Among the dozens of answers in the tiny type on the frequently asked questions section of the iPledge Web site, the word privacy is absent, but HIPAA does appear with the following disclaimer to providers: Under HIPAA, covered entities are defined as three groups, health plans, healthcare providers and healthcare clearinghouses. Pharmaceutical manufacturers are not included in any of these groups, therefore, the manufacturers of isotretinoin are not covered entities under HIPAA, and HIPAA does not apply to the iPledge program.
A privacy statement on the Web site tells users that iPledge collects information about your transactions without elaborating what those transactions might be. It also notes that iPledge may combine information about you that we have with information we obtain from business partners or other companies. Again, how that other information is obtained, from whom and for what purpose is also not explained.
Again, who those marketing partners are, or what offers they might make, are undisclosed on the Web site.
The iPledge program was approved by the FDA as a RiskMAP in 2005 and, despite complaints and a request for delay by the American Academy of Dermatology, participation became mandatory in March 2006 for physicians, pharmacists and patients to prescribe, sell or receive treatment using isotretinoin.
The program is operated under the auspices of four manufacturers of branded versions of isotretinoin. But the iPledge Web site does not mention that the pharmaceutical companies are responsible for operating iPledge, other than as drugmakers, nor does it name the pharmaceutical contract research organization, Covance, of Princeton, N.J., that manages iPledge on their behalf. The drug companies, Barr Laboratories, Mylan Pharmaceuticals, Ranbaxy Laboratories and Roche Laboratories and their phone numbers are listed, but their role in iPledge, other than as drugmakers, is not explained. The FDA is mentioned on the site, but its role in approving the program is likewise not explained.
The drug companies come up with it, the FDA approves it, and the drug companies administer it, Dixon said in a telephone interview regarding the development of RiskMAPs. The data goes directly to the drug manufacturers. There is absolutely no (consumer) control of the information. You have absolutely no right or ability to opt out of the marketing of your data, and its sensitive data, your contraceptive choices, your pregnancy test results, your name, partial Social Security number, date of birth and address. Theyve got a lot of information on you.