Efforts to protect patient privacy could have a "devastating effect" on healthcare fraud-fighting efforts, federal law enforcers said last week.
At a Senate hearing on patient privacy issues, officials from the FBI and the U.S. Justice Department told the Health, Education, Labor and Pensions Committee that three bills introduced in Congress would threaten their successful crackdown on healthcare fraud.
The bills generally aim to keep medical records confidential, shielding them from anyone who does not have the patient's permission to view them.
Medical records privacy legislation has begun to gain momentum as Congress faces an Aug. 21 deadline. If Congress fails to pass legislation by Aug. 21-a date set under a 1996 health-insurance reform bill-HHS will be able to set privacy standards by regulation.
Sens. Patrick Leahy (D-Vt.) and Robert Bennett (R-Utah) testified before the committee about the contents of their bills, which each include an exemption for law enforcement personnel. Sen. James Jeffords (R-Vt.), the committee's chairman, and Sen. Christopher Dodd (D-Conn.) also have a privacy bill pending with such an exemption.
John Bentivoglio, the Justice Department's chief privacy officer, told the committee that the law enforcement exemptions in the bill were a good start, but it would still be difficult to get records needed for investigations.
"(In Medicare billing fraud cases) investigators will need access to hundreds of patient medical records, generally through an administrative or grand jury subpoena, or a civil investigative demand," Bentivoglio said. "In this scenario, it would be extremely burdensome, and in some cases impossible, to provide each patient with advance notice and an opportunity to be heard before the subpoena is enforced."
Lynne Hunt, FBI financial crimes chief, reminded the committee that Congress had already invested a large amount of government resources in combating Medicare and Medicaid fraud through the Health Insurance Portability and Accountability Act of 1996, also known as HIPAA.
Bentivoglio told the committee that the Justice Department is working on guidelines for handling patient records during the course of an investigation. The guidelines, which will likely propose deleting sensitive information from documents used in court proceedings, should come out later this year, he said.
Meanwhile, Bennett last week introduced his long-awaited Medical Information Privacy Act, which drew broad support from hospitals and other providers.
Unlike other bills introduced so far, Bennett's bill would pre-empt all state medical records privacy laws. It also provides for a single authorization of records disclosure for treatment or payment.
Hospitals support Bennett's legislation because it establishes national standards, relieving them of the burden of having to comply with differing state standards.
It also allows disclosure of medical records to healthcare researchers if they have provided safeguards to prevent improper disclosure of healthcare information outside of their research projects.
-With Jonathan Gardner