1601 N. Tucson Blvd. Suite 9
Tucson, AZ 85716-3450
Phone: (800) 635-1196

Association of American Physicians and Surgeons, Inc.
A Voice for Private Physicians Since 1943
Omnia pro aegroto

Volume 62, No. 1 April 2006

INFORMATION STRAITJACKET

In 1993, the Clinton Administration proposed to force all Americans into government-dictated health plans, engineered by special interest groups meeting behind the scenes under the aegis of the Health Care Task Force.

The Bush Administration just wants to control information through forcing the adoption of a "nationwide interoperable health information technology infrastructure." The ability to monitor practice is the key to enforcing standards and controlling behavior. This time, the chosen architects are called the American Health Information "Community." AHIC is acknowledged to be subject to the Federal Advisory Committee Act (FACA), under which AAPS compelled exposure of the Clinton Task Force operations.

While AHIC is going through the motions of FACA compliance, it is violating fundamental substantive provisions of the law, prompting AAPS to file a lawsuit (see p. 3).

Justification

The rationale for tyranny is to protect the public. Health information technology (HIT) is supposed to protect against bioterrorism, hurricanes, and pandemics and medical errors and runaway costs. "With employer health-care costs growing faster than revenues, and more people dying in the U.S. of medical errors than AIDS, homicides and automobile crashes combined," writes Carol Kovac of IBM, "transforming health care...has become a matter of national security in both human and economic terms." We need a "digital health-care ecosystem" (Wall St J 10/25/05).

The Institute of Medicine report "To Err Is Human," the basis for the belief that physicians are the eighth leading cause of death in the U.S., is accepted as common knowledge. Yet, as previously noted (AAPS News, Jan & Apr 2000, Mar 2004), the analysis is deeply flawed. The purported 44,000 to 98,000 annual deaths are extrapolated from a study of 137 deaths.

A.E. Miller, M.D., of Blackfoot, ID, writes that imputing the death of a comatose metastatic cancer patient to his doctor's mistakes is "like saying the Titanic sank because someone dropped an oar from one of the lifeboats."

The Cost of HIT

While some believe that the electronic medical record (EMR) would reduce paperwork and costly medical errors, the cost savings would be no more than 3% (LA Times 1/30/06). Some systems require more time and effort from the user than the paper systems they replace (Fraser Forum, Oct 2005).

Today's HIT asks doctors to pay an "unconscionable price ...for these mediocre products," writes Jonathan Bertram, M.D., founder of Amazing Charts. Most systems cost more than a new car, and will "end up upsetting us more than if we had paid $100,000 for a Pinto" (www.mdng.com, October 2005).

Such considerations help to explain why only 17% of office- based physicians are now using EMRs.

The object is to connect the EMR to performance measures. The AMA, in its recent deal with Congress (AAPS News of the Day 2/21/06), agreed to develop 140 measures by the end of the year. According to a memo from Michael Maves of the AMA to officers of medical associations, the AMA will work to reduce administrative burdens by having all programs use the same CPT-II codes (sold by the AMA) instead of having Medicare develop codes.

As Dr. Bertram points out, doctors will be forced to use a controlled vocabulary, which turns a patient-doctor encounter into an inventory of data points and then be "charged a fee to use the dictionary" (op. cit.).

The Blunt End

There is little evidence that the use of HIT to improve safety has any sustained positive effect. It can, in fact, be detrimental, as shown in the comparison of manual control of infusion devices with programmable pumps, or the use of a status board for OR scheduling with a computerized system. One reason is the very poor understanding of what human beings at the "sharp end" of patient care actually do. HIT developed to serve management, the "blunt end," which uses policies, procedures, resources, and constraints. Blunt HIT can hamper cognitive work and complex human interactions in patient care (Nemeth C, et al. J Biomed Informatics 2005; 38:18-25, available at www.sciencedirect.com ).

As Richard Warner, M.D., President-Elect of the Kansas Medical Society, noted, performance measures "may be more about the value of third party payment managers than about the value of doctors." And quality will be a statistic, not a patient- determined value (Kansas Physician, July/Aug 2005).

