|
|
Physician Statement Against Texas Registry
August 21, 1998
From:
William M. Chop Jr. MD
McLennan County Medical Education & Research Foundation
An Affiliate of The Univ. of Texas Southwestern Medical Center
Waco, Texas
To:
Robert D. Crider, Jr., M.S., M.P.A.
Director, Immunization Division
Texas Department of Health
1100 West 49th Street
Austin, TX 78756
Tel: (512) 458-7284
Fax: (512) 458-7288
Email: [email protected]
Subject:
Public Comments on TDH's Proposed Rules for Implementing a Childhood Immunization Registry
Dear Mr. Crider:
I am officially submitting this letter to you and the Texas Department of Health (TDH) in
response to TDH's request for public comments on its latest proposed rules for implementing an
immunization registry. Please make this letter a part of the official public record and officially
respond to all of the comments in writing. I am also forwarding copies of this and additional
supporting documentation to Senator David Sibley, Representative Kip Averitt, Representative Dianne
White Delisi, the Texas Board of Health, and Governor Bush.
Taken as whole, I feel that the law establishing the registry is flawed and goes beyond the
proper role of government, and that it should be completely repealed. Hopefully that will happen
soon and render moot the need for TDH to accurately and legally produce a set of rules to implement
the strictly limited provisions of the law. However, until that happens, TDH must try to produce
appropriate rules. The current rules are replete with multiple gross errors and illegalities, most
of which if they were legal would serve to advance the cause of statist government. The rules also
fail to address a number of critical points that the TDH specifically is required to address by the
law, particularly the defense of the confidentiality of the immunization records. Read Phyllis
Schlafly's column "Congress's Secret Plans to Get Our Medical Records" hot off the
Internet (Appendix 5) and resolve yourself not to be a contributing partner to the creeping
strangulation of the public's unalienable right to privacy. The proposed rules must not be
implemented.
Within my comments in numerous places I refer to the proposed rules being "illegal" or
"unauthorized" or other terms or phrases meaning the same thing. In each and every case I
assert that Texas law does not authorize some power assumed in a particular rule. If TDH agrees with
me, great, remove that rule. If not, then for each one of my assertions of illegality your response
and newly drafted rules should cite the specific portion of Texas law that authorizes the rule in
question. This will prevent the generation of another set of rules that assume so many unauthorized
powers.
1. General Comments
1.1 Preamble
My comments are divided into several sections beginning with this one. All are necessary in
order to understand the basis for my comments. In particular, this preamble section contains
important general background information that applies to all of the subsequent comments. It
amplifies the seriousness nature of the subsequent item-by-item objections. Moreover, it contains
comments about the objective process and the underlying philosophy through which the
TDH has attempted to create the immunization registry. It is important to include the comments,
including these general ones, as an integral part of the entire discussion because, quite frankly,
the TDH has been playing fast and loose with implementation of the law; therefore there is a real
possibility that the TDH in later day-to-day operations will attempt to exploit the numerous
ambiguities and outright illegalities in the proposed rules. As such, it is necessary to consider
the underlying drives and philosophy of the TDH so that the risk of future adverse interpretations
of these rules can be assessed. I insist that this preamble material is integral to my
item-by-item comments and that it be included and addressed in the public record.
Five appendices are also provided. They includes articles from the United States Center for
Disease Control (CDC) publication called "Immunization Action News" that provide
extensive insight into the underlying TDH plans for an immunization registry in Texas (appendices
1 and 2). Also, in my research I have found a text called "Written Public Testimony for the
Sunset Review of the Texas Department of Health," dated 7/1/98, authored by Dawn Richardson,
Alison Mullins, and Rebecca Rex, and submitted to the Texas Sunset Advisory Committee. It is an
extensive, credible, understandable summary of TDH's present and past refusal to limit itself to
powers properly delegated to it by We the People through the Texas legislature (appendix 3). I
have investigated it and agree with it, and I choose to appropriate every one of its arguments and
objections as an integral part of my official comments on the TDH proposed registry rules. An
article from Human Events documenting the current push toward a National Health ID Number is also
appended that serves to amplify the reality of the need for vigilance against illegal state
activities that tend to support such a national effort (appendix 4); and I appropriate the
arguments in this article as my own for my public comments on the registry. Finally and perhaps
most importantly of all, a late-breaking column documents INCREDIBLY totalitarian bills and new
laws being pushed by the US Congress that seek to unconstitutionally override state health laws,
and even to permit companies to literally buy and sell internationally every American's most
private medical secrets WITHOUT ANY CONSENT (appendix 5); I also appropriate all the comments and
arguments in appendix 5 column as my own for purposes of commenting on the public immunization
registry rules. EVERY PART OF EVERY APPENDIX IS AN INTEGRAL PART OF MY OFFICIAL PUBLIC COMMENTS,
AND SHOULD BE KEPT WITH MY COMMENTS, AND OFFICIALLY ADDRESSED.
1.2 My Qualifications to Comment
Of course I am a citizen of Texas and it is my right and duty to comment. I actually tried to
comment in the previous period, but the notification of both Texas physicians and the public on
such a potentially invasive issue as this was done in such a low profile manner that by the time I
could work on it, the comment period was up. I am thankful to the vigilant citizens who caught the
huge problems with the previous rules and made their views known. I also have four children in
public schools whose privacy is at risk under the proposed rules. However, I also have other
qualifications and reason for interest in this subject.
I am a family physician. After 3 years in rural full-service private practice I entered
full-time academic medicine. In 1991 I returned to Texas to teach on the faculty of a large and
capable family practice residency program affiliated with the University of Texas Southwestern
Medical Center, through which I hold the title of Associate Professor. I am the Associate Director
of Research at the McLennan County Education and Research Foundation, which is the parent
corporation for our residency program. In addition to teaching residents and students, I and all
of our faculty engage in part time practice. We primarily care for indigent patients.
In addition, I have been a computer programmer since 1970. I have held commercial jobs
programming, and have sold my own medical software in the past. Moreover, I have been extensively
involved in the field of Medical Informatics, which primarily involves the application of computer
technology to the practice of medicine and to public health. Our residency program now operates a
fully computerized patient record system which I use regularly and which I helped acquire. I
therefore am demonstrably able to understand both medicine and computer systems. Therefore do not
discount my objections to these rules, the poorly fettered public computerization of the health
records of Texas' children, as the result of some sort of naiveté on my part.
1.3 General principles: Freedom is more important than health care; we're serious about limited
government!
TDH needs to hear this so that it can understand how We the People who oppose large government
registries are not against good health: it's just that Freedom is vastly more important than
health care. For the sake of freedom our forefathers pledged their lives, their fortunes, and
their sacred honor. And the prime genius of American government is that it is strictly limited.
For example, in the name of freedom we will let a known criminal go unpunished simply because our
government technically overstepped its legal authority in his arrest! So I think that in the name
of all the benefits of freedom we can forego the lesser hypothetical benefits of a supercharged
immunization registry.
