Santa Monica, CA — The non-partisan Consumer Watchdog called on Google today to cease a rumored lobbying effort aimed at allowing the sale of electronic medical records in the current version of the Economic Stimulus legislation. Consumer Watchdog called on Congress to remove loopholes in the ban on the sale of medical records and include other privacy protections absent from the current bill such as giving patients the right to an audit detailing who had accessed their medical records and how the records were used.
Reportedly Google is pushing for the provisions so it may sell patient medical information to its advertising clients on the the new "Google Health" database: https://www.google.com/health/
Download Consumer Watchdog’s letter urging Congress to refuse Google’s amendments and detailing five areas of needed patient privacy improvements.
In the letter sent today, Consumer Watchdog wrote:
"Americans will benefit from an integrated system capable of making our medical records available wherever we may need them, but only if the system is properly used.
"The medical technology portion of the economic stimulus bill does not sufficiently protect patient privacy, and recent amendments have made this situation worse. Medical privacy must be strengthened before the measure’s final passage, rather than allowing corporate interests to take advantage of the larger bill’s urgency. . . .
"First and foremost, electronic medical records should be designed to benefit patients, not the corporate interests lobbying hard on Capitol Hill to get a piece of the $20 billion in taxpayer subsidies provided for this project."
The 5 patient privacy protections that Consumer Watchdog urged Congress to adopt in the electronic medical record section of the Economic Stimulus bill, include:
1. Retain & Strengthen Prohibition on Sale of Private Medical Data. Our private medical information, including which prescription drugs we take and which illnesses we have, is extremely valuable to the medical-insurance complex. Some want to market to us, others want to use this information to deny us access to insurance coverage. For instance:
• Google is said to be lobbying hard this week to weaken the ban currently in the draft measure on the sale of our private medical records. Google must not be allowed to destroy this basic privacy protection.
• On Friday, Representative Roy Blunt (R-MO) added an amendment to the House version of the stimulus bill allowing pharmacists to sell our private medical information without our knowledge. This amendment must be removed.
• Currently, the stimulus bill makes an exception to the ban on the sale of private medical information for purposes of "research." This loophole is large enough to allow drug companies, marketers and health insurers to buy our private health information for purposes of "researching" consumer advertising for the newest health products, or to decide which of us to insure.
• Another broad exception would allow companies to sell or exchange a patient’s records if the sale or exchange is “to a business associate for activities . . . that the business associate undertakes on behalf of and at the specific request of” the company holding the private information.
These blatant attempts to weaken privacy protections all must be turned back.
2. Provide an “Audit Trail” To Track Who Accesses Our Records. Under the current version of the bill, a patient is not able to track which medical personnel access their medical records or how that information is used. The measure must be amended to allow patients to request an “audit trail” detailing when their medical record was accessed, by whom, and for what purpose.
3. Make Database Holders Accountable for Keeping Our Medical Records Private. Companies developing electronic medical record technology must be fully accountable for the safe keeping of our information. “Safe harbor” provisions in the current legislation that would insulate these interests from accountability must be removed. For example, the current version of the bill shields database holders from telling patients when possible identity thieves access their private information as long as the data disclosure was “unintentional” and the company acted in “good faith.”
4. Allow States To Adopt More Protective Standards. Currently the bill allows states to establish additional privacy regulation and enforce existing requirements. These provisions must remain part of the final proposal. Other federal health care laws, like HIPPA, Medicaid, and COBRA, provide a model for a federal-state partnership rather than federal pre-emption of more protective state standards. States have traditionally been the laboratories of innovation in patient privacy. In fact, the gold standard for medical privacy is the California Confidentiality of Medical Information Act, which bars the sharing, selling, or using for marketing or otherwise, any private medical information.
5. Retain House Amendments Protecting Private Information. Last week, Congressman Edward Markey (D-MA) added amendments to the House bill requiring the holders of health information databases to make protected health information “unusable, unreadable, or indecipherable” to unauthorized individuals. This amendment will help to ensure that databases are appropriately protected to keep sensitive medical information out of the hands of identity thieves and black market information aggregators.
– 30 –