Adverse Consequences

A nationwide interoperable system cannot protect privacy. A security company hired by the VA Inspector General easily broke into the computer system and took total control of it while the VA didn't even know its systems were under attack (Cato Policy Analysis 520, 8/4/04).

But privacy may actually be seen as an impediment to quality: Our national system "can no longer beguile itself with the myth that quality care involves only one doctor and one patient in a room where confessions are made and promises are kept," stated an AHA lawyer. A physician encounter is just an entryway to the system (American Psychoanalyst, Fall 2005).

The result, if not the purpose, of the straitjacket is apparently to assure that all get exactly the care they are supposed to have according to the elite decisionmakers in the government and the "community" of the elect.


Database Nation

The federal government collects breath-taking amounts of information on Americans, and federal agencies can combine databases at will, simply by announcing a new "routine use" in the Federal Register. Providing entitlement benefits and collecting taxes are two prominent uses. But databases have a tendency to grow and acquire new uses, sometimes radically divergent from their original purpose. The National Directory of New Hires, for example, which catalogs everybody in order to locate the few who default on child-support obligations, is now being use to find student loan defaulters.

Surveillance is driven by victimless-crime laws. And while crime fighters should identify and punish perpetrators of known crimes, "data-veillance" provides the tool to target someone the government wishes to punish, and find something the person may have done wrong.

"Especially today, when exceedingly complex regulation trips up nearly everyone somehow, this is an inversion of the proper way to fight crime," writes Jim Harper, director of information policy studies at the Cato Institute.

Moreover, "legislation enacted at a time of crisis could convert...[databases] to surveillance purposes, when they are not already being used in this way" (Policy Analysis 520, 8/4/04).

 

IT in the ER

An emergency physician reports that 6 months after implementing IBEX, productivity is down almost 25%. It is hard to find the basics in a ton of printed useless information. He often has to do procedures alone because nurses are too busy inputting data. The IBEX team insulted the older physicians, implying they couldn't understand computer technology. "I think he meant pointing and clicking really fast since he looked too young to have ever coded in Basic, PL-1, assembly language, or COBOL."

 

What EMRs Miss

In the 1960s, Albert Mehrabian established that in spoken communication, 7% of the meaning is in the words, 38% is paralinguistic (the way the words are said), and 55% is in facial expression. The whole clinical history can never be obtained from the record. The practice of medicine can never be reduced to terms that bureaucrats can understand and control. Attempts to do so will fail; patients will be the losers and will eventually rebel, just as they did against HMOs. We should not waste another 50 years in trial and error before recognizing what can't be done (Del Meyer, Medical Tuesday 8/25/05).

 

Madeleine Pelner Cosman, Ph.D., J.D., R.I.P.

AAPS is indebted to Madeleine Pelner Cosman for raising our awareness about the criminalization of medicine, among many other contributions. She was an indefatigable fighter for freedom and a champion of free-market, patient-centered medicine. For many years, she taught medical ethics. A Renaissance woman herself, she founded the Institute for Medieval and Renaissance Studies at CCNY. Dr. Cosman died March 2, 2006, of complications of scleroderma. Memorials may be made to the Scleroderma Foundation or the Wake Up America Foundation. A service celebrating her life will be held in Escondido, CA, on April 8, 2006.

 

Medicare Premiums Taxed

Seniors who don't file their own tax returns, or who use TurboTax, may not realize that the premiums that are deducted from their Social Security checks are added back to their benefit in calculating their tax: see form SSA-1099.

 

Tracking to Enforce Compliance

Although Colorado suspended pneumococcal vaccines because they couldn't afford them, it still put $6.5 million into studies to "develop and deploy a system for transporting clinical information electronically between health care delivery systems in Colorado" not counting a Robert Wood Johnson Foundation grant. "Epidemiologic information" can be vacuumed out of school records in Colorado.

In Georgia, all persons administering immunizations must report to the electronic vaccine registry. Linda Gorman of the Independence Institute argues that such registries are "the camel's nose under the tent for building a national health information system architecture that is a vital building block for managing nationalized health care and creating individual citizen dossiers."

