Under Draft Bill, ‘Authorized Users’ Would Get ‘Complete Access’ to Patient Health Records

Barbara Hollingsworth | March 23, 2015 | 4:38pm EDT
Font Size


Rep. Michael Burgess (R-TX) (AP photo)

(CNSNews.com) –  Rep. Michael Burgess (R-TX) has drafted “interoperability” legislation that would require private electronic healthcare record (EHR) companies to provide unrestricted, one-stop access to patient medical records.

Burgess, a physician, released a draft version of his bill on March 9 to solicit comments by March 13.

It would give “authorized users access to the entirety of a patient’s data from any and all qualified electronic health records (EHR) without restriction” - including “complete access” to health data “in one location, without the need for multiple interfaces (such as sign on systems).”

"Authorized users" include government officials, academic researchers, insurance companies and others besides health care providers.

Under his proposal, the secretary of Health and Human Services would establish a “Charter Organization” made up of representatives of standards development groups, health care providers, electronic record-keeping companies, insurers and group plans appointed by Congress to propose new interoperability rules.

The draft provides “incentives” for practitioners and hospitals that comply, and “penalties” for those who do not, including the loss of federal certification. The HHS secretary would also be required to report “any barriers that are preventing widespread interoperability” to Congress and document “specific steps” taken to overcome the barriers by July 1, 2016.

Although granting widespread accessibility to millions and millions of confidential medical records is supposed to guarantee better patient care and lower costs, there are fears that it would have negative consequences.

Twila Brase, president of the Citizen’s Council for Health Freedom (CCHF), pointed out that Burgess’ interoperability proposal would not only turn private EHR companies into public utilities, it would also eliminate the last remaining vestiges of patient privacy.

“All these electronic health records are now being used across the country, but they aren’t connected. They are proprietary systems owned by private companies,” Brase told CNSNews.com. “The fact that they can’t all talk together is our only protection against the broad, sweeping data sharing that Rep. Burgess appears to be looking for.

“Once that is mandated, we will have a national medical records system, and no patient consent over how their data is used, who sees it, or what’s done with it,” she said.

Under the HITECH Act, part of the 2009 stimulus bill, every health care provider reimbursed by Medicare was required to switch to an EHR system by January 1, 2015. The government spent $30 billion to help them implement the switch. But the law did not require that the EHRs be linked together.

“Because HITECH was the foundation of Obamacare, they had to get that in place first. So if this [bill] would pass, they would be strengthening the foundation upon which Obamacare, or any other national healthcare system, is created. If you create a national healthcare data system, you are well are your way to a national healthcare system because you give all sorts of outsiders control over what happens in the privacy of the exam room. It’s no longer private,” Brase told CNSNews.com.

HITECH also gave 2.2 million non-government entities access to patients’ health records – without their consent - under the Health Insurance Portability and Accountability Act of 1996 (HIPPA).

“The purpose of HIPPA was that it would allow the broad sharing of data. But they attached the word privacy to it, we believe, as a way to convince or deceive the American public that they have privacy when actually all their privacy was being taken away,” Brase said.

“HIPPA has nothing to do with privacy and everything to do with opening up our medical records and getting us to the point where we have a national medical records system where our data is shared without our consent broadly nationwide,” she added.

Brase says that typical “HIPPA hassles” – when the pharmacist tells you to stand back 10 feet so you don’t overhear the previous customer’s prescription, or when the hospital won’t tell you that a family member has been admitted – are “meant to convince you that you have privacy, but the whole thing is a farce.

“What people really care about is where the details of their lives – their medical conditions, their behaviors, their fears, their thoughts – go. There’s no privacy there,” she told CNSNews.com.

“People have to see the truth about HIPPA. There’s no privacy….Whether you sign the form or you don’t sign the form, they can continue to share the data. The form, in our opinion, was simply meant to convince people that they have privacy, and it has been very successful. It’s called the HIPPA Privacy Form, people sign it, people tell me that ‘my data is between me and my doctor.’

And I tell them ‘you have not read it. What you’re saying is that you’ve received a notice of privacy practices, which is really a notice of disclosure practices, which really tells you how little privacy you have.’ But most people just take those words ‘privacy form’ and believe them.”

Brase noted that the inability of many EHR companies to share data is the only thing protecting patient privacy today.

“And so if you lose the obstructions of today and you have nationwide widespread interoperability, then all privacy is gone and everybody essentially owns your data except you. Because acknowledging someone’s ownership means you have to ask them [for their] consent. And neither HIPPA nor HITECH have consent requirements.

“And Rep. Burgess may be under the same deception of what HIPPA is and therefore doesn’t know that the only way that he should even try to move forward into interoperability, if we even wanted to go there, would be to require informed written patient consent – with no coercion, completely voluntary,” she added

The main purpose of linking all patient records together is to “implement a national healthcare system,” she added. “That’s the whole purpose here. They needed it for Obamacare. Without HITECH and the EHR mandate, there would be no way to implement everything that is in Obamacare because there would be no data and payment systems that can be controlled at the federal level. Once you have everything electronic, it can all be changed.”

“And the funny thing, of course, is that when the Obama administration put this into law, they didn’t force the issue. They just wanted to get it all up and running. And now the Republicans are trying to force the issue to make what Obama started into a reality

“So here we have an opportunity to stop what President Obama planned, and yet we’re seeing Congress decide we’ve spent all this money, so we should actually make it work. I don’t know if members of Congress don’t actually see what is happening here, but the national medical records system is essential to the controls needed for a national healthcare system.

“So Rep. Burgess’ interoperability bill will lead us towards a more fully functioning national healthcare system. Somehow I think that’s not where a substantial number of members of Congress want to go.”

Brase also pointed out that “he who holds the data makes the rules.”

“When you have no control over who has access to your medical records, including in the future your genetic information, all sorts of assessments can be made on you," the former emergency room nurse told CNSNews.com.

"You won’t ever be able to have a fresh second opinion from somebody who has never seen you before. Whatever one doctor said about you, every doctor, every nurse, every authorized user will be able to see even if it was a biased opinion.

“There are health plans that want access to all the data on the patients and the doctors to create treatment protocols so they can then say they have science to back them up. But those will be restrictive protocols, telling the doctors how to practice medicine,” Brase predicted.

“So for instance, if you had some mental health issue, if you had a sexually transmitted disease or a cancer you didn’t want anybody to know about, there just would be nowhere to hide because all your health data, including your behaviors and your thoughts and whatever somebody else chooses to put in the system, will all be on the grid. It will completely eliminate privacy forever.”

Paper medical records, on the other hand, are hard to access and even harder to share, she pointed out. “But when it’s electronic, all you have to do is sit at a computer wherever you are in the hospital, in the clinic system. And if you have a 'need to know,' or even if you don’t and you’re just gonna risk it, it’s available.”

Brase says it hard for an individual to do anything about maintaining their medical privacy short of paying cash to a physician who maintains paper records that stay in his office. But states have more leeway.

“States under HIPPA can pass a real privacy law, so they could actually prohibit anybody from sharing data or letting data out of the state’s health information exchange without express patient consent. Legislators could actually do that because HIPPA says that stronger privacy protections rule the day and have to be followed.

“So people can talk to their state legislators and say: ‘Hey, give me my privacy back.’”

Related: Health Care Group Offers ‘7 Reasons Not to Enroll’ in Obamacare

Related: Federal ‘Biosurveillance’ Plan Seeking Direct Access to Americans’ Private Medical Records

mrc merch