TALK ABOUT purposes. Last month, the U.S. Senate introduced legislation seeking to tighten privacy on personal medical information. Meanwhile, the Health Care Financing Administration disclosed plans to begin collecting detailed medical and personal data about millions of homebound patients.
HCFA, the unit of the Health and Human Services Administration (HHSA) that oversees Medicare and Medicaid, said the data was needed to better track the performance of more than 9,000 Medicare-certified home healthcare providers. The idea is to improve the care of more than 4 million home healthcare recipients, while reducing fraud and inconsistent billing.
HCFA spokesman Chris Peacock said access to the information would be extremely limited in accordance with existing federal regulations and researchers will not be allowed to see any identifiable information. Other government agencies will be denied access to the database.
The Direct Marketing Association had no immediate comment on either the bill or HCFA’s plans. It is studying the potential effects both could have on DMers.
Privacy advocate Robert Ellis Smith said the bill, introduced by Sen. Patrick Leahy (D-VT), “needs fine-tuning” to clarify access and use of personal medical data by direct marketers and law enforcement, and to determine whether permission to access that information is “meaningful or pro forma.”
Smith, publisher of the Providence, RI-based Privacy Journal, was highly critical of HCFA’s plan, saying it was “far too intrusive,” delving into a person’s physical and mental health, suicidal tendencies and personal finances.
Jan Lori Goldman, director of the Health Privacy Project at Georgetown University in Washington, DC, cited what she called “a tremendous risk” that the information collected by HCFA could be abused. “It’s a truly coerced collection of information,” she said. “There has to be a way to check [Medicare and Medicaid] abuse without intruding on patient privacy,” she added.
The Senate bill (S. 573) is known as the Medical Information Privacy and Security Act.
Leahy said the bill “covers entities other than just healthcare providers and payers, such as life insurance companies, employers and marketers and others who may have access to sensitive personal health data,” allowing individuals to limit access to their medical records or any portion of them by anyone who is “not directly involved” in their care.
That includes warrantless access by law enforcement agents unless the information is needed in the “hot pursuit” of a suspected criminal.
The measure, which creates a National Office of Health Information within HHSA, allows states to enact tougher medical privacy safeguards.