The American Academy of Pediatrics (AAP) distributes a "Refusal to Vaccinate" form stating: "I know that failure to follow the recommendations about vaccination may endanger the health or life of my child and others that my child might come in contact with." AAPS General Counsel Andrew Schlafly comments that the AAP is apparently urging doctors to violate their Oath of Hippocrates by trying to get parents to incriminate themselves. The next step might be to take children into "protective" custody to avoid such "endangerment."

An AAP study showed that 39% of physicians dismiss families who refuse all immunizations, and 28% dismiss those who decline selected immunizations, stated Maureen Jones, FNP, of Century Consulting in Portland, OR.

Will noncompliance become a reason to bar patients from medical care in a future nationalized system?

 

Data Retention in Europe

The European Parliament rejected a proposal requiring retention of communications data for 3 years, which would reveal who is calling, faxing, emailing, and SMS-ing whom, what websites they visit, and where they go with their mobile phones. It will be implemented anyway by multi-national treaty. Estimated cost to telephone and internet operators is 250 million euros. Critics argue that the proposal violates the European Convention on Human Rights (TCS 8/23/05).

 

AAPS Calendar

May 19/20, 2006. Dinner meeting and Board of Directors meeting, Hilton Garden Inn, Chicago O'Hare Airport.
Sept 13-16, 2006. 63rd annual meeting, Phoenix, AZ.


AAPS Sues HHS over AHIC

In an action brought against the Department of Health and Human Services and Secretary Leavitt, AAPS seeks to compel defendants to comply with the Federal Advisory Committee Act (FACA) in the operations of the American Health Information Community (AHIC) and related health information technology (IT) initiatives.

Membership of a FACA committee must be fairly balanced, and its recommendations must not be inappropriately influenced by the appointing authority or any special interest.

"Defendants expressly intend to use the federal government's `market power'...to impose or coerce Health IT on the medical profession and patients as soon as possible," states AAPS, "and their initiative will impose financial burdens on AAPS's members."

During the first AHIC meeting, Secretary Leavitt said "I don't think there is a person who sits at this table who has not given speeches about the promise of health IT...." The National Coordinator remarked on how "resonant" health IT is with people in the U.S. That no one challenged him shows just how cloistered AHIC members are from the medical profession and patients, who consider the IT agenda frightening to the extent that patients will lack control over access to their records.

The ostensible representative of practicing physicians is Douglas Henley, Executive Director of the American Academy of Family Physicians (AAFP), which is deeply committed to the health IT agenda. The ostensible representative of patients and consumers, Nancy Davenport-Ennis of the National Patient Advocate Foundation, does not represent typical patients' views, especially on privacy.

"In sum, Defendants have selected a panel of `yes- men'...already committed to Defendants' agenda...[and] is unwilling even to address publicly posed questions that challenge Defendants' agenda," such as the privacy and openness questions asked in public testimony by AAPS Public Affairs Counsel Kathryn Serkes.

AHIC is forming "public-private partnerships" to operate Contractual Panels outside the FACA oversight process; for example, the Health IT Adoption Initiative.

AAPS also complains that HHS has undue influence over AHIC, and is using non-FACA-compliant subcommittees to disseminate propaganda supportive of its agenda, defying laws that prohibit use of public funds for "publicity or propaganda."

Although the Secretary has repeatedly stated his intention to use the government's "market power" to impose standards, the antitrust laws appear not to authorize suing federal Defendants directly. Nonetheless, legislation requiring consideration of the "public interest" had been held to include consideration of anticompetitive effects.

AAPS requests the U.S. District Court for the District of Columbia to enjoin the use of any work product from AHIC or subcommittees or Contractual Panels until all FACA violations are cured, including lack of balance and undue influence by Defendants.

The brief is posted at www.aapsonline.org. The American Health Legal Foundation is supporting the litigation.

* * *

"The worship of Information and other forms of digitalia is just as superstitious as any form of idolatry. But misinformation is worse than no information, and disinformation is worse still; and digitomania lends itself equally well to all three."
Marian Kester Coombs, Chronicles, June 2005

 

Read Your Hospital Reappointment Letter!

