In another example of Obamacare overreach, the current administration is planning to pry into your private health care records.
The proposed new regulation, issued by Secretary Kathleen Sebelius of the Department of Health and Human Services (HHS), demands that insurance companies submit detailed health care information about the patients they insure.*
What this means, in the words of Kansas Republican Tim Huelskamp, is that the government intends to “collect and aggregate confidential patient records for every one of us.”
Now if the government can’t keep its own secrets confidential—witness the Wikileaks disaster—how likely is it that they will be able to keep secrets for the rest of us?
Electronic data, as everyone knows by now, is all too easy pilfered. A single laptop stolen from a Veteran’s Administration employee’s home contained personal data on 26.5 million veterans and their spouses.
What makes this problem even more pressing is that Washington is right now spending 29 billion dollars to create electronic health records, proposing to store them on federally funded Health Information Exchanges. If the government is allowed to assemble and control huge databases with information about every American, no ones personal health information is safe. Sooner or later—probably sooner—a cyber break-in will occur, and your private health records will be exposed to the world.
Even without a break-in, your electronic health records are already an open book to millions of providers, employers, government agencies, insurance companies, billing firms, transcription services, pharmacy benefit managers, pharmaceutical companies, data miners, creditors and more. This is considered “routine” use, and is not covered by HIPAA (Health Insurance Portability and Accountability Act of 1996).
In fact, you probably did not know that in 2002 HHS actually amended the HIPAA “Privacy Rule” to eliminate the patient’s “right of consent” altogether.
Feeling exposed yet?
There is only one solution: We, as individuals, must insist on the right to control our own e-health records. Not only must the “right of consent” be reinstituted by law, but wide-ranging privacy protections must be put in place as well. We must have the right not merely to “opt-out” of any requests for our health information, but to “opt-in” to data sharing only when we choose to do so.
The good news is that the software technology that allows patients to do just this already exists. Developed by a Dallas-based company called Jericho Systems, it puts the patient in charge, allowing him to specify what doctors, practices, and institutions are allowed access to his medical records. In fact, the technology extracts only the data that he wants to share, and withholds information about his medical history that he prefers to keep private.
In other words, the technology keeps all of the advantages of electronic medical records—timely sharing between specified providers and institutions in the even of a health crisis—while eliminating the danger to the patient of indiscriminate or inadvertent disclosure of private health information.
It could do other things as well, such as allow patients to act on their pro-life principles. People of pro-life sentiments, for instance, could refuse to allow their health records to be used in studies by pharmaceutical companies that manufacture and produce abortifacient drugs. Those who want to ensure that they receive adequate end-of-life care—and who doesn’t?—could direct that their treatments, including nutrition and hydration however administered, be given to protect and preserve their life.
There are ways that we can protect ourselves and our electronic health records from all who seek to control our health care choices, including the functionaries busily implementing Obamacare.
It’s time that we locked up our electronic health records away from prying eyes. And we, not the government, should have the only key.
*The new regulation can be seen at Proposed Rule: Patient Protection and Affordable Care Act; Standards Related to Reinsurance, Risk Corridors and Risk Adjustment, Volume 76, page 41930 . Proposed rule docket ID is HHS-OS-2011-0022.