Why do I mention this? It is because if the TDH is like most groups advocating centralized
control mechanisms, then it is has only the best intentions in its proposals, so it is
absolutely mystified that anyone would oppose the good things it thinks it is offering. It
therefore views opponents of the plan as backward, anti-progress types who should be ignored as
much as possible. The TDH must truly come to grips the with degree to which the public
values strong limitation of government-by its failure to honor the expected limitations on
government it has lost 5+ years and millions of dollars pursuing a course unacceptable to the
public. I personally view the effect of TDH's pursuit of its "dream" (ImmTrac) as the
use of my own tax dollars against me to create an unauthorized infrastructure that will then be
touted as "an offer we can't refuse."
The TDH appears to have started down the road toward the immunization registry in SUMMER 1993.
Previous investigations of TDH's behavior have cited 1995, but as evidenced by the attached
article "Congratulations Texas!" from a CDC publication called Immunization Action
News (August 1997, Vol 4, No 1, Page 11-see appendix 1) the TDH started collecting data for
the registry in 1993, by no coincidence during the national frenzy over health care that was
concocted by the Clinton administration. TDH was so far along with its unauthorized public-private
consortium project, "ImmTrac," that by 1996 it had won "The 1996 Computerworld
Smithsonian Award" for innovative use of technology for society.
The Immunization Action News article is instructive in that it proves ImmTrac obviously
was not "vaporware," but had by 1996 already become "a system you can't
refuse." The article is important in understanding where TDH actually plans to take this
system: voice-response, BBS, free PC software, batch updates and extracts, and uploads and
downloads of entire files containing data on multiple patients. Moreover, ImmTrac's
"Application Program Interface (API) can be used with existing health-related software,
allowing other commercial or public software products to incorporate ImmTrac functionality to be
directly accessed by their applications." THAT SOUNDS LIKE A SYSTEM INTENDED TO BE MASSIVELY
INTERCONNECTED WITH A WOMB-TO-TOMB NATIONAL HEALTH CARE NETWORK. When you also read about
"Suzy" in "Immunization Registry Strategies" on page 8 in the same in the same
newsletter (see appendix 2) you hear that "what is remarkable about this particular scenario
is that Suzy has never been to this doctor's office before. In fact, she only recently moved to
this state. In generating her immunization history, the computer in the doctor's office was able
to access records that were entered by Suzy's previous health care providers and remained stored
in another state."-then you know that the TDH vision, without a doubt, is for transparent
connections across state and national boundaries. Perhaps this explains their many indiscretions
with the law in formulating the proposed rules.
I am a member of and have in the past held leadership positions within in a large national
organization called the American Medical Informatics Association (AMIA). I also belong to the
Society of Teachers of Family Medicine (STFM). Conferences held by both organizations were
routinely attended by and topically dominated by government employees and liberal academicians who
constantly bemoaned the lack of a standardized single identification number for patients. They
laughed at any suggestion that the US Constitution according to the Tenth Amendment does not
permit any federal mandates in health care. And they planned to start with immunization registries
in order to get a handle on the entire health care industry. Why? Because the public had already
become comfortable with limited powers for state public health agencies. Immunizations
would be the foot-in-the-door for a unique medical identification number that through
interconnection of public schools, daycare centers, public health agencies, and so-called
"managed care" would initially be used to track immunizations. But then, with just the
addition of more data fields and connectivity, "ImmTrac" becomes "AllTrac,"
and entire patient records could be maintained in an unnecessary, abuse-prone national database-with
little overall benefit to the patients compared to the huge advantage imparted to those who would
exert control over an entire population. Registries laws also desensitize the public and set a
precedent for the idea that it's normal for private records to routinely be sent by third
parties to the government.
Many groups like the Computer-Based Patient Record Institute (CPRI), AMIA, and the STFM are utterly
dominated by statists (people who advocate centralized government control mechanisms) and
multinational businesses who retain few true allegiances to the US. These groups continue to
support the development and implementation of systems of womb-to-tomb medical tracking of the
public at large. Pseudo-governmental entities like the Robert Wood Johnson Foundation (RWJF)
illegally collude with the government, as evidenced by RWJF's preeminence in the disgraced and
punished "Health Care Task Force." And they continue to virtually bribe governmental and
professional organizations with their offers of money and support, always with strings attached.
If RWJF likes something, then I always look carefully for a poison pill!
These groups, of course, were devastated when We the People chose freedom over fascism and
rejected the nationalized health care plans in 1993-94. Since that time they have learned that the
public will never accept most of what they advocate unless it is imposed "under the
radar," with stealth-slowly, and incrementally: and this change in their approach is
objectively demonstrable, and not just rhetoric.
So Americans esteem limited government. We want regulatory agencies like TDH to agree in spirit
and in action with the principle that government powers are strictly limited. Beyond required
reporting to the legislature and executive, state agencies should not lobby for specific
legislation using resources derived from taxes. I also vigorously object to having corporations
like Electronic Data Systems (EDS) and Robert Wood Johnson Foundation and many others through
their donations in effect bribing a state agency to work and push for the adoption of
certain positions favorable to them, and then to build with them an unauthorized infrastructure
that can later be foisted on the public as something done, something free, something too good to
pass up!-but a poison pill to freedom.
1.4 More creeping incrementalism: I object that the de facto contract
with the public that the legislature created through HB 3054 is not protected in the proposed rules.
In HB No. 3054 the changes in law create a de facto contract with the public. Under the law as
written and the rules implementing the law, the public is extended a right to decide whether or
not to participate in a public health database system, a decision that has both advantages and
disadvantages. It is therefore morally impermissible for the law itself or the rules ever to be
modified without giving registry participants the option to back out. In other words, NEITHER TDH
NOR THE LEGISLATURE MAY "RAID THE REGISTRY" BY PASSING A NEW LAW OR RULE that, for
example, suddenly permits the registry data to be uploaded to an international database without
there being a serious opportunity for people in the registry to remove their names BEFORE the
registry is uploaded.
Since the Texas legislature always intends to deal morally with the public, and even because
any future change in the registry laws could be argued to be illegal ex post facto laws, the TDH
should MEMORIALIZE THE DE FACTO CONTRACT IN THE RULES TO ASSURE ALL PEOPLE WHO AGREE TO
PARTICIPATE IN THE REGISTRY THAT IF THE LAWS OR RULES ARE EVER CHANGED, THEN THEY WILL HAVE AMPLE
NOTICE AND OPPORTUNITY TO REMOVE THEIR INFORMATION FROM THE REGISTRY BEFORE THE CHANGE IS
IMPLEMENTED. Freedom from ex post facto impositions is an unalienable right retained by We the
People and expressly protected in the Ninth Amendment of the US Constitution. It is nothing more
than any credit card company changing its rules would do for its card holders when it gives them
adequate notice that they can close their accounts if they disagree with the change. We demand the
same common-law morality from our government. TDH must explicitly describe how it intends to
protect our right to opt out of the registry if any of the laws or rules relating to the registry
change
1.5 The TDH has no legal authority to interpret or to implement Federal Laws and Regulations
related to the Immunization Registry; this lack of authority must be codified in the rules so that
no person or entity, through inappropriate acquiescence to their supposition of Federal preeminence,
commits the following offenses against the public: (1) a small breach of confidentiality; (2) a
massive breach of confidentiality; (3) a violation of the de facto contract with the public
that the legislature created through HB 3054 (addressed in section 1.4 in this letter).