An AAPS member wisely declined to renew his hospital privileges rather than sign a letter that read: "You agree that if, in the Hospital's judgment, you violate any provision of the Medical Staff Bylaws or Code of Conduct policy, you are deemed to have voluntarily resigned your medical staff membership and privileges without any right to a fair hearing or due process of any kind" [emphasis added].

The Code of Conduct is established unilaterally by the hospital administration; the medical staff has no input.

Another tactic out of the Horty Springer playbook for getting rid of physicians the hospital dislikes is conditional reappointment, with the hospital in total control of the conditions. Or the hospital can "lose" or never send a reapplication form to the doctor. These tactics bypass the peer review process altogether.

Once an investigation or adverse process is underway, a doctor cannot resign without triggering requirements to report to the licensure board and National Practitioner Data Bank.

 

Health Databases Invite Identity Theft

A patient in Portland, OR, has filed a class action suit against Providence Home Services after computer backup disks with data on 365,000 patients were stolen from an employee's car. No verified identity theft has occurred yet though people identifying themselves as Providence employees have called some patients to "verify" Social Security numbers.

In Redondo Beach, CA, however, "protected" health information stolen by contract employees of Kaiser Permanente South Bay Medical Center has been used to buy thousands of dollars worth of goods and services on existing or fake new credit cards (HIPAA Compliance Alert 2/13/06).

Identity theft is one of the largest, and growing, criminal offenses in North America. It has been linked to existing electronic health records in Canada. Increasing connectedness will create still more opportunities for intrusion, including "inter-silo intrusion," in which information is passed from one sector or silo (such as pharmacy records) to another (such as financial records). Software developer Gordon Atherly warns against "impatiently implemented, grand government schemes" rather than privately developed, voluntarily adopted solutions (Fraser Forum, October 2005).

The first step toward having all medical records accessible online begins April 1 in Florida with some pharmacy records. Breaches in the pharmacy system have already occurred (News-press.com 2/26/06).

 

Nuns' Account Frozen; PATRIOT Act Blamed

The Holy Name Benedictine Monastery found it could not pay its bills when its main bank account was frozen without explanation. It turned out that an 80-year-old nun who was a signatory to the account did not have her Social Security number and photo id on file. The PATRIOT Act requires such information for new, but not existing accounts. Legal experts say there is confusion about what the antiterrorism laws actually do require.

"If it happened to us, it can happen to anybody," said Sister Jean Abbott, the monastery's business manager. "I think that people need to know that nobody is safe from, in some cases, really ridiculous scrutiny" (Tampa Tribune 2/8/06).


Correspondence

Automatic Denials. Medicare carriers using the Multi- Carrier System (MCS), a computer system for claims processing, deny resubmissions automatically. If a physician makes a typographic error in an ICD-9CM diagnosis code, and the claim is therefore denied for lack of medical necessity, it is no longer possible to correct the error and resubmit. The only way a physician can be paid is through the expensive, burdensome, and lengthy appeals process. If the amount in dispute is too small to qualify for the appeal, Medicare can legally pay the physician nothing. This high standard for claims accuracy comes from the same bureaucracy that answers questions wrongly 96% of the time!
Lawrence R. Huntoon, M.D., Ph.D., Lake View, NY

 

"Big Ideas." The usual (hardly new) ideas for "saving our health care system," as propounded in Physicians Practice, February 2006, should be entitled "We're Smarter Than You: How Arrogance and Force Can Save U.S. Health Care." To control costs, spend more federal money on programs and P4P. Force people to buy insurance, unless they can't, and then force others to buy it for them. Rather than admit that our big bloated safety net is a failure, create another one without changing any of the assumptions that led to the initial fault. More spending, more mandates, more collective guilt.
Patrick Conrad, M.D., Niceville, FL

 

Results of Mandates. As soon as you make anything mandatory, government has control of pricing and product structure in that market. You have a whole new class of lawbreakers, huge data demands to enable enforcement, fertile new ground for a new government plantation as people demand subsidies for those who can't afford the mandatory product, and continuous redefinition of it as various interest groups lobby for its expansion.
Linda Gorman, Independence Institute, Golden, CO

 

