How useful personal health information might be to U.S. intelligence services in the search for terrorist suspects isnt well-known outside the intelligence community, but there is no doubt that planners of a controversial Defense Department surveillance program had targeted medical information.
They even put it in a slide show.
The intelligence community also is interested inand has invested inan information technology company that has developed a key patient identification software system already is in common use in parts of the proposed national health information network, or NHIN.
To view Joseph Conn's entire package on terrorist surveillance and electronic medical records, read "
EMRs could be fair game in war on terror," "A controversial lawyer, HIPAA and the privacy debate," "The tortuous path of the HIPAA privacy provision," "Potential exists for snooping in EHRs, experts say," "Government sets sights on health IT for surveillance," and listen to a podcast interview with Twila Brase, Possible EMR, national security interest links."
That investment is only one of a number of links between IT companies that work both in healthcare and for the intelligence community.
Total information debacle
If there is a smoking gun that the government planned to grab health records as part of an electronic terrorist-surveillance effort, it came in the form of the controversial and ill-fated Total Information Awareness program, later renamed the Terrorism Information Awareness program, or TIA.
The program was directed out of the Information Awareness Office, or IAO, which was created in 2002 and headquartered in the Defense Advanced Research Projects Agency, or DARPA, the research and development arm of the Defense Department. The IAO was led by former Navy Rear Adm. John Poindexter, a key figure in the Iran-Contra scandal during the Reagan administration. Much of TIA was de-funded by Congress in 2003 and the IAO was disbanded, but many claim work on its programs was likely shifted behind the veil of other national intelligence agencies.
Last week, a committee of the National Research Council of the prestigious National Academy of Sciences released a 376-page report, Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment. In a section on the history of TIA and a post-mortem, the committee concluded that, from a political standpoint, the program was a debacle.
In Freedom of Information Act requests for TIA documents, the Electronic Privacy Information Center obtained an e-mail to Poindexter from Lt. Col. Doug Dyer, a project leader at the IAO. The e-mail recounts a business discussion about TIA with Jennifer Barrett, global privacy officer at Acxiom, a giant Arkansas data-miner that also has several healthcare clients.
Dyers e-mail provides a glimpse into the proposed, multinational scope of the TIA project and discloses an idea by one of its leaders to outsource data acquisition as well as its system architecture development to the private sector. Dyer noted that Acxiom had data on 80% of the U.S. and U.K. populations.
Barrett, Dyer said in his e-mail, testified before Congress and offered to provide help.
One of the key suggestions she made, Dyer wrote, is that people will object to Big Brother, wide-coverage databases, but they dont object to use of relevant data for specific purposes that we can all agree on. Rather than getting all the data for any purpose, we should start with the goal, tracking terrorists to avoid attacks, and then identify the data needed (although we cant define all of this, we can say that our templates and models of terrorists are good places to start.) Already, this guidance has shaped my thinking.
Ultimately, Dyer wrote, the U.S. may need huge databases of commercial transactions that cover the world or certain areas outside the U.S. This information provides economic utility, and thus provides two reasons why foreign countries would be interested. Acxiom could build this mega-scale database.
Barnett said in an interview that she has no specific remembrance of discussing health records during her conversation with Dyer. Since then, I havent heard anything specifically relative to medical records, but that doesnt mean its not happening, because Im not plugged in.
Barnett would not say whether Acxiom had been subject to an intelligence service request for healthcare information.
Obviously, if they came with an NSL, I cant answer that question, she said, referring to a national security letter.
Barnett said if Acxiom were presented with a demand for health information, there is no issue whether they would turn over the records.
Absolutely, thats a requirement under the NSL, she said. But were not the best place to get that. Barnett said Acxiom is working with a healthcare provider to help them aggregate their records across their (multihospital) system, but I dont think wed be a good target. We have only part of the data. It would be better to go straight to the healthcare provider and ask.
The Minow committee
In February 2003, in an effort to quell fears and address the escalating debate about TIA, then-Defense Secretary Donald Rumsfeld appointed an eight-member Technology and Privacy Advisory Committee.