TDH works for the people of the State of Texas, not for the Federal Government. If the Federal
Government oversteps its legal authority, as it is currently trying to do in health care, the
State of Texas has the legal right to oppose it, and if necessary in order to prevent irrevocable
damages, to seek restraining orders against it.
THE TDH APPEARS TO HAVE COLLUDED WITH THE FEDERAL AGENCIES AND DESIGNS, and very likely will
jump at any chance it gets to rationalize that Federal laws that it favors override the Texas laws
under which it operates. If it does this, THE TDH ITSELF MIGHT MASSIVELY RELEASE CONFIDENTIAL DATA
OUTSIDE THE STATE TO WHO KNOWS WHO, AND THEN TRY TO CLAIM AFTER THE IRREVOCABLE DAMAGE IS DONE,
THAT "IT ACTED IN GOOD FAITH" SO IS NOT RESPONSIBLE. And yet there is no legal authority
granted in the immunization registry law and the de facto contract with the public it invokes for
the TDH to displace the Texas registry law with Federal law. Moreover, the immunization registry
laws are constrained, specific state laws. The US Constitution in recognizing We the People's
unalienable rights in the Ninth and Tenth Amendments specifically, clearly, and emphatically
protects the power of local and state governments and limits the powers of the Federal government.
It is patently unconstitutional for the Federal Government to regulate-in any way-any of the
issues covered by the Texas immunization registry law. It is therefore extremely appropriate that
no Federal law appearing to TDH to conflict with or to override the Texas immunization
registry laws be honored or observed without a direct legal order of a Federal judge, and even in
that case rather than completely acquiescing, restraining orders should be obtained to protect
Texans in the registry. If it comes to the order of a Federal Judge, then other appropriate legal
resources of the State of Texas, including the legislature and the governor, will of course become
involved.
The TDH is charged with protecting the confidentiality of the immunization records. This
includes specific protections against illegal Federal raids on the registry. This is a very real
risk as you can see from the articles in appendix 4 and 5. The lack of this very basic protection
in the proposed rules disqualifies the rules in their present form, and requires that rules
appropriately protecting the public from Federal raids on the registry be written.
1.6 I object that the proposed rules assume authority that was not granted in the authorizing
law.
I obviously favor repeal of the underlying law authorizing the registry in the first place. And
unless I perceive an amazing turn around in TDH's good faith efforts to adhere to the principles
of limited government in rule-drafting, I will support the current call for curtailing TDH's
independent rule making powers.
However, assuming that the law expressed in HB 3054 is not repealed, I obviously want to
minimize the damage by insisting that any rules implementing it are absolutely strictly limited to
the powers granted by the legislature in law. Time after time after time the TDH rules as proposed
place requirements and burdens on people and entities that were specifically not authorized by the
law, and I object strenuously to this attempted usurpation. Specific objections are cited below
concerning individual items in the proposed rules, and all these objections are based in the
overriding principle of strictly limited government.
1.7 Massive Mistakes Permitted: I object that rules for (1) reducing the
risk of, (2) responding to, and (3) assigning accountability for a massive privacy breech is not
addressed in the rules.
Point Number One in establishing the immunization registry as stated in Texas Health and Safety
Code Section 161.007 (a) (1) is the PROTECTION OF CONFIDENTIALITY. The rules fail to adequate
provide for this. When paper records are used, there is no audit trail of a person glancing at
them or photocopying them, but there is also no significant risk of a massive breech of
confidentiality because each record must be individually physically accessed. When records are
kept electronically, audit trails and backups and other security measures can reduce the risk of a
single-record breech below that of paper, especially with computer systems located physically
within a single building with no outside computerized access. However, when a network the size of
Texas is proposed, the risk of both individual breech and massive breech of confidentiality is
considerably increased. It's like the killer bees-once they get out, there is no calling them
back, no matter how much you yell at the beekeeper. The same thing is true with
government-mandated databases. One hacker, one thief or disgruntled employee with backup tape or
CD, or even one "true believer" who disagrees with the security measures the public
cherishes can copy or upload the data to an international database and if it spreads, we will
never get it back.
The very serious lack of nearly any rules insuring that confidentiality be assured, the number
one mandate of the law, disqualifies these proposed rules from implementation. The rules need to
specify what steps will be taken to keep this database from being raided and from being propagated
to other computer systems, especially corporate, private, out of state, and out of country
systems.
2. Itemized Comments and Objections
2.1 TDH will collect and keep unauthorized data according to the proposed rules, and this is
illegal, so the rules should not be adopted.
- the name and date of birth of the person immunized;
- the dates of immunization
- the types of immunization administered [and logically to me this may include lot numbers,
etc.]; and
- the name and address of the health care provider administering the immunization
There is simply no authorization for the collection or the storage of any other data in
ImmTrac, including "voluntary" data. NONE-with the exception of a data field to
positively indicate that permission has been granted by a parent to include information in
ImmTrac. The legislature went out of its way through amendments to make sure there were limits
on this system! The rules indicate that TDH intends to collect a lot of other data both
"voluntary" and "if available" and in such a manner that they will
consistently get more information than the legislature authorized. WE DID NOT AUTHORIZE TDH TO
COLLECT THIS ADDITIONAL DATA, SO WHY IS TDH TRYING TO BURDEN THE PUBLIC WITH ILLEGAL,
UNAUTHORIZED DATA COLLECTION AND SUBMISSION, AND TRYING TO ILLEGALLY MAINTAIN A LARGER DATABASE
THAN AUTHORIZED? Stop it and stick to the law.
Moreover, the 4 authorized items above, along with the "gender" is all that TDH
needs to uniquely identify the particular record. We know this because the rules
(section 100.4(c)) specify that a parent may withdraw consent and have his or her "entire
child's record" (badly worded and needs revised also) completely "removed" from
the registry. [By the way, this means PHYSICALLY DELETED and NOT "flagged as deleted"
or "unmarked" or "backed up" or "moved to another system," etc.,
any of which would be outright fraud. Better to revise the wording and remove all doubt.] To
authorize withdrawal from the registry, the rules drafted by TDH say the parent must specify child's
name, date of birth, "gender," name of parent, parent
and child's address for confirmation notice, and signature and date of signature;
and THAT'S ALL THE TDH REQUIRES.
Obviously if you can permanently and irrevocably delete an "entire child's"
record by the receipt of such information, than you can uniquely identify the record. THIS
RENDERS COMPLETELY MOOT ANY ARGUMENT THAT ADDITIONAL INFORMATION IS NEEDED TO UNIQUELY IDENTIFY
IMMUNIZATION RECORDS IN THE TEXAS REGISTRY. This point should be remembered during all the
comments below about TDH overstepping its authority to collect and keep data. If the TDH insists
that (oops!) it really needs more information, then I will suggest that TDH was never worried
about accidentally deleting wrong records because they never intended to delete them in the
first place, but instead intended to just mark them or copy them to "another
system," transparently connected to their ImmTrac software, and just as easily queried
whenever they want in the future. TDH has already proven is it willing to rationalize its
manipulation of public data without authorization.
