By Lisa Seachrist
WASHINGTON -- Efforts to protect medical information were front and center this week as the House Subcommittee on Government Management, Information and Technology examined legislation to insure medical privacy.
The subcommittee considered the provisions in Rep. Gary Condit's (D-Calif.) medical privacy bill, H.R. 52, as well as the larger issues surrounding the privacy of medical information.
Condit's legislation, however, has raised concerns among some industry and academic researchers because the provisions, while protecting medical privacy, could stymie research and fail to establish uniform law across the country.
"This is very difficult legislation to write," Gary Persinger, vice president of research and information services at the Pharmaceutical Research and Manufacturers of America (PhRMA). "It is enormously complicated."
PhRMA is concerned that Condit's legislation fails to recognize protections that already are in place for research subjects as a result of regulations by the FDA. Those protections -- in line with the common rule for research -- include oversight by an institutional review board and written informed consent. Study sponsors must tell patients how they will assure confidentiality.
"The FDA requirements are fairly strict," Persinger said. "But those regulations aren't acknowledged in the bill."
Long before cloning became the salient topic for the President's National Bioethics Advisory Commission (NBAC), the commission's charge included reviewing current human subjects protections. Persinger maintains that it is unwise to draft legislation addressing informed consent and the IRB structure without allowing NBAC to weigh in.
"Some of these issues may be able to be addressed through a regulatory format rather than legislation," Persinger said. "Presumably, [NBAC] will have some advice; it's just a little premature."
In addition, Persinger noted that the bill's definition of protected research is so broadly worded that it could place an undue burden on researchers. The wording in H.R. 52 could be interpreted to mean that researchers wishing to use an anonymized data base must obtain IRB approval and additional informed consent.
"That requirement could make it impossible for epidemiologists to do certain types of work," Persinger said.
Often epidemiologists study existing data bases of information obtained from a clinical study. Those data bases are anonymized but there exists an encrypted identifier that can only be broken by the care provider. Sometimes epidemiologists require that the encryption be broken in order to obtain information about the patient, such as certain medical conditions and treatments used.
"We must be sure to protect this type of research on anonymized data bases," Persinger said.
Perhaps one of the toughest aspects of the current interest in medical privacy is the patchwork of laws that is beginning to crop up in the states. As the protections vary from state to state, so do the regulations on research. PhRMA is concerned that H.R. 52 doesn't provide effective federal preemption of state laws.
"Research is not contained within the boundaries of a single state," Persinger said. "If we don't have consistent rules, it could make it very difficult to conduct research."
The Biotechnology Industry Organization has yet to take a position on H.R. 52. The bill, however, is unlikely to be the only proposal on medical privacy in Congress. Sen. Robert Bennett (R-Utah) sponsored medical privacy legislation in the 104th Congress and is expected to sponsor legislation in the 105th. In addition, Sen. Patrick Leahy also is expected to introduce legislation on the subject. *