Copyright 1999 Federal Document Clearing House, Inc.
Federal Document Clearing House Congressional Testimony
July 20, 1999
SECTION: CAPITOL HILL HEARING TESTIMONY
LENGTH: 1576 words
HEADLINE:
TESTIMONY July 20, 1999 JIM MCDERMOTT HOUSE WAYS AND MEANS
HEALTH PATIENT CONFIDENTIALITY
BODY:
Statement by
U.S. Rep. Jim McDermott Before the Committee on Ways and Means Subcommittee on
Health Hearing on Confidentiality of Health Information July 20, 1999 Mr.
Chairman, thank you for inserting my statement into the record. I had hoped to
be here for this hearing, but I am in Seattle recuperating from heart surgery.
As you know, medical privacy is an issue that I have long cared about. As a
psychiatrist and health care consumer I witnessed a need for strong federal
privacy law protecting patients. It is among that we don't have strong privacy
protections in place for medical records already yet we have one for video
rental records. Why do we need a Federal medical privacy law? Currently, privacy
protections are weak and vary widely from state to state. Only 28 states allow
people to even examine their own medical records. This lack of strong national
standards could allow employers, schools, marketing agencies and others access
to what ought to be confidential files. Ensuring privacy in medical care is more
important now than ever before because of new technologies like genetic testing
and the computerization of medical records. Genetic research and testing has
profound implications for our country's health care system because genetic
information discloses not just our current health, but also purports to
accurately predict our potential future health, and the health of our families.
The Human Genome Project may have a draft of the entire genome by early next
year. And, in the near future, tests will be available for common genetically
affected conditions. These tests create opportunities even as they raise serious
challenges that we need to address immediately. The BRCA-1 genetic test for
breast cancer illustrates the dimensions of this debate. Women .,e been advised
to be tested, but only as part of a research protocol. Some patients see this as
paternalistic, preferring to be informed of the results of the test, even if
those results are not easily interpretable at this moment. Patients are warned
about the potential risks of whether they will be able to buy health insurance
or even if they will be able to get a job -- should others learn of their
genetic status. Understandably, this has discouraged some women from
participating in even the research, where their identities should be strictly
protected. Not everyone wants to know his or her genetic status. This can cause
friction for families in which some members wish to be tested, but others do
not. Sometimes the tests require participation by several family members to
determine which mutation is common in that particular family. Some mothers have
opted not to be tested to prevent anticipated discrimination against their
daughters, while others feel compelled to be tested to spare their daughters the
anxiety of not knowing if they carry the mutation. Genetic tests also raise the
issue of cost. Many insurance plans do not cover genetic tests, or they do not
cover the counseling that is an integral part of genetic therapy. If a woman has
no health insurance, frequent mammography screenings for breast cancer are a
considerable expense, and the results of the test may be worse than useless to
her. Increasing reliance on mass computer databases further complicates the
problem. Computers have revolutionized the way an individual's medical
information is collected, stored, and disseminated. Without adequate,
enforceable controls, this information can be used to breach the privacy of
patients and to discriminate against them. In 1995, Harvard and Stanford
conducted a study of 200 people who suffered discrimination in insurance, jobs,
education, or child adoptions because of their predisposition to a genetic
disease. What makes their stories particularly disturbing is that these people
had no symptoms, and perhaps would never develop that particular disease. These
examples led to my concern about what the future holds if we allow
indiscriminate use of these new technologies. I will introduce this year, as I
have in the last two congresses, a bill called the "Medical Privacy in the Age
of New Technologies Act." This measure is intended to ensure that a patients
personal health information will not be disclosed without that patients explicit
consent, and that patients have access to their own records. It puts the
individual in charge of what happens to his or her medical information, who sees
it, and why. As you may know, the Congress is required to pass privacy
legislation by this August. If we fail to meet this deadline, the Secretary of
Health and Human Services will promulgate regulations. Even the Secretary agrees
that regulations will not provide patients with the kind of strong protections
that .-an be imposed by law. As the Subcommittee considers legislative proposals
there are two basic principles that should be included in any privacy
legislation. First, people need to be notified of how their personal information
might be used, Second, they must have the opportunity for meaningful informed
consent. Informed consent in the realm of health care is key. If patients fear
that their records will be used in ways they do not know about, or will be given
to third parties without their permission, they will not trust the health care
system, and they will not tell their doctors the information necessary to
provide them the best care. It is likely that the generalizations we use to
describe competing privacy proposals will make the bills sound very similar.
But, to use an often-overused phrase, the devil is in the details. When you
examine the details of these bills you will find a number of distinctions. Most
notably they differ on the issues of the informed consent, research, and the
preemption of state laws. Following the basic principle that an individual has a
right to privacy of their health information, it is important the patient is
informed - in writing -- of what information is to be disclosed, for what
purpose, to which entity, and for what period of time. There should be two tiers
of authorization: one for treatment and payment, and another for other purposes,
such as research. Individuals can not opt out of using their information for
treatment and payment. However, in some bills including my own, patients can opt
out of using their information for the second tier "other purposes". The debate
in Congress has focused around what constitutes "treatment and payment." Does
treatment and payment include auditing, research, marketing, and so on? Research
is another area of distinction. How will medical privacy legislation affect the
ability to conduct medical research? The legislation I have proposed will not
undermine research capabilities. It allows researchers to use coded information,
meaning information that either is anonymous, but could be linked to protected
health information by authorized persons, or is nonidentifiable information,
which is anonymous and cannot be linked to anyone. Some legislation, such as the
Bennett bill, has taken the approach that since we have all benefited from past
medical research we are obligated to participate in future research. This is a
tremendously important and difficult area to legislate. For which reason, I am
working to find a balance between the two approaches. One of the most
contentious issues we are grappling with is the issue of pre-emption of state
law. I believe that the only meaningful medical privacy law will be one that is
a "federal floor" that does not pre-empt stronger state laws. There are
literally thousands of state laws that address the privacy of
medical records information in non-health related
areas. The pre- emption of all state law could have significant unintended
consequences and will be costly to states. For instance, laws are on the books
it many states regarding the privacy of the health information of victims of
sexual assault. To broadly pre-empt these laws - not knowing what we are
pre-empting and what the impact will be - is very short sighted. To argue the
necessity of a "federal ceiling" claiming that we must preempt state laws to
make it easier for the interstate health industry is incredible. For a Congress
that has advocated sending power back to the states, I find it ironic that in
this case they think the Federal government can do it better. Restricting states
from passing stronger privacy laws would keep them from responding to many new,
unique, and inherently local challenges in health care and public health.
Especially, since there is no precedent in federal privacy or civil rights law
for pre-empting stronger state laws. In the coming debate, many people will
speak for industries that stand to make money from the use and misuse of
information. For them, medical records are commodities that are bought and sold.
We will hear many claims that any new legislation must not interfere with those
particular interests. But the group we should listen to most will be hardest to
hear: patients and their families. Think about your own family's medical records
being available for anyone to look at. What value can we place on the
confidentiality of the doctor-patient relationship? It is essential that we
protect the privacy of individuals, including their genetic privacy. Good
legislation can ensure that new technologies are used, not to deny health care
or to deny medical privacy, but to benefit all of us. Thank you.
LOAD-DATE: July 21, 1999 