As another point, "industrial strength" computer systems typically are designed NOT
to lose data, and it is DIFFICULT to completely delete all information on a given patient. Data
is stored REDUNDANTLY. Backups are done to other systems and media. Deleted records can end up
right back in the database when backups are restored unless detailed, up to date
"journaled" transactions like deletes are kept and then posted on top of the restored
system. Often deleted records are not really deleted, but are simply marked as deleted, so that
unless the database is "compacted" the actual data remains and can be restored.
Specific rules for permanently destroying old backups must be made, and for insuring that recent
backups cannot be accidentally restored with unauthorized names or data. Even if the TDH thinks
that very few people will request removal from the database, about 300,000 people per year will
turn 18 years old and their records must be permanently deleted from the database because the
legislature did not authorize the maintenance of a registry of names of anyone 18 years old or
older. GUARANTEES OF AUTOMATIC DELETING FROM IMMTRAC AND THE REGISTRY AT 18 YEARS OF AGE MUST BE
SPECIFIED IN THE RULES.
I am particularly upset that the TDH actually was going to try to collect and enter social
security numbers and the mothers maiden names! What potential for abuse in a system that is so
far-flung! What a target for hackers! With such vouching identification a con-man can gain
access to bank accounts, credit card accounts, stock funds, etc. And it's just one stop
shopping if the White House wants to query ImmTrac with a unique key number (like the social
security number) to pull a record and go branching from there on an Filegate-like escapade. If
relationships and relatives (like mothers of children) have social security numbers on-line
along with the legal data, with a complex query you could literally pull up an entire family
tree if you wanted to track an entire family. Just what epidemiologists drool over, but just
what the public knows better than to accept.
2.2 Illegal release to people and entities could occur under these rules.
- a public health district
- a local health department
- the child's physician
- a school or child care facility in which the child is enrolled
THAT'S ALL.
Why are these rules stating that data can be released to "the Commissioner of Health or
designee" (section 100.2 (a) (2) (E))? Even if that was permitted, what do you mean by
designee? Designee of the commissioner of health? Or TDH's designee? It's an illegal
release, but even if were legal, the rule is ambiguously written and would be certain to be
abused in the future after the original meaning of the clause had been forgotten. And the ENTIRE
DATABASE can be released by such a clause-and re-release after that is very poorly protected-YET
CERTAINLY NO RE-RELEASE WAS AUTHORIZED OR INTENDED BY LAW.
And your rules (section 100.2 (a) (2) (G)) propose to give illegal registry access to past
and current health care plans, too! These plans already by law are required to get reports from
"providers." They are not permitted to practice medicine, and if they already have all
the information about immunizations given to their enrollees, then why would they want to access
the registry? Insurance companies may not legally access the registry, period.
HMO physicians should not get a competitive advantage over private doctors, either. If some
providers are required to report immunizations given to properly consented patients, then all
should be required to report, even the providers for HMOs and insured patients. The silly step
of providers reporting to insurance companies and HMOs should be scrapped. The insurance
companies and "managed care" megacorporations should be 100% out of the loop. There is
no earthly legitimate reason why insurance companies are involved AT ALL in this scheme-except
that their involvement is what permits you to create a computer network from
"provider" to "managed care" to "TDH" and back to
"provider." With both TDH and "managed care" having extensive network
connections nationally and internationally.
Additionally it is illegal for the Texas Department of Human Services (DHS) (except direct
immunization providers) to access the registry, but your rules (section 100.2 (a) (2) (D)) would
let them. You are charged with CONFIDENTIALITY, so why provide global access to such a huge and
potentially invasive agency as DHS? The registry would be highly tempting for abuse,
cross-correlations to locate people, etc. Anyone who needs to prove their immunizations to the
DHS can simply request a report from the registry and then provide a copy to the DHS.
2.3 Illegal re-release of information is authorized by the rules, so the rules should not be
implemented.
The whole point of a registry is to create a controlled, central access point so that everyone
knows where to look if they need information, right? So WHY would the TDH want ANYONE else to be
able to re-release that information, especially en mass or electronically, much less to be able to
release it across state lines? Yet that is exactly what Section 100.2 (a) illegally permits. TDH
is not authorized by the legislature to restrict the use of this registry only to those people who
are willing to forgo their legal privacy protections and agree that their records may be bandied
about freely, including across state lines.
Under Texas law, only the Health Department is authorized to release a child's confidential
immunization record. Release is authorized only to a public health district, a local health
department, the child's physician, the child's school or child care facility, or a parent. Period.
This rule even tries to give re-release privileges to "the Commissioner of Health or
designee" for whom access to the registry in the first place is illegal! And once
re-released, particularly across states lines, the recipients of the records do not necessarily
fall under any regulations at all. This data can propagate from system to system through various
channels, and eventually copies can end up in data banks that are off shore and completely
unregulated. You cannot recall data that has been launched irresponsibly into cyberspace no matter
how many mea culpas are issued. These illegal rules cannot remain, and I am shocked that the TDH
would try to permit such re-release of data.
2.4 I OBJECT TO TDH'S INADEQUATE EFFORTS TO OBTAIN THE STATUTORILY REQUIRED WRITTEN INFORMED
CONSENT FROM THE PARENT FOR REGISTRY INCLUSION AND RELEASE OF RECORDS.
2.4.1 I object to the use of a permanent document like the birth certificate for consent.
The following is from a commendable and valuable assessment of the proposed rules done by an
organization called Parents Requesting Open Vaccine Education (PROVE). I investigated the
statement, agree with it completely, and have adopted it as my own view which I now present for
inclusion in the official public record to be addressed as required by Texas law:
The proposed rules and current practice of TDH having a consent "check box" on birth
certificates forces parents to make an unrelated decision at a very inappropriate time. (Section
100.2 (b)). Not only are many women emotionally and physically exhausted during and after labor,
but most are under the physical and mind-altering effects of pain management drugs and anesthesia.
In addition, birth certificates are retyped by hospital staff, and there are documented instances
of hospital staff changing a parent's registry consent status from "no" to
"yes". This has lifetime repercussions for families who did not want their children's
confidential information released. An immunization registry has nothing to do with vital statistic
data. Birth certificate consent appears to be an attempt of TDH to push inclusion by catching
families at a vulnerable time when they are unlikely to give truly informed consent. Consent at
birth is inappropriate and should not be allowed to continue now or in the future.
Moreover, what are parents who want to revoke consent supposed to do, have their child's
birth certificate amended? Future abuses could easily occur where consent was presumed "in
good faith" via a permanent document like the birth certificate that carries the checkbox
forever, even though consent has been revoked.
2.4.2 Current Forms Force Inclusion, Violating the Law that Participation in the Registry be
Voluntary.
