FC: Medical privacy articles in Roll Call by Greenwood & McDermott

[Declan McCullagh <declan () well com>]

[A problem with this argument (technology will eventually obviate the need 
for a law but let's pass one now anyway) is that enacting such a law at 
this point will do at least two unfortunate things. First, it will reduce 
the incentives to create and fund privacy-protecting companies. Second, 
unless the law has an auto-delete sunset clause -- and no relevant privacy 
legislation I'm aware of does -- Congress will likely never remove the 
legislative proscriptions. --Declan]

---

Related opinion piece, by Rep. Jim McDermott:
http://www.rollcall.com/pages/pb/00/2001/03/pb0326i.html

---

http://www.rollcall.com/pages/pb/00/2001/03/pb0326h.html

   March 26, 2001

   Do medical privacy laws need to be rewritten?
   Government Must Fill Privacy Void

   By Rep. Jim Greenwood

   Scott McNealy, the CEO of Sun Microsystems, has said, "You have zero
   privacy anyway. Get over it."

   So why is Microsoft developing software that will provide warnings
   when Internet surfers attempt to access Web pages that don't comport
   with their privacy preferences?

   Why are companies such as PrivacyX, Hushmail and ZipLip popping up all
   over the Web? Why has a company called Zero-Knowledge-Systems designed
   an online cloaking device?

   Why is a company called Disappearing creating an e-mail program that
   permanently un-writes messages after a predetermined period?

   Why? Because consumers value privacy, and the more they value privacy,
   the more companies will be willing to sell products to protect that
   valuable commodity.

   Ultimately, these kinds of market-based initiatives can be expected to
   ensure consumer privacy protection throughout America and the rest of
   the world.

   However, until the technology matches consumer preferences, Congress,
   the executive branch, the courts and the states may need to fill the
   void, particularly as it relates to securing the confidentiality of
   medical information.

   On Dec. 28 of last year, outgoing Health and Human Services Secretary
   Donna Shalala issued sweeping new regulations governing the use of
   personally identifiable health information. The goal was to protect
   our most intimate secrets, such as pregnancy, sexually transmitted
   diseases and psychiatric treatment.

   Unfortunately, the regulations fell far short of that goal. But the
   problem wasn't entirely of her making.

   Congress bears its share of responsibility as well. Under the statute
   that authorized the regulation, the Health Insurance Portability and
   Accountability Act, Congress only gave the secretary power to
   promulgate regulations that cover certain information used by certain
   entities and to not pre-empt conflicting state standards.

   The statute only applies to electronically stored or transmitted
   information by health care providers (doctors, hospitals, etc.),
   health insurers and health care clearinghouses (data processors).

   What is the result of this limited legislative authority? An
   unworkable regulation that is unable to incorporate how information is
   used in today's modern health care marketplace to improve quality and
   reduce costs.

   Worse, the final rule fails to address advances in new technologies
   that have enormous capacity to improve consumer privacy, increase
   efficiency in the delivery of health services, and advance biomedical
   research. But perhaps worst of all, the regulation fails to guarantee
   consumers that their information will be protected by the same
   standard in all instances, regardless of where they live, work or
   receive health services.

   Essentially, it does not adequately address the new realities of
   information technology.

   [...]




-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if it remains intact.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------