Sunday, January 06, 2008

Sacrificing Your Medical Privacy At The Altar Of Future Crimes Detection

What do security guards involved in the shooting of two Christian women in Iraq, flawed testing booklets leading to invalidated test scores for U.S. students on an international test, and your private medical information have in common?

Give up? Why, RTI International of course.

RTI International, a factotum consulting outfit in North Carolina, has been funded by its benefactor the government to develop a plan that would allow payers to act as fraud monitors by giving them remote access to patient records. Payers would then be allowed to review patient records regardless of whether the record involves a specific claim.

Now, in all fairness to RTI International, irrespective of a consultant's competence and accountability, the plan to allow any Tom, Dick, and Harriette to go on a fishing expedition through your medical records is a very bad idea to begin with. Any plan premised on the idea that the privacy of your medical information (such as it is) should be compromised in the service of some theoretical fraud detection scheme is bound to be a spectacular failure.

As the linked article points out there are many problems with this plan, like data mining and hackers, not to mention the difficulty of detecting unauthorized access by reviewing application logs and figuring out what details look suspicious in a morass of data. But the main problem, as I see it, is the attempt to do away with the concept of medical privacy.

Notice how the alleged purpose of the plan is to detect health-care fraud and gather evidence for fraud prosecutions using electronic health record (EHR) systems, but whether the record involves a claim or not is irrelevant. In other words, first we rummage through your chart (or we demand you produce an ID, we listen in on your conversations, go through your bags, inform on you to the Feds about the contents of your apartment and your behavior), and then we decide if there was any justification to violate your privacy in the first place.

Least we forget, bad things happen when strangers are allowed to rummage through your medical records just because they have a funny feeling in their manly tummy.

When Phill "Patient Chart Thief" Kline demanded access to complete, unedited patient charts, in his quest to find a crime that would fit his ideology, not only was he tilting at windmills but he had no compunction about targeting only a select group of patients for abuse.

Maybe predictably, once no crime was found Phill "Patient Chart Thief" Kline simply stole the charts (charts he hasn't returned to this day, as far as I can tell) to do with them as he pleases, and use the patients' private medical information as he sees fit.

Mind you, the plan to allow payers unrestricted access to your medical record to act as fraud monitors is even more insidious. At least Phill "Patient Chart Thief" Kline had to at least pretend that a crime might already have been committed. No such fig leaf pretense is needed for a plan that would allow strangers to go through your medical records in search of future crimes.

Of course, since your medical record doesn't contain anything sensitive you wouldn't feel comfortable sharing with perfect strangers, opening up your chart to the Future Crimes Monitor Squad (TM) shouldn't be a problem.

After all, you've nothing to hide.....right?

Labels: ,


At 8:41 PM, Anonymous Anonymous said...

very informative--definitely food for thought.

At 2:14 PM, Blogger Margaret Polaneczky, MD (aka TBTAM) said...

Whoa - I had NO IDEA this stuff was going on. Thanks so much for this post.

At 4:20 AM, Blogger ema said...


Neither did I, until the article happen to catch my eye. This is all very discouraging. [If things continue to deteriorate, I won't be surprised if patients start using fake names.]


Post a Comment

<< Home