Americans might be surprised to learn that there are no comprehensive federal laws protecting the privacy of health records. Video store owners are barred from disclosing our rental histories and cable companies cannot divulge our channel choices, but nothing prevents medical record keepers from selling our most intimate medical information, without our consent. It's estimated that HMOs, drug companies and hospitals spend up to $15 billion a year on technology to acquire and exchange medical information about, say, our blood pressure and psychiatric medications.
That's why it's so important that Congress fulfill its promise to pass the nation's first medical privacy bill in this session. The key to making good on that pledge lies in finding the common ground that eluded legislators last year, when eight medical privacy bills were debated but scrapped due to irreconcilable differences.
This week House and Senate staffers will be working to reach agreement on several recently introduced medical privacy bills. Everyone agrees that Americans should have the right to inspect and amend their medical records and that medical record keepers should obtain patients' authorization before releasing their medical information. Controversy, however, still swirls around two questions:
* How should medical releases be worded and when should they be required? Congress should avoid the coercive language in a bill by Sen. Robert F. Bennett (R-Utah) that would allow medical providers to deny treatment to patients who refuse to waive their privacy rights. Legislators should also reject the language proposed by Sen. Patrick J. Leahy (D-Vt.) that would require doctors' offices to seek authorization even for routine transactions like tallying bills and consulting specialists. Instead, legislators in both houses should embrace compromise language by Reps. Henry A. Waxman (D-Los Angeles) and Gary A. Condit (D-Ceres) that would allow such uses but prevent abuse by requiring that patients' names be concealed, along with other curbs.
* Should a new federal privacy law supersede state laws that provide even stronger protections? Sen. Bennett argues that a single, uniform national law is the only way to prevent health providers doing business across state lines from being confused by conflicting laws. But the same technology that has created the medical privacy crisis--computers--also allows health providers to properly manage complex information.
A recent survey by the California HealthCare Foundation found that one in seven adults, in an effort to prevent violations of the legitimate zone of privacy, had lied to a doctor or withheld information concerning his or her medical history. Survey respondents worried, for instance, that employers or insurance companies would find out about a debilitating condition and then deny them insurance or a job.
Such evidence that Americans are withholding information that doctors need to treat them should serve as a wake-up call to congressional leaders. It's becoming clear that prompt action to protect the privacy of medical records is not only a moral priority but a medical necessity.