The following is from a commendable and valuable assessment of the proposed rules done by an
organization called Parents Requesting Open Vaccine Education (PROVE). I investigated the
statement, agree with it completely, and have adopted it as my own view which I now present for
inclusion in the official public record to be addressed as required by Texas law:
HB 3054 initiated the statewide immunization registry on September 1, 1997. Even though
this law authorizes only a purely voluntary registry, the consent forms TDH continues to use today
(C-90, C-97, C-106, etc.) bundle immunization consent with registry consent under one signature.
In other words, all parents who consent to having their child immunized are forced by default into
the registry. This puts the burden on parents to discover they have the right to withdraw consent
and to contact TDH to withdraw. There are documented instances of families being bullied and
misled by doctors, nurses and school health staff into believing they had no choice because their
consent to the administration of vaccine automatically would include them in the registry.
Additionally, the current consent forms do not inform the parent of everyone who will have access
to their child's personal information or about their right to later withdraw consent and how to do
so. Not only should current consent forms be replaced immediately, but TDH should be required to
contact every family forced to be included in the registry in this manner since September 1, 1997
with a new separate registry consent form that includes withdrawal information and release
disclosures.
At least as I discuss below there is no legal requirement that providers or insurance companies
solicit patients to participate in the registry.
2.4.3 No "Grandfathering" of Data
The following is from a commendable and valuable assessment of the proposed rules done by an
organization called Parents Requesting Open Vaccine Education (PROVE). I investigated the
statement, agree with it completely, and have adopted it as my own view which I now present for
inclusion in the official public record to be addressed as required by Texas law:
The legislative basis for the registry, HB 3054, which reads "An Act relating to the creation
of an immunization registry", did not authorize the registry to be initiated until September
1, 1997. In fact, TDH implemented the registry years before it was authorized to do so by the
Texas Legislature. None of the statute's privacy protections were in place during that time. For
example, the Texas Health and Safety Code expressly states in Section 161.008 (a) (3) that TDH
must have parents' consent before it may add their children to the registry. In fact, since 1995
TDH has entered at least 3.3 million children into its registry wholly or largely without any
parental consent whatever. Despite these unauthorized and abusive actions, and although TDH has
admitted that it cannot verify the required consent for these records, the proposed rules in
section 100.6 (a) state that TDH will keep information in the registry that was entered prior to
September 1, 1997. TDH's half-hearted proposal for contacting the parents of these children is
to post notices in doctor's offices which state that they may already be in the registry. This
is unacceptable. TDH should instead be required to directly contact those families and either
obtain truly informed consent in writing or delete those records from the registry."
Overall, however, the law is quite clear that the honest and proper thing to do is for the TDH
to just go ahead and delete those records that it should never have obtained in the first place.
Since none of these illegally enrolled patients have given proper consent (unless subsequent
consent has been given), providers are free to immunize them without providing reports to the
registry, and their insurance companies are also free not to provide reports. Additional
discussion appears below.
2.4.4 Not One Time Only
The following is from a commendable and valuable assessment of the proposed rules done by an
organization called Parents Requesting Open Vaccine Education (PROVE). I investigated the
statement, agree with it completely, and have adopted it as my own view which I now present for
inclusion in the official public record to be addressed as required by Texas law:
Federal law and the Vaccine Injury Compensation Program (VICP) require parents to be provided
with printed information about the benefits and risks of a vaccine before it is administered to
their child, as well as how to monitor and report an adverse vaccine reaction. Section 161.008 (c)
of the Texas Health and Safety Code requires that TDH may obtain or release registry data only
with the prior written consent of a parent. However, the proposed rules state that "consent
must be obtained one time only and is valid until the child attains 21 years of age" (Section
100.1 (10)). Further, this one-time consent is to include "past, present, and future
information" concerning the child's immunizations (Section 100.2 (a) (2)). This proposed rule
appears to be an attempt by TDH to force inclusion by default rather than to obtain true informed
consent. A "one time only" consent is not adequate as children change providers many
times. How will a new doctor know whether consent was obtained at birth or from another provider,
or was denied? Since other federally mandated forms are already being distributed at the time of
vaccination, it is convenient and necessary for the protection of our children's information that
written consent for the registry be obtained at the time of each vaccination. There are over 200
new vaccines being developed, and since no parent knows what future vaccines will be required,
consent for registry inclusion and release should be obtained with each new vaccine being
administered.
As a physician I would prefer that patients give or refuse consent on a case-by-case basis. I
would be very uncomfortable sending data based only on the parent thinking that the child
had a consent form on file, so not knowing whether or not consent was signed or evoked, I would
generally choose to require a new form each time. Perhaps if one was on file in my office I would
let it stand until the patient revoked it with me.
The age of 21 should be changed to 18 since records must be purged from the system after the
patient reaches 18 years of age.
2.4.5 Inadequate Data Security
The following is from a commendable and valuable assessment of the proposed rules done by an
organization called Parents Requesting Open Vaccine Education (PROVE). I investigated the
statement, agree with it completely, and have adopted it as my own view which I now present for
inclusion in the official public record to be addressed as required by Texas law:
Immunization registry records are confidential medical information (Health and Safety Code
Section 161.007 (a) (1)). However, the proposed rules require only "immunization providers,
health plans, and TDH" to "maintain the confidentiality of all immunization
reports" (Section 100.9 (b)). In addition, the rules require only providers to sign
confidentiality statements, register, and be provided with security levels, a user ID, and a
password (Section 100.11 (a-c)). Why has TDH left out schools, day care facilities, and other
registry users from these security and confidentiality requirements? The way this section of the
proposed rules is written allows virtually anyone at a registry user's location to have unsecured
access to the personal information in any child's record. All registry users, not just providers,
must be required to maintain the confidentiality of an immunization record.
See section 1.7 above about the risk of massive breech of confidentiality.
2.4.6 Missing Protections for Patients Not Participating and for Providers Serving Only
Non-Participants
The following is from a commendable and valuable assessment of the proposed rules done by an
organization called Parents Requesting Open Vaccine Education (PROVE). I investigated the
statement, agree with it completely, and have adopted it as my own view which I now present for
inclusion in the official public record to be addressed as required by Texas law:
Since inclusion in the registry is voluntary, the rules should state that parents who
refuse consent will not be penalized, retaliated against, or in any way harassed. Families
choosing not to participate in the registry must be protected from any backlash by registry
users, including, but not limited to: insurance companies, health maintenance organizations,
other organizations that pay or reimburse claims for immunizations, physicians, public health
offices, employers, schools, or child care establishments.
