Bush Administration Quietly Eviscerates Medical Privacy
Your physician’s sworn Hippocratic Oath to “respect the privacy of patients” has been clouded by five years of President George Bush’s anti-privacy policies.
For example, in 2001, the Department of Health and Human Services (HHS) issued preliminary regulations under HIPAA. These regulations required that you, as a patient, consent for third party use of “protected health information.” This means you’re giving up your information for such common activities as treatment, billing and “other healthcare operations.”
Fast forward six years, and today, your medical information can be given to any “covered entity.” This includes business affiliates of healthcare organizations such as data clearinghouses, accounting firms, law firms, credit bureaus, and banks.
What’s more, a federal rule that went into effect in 2006 allows creditors to obtain or use medical information for determining how worthy you are of credit. Credit grantors aren’t supposed to use medical data in determining eligibility for a loan or in setting loan terms. However, credit grantors who have such information can share it with their “affiliates.” This magically converts the data into credit information, not medical data.
This proliferation of medical data has also caused an epidemic of medical identity theft. “An insurance card is like a Visa card with a US$1 million spending limit,” says Byron Hollis, national antifraud director of the Blue Cross and Blue Shield Association.
Research conducted by the World Privacy Forum suggests that through mid-2006, between 250,000 and 500,000 Americans had already been victims of medical identity theft. The results can also be deadly: One woman found that her blood type had been changed in the hospital record.
What can you do to take back your right to medical privacy? The simplest suggestion is find a physician that has “opted out” of HIPAA’s requirements for electronic transmission of insurance claims.
To qualify for this status, your physician must:
Not transmit “protected health information” outside the physician’s office
Not file via electronic transmittal, or engage a billing service or clearinghouse to file claims on the physician’s behalf – including private and Medicare claims
Not volunteered to become a “covered entity” by contract or certification
If your physician hasn’t opted out of HIPAA – and unfortunately, the overwhelming majority haven’t—there’s another solution. Ask your physician for all copies of your medical records, including the originals. Keep these records in a safe place, and bring them with you when you have an appointment.
There’s a third privacy option as well, but it’s risky: To obtain medical treatment in a fake name, and pay cash only to the treating physician or hospital. It’s risky because if you need a prescription, and are asked for ID (as may be required for some medications, particularly those that are frequently abused), you might not be able to pick it up.
Finally, you can opt for private treatment in another country. Mexico is a popular choice for lower-cost – and private – medical services.
Ridiculous? You bet. But if you value your medical privacy, these options are the only way to keep it, thanks to the Bush administration’s deliberate corruption of the HIPAA rules.