May 20, 2014 – 9:58 AM
CNS NEWS By Barbara Hollingsworth
Twila Brase, R.N., co-founder of the Citizens Council for Health Freedom. (CCHF)
(CNSNews.com) – The federal government is piecing together a sweeping national “biosurveillance” system that will give bureaucrats near real-time access to Americans’ private medical information in the name of national security, according to Twila Brase, a public health nurse and co-founder of the Citizens Council for Health Freedom.The Department of Health and Human Services’ (HHS) Office of the Assistant Secretary for Preparedness and Response is currently seeking public comment on a 52-page draft of the proposed “National Health Security Strategy 2015-2018” (NHSS).
The deadline for comment is 5 pm EST on May 21st. (See Draft National Health Security Strategy 2015-2018.pdf)
“Health situational awareness includes biosurveillance and other health and non-health inputs (e.g., lab/diagnostics, health service utilization, active intelligence, and supply chain information), as well as systems and processes for effective communication among responders and critical health resource monitoring and allocation,” the draft states.
But Brase warns that the NHSS proposal would allow the federal government to monitor an individual’s behavior before, during and after any government-defined health “incident” – which could be anything from a local outbreak of the flu to a terrorist anthrax attack.
“It’s very broad. It doesn’t seem to have any limits, except they say something about, you know, properly protecting the data. But from our perspective, if the government gets access to this kind of data, [and] is allowed to do research with the data…then our privacy has already been compromised. The government has already said that our data is their data for their purposes of national health security,” Brase told CNSNews.com.
“It’s very clear to us that really the government is moving toward real-time access, toward close collaboration of government and doctors for ready access to the electronic medical record and then to conduct research and analysis.”
“I don’t think they ever mentioned the word merging, but this is a very close connection they want between public health, which is the government, and clinical health, which is your doctor’s office and the hospital, for whatever diseases they choose to have reported,” she added.
Brase noted that the information collected by the government will be “all-encompassing” and include “what our health status is, whether we exercise, how often we get a cold, or what kind of medications we’re taking. They’re also looking at the climate, and the economic condition of the country, as all being a party of this National Health Security Strategy.”
“In other words, anything and everything could become a health threat by the government’s standards,” she said.
According to the draft proposal, NHSS will create “health situational awareness” by “collecting, aggregating and processing data from both traditional and nontraditional sources (such as social media) and from various governmental and nongovernmental stakeholders….Decision-makers will have the capability to visualize and manipulate data from many sources to create an operational picture suited to the specific situation and the decisions before them.”
But Brase warns that the government’s biosurveillance plan is much more intrusive than the data collection currently being done by the Centers for Disease Control and Prevention (CDC).
“We’re of the mind that the Fourth Amendment actually means something, so you can’t access everybody’s patient’s medical record just because you say there is a security threat or just because you say it’s good for the American public,” she told CNSNews.com.
“But the fact of the matter is that [the Health Insurance Portability and Accountability Act] HIPPA already allows the federal government and the state government and the local government and anyone who is a public health agency to have access to our medical records – identifiable medical records – without our consent. It’s in the HIPPA Privacy Rule, which has the full force and effect of law. But that wasn’t actually put in by Congress. It was put in by the Department of Health and Human Services.” (SeeHIPAAPrivacyRegs_EconomicStimulusChanges.pdf)
One of the dangers, Brase pointed out, is that this vast amount of medical data warehoused in a giant electronic database will only be available to government-approved researchers.
“Now, it could be the entire electronic medical record, it could be that they just have ready access to the electronic medical records because it’s on a state health information exchange, for instance, and if they are one of the partners in the state health information exchange, they can start this data draw.
“One of the things we look at is how research can be done in a way to push policies that we disagree with. They come up with findings that nobody else can validate because nobody else has access to all that data the way the government has, and nobody can ever counter it,” Brase told CNSNews.com.
According to “National Biosurveillance Science and Technology Roadmap” written last June, “effectively, appropriately, and securely sharing health event data, including parts of electronic patient records and laboratory data, has significant potential to improve national awareness of incidents that could progress to impact national security.”
The NHSS is part of what President Obama called “the first-ever National Strategy for Biosurveillance” which was announced by the White House in July 2012 as “a top national security policy.” (SeeNational_Strategy_for_Biosurveillance_July_2012.pdf)
Under Draft Bill, ‘Authorized Users’ Would Get ‘Complete Access’ to Patient Health Records
March 23, 2015 – 4:38 PM
By Barbara Hollingsworth
(CNSNews.com) – Rep. Michael Burgess (R-TX) has drafted “interoperability” legislation that would require private electronic healthcare record (EHR) companies to provide unrestricted, one-stop access to patient medical records. Burgess, a physician, released a draft version of his bill on March 9 to solicit comments by March 13.
It would give “authorized users access to the entirety of a patient’s data from any and all qualified electronic health records (EHR) without restriction” – including “complete access” to health data “in one location, without the need for multiple interfaces (such as sign on systems).”
“Authorized users” include government officials, academic researchers, insurance companies and others besides health care providers.
Under his proposal, the secretary of Health and Human Services would establish a “Charter Organization” made up of representatives of standards development groups, health care providers, electronic record-keeping companies, insurers and group plans appointed by Congress to propose new interoperability rules.
The draft provides “incentives” for practitioners and hospitals that comply, and “penalties” for those who do not, including the loss of federal certification. The HHS secretary would also be required to report “any barriers that are preventing widespread interoperability” to Congress and document “specific steps” taken to overcome the barriers by July 1, 2016.
Although granting widespread accessibility to millions and millions of confidential medical records is supposed to guarantee better patient care and lower costs, there are fears that it would have negative consequences.