I will also add something to this point: The TDH is supposed to inform patients and their
parents about the registry (Health and Safety Code Section 161.007 (a) (2). Patients might choose
to participate or they might not. However, THERE IS NO LEGAL REQUIREMENT THAT ANY PROVIDER OR
INSURANCE COMPANY PROACTIVELY OBTAIN CONSENT FOR PARTICIPATION IN THE REGISTRY. This should
emphasize that participation in the registry is VOLUNTARY. If your birth-certificate check-boxes
and one-time-consent provisions stand, and they should not, then perhaps some patients will come
for immunizations for which consent has "been obtained in accordance with guidelines,"
and if those people are immunized, then providers and insurance companies will be legally required
to report those immunizations to the registry. If the patient has not consented, however, there is
no legal obligation to ask them whether or not they wish to participate. Moreover, there are
currently over 3 million names in the database for whom legal consent have not been obtained by
TDH. Since these people have not consented to the registry, and there is no legal obligation to
solicit such consent, it is possible to immunize these people legally without either obtaining
consent for the registry or reporting it.
Moreover, there is no law prohibiting "providers" from requiring their patients to
refuse to participate in the registry if they want to receive immunization in their practice.
There is also no law prohibiting insurance companies from requiring their enrollees to refuse to
participate in the registry. Since through this law the legislature has created even more unfunded
burdens on private business- vastly in excess of the meager TDH estimates, and unfortunately
once again falling disproportionately on physicians who serve patients who pay cash-it is
natural that some physicians will choose to avoid becoming "agents" of the TDH, and will
require their patients to either refuse participation in the registry, or to seek immunization
elsewhere.
Because of the points above, I wish to see rules propagated to validate and protect the legal
right of providers and insurance companies NOT to solicit consent for the database, and to
validate and protect the right of immunization providers to provide immunizations only to those
patients not in the registry or who refuse to participate in the registry. The right of insurance
companies (if otherwise legally permitted to refuse immunization coverage) who only wish to
provide immunization coverage for patients who refuse participation in the registry should also be
protected. TDH is INCREDIBLY mistaken in its assertion in the preamble to the rules that "the
average insurer will incur costs equivalent to $500 per year of participation." It will cost
more, and I think that companies that can legally avoid one more unfunded mandate by the
government will jump at the chance to do so, and I don't blame them.
2.5 The TDH rules illegally restrict the format that providers are required to use in submitting
reports, and No National and International Monitoring of Vaccination Status
Under the law (Health and Safety Code Section 161.007 (d)) providers are permitted to submit
immunization reports to TDH "in writing, by electronic means, or by voice." The TDH is
permitted to specify the format of each of these reports, but the TDH is not permitted to limit
telephone reporting to providers that administer less than 25 immunizations per month. Even if
this were legal, it needs revised because immunizations are seasonal-do you mean averages? Does
"immunizations" mean how many are reported to the registry, or how many are done per
month including adult flu shots, etc.?
PROVE says "The proposed rules state the HL7 format will be used by the registry for
automated data exchange (Section 100.8 (b)). HL7 format has a format specific to immunizations
that allows for the sharing of records and monitoring of vaccine status nationally and
internationally. This data exchange format was chosen by TDH because of their intentions to
release our children's records to databases outside of Texas despite strong parental objections
and absence of statutory authority. The HL7 format promotes this."
The proposed rule permitting insurance companies to access the registry is illegal, so it will
be illegal for them to have read-access to the registry, so no specifications that they will
accept information from the registry in HL7 format can be legally made.
The law making insurance companies middlemen between providers and the registry is poorly
conceived and should either be amended or repealed with the entire registry law, but if it is not,
then the protocol which TDH mandates be used to send it reports does not particularly concern me.
It would be illegal for the insurance companies to send the information anywhere else, whether the
company uses HL7 or not. But I am VERY concerned that the choice of HL7 is yet another sign that
once again TDH plans to move data around without authorization, to fudge and try to change the
laws or rules, and in effect to perform a "bait and switch" wherein the registry is
suddenly connected directly or indirectly to databases or networks that were never specifically
authorized in current law. The defacto contract with the public created through the registry law
may not be violated-see section 1.4 above for additional explanation of this.
2.6 No Agents of the TDH
I object to the defining of all providers as agents for the Texas Department of Health for the
purposes of the immunization registry. PROVE states the following, and I am concerned also:
There is no statutory authority for making providers the agents of TDH for registry purposes,
and the implications of so doing are unclear. Defining providers as agents of TDH could shield
them from legal liability under their statutory obligation to maintain doctor/patient
confidentiality as well as other wrongful uses of the registry, such as reporting or disclosing
private information without securing written consent (Section 100.1 (3)). I request that TDH
explain its intentions and the potential ramifications of making providers its agents for registry
purposes.
In Section 100.1 (3) TDH states that "all providers are eligible to participate in the
registry" in a manner suggesting that participation is voluntary, but then states that
"all providers become agents of the Texas Department of Health for the purposes of the
immunization registry." Of course the legal authority of the TDH to declare
"providers" to be its agents for immunization purposes is very doubtful. Are you are
trying to make a case for it via some other portion of law (and if that is the case it should have
been cross referenced in the rules)? But I want to know why you felt you had to do this. Is there
some problem in the rest of the law and/or rules that falls apart if providers are not considered
agents? Please delete the agent part and clarify!
2.7 The rules state that providers are required to permit the TDH to inspect immunization
records. This appears to be illegal and I object to it.
The rules (Section 100.7 (a) and (b)) do not appear to be legal impositions on providers. In my
experience, it is practically impossible for medical records to be reviewed properly in this
manner-often it ends up being a "fishing expedition" and records to which the
inspector had no right end up getting viewed. Moreover, there are no limits expressed-the
potential for constant impositions by an overzealous local TDH representative remains. Controls
would be needed even if this section could legally stand. Also, the language is not specific here-providers
are not required to submit reports when patients have not consented to inclusion in the registry,
but the wording suggests that all immunization records, even adults and children's records not
in the registry, are at risk for review. Knowing how public health officials love to get
denominators it would be very likely that this clause would be misinterpreted. So even is this
section were legal, it would need reworded. If this section is supported in other law, then the
rules should cite the supporting law. I urge the legislature to keep the government out of private
medical records!
Very sincerely,
William M. Chop Jr. MD
Associate Professor and Associate Director of Research
McLennan County Medical Education and Research Foundation
. Waco Family Practice Residency Program
. Family Practice Faculty Development Center of Texas
. Affiliated with University of Texas Southwestern Medical Center
Attachments:
Appendix 1: 1 page
Appendix 2: 1 page
Appendix 3: 10 pages
Appendix 4: 1 page
Appendix 5: 1 page
Appendix 1
From the CDC's National Immunization Program (NIP) publication called
"Immunization Action News"
August 1997, Vol 4, No 1, Page 11
Dotted underline and [ ] added by me for emphasis and clarification.
Congratulations Texas!
Congratulations to the Texas Department of Health (TDH) staff and partners involved in the
development of ImmTrac. TDH won the 1996 Computerworld Smithsonian Award (CWSA) for innovative use
of technology for society in the medicine category, for the development of the ImmTrac immunization
registry. Robert Crider, Immunization Division Director, and Ann Syptak, ImmTrac Project Director,
accepted the award in Washington, D.C., on June 4, 1996.
ImmTrac, along with nine other winners in other information technology categories, will be added
to a permanent Smithsonian exhibit called 'The Information Age: People, Information, and
Technology.' This exhibit has already been visited by over 3 million visitors to the Smithsonian.
