Bigger Brother: COVID-19 used to launch new health 'surveillance'

(U.S. Air Force photo/Trevor Cokley)

Minnesota authorities are using the coronavirus pandemic to launch a new program that collects and analyzes personal information of every patient hospitalized, regardless of whether they have been diagnosed with COVID-19.

The information includes names, addresses, birth date, symptoms, diagnosis, age, gender, race, ethnicity, city, zip code and county.

That's an infringement of privacy rights, the Citizens' Council for Health Freedom asserted in a letter to state Health Commissioner Jan Malcolm.

"To the extent Minnesota hospitals have felt compelled by your letter to provide MDH with anything other than data that specifically relates to COVID-19, we believe you have abused your authority and infringed upon Minnesotans' health privacy rights," the letter states.

Malcom has ordered hospitals to provide the information on every hospital admission with the goal of having "100% of Minnesota hospitals sending ADTs for the total population of patients receiving care in their facilities as soon as possible."

ADT stands for Admission, Discharge and Transfer data.

The state claims the patient name, address and birth date won't be used in its analysis, but it's unclear how the data will be "deidentified."

MDH uses three laws -- two state and one federal -- to claim authority.

But CCHF argued: "No such laws authorize the broad health data collection demanded by MDH. Furthermore, no state law allows MDH to require a permanent electronic interchange system between hospitals and MDH contractors for the ongoing collection and reporting of 'all patient' data."

Twila Brase, president and co-founder of Citizens' Council for Health Freedom, said the commissioner of health "is trying to goad Minnesota hospitals into helping them build an illegal hospital-based surveillance system under cover of the COVID-19 crisis."

"But the commissioner's letter itself shows its lack of authority. Despite claims of statutory power, there's no deadline, it uses the word 'strongly encourage' and says its 'goal' is 100% compliance," she said. "However, MDH can use its government power to try to scare hospitals into compliance, exposing these hospitals to lawsuits for failure to follow Minnesota's strong patient consent requirement."

Brase said the "troubling aspect" of the state effort is the claim "that the federal HIPAA (health record access) rule supersedes state privacy laws, thus MDH says no patient consent for the mass transfer of data is required."

"The HIPAA law specifically authorizes stronger, privacy-protecting state laws to supersede the federal HIPAA rule," said Brase. "Since the Minnesota Health Records Act is the strongest patient privacy and consent law in the nation, MDH cannot dismiss the consent requirements in state law, and has no authority to compel hospitals to turn these medical records over to the government without patient consent

"MDH has year-long surveillance in mind," she warned.

Once hospital medical record systems are electronically connected to the health department, MDH writes, the approach could be used in the future for other related activities.

"Other conditions MDH might want to expand to after COVID-19 are trends in drug overdoses, traumatic brain injury, spinal cord injury, vaping-related lung injury, or other current or emerging public health threats," she said.

Brase said Malcolm must rescind the program and notify all hospitals that receiverd her letter.

"If she refuses, Gov. Walz and the Minnesota state legislature should order Commissioner Malcolm to rescind the letter before this unlawful 'all patient' hospital surveillance system is set up in perpetuity."

Brase writes in her letter to Malcolm: "We find it egregious that MDH has used a legitimate crisis and legitimate public (and hospital) fear caused by that crisis as an opportunity to illegitimately invade hospital records and individuals' medical data, and to set up a system to do it into the future."

One law cited by the state agency actually addresses conducting studies and investigations and analyzing "vital data."

Brase's letter contends it "in no way empowers MDH to compel hospitals to provide MDH with access to all patient data and certainly does not empower MDH to use the fog of fear and panic caused by COVID-19 to grab powers not granted."

Especially alarming was the state agency's plans to use its access to data "in the future."

"This regulatory demand to create a long-term direct link between the state government and private hospitals for the 'near real-time' transfer of private patient data is an overreach and a violation of patient privacy and consent rights," the letter said.

A WND message left for Malcolm requesting comment was not returned.