Americans might be surprised to learn that there are no comprehensive federal laws protecting the privacy of health records. Video store owners are barred from disclosing our rental histories and cable companies cannot divulge our channel choices, but nothing prevents medical record keepers from selling our most intimate medical information, without our consent. It's estimated that HMOs, drug companies and hospitals spend up to $15 billion a year on technology to acquire and exchange medical information about, say, our blood pressure and psychiatric medications.
That's why it's so important that Congress fulfill its promise to pass the nation's first medical privacy bill in this session. The key to making good on that pledge lies in finding the common ground that eluded legislators last year, when eight medical privacy bills were debated but scrapped due to irreconcilable differences.
This week House and Senate staffers will be working to reach agreement on several recently introduced medical privacy bills. Everyone agrees that Americans should have the right to inspect and amend their medical records and that medical record keepers should obtain patients' authorization before releasing their medical information. Controversy, however, still swirls around two questions:
* How should medical releases be worded and when should they be required? Congress should avoid the coercive language in a bill by Sen. Robert F. Bennett (R-Utah) that would allow medical providers to deny treatment to patients who refuse to waive their privacy rights. Legislators should also reject the language proposed by Sen. Patrick J. Leahy (D-Vt.) that would require doctors' offices to seek authorization even for routine transactions like tallying bills and consulting specialists. Instead, legislators in both houses should embrace compromise language by Reps. Henry A. Waxman (D-Los Angeles) and Gary A. Condit (D-Ceres) that would allow such uses but prevent abuse by requiring that patients' names be concealed, along with other curbs.