The winners were chosen from among 341 nominations, in 10 categories. To be considered, a project
must he nominated by the Chairman's Committee of CWSA, which is made up of representatives of 100
leading information technology companies. A listing of these committee members is available through
the Innovation Network at CWSA (URL: http:// innovate.si.edu).
The ImmTrac system was developed through a public/private partnership that has been very
successful. The TDH worked with its contractor, Electronic Data Systems (EDS), and contractors from
Historically Underutilized Businesses (HUBs), which are minority and women-owned businesses. They
worked together to define, analyze, and implement the requirements and specifications, and then test
the resulting application. They have also worked with the Bureau of Vital Statistics (BVS) and have
successfully imported 2 years of data previously collected by BVS. Private industry and non-profit
foundations also contributed to the registry's development by providing equipment and financial
support. Their best advice: "Build and educate a team of leaders, analysts, programmers, and
subject matter experts from diverse backgrounds and work cultures to be a highly productive and
cohesive team, and choose technology that would support a statewide system now and many years into
the future..."
In addition to managing the child's immunization history, the ImmTrac system can also generate
reminder notices for upcoming vaccinations that are due, and recall notices for missed or overdue
vaccinations. It provides customized reporting by facility or geographic region, including coverage
levels, and can pinpoint demographic or geographic problem areas, allowing for special outreach
activities.
ImmTrac will import and export information from local databases, and assist other programs such
as the Women, Infants, and Children (WIC) program. In addition to the TDH and medical providers,
other users, such as school administrators and nurses, daycare facilities, and parents all have
access to certain features of the system. Users can access the ImmTrac system through several
methods:
(1) a Voice Response System (VRS), which allows parents and other users to call in for a current
history and what's upcoming or past due, using a touch-tone phone; (2) by a modem and Bulletin
Board System (BBS) combination by the private sector; and (3) by free PC software. Responses are
available through voice, fax, mail, or download from the BBS. There are two 800 numbers, funded by
TDH: one allows priority access for providers, schools, and daycare facilities; the second is for
the parents' use. The VRS also can provide special messages from the TDH about any special news
that needs to be disseminated, options for receiving immunizations and histories, and the TDH
immunization schedule. Because of confidentiality issues, these access methods are protected by a
sophisticated security subsystem.
Two interfaces are available for integrating ImmTrac with other automated systems: (1) An
Import/Export feature that provides a standard format for other medical related applications and
automated city or county systems, allowing import and export of data to and from ImmTrac. This will
accommodate batch updates and extracts. One example is the State's Integrated Client Encounter
System (ICES) which currently exports data about clients that have had immunizations at regional
clinics; ImmTrac then imports this information into its more complete database. (2) The Application
Program Interface (API) can be used with existing health-related software, allowing other commercial
or public software products to incorporate ImmTrac functionality to be directly accessed by their
applications.
In addition to receiving immediate information online, the provider can request information, log
off, and then return later to download the processed request from the TDH WAN or BBS. This saves
time and frees the staff and computer for other tasks, and also saves money by reducing costs to the
800 number. A good example of this would be a doctor's office requesting either a data file or a
report of all patients needing reminder notices of immunizations in the coming week. Another
time-saving feature is an automated report scheduling mechanism so the user can request customized
parameters for a report and then have it run automatically as often as needed (e.g.. daily, weekly,
monthly).
The system will become available to public health personnel in stages. The system will be
installed in all TDH regional administrative sites by the end of the summer [1997]. The first local
health department installation is scheduled for September Regional and local health department staff
will recruit and provide some local support for private physicians in their area. Texas has been
collecting immunization data in public health clinics throughout the State since the summer of 1993.
That data was loaded into ImmTrac along with current immunization data. There are currently
1,200,000 clients, with 4,775,000 immunizations in ImmTrac. The Texas birth cohort is approximately
350,000.
Though not in the public domain, this software application can be made available to other states
as a foundation for their own immunization information systems, replacing the technology of the user
interface or database as needed to support their own technology strategy without rewriting the
entire application. In addition, this application can be easily enhanced or modified to support
other health care applications.
For more information on ImmTrac, contact:
Bob Crider, Director, TDH Immunization Program, or
Ann Syptak, ImmTrac Project Director, at (512) 458-7284.
Contributed by:
Cathy Stout, Clearinghouse Team, Data Management Division, NIP, CDC
Appendix 2
From the CDC's National Immunization Program (NIP) publication called
"Immunization Action News"
August 1997, Vol 4, No 1, Page 8
Dotted underline and added by me for emphasis and clarification.
Immunization registry strategies
The year is 2005. Six-month-old Suzy Jones is seeing her pediatrician today. Her father made an
appointment for her when he received a post card in the mail reminding him that Suzy was due for her
next series of shots.
At the doctor's office a staff member accesses Suzy's computerized immunization record. The
computer compares her immunization history with the latest ACIP recommendations, and suggests the
shots that Suzy needs. The doctor examines Suzy and administers the appropriate vaccinations after
referring again to the computer to see if Suzy's upper respiratory infection represents a true
contraindication to vaccination. An updated copy of Suzy's immunization record and information on
when she is next due, is given to Suzy's dad as he and his daughter leave the office.
Immunization registries make this scenario possible. Such registries are currently in various
stages of development in cities and states throughout the country. What is remarkable about this
particular scenario is that Suzy has never been to this doctor's office before. In fact, she only
recently moved to this state. In generating her immunization history, the computer in the doctor's
office was able to access records that were entered by Suzy's previous health care providers and
remained stored in another state.
This scenario represents an important goal of the National Immunization Program - the development
of community and state-based immunization registries that can communicate information with each
other when necessary. NIP recognizes immunization registries as the principal tool in fulfilling the
mission to improve and sustain high levels of vaccine coverage in the U.S. and thus prevent the
transmission of vaccine-preventable diseases.
NIP's National Immunization Registry Clearinghouse provides technical and programmatic
assistance to the developers and users of immunization registries.
Appendix 3
See TEXT of Written Public Testimony for the Sunset Review of The Texas
Department of Health.
Appendix 4
"HHS Plans to Tag Every American With a Medical ID"
from Human Events August 21, 1998
August 21, 1998, Vol 54, No 32, Page 4
Dotted underline and added by me for emphasis and clarification.
Gore and Shalala Want Your Number, But Promise Privacy
HHS Plans to Tag Every American With a Medical ID
BY JOSEPH A. D'AGOSTINO
The U.S. Department of Health and Human Services (HHS) is forging ahead with a controversial plan
to assign every American citizen a health information identification number.
These numbers will allow every government bureaucrat, HMO executive, and anyone else with access
to a widespread computer network to pull up all the health care information available on any
American.
A little-noticed proposal by Rep. David Hobson (R. -Ohio) that mandated the new program was
rolled into the massive 1996 Kassebaum-Kennedy health care reform legislation. The provision allows
HHS to implement the idea of a national medical identification number as it sees fit, if Congress
fails to pass its own version of an ID system by the end of 1999.