The group was chaired by former Federal Communications Commission Chairman Newton Minow. Zoe Baird, the president of the New York-based Markle Foundation, also served as a committee member. Markle works in both healthcare and national security IT.
Proponents of the proposed NHIN like to call it a network of networks, which is how the Defense Department described TIA in a 109-page, May 2003 report to Congress about the program.
Broadly speaking, according to the Minow committees 140-page final report on TIA, dated March 2004, the program aimed at gathering data from significant new data sources, identified as transactions, including medical transactions, but also financial transactions and records of telecommunications, education, travel, border crossings, places and events, veterinary, transportation, housing and government. The Minow report also included an IOA/DARPA slide (on p. 15) of a schematic of TIA in which medical transactions were among those to be mined for the program.
Asked if she was aware of any predictive value in health records for anti-terrorism, Barnett couldnt say.
You dont know whether medial records would help or not, she said, but unless you studied the records, it might be some piece of the record, such as date of birthit might not be what they were treated forthat would be useful.
Nor is the answer clear from any of the publicly available reports about TIA.
The Minow report noted that Poindexter gave a speech at the DARPATech 2002 conference that August in Anaheim, Calif.
Poindexter told conferees, One of the significant new data sources that needs to be mined to discover and track terrorists is the transaction space. If terrorist organizations are going to plan and execute attacks against the U.S., their people must engage in transactions and they will leave signatures in this information space. This is a list of transaction categories, and it is meant to be inclusive.
Under TIA, according to the Minow report, multiple databases in the public and private sectors would be accessed and their data fed into powerful computers equipped with artificial intelligence. The computers would sift through this ocean of information and search for patterns that are related to predicted terrorist activities. TIA would then place the relevant information extracted from this data in large-scale repositories from which, it was hoped, terrorists could then be understood, identified, tracked and pre-empted.
A separate, 2003 Congressional Research Service, or CRS, report on the legal challenges facing the TIA program also listed medical records as a targeted data source for TIA, but without further explanation why medical records were being sought. The CRS listed the privacy provisions of the Health Insurance Portability and Accountability Act of 1996 as a possible impediment to the program.
Aside from privacy issues, the efficacy of such as system was questioned by the author of a second CRS report from March 2003. The researcher, Amy Belasco, remarked that while TIA proponents expressed confidence that pattern analysis would work, other data experts suggest the false positive rate would be enormous, potentially subjecting thousands, if not millions, of Americans to increased scrutiny or possible investigation.
Under request from Congress, the inspector generals office at the Defense Department also looked into the TIA program, releasing its results in January 2004. According to the Minow report, the inspector general said that although DARPA was sponsoring research on privacy safeguards, it failed to perform any form of privacy impact assessment, did not involve appropriate privacy and legal experts and, instead, focused on the development of new technology, rather than on the polices, procedures and legal implications associated with the operational use of technology.
The Minow report chided the Defense Department for being deaf to public sentiments about privacy, noting the TIA logo depicted an all-seeing eye atop a pyramid, surrounded by the Latin motto, Scientia Est PotentiaKnowledge is Powersuggesting George Orwells all-knowing Big Brother government in his classic novel 1984.
TIA got off one minor test run, and then Congress defunded much of the TIA program in September 2003 while totally eliminating the IAO at DARPA. And yet, a classified annex to the legislation permitted some TIA programs to survive.
This language made it clear that TIA-like activities may be continuing, the Minow report said. The report listed as an example a TIA-like program called Novel Intelligence from Massive Data being developed by the Advanced Research and Development Activity, a DARPA counterpart at the National Security Agency.
This months report on privacy and national security by a National Research Council subcommittee, whose members include as co-chairman former Secretary of Defense William Perry, also said, "TIA-style data-mining was, and still is, possible because there are few restrictions on government access to third-party business records."
Poindexter said in his August 2002 speech that privacy protection efforts were part of TIA. But that privacy work, carried on in part by Latanya Sweeney, a computer privacy expert and assistant professor at Carnegie Mellon University in Pittsburgh and a familiar name in medical informatics, died with TIA in 2003, according to the National Research Council and an Associated Press report, even though TIAs surveillance programs were shifted to other intelligence community agencies.
