The debate over health IT privacy standards has cranked up a notch as Congress considers the economic stimulus package.
The opinions on medical privacy in the digital age range from those who contend data should be released only with the informed consent of the patient to those who consider the notion of privacy an antiquated, no-longer-relevant idea.
Meanwhile, industry watchers said Google is working Capitol Hill in an effort to tone down or eliminate proposed language governing the sale of medical information.
Consumer Watchdog, formerly known as the Foundation for Taxpayer & Consumer Rights, went so far as issuing a press release calling on Google to back off.
Google adamantly denies the claim.
Call for Stronger Privacy Protections
Deborah Peel, founder and president of Patient Privacy Rights, said "patient information should belong to the patient only. Period. If it needs to go somewhere for some legitimate reason, fine, but it should only go with the patient's informed consent."
Peel worries that many details in the stimulus package's privacy provisions will be left to be worked out by government agencies in the future.
"In this package, a lot of discretion is left to the secretary of HHS and traditionally Health and Human Services has been totally industry dominated," Peel said, adding, "That worries me. I don't know how strong a voice there will be for the consumer."
Privacy Provisions Could Go Too Far
Meanwhile, the Association of Academic Health Centers warned Congress that stringent privacy protections could jeopardize medical research.
"Privacy requirements that do not take research into consideration will ultimately undermine the research enterprise and the country's ability to compete globally in science," Steven Wartman, president and CEO of the association, wrote in a letter to the House Ways and Means Committee.
Privacy rules in HIPAA already have "negatively affected the cost, scope and pace of research across the nation," Wartman wrote.
In an opinion piece in The Tech, a Massachusetts Institute of Technology newspaper, student columnist Ethan Solomon warns that regulating collective intelligence, such as data gleaned from the Internet, "could be dangerously premature." He argues that "the true danger comes in the potential for knee-jerk condemnation of a technology that today's legislators cannot hope to fully comprehend."
Solomon notes that since most aging legislators grew up in a pre-Internet world, they may be ill-equipped to make laws governing new media.
"The sooner we stop trying to impose 20th century standards of privacy on 21st century technologies like collective intelligence, the better," he writes.
Privacy Language 'Well Balanced'
Several research and advocacy organizations fall somewhere in the middle on health IT privacy protections.
"It's not the most privacy-perfect language you could imagine, but it's well done and pretty well balanced," Pam Dixon, founder and director of World Privacy Forum, said of the health care privacy provisions in the stimulus package working its way through Congress.
"There's actually more language on privacy and with better detail than I expected in this package," Dixon said, adding, "someone smart wrote it. The language found a balance between privacy and research and other considerations. I would like to see a stronger prohibition on sales of data, I'd strengthen some parts of the breach language and I'd like to add medical identity theft, but all in all, I'd say they did a pretty good job."
The Center for Democracy & Technology said personal health information should easily flow for treatment, payment and some administrative tasks without requiring patient consent. However, patient consent should be required for some uses of health information, such as Internet access and marketing, the center said.
Is Google Lobbying on Capitol Hill?
Jerry Flanagan, a health care specialist with Consumer Watchdog, is one of several who reported hearing that Google was lobbying to ease restrictions on the sale of medical records.
Two other privacy advocates and a Congressional staffer who did not want to go on record said they have heard reports of Google representatives contacting Congress members' offices.
"I don't have the piece of paper to prove it, but I've heard from several staffers on the Hill they're hearing from Google representatives on these privacy issues," Flanagan said, adding, "Google is very stealth on the Hill, but they have high access."
Flanagan said Google could greatly profit from selling patient information to its advertising clients on the new Google Health database.
In a blog post, Google's senior policy counsel, Pablo Chavez, wrote that the lobbying claim is "based on no evidence whatsoever" and "is 100% false and unfounded."
"Google does not sell health data," Chavez wrote, adding, "In fact, one of our most steadfast privacy principles is that we don't sell our users' personal data, whether it's stored in Google Health, Gmail or in any of our products. And from a policy perspective, we oppose the sale of medical information in the health care industry."