Privacy rules to turn doctors into criminals?

By Jon Dougherty

New medical privacy rules could be used to punish doctors with fines up to $250,000 and months in jail if a federal patient-consent form is not signed by patients, according to experts with two physician groups.

“After April 2003, it will be a federal crime to use covered medical information for any purpose – such as treating a patient – without a federally approved consent form. There are huge fines and prison terms for each and every incident,” said an alert issued earlier this month by the American Association of Physicians and Surgeons.

The group had already warned its members that doctors, under Department of Health and Human Services medical privacy rules adopted by Bush-appointed HHS director Tommy Thompson April 14, “could be forced to withhold treatment from patients if they refuse to give blanket consent for use of their medical record.”

“But it gets worse,” the AAPS told members. “If a referring doctor sends you a letter, you can file it, but you may not use the information until the patient comes in and signs a proper consent.

“Your usual consent forms will probably have to be discarded; if they mention use or release of information, they are in violation of federal law. You’ll need a separate form for medical information,” said the AAPS alert.

If paramedics and other ambulance personnel provide information to a doctor “and it’s a true emergency, [physicians] may use that information,” provided they “get the consent later or document why that is impossible” to get later, AAPS said.

“Everybody thinks HIPAA (the Health Insurance Portability and Accountability Act of 1996, or Kassebaum-Kennedy) was supposed to protect against unauthorized release of information,” said the AAPS alert. “Surprise – the emphasis is now on use.”

Meanwhile, a separate medical advocacy group said the administration’s claims that the rules will actually increase patient medical privacy is a “myth.”

“Americans are being told they have a new right to medical privacy under the final federal medical privacy rule published” in the Federal Register last December, said Sue Blevins, president of the Institute for Health Freedom.

Instead, she said, the rules “actually weaken individuals’ ability to restrict access to their medical records. At the same time, the rule increases the federal government’s power to access individuals’ personal health information without patient consent.”

“Also, there is nothing in the rule that prohibits the federal government, state governments or private parties from compiling large databases of patient information … without patient consent,” she said in a Feb. 8 analysis of the rules. “The rule does not apply to information that is collected or stored in databases without consent prior to February 26, 2003.”

Thompson, in an April 12 news conference, praised President Bush’s approval of the new privacy regulations and said they would “give patients greater access to their own medical records and more control over how their personal information is used.”

“This rule makes sure that private health information doesn’t fall victim to the progress of the information and technology age, where an array of data is readily available in computer systems and too often just a keystroke away from being accessed,” Thompson said. “We are giving patients peace of mind in knowing that their medical records are indeed confidential and their privacy is not vulnerable to intrusion.”

But some analysts disagree, believing instead that the Bush administration simply hasn’t thoroughly read or studied what is contained in the rules.

“These rules are ridiculous,” Dr. Jane Orient, director of AAPS, told WorldNetDaily.

So far, there has been little congressional action to stop implementation of the rules.

Rep. Ron Paul, R-Texas, is trying to kill the rules under the provisions of the Congressional Review Act, a little-used law passed in 1996 that allows Congress to repeal an agency’s regulations simply by enacting a resolution of disapproval within 60 days of the rule being promulgated.

The procedure was used for the first time earlier this year to successfully defeat repetitive-motion rules issued by the Occupational Safety and Health Administration shortly before Clinton left office in January. Bush signed that resolution after it first passed the Senate, then the House.

Paul’s bill, HJR 38, however, will become moot if House Speaker Dennis Hastert, R-Ill., fails to act on it by June 15 – this Friday. Hastert’s office has not commented on whether the speaker will allow a vote on the resolution.

“Our feelings are that these regulations would open the door” to medical privacy violations, Jeff Deist, a spokesman for Paul, told WND. “If all health providers, insurance companies, HMOs and others start using a standardized database or software to compile information, that is a step in the direction of creating a uniform number for everyone.”

The language of the rule repeatedly mentions “personally identifiable health information” that could be used by health care providers and other related industries in the delivery of care to patients.


If you’d like to sound off on this issue, please take part in the WorldNetDaily poll.


Related stories:

Paul to stall medical privacy rules

Online health privacy a ‘myth’?

Medical ID number squashed again

U.S. threatening medical privacy?

Health providers sound privacy alarm

Shalala pulls plug on medical privacy comment period

Jon Dougherty

Jon E. Dougherty is a Missouri-based political science major, author, writer and columnist. Follow him on Twitter. Read more of Jon Dougherty's articles here.