Comments Submitted to the National Committee on Vital and Health Statistics

Subcommittee on Privacy and Confidentiality

Hearing on Privacy and Health Information Technology

Comments Submitted by

Sue A. Blevins, Founder and President
Institute for Health Freedom

February 23, 2005

Good afternoon. My name is Sue Blevins and I am founder and president of the Institute for Health Freedom, a Washington, D.C.-based think tank whose mission is to study and report on issues regarding individuals’ freedom to make their own health-care choices, and to maintain their health privacy, including genetic privacy.

It is clear from thousands of public comments submitted to the U.S. Department of Health and Human Services (HHS) and public opinion polls that Americans highly value and expect medical privacy. Citizens want to exercise the right to give or withhold consent before their personal health information is shared with others.

Unfortunately, however, the federal medical privacy rule (which was released in December 2000 and modified in August 2002) eliminated the precious right to give or withhold consent before one’s personal health information can be accessed by many others. Thus, until the right to give or withhold one’s consent is restored, individuals DO NOT HAVE CONTROL OVER who has access to their personal health information. [And I should interject here that the Office for Civil Rights (an office of the U.S. Department of Health and Human Services) does not make this point clear. They really need to make it clear at their Web site that individuals do not have control over the flow of their personal health information under the Federal Medical Privacy Rule; their Web site says the opposite.]

Additionally, moving toward adopting electronic health records is a recipe for privacy invasions. Here is why: It is clear that combining the lack of consent with adopting electronic medical records would lead to a greater number of persons accessing patients’ medical records without their permission.

The U.S. Department of Health and Human Services acknowledges concern about electronic health records. Let me read you three quotes from HHS’s own analyses that were released with the Federal Medical Privacy Rule:

(1) “The electronic information revolution is transforming the recording of health information so that the disclosure of information may require only a push of a button. In a matter of seconds, a person’s most profoundly private information can be shared with hundreds, thousands, even millions of individuals and organizations at a time.[1] [Emphasis added]

(2) “In short, the entire health care system is built upon the willingness of individuals to share the most intimate details of their lives with their health care providers. The need for privacy of health information, in particular, has long been recognized as critical to the delivery of needed medical care. More than anything else, the relationship between a patient and a clinician is based on trust. The clinician must trust the patient to give full and truthful information about their health, symptoms, and medical history. The patient must trust the clinician to use that information to improve his or her health and to respect the need to keep such information private. In order to receive accurate and reliable diagnosis and treatment, patients must provide health care professionals with accurate, detailed information about their personal health, behavior, and other aspects of their lives. The provision of health information assists in the diagnosis of an illness or condition, in the development of a treatment plan, and in the evaluation of the effectiveness of that treatment. In the absence of full and accurate information, there is a serious risk that the treatment plan will be inappropriate to the patient’s situation….Individuals cannot be expected to share the most intimate details of their lives unless they have confidence that such information will not be used or shared inappropriately. Privacy violations reduce consumers’ trust in the health care system and institutions that serve them. Such a loss of faith can impede the quality of the health care they receive, and can harm the financial health of health care institutions.”[2] [Emphasis added]

(3) “Patients who are worried about the possible misuse of their information often take steps to protect their privacy. Recent studies show that a person who does not believe his privacy will be protected is much less likely to participate fully in the diagnosis and treatment of his medical condition…. [O]ne in six Americans reported that they have taken some sort of evasive action to avoid the inappropriate use of their information by providing inaccurate information to a health care provider, changing physicians, or avoiding care altogether.”[3] [Emphasis added]

I think it is extremely harmful to the freedom and morality of the country to put citizens in the position of choosing between three options:

(1) Citizens can seek care and have information shared without their permission;
(2) Citizens can lie to maintain their privacy; or
(3) Citizens can forgo seeking care altogether to maintain their privacy.

I don’t think any of these options represent true patient freedom.

Thank you for the opportunity to comment today and I look forward to seeing the ethic of health privacy become a reality in the United States.

Contact Information:

Sue A. Blevins, Founder and President
Institute for Health Freedom
1825 Eye Street, NW, Suite 400
Washington, DC 20006
Phone: (202) 861-1973

[1] Federal Register, (Volume 65, Number 250), December 28, 2000, page 82465.

[2] Ibid, pp. 82467-8.

[3] Ibid, p. 82468;;