Rationing by Waiting. The process is gradual. Doctor time per visit decreases gradually, and delays increase until the wait is unacceptable and there are no quick fixes. But it seems less painful to employees that an sudden switch to a Health Savings Account and they can't blame the employer. It's the greedy doctors, or the greedy insurance executives, or "the economy."
Robert S. Berry, M.D., Greeneville, TN

 

Getting It Backward. At a time when the rest of the economy and the world are decentralizing, hospitals are consolidating. I ask CFOs why, and they say information systems make them do that. Wrong. Information systems enable decentralization.
Greg Scandlen, Hagerstown, MD

 

Real Cost Savings. Computerized health records and billing may offer little in the way of savings. However, there is tremendous opportunity for savings in entirely eliminating insurance for low-cost services and simply paying cash, just as we pay attorneys, plumbers, and others. Billing costs vanish; no need for legions of staff to process claims. Thousands of doctors have moved to accepting only cash, cutting bills by 25% to 50%. Using insurance only for expensive services could knock several hundred billion dollars off national spending.
Sean Parnell, Heartland Institute, Chicago, IL

 

Buying Back the Hospitals. About $30,000 could buy a time share allowing 2 to 3 days in the hospital every year, transferable to other communities with similar arrangements. If 80,000 people bought a hospital, it would have $2.4 billion in its coffers, and the owners could afford to be generous to their neighbors. Funds could be managed by a local board with full transparency. Young families could own a timeshare that would cover every delivery. Only the doctor would need to be paid. We would not need medical insurance; we could have well-funded Health Savings Accounts instead.
Alieta Eck, M.D., Somerset, NJ

 

The "Blue Roof" Program. The Corps of Engineers had $330 million to pay contractors $175 a square to nail cheap blue tarps on hurricane-damaged roofs. Pre-hurricane prices for new roofs with three-tab shingles were about $100 a square. Post- hurricane prices began at $185 (with roofers tripping over each other), but then shot up to more than $220. Why tear off the old roof, apply new felt and shingles, and haul away debris, when you can earn as much in a couple hours nailing on a tarp? Also, there was third-party payment. To keep costs down, government should get out of the temporary roofing business and out of the medical insurance business.
Joseph Lee Pugh, Diamondhead, MS

 

Lowered Expectations. Not surprisingly, the AMA is collaborating with the effort to wipe out the art of medicine and leave only a set of standards to which all the regimented robot physicians (or better, physician extenders) will be held. No deviation allowed even if (or especially if) it benefits the patient. Patients have gotten used to physician extenders at grocery store "RediClinics." Being canny businessmen, the supermarkets accept no insurance! The results of squeezing physicians out of the primary-care arena should prove interesting. Of course, everybody still wants us to treat the complex multi-chronic-disease patient without adequate pay!
Everest A. "Tad" Whited, M.D., Ph.D., Pflugerville, TX


Legislative Alert

The Assault on Freedom, Federalism, and Privacy

The "right to privacy" is oft on the lips of federal lawmakers. They usually mean abortion, but most other people mean something more basic protection against snooping.

There always have been busybody neighbors, dumpster-diving thieves, and intrusive journalists, but protecting personal privacy has become even more important in the computer age. Threats come from all quarters. The most obvious known dangers result from crooks who go "phishing" for personal financial information online or who break into personal computers or corporate intranet systems. However, sometimes the gravest threat to privacy and our liberties comes not from thieves but from government officials who claimed that their "need to know" trumps the individual right to be left alone.

Few issues are more sensitive to most people than their health. For many reasons, ranging from fear of embarrassing disclosures to determination not to unsettle loved ones, patients desire to keep their medical information private.

While the development of electronic medical record-keeping has been a boon in many ways, electronic data, especially online, is easily shared and vulnerable to abuse by the curious and the malicious alike. Medical data is especially problematic. There is rarely a valid reason for banks to transmit account details to other companies or the government; however, medical treatment routinely crosses the boundaries of professional offices. With electronic data, not only can more people see your medical information, but more people believe they must see it.

Most Americans recognize the danger. According to a recent survey conducted by Forrester Research for the California HealthCare Foundation, two-thirds of respondents were concerned about the confidentiality of their medical records; nearly three- fourths of minorities were worried. Roughly one person in four cited at least one incident in which they believed their privacy had been compromised. More than seven in ten worried that electronic record-keeping made unauthorized access more likely.

