Medical PLLC

Gary S. Mirkin, MD
935 Northern Boulevard, Suite 300
Great Neck, NY 11021-5309
516 466-KIDS; Fax 466-9081;

U.S. Department of Health and Human Services
Assistant Secretary for Planning and Evaluation
Attention: Privacy-P
Room G-322A, Hubert H. Humphrey Building
200 Independence Ave. SW
Washington, D.C. 20201

Re: Standards for Privacy of Individually Identifiable Health Information, 45 CFR Parts 160-164, Rin: 0991-AB08

Dear Assistant Secretary:

This letter is in response to the proposed regulations on patient privacy published in the Federal Register of November 3, 1999.

I am a physician in a group practice of five physicians. My specialty is pediatrics. I serve approximately nine thousand patients and have fifteen employees. I am a member of AAPS, the Association of American Physicians & Surgeons, which is also very concerned about the impact of these rules. I fully concur with their detailed December 20, 1999, critique of these regulations.

Our medical records necessarily include the private, intimate details of not just the individual patient, but the entire family. We take the trust that our patients place in our hands very seriously and we assiduously safeguard their privacy. I am concerned that these proposed "privacy" regulations would suddenly create a new class of persons with the right to access the information contained in these records without the patient's knowledge or consent.

Stripping patient identifiers from this information may provide some protection of privacy, but again, that needs to be a decision that is left to the individual to consent to and not a right that is given to an anonymous third party. It is unconscionable that such an invasion of one's privacy could occur in our United States of America-let alone that it be an invasion that is sanctioned by the government.

I would propose to you that this massive and convoluted privacy regulation should be rewritten as follows:

All information contained in a physician's medical record shall be considered sacrosanct and shall only be released to those parties to whom the patient or legal guardian has given a specific consent.

This is my practice's current modus operandi. This policy is clear and concise. It places the control of confidential information into the hands of the patient to whom it belongs.

Unfortunately, I already have parents who will occasionally request that I keep certain medical information out of their child's written medical record for fear of disclosure. This complicates continuity of care but, in most cases, I do honor the parents' wishes. This problem of omitting relevant information will only get worse once the public realizes that the confidentiality that they have come to expect in my office has suddenly been compromised by these federal regulations.

Should the Standards for Privacy of Individually Identifiable Health Information rule take effect as currently written, I also expect that parents and patients will withhold more information from their doctor for fear of unauthorized disclosure.

These regulations go far beyond the mandate in the statute and would destroy the privacy and trust needed for a patient-physician relationship. The patients' records would be open to untold numbers of persons unknown to him, and for purposes unforeseen and possibly contrary to his best interests.

The patient, not the federal bureaucracy, should be the one to decide the permissible uses of his or her medical information, period. A "public good" should not create a "public right" to one's private information-at least not in the United States of America.

These regulations should be rewritten to put patients in charge of the disposition of electronic medical information, rather than assuring broad access for any and all uses that may be authorized by agents of the federal government.


Gary S. Mirkin, MD

CC: Congressman Gary Ackerman
Senator Daniel Patrick Moynihan
Senator Charles Schumer