The Minow committee made 17 recommendations to Rumsfeld, none specifically aimed at medical records. One recommendation called for the intelligence services to leave data with existing database holders whenever possible and access it as needed. Another said that private data sources should be reasonably compensated for supplying information to the intelligence community.
Finally, in a foreshadowing of the amnesty provision in the Foreign Intelligence Surveillance Amendments Act of 2008 passed by Congress this summer, the Minow committee recommended private data sources should be indemnified for any liability that results from the governments acquisition or use of the data. The controversial FISA amendments granted amnesty from civil liability for telecoms, remote computing service providers and any other communication service provider that assisted the government in an electronic surveillance program after the Sept. 11 attacks.
The spy who matched me
The many reports and investigations into TIA revealed that a number of consultants and IT companies that work in healthcare also work for the intelligence community. Perhaps the most intriguing example is the investment in 2006 by In-Q-Tel, an Arlington, Va., venture capital firm set up by the CIA, in Initiate Systems, a Chicago-based software company with a product that is at the heart of a growing U.S. electronic prescribing network and recommended for health information exchange.
In-Q-Tel hunts for and invests in cutting-edge technology companies whose products could be useful to members of the intelligence community, according to the companys Web site. In-Q-Tel would not disclose the amount of its equity investment in Initiate Systems, whose software accurately identifies electronic records that belong to a specific person. Initiate software uses a technique called probabilistic matching to match records to people.
Probabilistic matching is an identification method for patient record locator services specified by the Markle Foundations Connecting for Health initiative, which has developed a widely cited portfolio of technical documents and specifications, called the Common Framework, for developing health information organizations and the proposed NHIN.
It must be noted that Markle did not recommend Initiate Systems specific products by name in its Common Framework, and there are other systems available that use the technique of probabilistic matching to accomplish the same task. Scott Schumacher, chief scientist of Initiate Systems, is listed as a member of a Connecting for Health technology subcommittee that developed the Common Framework.
In healthcare applications, probabilistic matching software uses a limited number of data fieldsfirst and last names, gender and a few othersto confirm identities. Initiate Systems provides software to identify prescription drug records for SureScripts-RxHub, a for-profit, electronic data exchange network set up by the two largest pharmacy trade associations and the then-three largest pharmacy benefit manager, or PBM, companies.
SureScripts-RxHub claims it accesses formularies and patient eligibility information for drug plan coverage through the PBMs to the prescription records of 160 million people. The SureScripts-RxHub exchange also links physicians and pharmacies and is the leading network for e-prescribing, moving 35 million e-prescriptions last year, a number it expects will double in 2009, according to a recently released guideline on e-prescribing by the not-for-profit e-Health Initiative. E-prescribing is being heavily promoted by HHS. Initiate Systems software also is used by the Veterans Affairs Department and MA-SHARE, a Boston-based health information organization.
Kevin Hutchinson, the former chief executive officer of SureScripts before its merger with RxHub, said the company never has been approached by anyone in the intelligence community about gaining access to its data stream or its database of prescription records. Hutchinson said the prescription data are stored by Equinex, a developer of data warehouses and large-scale database connectivity services. Hutchinson said Equinex provides data-storage services to a number of the largest IT companies in the country as well as the Homeland Security Department.
I cant even get into our data center without authorization, said Hutchinson, in an interview before he was named earlier this year as president and CEO of Prematics, Bethesda, an e-prescribing software developer. Hutchinson said that he also felt confident SureScripts data are secure from government access as the data moves because they are encrypted.
CIA spokesman Paul Gimigliano said in an e-mail, "The intelligence community's interest in software from Initiate Systems has nothing to do with its application to the healthcare industry. Indeed, the technology has been used in other fields. The intelligence community is simply looking for tools that will help it assess and verify data of its own."
Officials from several health organizations contacted at the time of the In-Q-Tel investment announcement said that they were not concerned about CIA use or involvement with Initiate Systems software, saying the companys software is behind the firewalls of their IT systems where intelligence sources can't go without permission.
What do you think? Write us with your comments at [email protected]. Please include your name, title and hometown.