Strong legal protections are needed for medical privacy. Moreover, patients must be able to contract privately with their physicians to protect their privacy independent of or in conjunction with state privacy laws. This means that patients must be in control of the dissemination of their health information. They must be allowed to decide who gets to see what data, and when. Fortunately, despite the federal government's assault on medical privacy, many states have enacted patients' rights into law. Even when medical offices press for patient approval of the transfer of information (as demanded by insurers, for instance), the overall presumption should be shifted to nondisclosure unless otherwise specified by the patient or legal guardian.

Beyond repealing the HIPAA "Privacy Rule" really a disclosure rule, Congress must be prevented from further nationalizing the laws governing medical information privacy in the name of encouraging electronic data transmission.

Although online information-sharing can yield undoubted benefits, some medical offices have been slow to automate this aspect of their practices. But such behavior does not represent a crisis requiring federal intervention. Actually, this behavior is in many cases a response to previous federal interventions via the HIPAA Privacy Rule. Many doctors have decided not to go electronic, in order to protect medical privacy as well as they can.

A National Infrastructure: H.R. 4157

Congress and the President are now threatening to unsettle further the delicate balance between protection of and access to patient information, which is already weighted against protection and toward non-consensual disclosure. About two years ago, President George W. Bush issued an executive order creating the National Health Information Technology Coordinator. This person's work, intoned the President, "shall be consistent with a vision of developing a nationwide interoperable health information technology infrastructure."

The expressed goals are reasonable enough: better medical care, lower costs, improved coordination, and greater competition. All the while, the system is to ensure "that patients' individually identifiable health information is secure and protected." However, any national effort at standardization risks undermining state laws, which have offered the only legal protection for patient privacy. Luckily, the impact of this effort has been limited. Without new legislative authority, there is little that a federal "coordinator" can do.

Of much greater concern are congressional proposals to give federal officials such authority. For instance, H.R. 4157, the Health Information Technology Promotion Act of 2005, uses the language of patient confidentiality. But it would simultaneously lead toward the creation of a national medical database while weakening patient control over information disclosure.

Establishing a national system is the key goal. Rep. Nancy Johnson (R-CT) explained: "This legislation will make sure the national health IT coordinator's post is a permanent one, and it will overcome some of the key obstacles that have slowed our progress toward adoption of a national, interoperable electronic system."

H.R. 4157 establishes a permanent bureaucracy, an Office of the National Coordinator for Health Information Technology. This is the statutory authority lacking in the President's executive order. History suggests that such an office, once established, will never be eliminated. The National Coordinator in turn is to create "a nationwide interoperable health information technology infrastructure." But that's not all. The legislation continues: "The National Coordinator shall maintain, direct, and oversee the continuous improvement of a strategic plan to guide the nationwide implementation of interoperable health information technology in both the public and private health care systems." Indeed, building a federalized information infrastructure will not be limited to the Department of Health and Human Services. Rather, the National Coordinator is to coordinate HHS programs "with those of relevant executive branch agencies and departments...to create a national interoperable health information system."

Additionally, the legislation would attempt to coopt private entities, establishing a public-private partnership: HHS, "in consultation with entities involved in the area of health information technology, shall develop a strategic plan related to the need for coordination in such area."

The necessity for such a system is not obvious. A nationwide system can develop informally and spontaneously, as essentially has been happening since the development of the computer. Thousands of medical professionals across America already are adjusting their medical records and practices in their own way and at their own pace. And most doctors, labs, and hospital already cooperate effectively to share information in treating patients.

While the evolution of the market has been a bit confusing and complicated, it has enhanced the freedom of patients and physicians alike and allowed all participants to learn from their mistakes. Federal officials who believe that they can "do better" ignore the routine inefficiency and failure that follows attempts to short-circuit market experimentation through centralized government control.

Attempting to force the health information process into a national mold at a speed desired by Congress risks several adverse consequences.

