By Lisa Seachrist

Washington Editor

WASHINGTON — With Congress returning from the Easter recess, Sen. James Jeffords (R-Vt.), chairman of the Labor and Human Resources Committee, has made medical privacy legislation a priority for his panel.

On April 2, the day before Congress left for recess, Jeffords introduced the Health Care Personal Information Nondisclosure (PIN) Act, S. 1921, to establish a national standard to protect the confidentiality of medical records. Sen. Christopher Dodd (D-Conn.) co-sponsored the bill.

"Congress has made repeated attempts to enact a comprehensive federal privacy law, but has, to date, been unsuccessful," Jeffords said. "The time is ripe for action."

In fact, Congress is faced with a statutory deadline. Under the terms of the Health Insurance Portability and Accountability Act, Congress must enact federal privacy legislation by August 1999, or else the Secretary of Health and Human Services must promulgate regulations establishing electronic privacy standards in 2000. A Jeffords spokesperson told BioWorld Today that if the legislation isn't passed before Congress adjourns for the year, they will have to start all over again with the 106th Congress.

In addition, a practical deadline for medical records privacy legislation exists. The European Union (EU) enacted a Data Privacy Directive in 1995, which requires the member states to provide individuals, by October 1998, the rights of consent, access, correction, and remedies for failure to protect confidential personal information. Countries trading with the 15 EU members that do not adopt similar rules will be prevented from obtaining such data.

"This initiative raises the concern that the European Union could limit the flow of health care data between our countries for research and restrict the ability of American companies to compete overseas," Jeffords said.

The Jeffords-Dodd bill prohibits the release of individually identifiable health care information without patient consent. Patients would authorize their physicians to disclose the information to third party insurance payers, but could revoke the authorization at any time. The exceptions to that standard are emergency circumstances, prevention of health care fraud or abuse, public health surveillance, health research, law enforcement and electronic payment.

Bill Would Create A Floor Of Privacy Rights

The bill differs from the proposals made by Health and Human Services Secretary Donna Shalala in September in that it requires that law enforcement officials secure a subpoena or warrant in order to obtain medical records information. (See BioWorld Today Sept. 15, 1997, p. 1.)

However, like the Shalala proposal, the law acts as a floor for basic privacy rights, allowing states with more stringent protections for mental and public health related information to keep those protections.

The Biotechnology Industry Organization (BIO) has taken a preliminary look at the bill and has some serious concerns. Suzanne Tomlinson, bioethics counsel for BIO, said language used in describing permissible research is too narrowly worded and may result in preventing a great deal of important research.

Tomlinson was concerned about defining nonidentifiable research as that in which there is no reasonable basis for identifying a person. Such a definition could preclude work on patient registries and some databases. For example, archival databases are very important for companies looking for a new angle on a disease or a new target for treating the disease. It would be unworkable to obtain informed consent for every look into such a database.

Workplace, Genetic Protections Pledged

While S. 1921 has no specific provision for genetic information or workplace protections, Dodd has pledged to work to include these in the legislation that is headed for mark-up.

"[I intend] to work with Sen. Jeffords to incorporate into this legislation protections against genetic discrimination in both employment and health insurance," Dodd said. "I am confident that we can reach consensus on this critical and timely issue."

BIO has long been opposed to singling out genetic information for special protections. Instead, BIO prefers legislation that would punish the use of genetic information to harm a person.

"So many types of information are equally sensitive, like mental health information and information on sexually transmitted disease," Tomlinson said. "In addition, how do you define genetic information? Gender is genetic information. You can't redact that from records."

Because there have been several hearings on medical privacy, Jeffords will most likely bring the bill directly to mark-up once the committee staff have worked out major differences. *