Health Technology Bill Raises Privacy Concerns

Concerned about proposals that could weaken patient-privacy protections, APA and other advocacy groups helped win an amendment to a health technology bill to prevent it from overriding strong state privacy rules with a weaker federal version.

The bill (Hr 4157), passed by the House of Representatives in July, would codify the duties and responsibilities of the office of the National Coordinator for Health Information Technology (HIT) and promote an interoperable, secure, national health information system. It would authorize $20 million a year in Fiscal 2007 and 2008 for grants—including funding demonstration projects in small practices—to facilitate implementation of a national HIT system.

Earlier versions of the bill included a pre-emption of state privacy laws that provide a higher degree of protection than HIPAA or other federal laws in favor of a weaker federal standard. As the measure advanced through the chamber's committees, APA and other mental health advocacy groups suggested alternative language to remove the weaker federal privacy standard.

“This was a huge improvement on a bill that may still face significant changes,” said Nicholas Meyers, director of APA's Department of Government Relations.

The bill would require the secretary of the Department of Health and Human Services (HHS) to conduct a comprehensive medical records privacy study to determine whether greater commonality in privacy laws is needed “to better protect, strengthen, or otherwise improve the secure, confidential, and timely exchange of information.”

The HHS secretary would also recommend, in the form of legislation, methods to implement such changes. APA strongly approves of a measure that would require congressional review, amendment, and approval of the secretary's privacy recommendations.

Privacy advocates and others—including many Democrats—have attacked the legislation for not strengthening the patient privacy protections covered under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and for failing to enforce sanctions against offenders. These provisions were designed to protect the use and disclosure of individually identifiable health information.

“It does not provide privacy protections which will ensure that patients can control access to their own sensitive electronic health information,” Rep. Carolyn Maloney (D-N.Y.) said during floor debate in the House. “In fact, the Congressional Budget office has stated that `enacting this would not significantly affect either the rate at which the use of health technology will grow or how well that technology will be designed and implemented.'”

Privacy advocates also were critical of a provision granting an exemption to an antikickback law, written by Rep. Pete Stark (D-Calif.), that prohibits physicians from referring Medicare patients for certain designated services to entities, such as hospitals, with which the physician has a financial relationship. Such practices could be seen as illegally inducing referrals of patients or recruitment of enrollees, but supporters of the legislation said it is needed to let physicians help hospitals adopt the new, expensive technology.

The legislation stemmed from research indicating that increased use of electronic medical records can improve patient safety and reduce costs. The RAND Corporation recently estimated that by implementing health information technology, the federal government could save up to $162 billion annually. Critics point out, however, that wide adoption of electronic records could also endanger patient privacy by making them more accessible, so strong protections are needed.

The legislation also would update the federal government's use for coding purposes of the International Classification of Diseases (ICD) from the ninth edition to the 10^th edition by october 1, 2010. DSM-IV-TR can be used in tandem with ICD-10.

The House bill would promote the use of telehealth services, which could help psychiatrists reach patients in remote or rural areas. Among other efforts, the bill would “facilitate the adoption of State reciprocity agreements for practitioner licensure in order to expedite the provision across State lines of telehealth services.”