First, information could more easily be accessed by unauthorized people and, thanks to the Privacy Rule under HIPAA, the list of authorized persons is quite long and disturbing. Most of us shudder when we read of thousands of credit card accounts made vulnerable by a single electronic bank break-in. Federalizing the medical information process could make millions of Americans vulnerable to systematic misuse of "a nationwide interoperable health information technology infrastructure."

Second, this system would encourage creation of a national medical ID number or card. The intent might be for good rather than for ill, but that's how restrictions on liberty almost always are first advanced. Such a system might yield greater efficiency, even though the preliminary data suggests otherwise, but would jeopardize freedom from government snooping. Individual medical professionals and offices might abuse their positions, but only the federal government can put us all at risk.

Third, national information standards could ultimately transform patient care and interfere with treatment decisions. For instance, H.R. 4157 explains that the new infrastructure is to advance delivery of "appropriate, evidence- based health care services" and reduce "inappropriate care."

How will "appropriate care" be defined? An activist bureaucracy determined to change medical outcomes could use its power over medical information to promote or even mandate certain treatment practices and outcomes.

This is hardly an ivory-tower concern. In many cases Americans are governed more directly through rules issued by federal agencies than through laws enacted by Congress. And in more than a few areas those rules have moved far beyond the original intent of the authorizing legislation.

That federal officials have a multifaceted health agenda has long been obvious: the campaign against smoking is long developed, while that against obesity is just beginning. Nagging about nutrition and exercise now is commonplace. However well- intentioned such efforts might be, Americans should be wary before they allow government to put the force of law behind similar initiatives. People concerned about their privacy should not allow their legislators to make broad grants of authority to any bureaucracy in any area, especially one as important as their own medical care.

Finally, passage of H.R. 4157 would breach the final privacy redoubt for many Americans: protective state rules. The proposed bill could preempt any state law "for use in the electronic creation, maintenance, or exchange of health information." In some policy areas Congress sets a minimum standard, but allows states to make more protective standards. Not here, for medical privacy, however. The legislation gives a nod to confidentiality and privacy concerns, calling for a study of state and federal laws governing information disclosures. But the bill emphasizes "the need for timely and efficient exchanges of health information to improve quality of care and ensure the availability of health information necessary to make medical decisions at the location in which the medical care involved is provided."

Since those exchanges now routinely occur naturally and without federal interference, one wonders at the real agenda behind H.R. 4157. Many medical operations have been lobbying for years to weaken (or even eliminate) state rules governing patient consent for the release of medical records. This legislation looks like yet another assault on privacy.

How to Protect Freedom and Privacy

Opposing H.R. 4157 doesn't mean opposing information sharing in principle or even federal efforts to eliminate barriers to private coordination. But any "national infrastructure" should meet three basic conditions:

1. It should be market-based. That is, developments should reflect natural trends among patients and professionals. Rather than attempting to impose any particular system, a federal "coordinator" would advise public officials on policy reforms needed to eliminate unnecessary legal or regulatory restrictions on improved information-sharing, support and promote medical ethics, and truly protect medical privacy. This should include repealing the privacy rule under HIPAA and removing any and all barriers to private contracting to control disclosures.

2. It should respect rather than override state privacy protection laws. Ultimately, the decision on sharing medical records should rest with the patient. States may properly choose somewhat different levels of protection and enforcement. There is no justification for the national government to eliminate such differences, especially by reducing privacy guarantees.

3. It should rely on "opt in" rather than "opt out" or especially "no choice." That is, patients, doctors, nurses, and others should be left to decide whether or not to cooperate with federal efforts. The benefit of uniformity does not override the importance of liberty. Many people will be naturally reluctant to risk their medical privacy even when national officials appear to be well-intentioned and national efforts look well-designed. But respecting such suspicions is the essence of a free society. Public officials always have seemingly "good" reasons for violating people's liberty. Attempts to override patient privacy rights are no different.

If the right to privacy means anything, it should ensure that Americans control access to their health information. The benefits of computerizing and sharing information are real. But so are people's fears that simplified access to those newly convenient records will be abused. Congress will fail in its most basic duty to protect people's personal liberties if it approves H.R. 4157.

Michael D. Ostrolenk is a member of the AAPS government affairs team in Washington, D.C.

Dr. Moffit's column will return next month.