Privacy desires ignored

For psychiatrist Deborah Peel, maybe patient privacy and patient consent aren't identical twins, but they're sure close relatives.

Not surprisingly, a recent Zogby International poll commissioned by Peel's not-for-profit Patient Privacy Rights Foundation, Austin, Texas, focuses on patient consent and its relationship to privacy—a unity the federal government has chosen to either ignore or deny.

The 2,000 adult poll respondents reached by Zogby via the Internet put great store in their right to privacy. They cling to the quaint notion that they should be asked before their electronic health records are sent skittering off to unknown users for unknown purposes.

Silly them.

HHS rulemakers wrote away a key right to privacy eight years ago.

An HHS revision to the Health Insurance Portability and Accountability Act privacy rule in 2002 stripped away one of the broader authorities giving patients the right to control the flow of their medical information. HHS rulemakers did it by eliminating the right of consent. They took a stringent privacy protection rule and transformed it into a disclosure rule.

There are a lot of bright folks who have warned HHS that this privacy issue broadly—and this HIPAA privacy rule revision, specifically—are going to explode on the healthcare industry. One of the more insistent voices has been Peel's, but she's by no means alone.

The Wall Street Journal, for example, is running intermittently an excellent investigative series, "What They Know," about threats to privacy in the computer age. A recent installment by reporters Julia Angwin and Steve Stecklow touched on healthcare data mining at a well-know patient-oriented Web site, PatientsLikeMe.

The Zogby poll adds more powder to the privacy explosion that might yet come. The poll was conducted online in late August, with a stated margin of error of 2.2 percentage points. Here is one of the questions and the responses:
  • Q: "Should doctors, hospitals, labs and health technology systems be allowed to share or sell your sensitive health information without your consent?"
  • A: No, 97%; not sure, 2%; yes, 1%
Here's another:
  • Q: Should insurance companies be allowed to share or sell your health information without your consent?
  • A: No, 98%; not sure, 1%; yes, 1%
You can check out the rest here.

The Zogby results show what many earlier polls have shown: that people remain very concerned about the privacy of their electronic records and they want to be asked before releasing their personal medical information.

Federal policymakers may ignore this poll and continue to discount all of the previous ones with similar results at their peril, but they're not the only ones at risk.

Taxpayers are investing nearly $30 billion in electronic health-record systems for providers and hospitals. When they find out how useless the main federal privacy law is at protecting their information and that HHS took away their right of consent, privacy's cousin, they may start thinking of a revolution.