics. Besides, "smart" technology already exists that can give each of us granular control over access to all our personal health information down to the single data field.
Why has ICERx.org not asked a single patient or consumer for consent to track, aggregate and store his/her highly sensitive prescription records in case of future emergencies? When will ICERx.org publicly state that the database will never be data-mined, used, or sold for any purpose without our informed, contemporaneous consent?
The ICERx.org database is actually grand theft masquerading as a public service. The "service" ICERx.org provides eliminates our right to privacy by violating common law, medical ethics and the Hippocratic oath, which all require consent before access to our medical records. By the way, our prescriptions are part of our medical records. Do you want a "public service" forced upon you that violates your fundamental constitutional rights? I don't.
How can data thieves best cover their tracks so they can continue to keep stealing our data? By alleging what they do with our stolen data is a "public service" they are performing on our behalf. If they can fool us into thinking they are doing something that is legitimate and something we need or want, they get to keep stealing from us.
Could it be that the "service" ICERx.org offers is something that the public (that's us) doesn't want or care about? There has been no public outcry demanding new prescription databases be built for future emergencies and disasters. Could it be that this is not a priority for Americans? Actually, we have been unanimous about what we do want from the healthcare system.
Guess what? We want our right to privacy and we want affordable high quality healthcare for everyone, first and foremost. We don't want yet another massive database of stolen medical records to be data-mined and sold.
If ICERx.org was actually offering a real public service it would only collect our data if we opted-in, and the database could only be used with our consent. There would never be access and use by any "licensed healthcare professional"—whoever that may be—clearly some are not even physicians. And whoever these people are, they do not have to ask for consent before they see and use our prescription records—access is role-based. ICERx.org uses role-based access instead of legal and ethical consent-based access. A real public service organization would never steal prescription records, which is the method ICERx.org is using. How hard is it to first ask if we want to opt-in, and then in an emergency to ask if we grant our consent for "professionals" to view our prescription records? The moment we grant consent, our prescriptions will be instantly available electronically.
New "smart" consent management tools allow us to set our electronic consents in advance for emergencies and routine situations, instantly and online. There is no need for ICERx.org or any other organization that happens to possess or steal our PHI to make critical decisions for us, when "smart" technologies can ensure we control our own data.
Furthermore—why would we want yet another secret database of our records that we have no control over? What assurance do we have that the ICERx.org database is secure? Who knows what kind of security measures it has and who knows how many role-based strangers are allowed to access data or what their qualifications are? There are no audit trails of access to the database. And today we have no recourse if our prescription data is sold, lost or stolen.
No one should ever be able to steal and store any of our electronic data in a database, no matter how good their intentions. No health database should ever be built without informed, contemporaneous and noncoerced consent to opt-in. We should be free to prevent ICERx.org from stealing our data and exposing us to huge risks that they have no liability for.
If ICERx.org was offering something the public really wanted, we would all be clamoring to sign up. ICERx.org does not even bother to ask us to opt-in, since they have already stolen our data.
Sorry, but the ICERx.org collaborators are major data thieves who are violating the privacy of every American. Breaking the law and violating medical ethics is not a "public service."
Believe me, if ICERx.org does great things, I'll be able to figure that out and decide for myself if I want to sign up for ICERx.org's "service. I don't need a fake "public service" organization to decide what is best for me.
Deborah Peel, M.D.
Patient Privacy Rights Foundation
To submit a letter to YOUR VIEWS, click here. Please include your name, title and hometown.