Twila Brase, president of the Citizen’s Council for Health Freedom (CCHF), pointed out that Burgess’ interoperability proposal would not only turn private EHR companies into public utilities, it would also eliminate the last remaining vestiges of patient privacy.
“All these electronic health records are now being used across the country, but they aren’t connected. They are proprietary systems owned by private companies,” Brase told CNSNews.com. “The fact that they can’t all talk together is our only protection against the broad, sweeping data sharing that Rep. Burgess appears to be looking for.
“Once that is mandated, we will have a national medical records system, and no patient consent over how their data is used, who sees it, or what’s done with it,” she said.
Under the HITECH Act, part of the 2009 stimulus bill, every health care provider reimbursed by Medicare was required to switch to an EHR system by January 1, 2015. The government spent $30 billion to help them implement the switch. But the law did not require that the EHRs be linked together.
“Because HITECH was the foundation of Obamacare, they had to get that in place first. So if this [bill] would pass, they would be strengthening the foundation upon which Obamacare, or any other national healthcare system, is created. If you create a national healthcare data system, you are well are your way to a national healthcare system because you give all sorts of outsiders control over what happens in the privacy of the exam room. It’s no longer private,” Brase told CNSNews.com.
“The purpose of HIPPA was that it would allow the broad sharing of data. But they attached the word privacy to it, we believe, as a way to convince or deceive the American public that they have privacy when actually all their privacy was being taken away,” Brase said.
“HIPPA has nothing to do with privacy and everything to do with opening up our medical records and getting us to the point where we have a national medical records system where our data is shared without our consent broadly nationwide,” she added.
Brase says that typical “HIPPA hassles” – when the pharmacist tells you to stand back 10 feet so you don’t overhear the previous customer’s prescription, or when the hospital won’t tell you that a family member has been admitted – are “meant to convince you that you have privacy, but the whole thing is a farce.
“What people really care about is where the details of their lives – their medical conditions, their behaviors, their fears, their thoughts – go. There’s no privacy there,” she told CNSNews.com.
“People have to see the truth about HIPPA. There’s no privacy….Whether you sign the form or you don’t sign the form, they can continue to share the data. The form, in our opinion, was simply meant to convince people that they have privacy, and it has been very successful. It’s called the HIPPA Privacy Form, people sign it, people tell me that ‘my data is between me and my doctor.’
And I tell them ‘you have not read it. What you’re saying is that you’ve received a notice of privacy practices, which is really a notice of disclosure practices, which really tells you how little privacy you have.’ But most people just take those words ‘privacy form’ and believe them.”
Brase noted that the inability of many EHR companies to share data is the only thing protecting patient privacy today.
“And so if you lose the obstructions of today and you have nationwide widespread interoperability, then all privacy is gone and everybody essentially owns your data except you. Because acknowledging someone’s ownership means you have to ask them [for their] consent. And neither HIPPA nor HITECH have consent requirements.
“And Rep. Burgess may be under the same deception of what HIPPA is and therefore doesn’t know that the only way that he should even try to move forward into interoperability, if we even wanted to go there, would be to require informed written patient consent – with no coercion, completely voluntary,” she added
The main purpose of linking all patient records together is to “implement a national healthcare system,” she added. “That’s the whole purpose here. They needed it for Obamacare. Without HITECH and the EHR mandate, there would be no way to implement everything that is in Obamacare because there would be no data and payment systems that can be controlled at the federal level. Once you have everything electronic, it can all be changed.”
“And the funny thing, of course, is that when the Obama administration put this into law, they didn’t force the issue. They just wanted to get it all up and running. And now the Republicans are trying to force the issue to make what Obama started into a reality
“So here we have an opportunity to stop what President Obama planned, and yet we’re seeing Congress decide we’ve spent all this money, so we should actually make it work. I don’t know if members of Congress don’t actually see what is happening here, but the national medical records system is essential to the controls needed for a national healthcare system.
“So Rep. Burgess’ interoperability bill will lead us towards a more fully functioning national healthcare system. Somehow I think that’s not where a substantial number of members of Congress want to go.”
Brase also pointed out that “he who holds the data makes the rules.”
“When you have no control over who has access to your medical records, including in the future your genetic information, all sorts of assessments can be made on you,” the former emergency room nurse told CNSNews.com.
“You won’t ever be able to have a fresh second opinion from somebody who has never seen you before. Whatever one doctor said about you, every doctor, every nurse, every authorized user will be able to see even if it was a biased opinion.
“There are health plans that want access to all the data on the patients and the doctors to create treatment protocols so they can then say they have science to back them up. But those will be restrictive protocols, telling the doctors how to practice medicine,” Brase predicted.
“So for instance, if you had some mental health issue, if you had a sexually transmitted disease or a cancer you didn’t want anybody to know about, there just would be nowhere to hide because all your health data, including your behaviors and your thoughts and whatever somebody else chooses to put in the system, will all be on the grid. It will completely eliminate privacy forever.”
Paper medical records, on the other hand, are hard to access and even harder to share, she pointed out. “But when it’s electronic, all you have to do is sit at a computer wherever you are in the hospital, in the clinic system. And if you have a ‘need to know,’ or even if you don’t and you’re just gonna risk it, it’s available.”
Brase says it hard for an individual to do anything about maintaining their medical privacy short of paying cash to a physician who maintains paper records that stay in his office. But states have more leeway.
“States under HIPPA can pass a real privacy law, so they could actually prohibit anybody from sharing data or letting data out of the state’s health information exchange without express patient consent. Legislators could actually do that because HIPPA says that stronger privacy protections rule the day and have to be followed.
“So people can talk to their state legislators and say: ‘Hey, give me my privacy back.’”