By Lisa Seachrist
WASHINGTON — With less than 30 working days left before Congress adjourns and ramps into full campaign mode, the House renewed its interest in medical privacy with a hearing conducted by a Government Reform and Oversight subcommittee.
Unlike the Senate, which has two medical privacy bills pending and one about to be introduced, no comprehensive medical privacy legislation has been considered in the House. However, Rep. Christopher Shays (R-Conn.) has a draft document entitled the Consumer Protection and Medical Record Confidentiality Act, which he plans to introduce.
Stephen Horn (R-Calif.), chairman of the Government Management, Information, and Technology Subcommittee, said time is of the essence because under provisions of the Health Insurance Portability and Accountability Act of 1996, Congress must pass medical privacy legislation by August 1999 or the secretary of Health and Human Services will promulgate regulations creating a federal medical privacy standard.
Issue Coming Down To The Wire
"We can all agree that this is too important for Congress to leave to the regulators without full debate and congressional direction," Horn said. "But the clock is ticking. There will be very little time for deliberations between January and August of next year as the new Congress finds its footing on all sorts of issues."
Horn identified consent, federal preemption of state privacy protections, access for medical researchers and access for law enforcement as key issues that need to be hammered out.
In addition, Horn said there is controversy over whether certain types of information — such as genetic, mental health and infectious disease status — should receive special protections.
"Categories of information often mentioned for special treatment include genetic and mental health information," Horn said. "There is considerable resistance to the this type of segregation of medical records, but we want to hear from both sides on the issue and see if there is some common ground."
The American Psychiatric Association wants privacy legislation to be especially stringent for mental health information. Both the Pharmaceutical Research and Manufacturers of America (PhRMA) and the Biotechnology Industry Organization (BIO) oppose any special treatment for any information because there is inherent difficulty in segregating data in medical records.
"All medical information that directly identifies individuals must be subject to the same high standard," said Elizabeth Andrews, director of worldwide epidemiology at London-based Glaxo Wellcome plc's U.S. headquarters, in Research Triangle Park, N.C.
"PhRMA member companies can't support any separate, implicitly higher standard of protection for genetic, psychiatric or infectious disease information," said Andrews, who represents PhRMA. "Instead, legislation should protect the confidentiality of all patients, whatever their condition."
The panel, which comprised representatives of professional societies and the pharmaceutical and health insurance industries, was in widespread agreement that law enforcement officers should have a warrant or subpoena to gain access to medical records.
In September 1997, Health and Human Services Secretary Donna Shalala presented draft regulations that granted law enforcement officers access to medical records.
The panel also urged the House subcommittee to provide researchers access to databases and archived materials in which identities are not revealed.
"Most researchers do not need names to conduct their research; but they often need linkage to get additional information from the same record," said David Korn, senior vice president of the Association of American Medical Colleges and dean of medicine for Stanford University, in Palo Alto, Calif. "We should be providing technological safeguards to prevent identification. The trick is to try to keep protections on the perimeter of the healthcare and research system."
Korn noted definitions of non-identifiable research was too stringent in most of the bills introduced so far. He also pointed out that federal guidelines exempting research on medical records stripped of identifiers would encourage scientists to conduct that type of research.
Most of the panel members concurred that whatever law is put into place should preempt state legislation, in order to prevent the emergence of a patchwork of protections that would make it difficult for insurance, pharmaceutical and biotech companies to maintain the databases they need.
However, Janlori Goldman, director of the Health Privacy Project at Georgetown University Medical Center in Washington urged the subcommittee to move with caution.
"We don't have a good idea about what protections the states guarantee," Goldman said. "We wouldn't want to preempt them wholesale without understanding what they are." *