It’s not often that I post on something about which I have genuine ambivalence, but here’s one: medical records. Last week, President Obama signed the American Recovery and Reinvestment Act of 2009 (ARRA), one of the goals of which is to encourage the adoption of electronic medical records by doctors and hospitals. At present, medical information privacy is protected by the Health Insurance Portability and Accountability Act (HIPAA), a piece of legislation with many detractors and lots of problems. Among other blind spots of HIPAA, it contains a number of loopholes that allow for widespread access, sale and use of medical records without patients’ permission. (Most times, it happens without patients’ knowledge, even. Apparently the only thing stalwartly protected about medical records is the inability of the patient to know what’s in theirs or who sees it.) Specifically, a whole multi-BILLION-dollar industry has emerged to take advantage of the fact that HIPAA only restricts “doctors and hospitals” from sharing information. Once these records are shared with “business associates”– which can happen for any number of reasons, some of them totally innocuous, like data management– these business associates are no longer bound by HIPAA and can share the information at will with marketing and advertising corporations, for-profit and non-profit researchers, employers, pharmaceutical companies, and insurers. ARRA appears to make every effort to close these HIPAA loopholoes, but it’s insistence on electronic records has many people worried that newer, bigger loopholes will be opened… and won’t be so easily closed.
There are obvious reasons to want to keep private medical information private. No one wants to lose a job because he or she is using birth control, or HIV-positive, or a smoker, or in therapy, or had a nose-job. And no one wants to worry about their doctors serving as shills for the drug companies, peddling expensive or unnecessary pharmaceuticals at the expense of good medicine. Americans have a long tradition of interpreting their God-given right to the “pursuit of happiness” as meaning they can do whatever they damn well please with their own bodies– except have an abortion, elect to die peacefully, or not eat corn– and the only way to be absolutely sure that those decisions aren’t taken out of the patients’ hands is to keep anyone with a vested interest in different decisions away from the information. (That means you, too, insurance companies!) For the more conspiratorially-inclined, there’s also this whole new thing “biopolitics” to worry about, in which political power is applied to all aspects of human life. You thought eugenics was scary?
Alas, but when calmer (or, in this case, just “sicker”) heads prevail, we have to admit that one of the great, truly disastrous, blunders of our medical system is its ad-hoc protocol for constructing and maintaining patient profiles. Long gone are the days when you would see the same family doctor for most of your life, who would know most everything important there was to know about your medical history. Now, we’re shuffled around among “specialists” who rarely talk to one another, and even when they do it takes six-to-eight-weeks of courier services to accomplish that minimal communication. That leaves the patients– yes, the poor, sick patients– saddled with all of the responsibility of making sure that everything important gets relayed to the right people at the right time. An anecdote: a couple of months ago, I had a “diabetic episode” in the middle of the night (my blood sugar dropped below 25 and I went unconscious). I was taken to a local emergency room and, upon entering, was asked a battery of questions about my medical history. The problem is, I was barely conscious! I had also, incidentally, just been robbed and didn’t have a phone or any information on me. What would have helped in this emergency medical situation? An electronic medical profile accessible by the ER doctors and nurses who were trying to save my life. Well, that and an IV-drip hooked up to a bag of glucose.
I really am torn about this issue, because I don’t believe for a second that if medical histories were made truly “public” the information wouldn’t be abused. On the other hand, it seems to me like we have far more mechanisms in place to protect against electronic fraud and exploitation than we do old-fashioned paper-and-files transgressions. The truth is, I believe that we would all get better medical treatment if health-care providers shared information, but I worry that the term “health-care providers” has become so nebulous and nondescript as to include plenty of folks who are more than willing to make a buck at the expense of my well-being. As one of those citizens who doesn’t have the luxury of thinking about medical care only “theoretically,” I cannot help but find myself resisting the arguments against ARRA that claim electronic medical records can only result in an abrogation of our civil rights. What’s more, I hate this resistance even in myself, as I really do believe that my biological life is of far less value to me if it comes at the expense of my civic life.
It’s a bona fide aporia.
This is interesting stuff. I’ve always had a little difficulty understanding the suspicion of medical digitization, and you made that side of the debate clearer for me. I wonder: do you think it would be possible to build enough protections into the statute, or is the aporia partle driven a larger legal aporia that always puts universal law at odds with the individual over whom it exercises violence?
So, for instance: medical history discrimination would trouble me less if we had universal health insurance. In that case, the insurer just uses my medical history to recommend treatments, but can’t overcharge me because of a pre-existing condition.
It seems we might be able to close the social/employment discrimination loophole with stronger employment protections. So I imagine a world in which the costs to employers were very high if they made hiring and firing decisions on the basis of medical history: in such a world, I suspect employers would go out of their way to remain ignorant of these facts.
That leaves medical researchers and marketers: I’m very much in favor of medical researchers having access to the massive (anonymized) database of American health: just think of the discoveries they might make! Data mining, developing correlations that were previously unknown, looking for all sorts of clusters in something close to real time… I guess it’s the geek in me, but I love that idea.
As for marketers, I guess I should be a little more cautious of advertising, but I’m just not as worried about the advertiser’s pull as I am by the state’s and the insurer’s pull.
Anyway, this is mostly hypothetical, though I do hope this administration will realize more of the idealized health care system I’m describing. In our actually existing health care system, digitization could very easily go horribly wrong. One of the ways privacy issues can go awry is that credit card companies, who are allegedly outside of the health care system, can still use their knowledge of your medical spending to trigger bankruptcy alerts and stop granting extra credit or throwing your accounts into ‘universal default.’ Until and unless we have much better consumer, employment, and health insurance protections, I’m right there with you in the undecidability of it all.