HMOs and other health care industry companies favor the proposal as an aid to efficiency.
As HHS began formulating plans this year to implement the system, an uproar ensued when
congressmen and privacy activists realized what was happening. Ten days after legislation was
introduced July 21 to kill any national health ID, Vice President Gore said that strict privacy
protections would be implemented as part of the program.
"Privacy is a basic American value, in the Information Age and in every age," Gore
said.
HHS Secretary Donna Shalala announced the administration's privacy protections on August 11.
"The proposals we are making today set a national standard for protecting the security and
integrity of medical records when they are kept in electronic form," Shalala said.
She then called on Congress to pass into law some privacy protections of its own. "It is
crucial to have these standards, as we move increasingly toward electronic medical records. But it
is also not enough. In addition, we urgently need new legal protections to safeguard the privacy of
medical records in all forms."
Any 14-Year-Old With a Modem
HHS's protections are designed to limit access to a patient's records to doctors and health
care personnel who need them, as well as the patient's insurance company executives. Researchers
would be allowed access to records only with information that could identify a patient deleted.
But a spokeswoman for HHS admitted that with someone's ID number and access to any of hundreds
of thousands of computer terminals across the country, someone with just little knowledge of
computers could read anyone's physical and mental health care records.
"Any 14-year-old with a modem could access your information," complained Michael
Sullivan, spokesman for Rep. Ron Paul (R.-Tex.), who was the sponsor of the July 21 legislation to
forbid the federal government from implementing any kind of ID system. A week later, the House GOP
leadership inserted similar language into the Patient Protection Act, which the House then passed,
despite the objections of Paul and many other conservatives that it is unwarranted government
interference in the market that will only shore up HMOs.
The Senate, however, will almost certainly not take up Patient Protection this year, meaning that
passage of Paul's bill, or one of four other weaker proposals, would be needed to stop HHS's
plans. Yet no hearings have been scheduled on any of these measures for the rest of this session.
The push for medical ID numbers-originally included in Hillary Clinton's massive health care
reform proposal-is actually part of the Clinton Administration's plan to implement piece by
piece that 1993 scheme that failed so miserably.
The government has never mandated a national ID system since Social Security numbers were first
assigned in 1935.
"The federal government has no authority to endanger the privacy of personal medical
information by forcing all citizens to adopt a uniform health identifier for use in a national
database," said Paul on July 21. "A uniform health ID endangers constitutional liberties,
threatens doctor-patient relationships, and opens the door to federal officials' accessing deeply
personal medical information for political purposes."
Appendix 5
Dotted underline and added by me for emphasis and clarification.
Date: Thu, 20 Aug 1998 11:12:30 -0500
To: [email protected]
From: Eagle Forum <[email protected]>
Congress's Secret Plans
to Get Our Medical Records
August 19, 1998
By Phyllis Schlafly
Americans were outraged to learn about the Federal Government's plans to assign a personal
identification number to every medical patient. But Congress nevertheless passed HR 4250, the
so-called Patient Protection Act, which allows anyone who maintains your personal medical records to
gather, exchange and distribute them.
The only condition on distribution is that the information be used for "health care
operations," which is a vague and meaningless limitation that does not even exclude marketing.
Even worse, HR 4250 preempts state laws that currently protect patients from unauthorized
distribution of their medical records.
While the sponsors of HR 4250 claim that they did not intend for the information to be
circulated for "just anything," their spokesman confirmed that personal medical records
would be used for future programs concerning health quality and disease management.
When the Kennedy-Kassebaum law was passed in 1996, we were told it was to improve access to
health insurance. The law became explosively controversial last month when the Department of Health
and Human Services (HHS) began to implement the Kennedy-Kassebaum "unique health care
identifiers" so that government can electronically tag, track and monitor every citizen's
personal medical records.
After this news broke on July 18, embarrassed Congressmen inserted a line in HR 4250, which
passed July 24, ordering HHS not to promulgate "a final standard" without Congressional
authorization.
That language is a total phony; it doesn't prevent HHS from issuing proposed or interim standards
(which will become de facto standards) or from collecting medical data.
So much money is involved in accessing and controlling personal information that the Washington
lobbyists are moving rapidly to lock in the extraordinary powers conferred by the Kennedy-Kassebaum
law. That explains these sneaky eleventh-hour inserts in pending legislation.
On August 4, the House passed yet another bill to protect the gathering of personal information
on private citizens. To paraphrase Ronald Reagan, there they go again.
Just before passing HR 2281, a bill about copyrights on the Internet, the House quietly
attached a separate and dangerous bill deceptively entitled the "Collections of Information
Antipiracy Act."
No one, of course, is in favor of "piracy," but the impact of this bill goes far beyond
any reasonable definition of piracy. By the legerdemain of inserting it in another bill, it will go
straight to a House-Senate conference committee under a procedure designed to avoid debate or
amendments in the Senate.
This Collections of Information bill (now part of HR 2281), in effect, creates a new federal
property right to own, manage and control personal information about you, including your name,
address, telephone number, medical records, and "any other intangible material capable of being
collected and organized in a systematic way." This new property right provides a powerful
incentive for corporations to build nationwide databases of the personal medical information
envisioned by the Kennedy-Kassebaum law and the Patient Protection bill.
Under the Collections of Information bill, any information about you can be owned and controlled
by others under protection of Federal law. Your medical chart detailing your visits to your doctor,
for example, would suddenly become the federally protected property of other persons or
corporations, and their rights (not your rights) would be protected by Federal police power.
This bill will encourage health care corporations to assign a unique national health identifier
to each patient. The government can then simply agree to use a privately-assigned national
identifier, and Clinton's longtime goal of government control of health care will be achieved.
This bill creates a new federal crime that penalizes a first offense by a fine of up to $250,000
or imprisonment for up to 5 years, or both, for interfering with this new property right. It even
authorizes Federal judges to order seizure of property before a finding of wrongdoing.
HR 2281 grants these new Federal rights only to private databases, and pretends to exclude
the government's own efforts to collect information about citizens. But a loophole in the bill
permits private firms to share their Federally protected data with the government so long as the
information is not collected under a specific government agency or license agreement.
This loophole will encourage corporations, foundations, Washington insiders and political donors,
to build massive databases of citizens' medical and other personal records, and then share that data
with the government. And, under the House-passed bill cynically called the Patient Protection Act,
patients would be unable to invoke state privacy laws to protect their personal records.
Meanwhile, in another aspect of the Federal takeover of all Americans' health care, the Centers
for Disease Control is aggressively building a national database of all children's medical records
through the ruse of tracking immunizations.
Tell your Congressman and Senators you won't vote for them in the upcoming elections unless they
immediately stop all Federal plans to track and monitor our health or immunization records.
Phyllis Schlafly column 8-19-98
Eagle Forum PO Box 618
Alton, IL 62002
Phone: 618-462-5415 [email protected]
Fax: 618-462-8909 http://www.eagleforum.org
To subscribe to Eagle E-mail please e-mail [email protected]
with SUBSCRIBE in the subject line.
|