Medical-record privacy debated at Harvard
But is that something you want your HMO to do with your health records? Or your employer? Or a pharmaceutical company?
Those questions were at the heart of a panel discussion held here by Harvard Law School's Berkman Center for Internet & Society. The panel was gathered to debate privacy issues involving government databases and medical records and included law professors, doctors and professionals.
Most agreed that some databases have an enormous potential to help society, such as medical research studies. Even on a more prosaic note, statistical analysis can help insurance companies detect fraud and abuse, said Dr. Philip Caper, CEO of the Codman Research Group, a software consulting firm that helps companies analyze data.
"This is not a black-and-white issue," he said. "Just because a tool can be abused does not mean you outlaw the tool. It means you carefully regulate how it's used."
Personal data, public misuse
But as everyone who has heard an HMO horror story can attest, companies do use statistical analysis for purposes that the providers of that data -- the patient -- may not appreciate, such as denying service because a treatment doesn't meet a cost-benefit analysis.
| 'Just because a tool can be abused does not mean you outlaw the tool. It means you carefully regulate how it's used.' -- Dr. Philip Caper |
And the dangers go further than just how the data is analyzed. Once it is collected, personal information can be put to a myriad of uses, and matched up with other information. The potential exists for an employer to use medical records as part of a hiring or promotion decision, or for a drug company to use it as a marketing tool.
Panelists saw an even greater threat with the proposed creation of national health-care ID.
The ID could serve many useful purposes, simplifying billing and making medical records easier to transport when you change jobs, for instance, but it also could pave the way for abuse.
DNA database?
"We're not talking about public health reporting for tuberculosis but whether we should have a public ID and track [health histories]," said Dr. Denise Nagel, executive director of the Coalition for Patient Rights. "We're talking about, for instance, building up a DNA record database."
Some argued that the United States already has a de facto ID number -- the Social Security number. Although the government does not encourage use of the number for identification purpose, the Social Security number has become the standard form of identification in many cases, including in some health records.
"We have to become privacy guerrillas, because we don't have to [give out information]," said John Roberts, executive director of the Massachusetts chapter of the American Civil Liberties Union. "We have to learn how to not cooperate and not willy-nilly fill out any questionnaire someone sticks in front of us."
As Caper pointed out, many forms of research can be conducted without identifying the patient. But even stripping off identifiers such as name and Social Security number may not be enough.
Privacy not very private
Latanya Sweeney, a computer researcher at Massachusetts Institute of Technology, told the panel about some research she performed on a database sold by the state of Massachusetts.
The database contained medical records on state employees, stripped of all identifying records such as name and social security number.
But using just three pieces of information -- birth date, gender and zip code -- Sweeney was able to find the record of one specific employee in that database -- former Gov. William F. Weld.