A National ID Card

comment on their own medical records. Unfortunately, this perception is false. The danger with this one-way system is that once personal

information is collected for one purpose, the temptation to use it for another is often irresistible.

Health privacy is one of the most important privacy issues facing our nation. Protecting patient privacy is critical to improving health care, and fostering valuable public health initiatives. The need to protect patient records is urgent, notably, due to the time limit in the Health Insurance Portability and Accountability Act of 1996 (otherwise known as the Kennedy-Kassenbaum bill) which requires Congress to pass health privacy legislation by August 1999, and if Congress fails to act, the law directs the Secretary of Health and Human Services to promulgate rules of enforcement. This requirement was mandated under a provision called "Administrative Simplification," which was, until it made the front page of the New York Times in July 1998, a little-known amendment to the 1996 Act. Last year the Secretary issued her proposed regulations which had several alarming features. Most disturbing is that the proposal will allow law enforcement officials to obtain unfettered access to patient medical records, without first getting patients' permission.

Additionally, there are three aspects of the Secretary's proposed regulations that pose the gravest threat to medical privacy:

• Computerization: Citizens may be denied the option of a "paper only" patient record without risking denial of insurance or loss of benefits, forcing everyone to participate in a huge computerized network. The model for computerization of patient records is the credit bureau industry, whose mammoth database for consumers financial information have been plagued by inaccuracy, unauthorized access, and fraud.

• No informed consent: Secretary Shalala has said that privacy rights are not absolute, claiming that "it's not always possible to ask for permission" to use a patient's record. But Americans think differently. According to a Time/CNN poll, 87 percent of Americans demand to be asked for permission every time medical information about them is being used.

• National I.D. Number: The regulations include a tacit or explicit endorsement of the establishment of a "unique health identifier" -- a de facto national I.D. assigned by the government or business and

used to link all medical records from cradle to grave.

Under our laws, what you tell your lawyer is generally protected against government intrusion, and arguably, what you tell your doctor is certainly as important as what you tell your lawyer. Most Americans would agree that our medical information deserves to be as well protected. In fact, many people don't realize how public their medical record really is. While state laws differ depending on the state, your doctor, the people working in your doctor's office of course have access to your records, but also employees at your HMO office, your employer including your human resource manager and supervisor all potentially have access to your medical information. The fact that someone has an abortion or suffers from depression or is being tested for a genetic illness is simply not something that they would want to necessarily share with anyone other than their doctor.

The unauthorized use and abuse of this confidential information is already widespread. Most Americans would be alarmed to learn how many pairs of eyes are scanning what they thought was a privileged communication with their doctor. According to TIME Magazine, trading of health information has already become a $40 billion industry. A report by the Institute of Medicine (1997) noted that the roster of parties claiming a "need to know" what is in an individual's medical record was too numerous to list.

The problem with protecting privacy, especially medical privacy, is that many perceive the need for a balancing test, balancing privacy with the needs of industry, research and technology. While technological advances bring tremendous benefits to society, the quid pro quo should not, and need not, be the loss of control over our own personal information.

It is the position of the ACLU that strong federal legislation which establishes enforceable privacy protection for personal health information is critical. The ACLU supports federal legislation that provides individuals with meaningful control over who may have access to their records, including limiting some persons to specified information only. Re-disclosure should be prohibited except with specific permission or, in very narrow circumstances, upon express statutory authorization. We support federal privacy protection in this area for three primary reasons: first, staggering technological innovations which allow for easy transfer of personal health information over great distances; second, the expansion of managed

care, which will necessarily expose confidential information to a wider network of people; and third, the unevenness of privacy protection provided by current state laws to medical records whether kept on paperbased or computerized information systems.

As more and more companies merge and interact with each other, the ability for a company to run a database storage for medical records and house a credit reporting database is not only a potential but a reality. Our objections focus on the unrestricted access to private information by nonhealth care providers, the potentials for abuse, and the government implementation of a program that, from all indications, it does not have a successful track record in managing. One need only look at the social security number fiasco, the uniform drivers license requirement which makes it almost mandatory for states to use social security numbers as drivers license identifiers and other breaches of privacy facilitated by the federal government.

Further with respect to the massive database industry, where patient information has been cross-referenced with credit report header information as we in Washington, DC found out earlier this year, when the drugstores where we purchased our prescriptions were utilizing these databases to target people as potential marketing prospects for new drugs or refills. It is this unrestrained access to patient information that is the problem, the result of an unrestricted arena in which patients are the losers.

I submit finally that a national ID system, like a unique patient identifier, poses a direct threat to personal privacy and to the security of personal information. This Congress should focus on a solution to the overall need for comprehensive personal privacy, not a way for Big Brother to further ruin the personal, financial and medical lives of Americans.

Statement Prepared by:

Solange E. Bitol, Legislative Counsel

ACLU Washington National Office

In compliance with US House Representative Rule XI, clause 2(g) (4) the American Civil Liberties Union receives no federal grant funding, and has not received any federal grant funding in the two preceding years.

Mr. MCINTOSH. Our final witness on this panel is Mr. Grover Norquist, who is president of Americans for Tax Reform. Mr. Norquist.

Mr. NORQUIST. Thank you. I have prepared remarks which I have shared in writing. I will just open up by saying when I got my driver's license in Washington, DC, and said, "I would like, as I understand is my right, to give you a different number than Social Security." The lady said, "You want a driver's license or what?" I waited for a while, and I eventually gave up and gave her my Social Security number because I sort of, at some point, wanted the driver's license. I was not told there was an option. I was told I was wrong in thinking that this was an option.

I serve as president of Americans for Tax Reform. We are a national tax bureau organization and we try to reduce the size and scope of government at both the Federal and State level. But over the last 12 years, we have been actively involved in opposing all efforts to move toward national ID cards or national ID systems. It seems to me there is sort of a bad game of jeopardy going on. The answer always seems to be the same even though the questions change. Immigration law, let's have a national ID card. Health care, let's have a national ID card with all sorts of information. Tax policy, let's have Social Security numbers on dependents. Deadbeat dads is another reason for a national ID card. Ñow driver's licenses. There is always a new reason. It is always the same answer. And the answer is more power and information flowing to Washington.

I think it is important to remember that when you hand the government more information and more control, they don't necessarily use it in the way that they first sold it to you. The withholding tax was a temporary measure to fight World War II and it has been used to expand State power in the United States. The value-added tax in Europe was sold as a way to rationalize a whole series of excise taxes, and became an engine for government growth and a vacuum cleaner for resources.

In Europe, even the Brady bill and the effort at Instant Check, which we were assured was the way to move away from keeping data, the government actually temporarily will have data on who buys a gun. And now they want to keep that data. The whole thing was set up so the government wouldn't ever have it. There is a fleeting moment when they do have it. And now the Clinton administration is coming back and saying they want to hold on to it for months. Somehow, I guess months will turn into a longer period. This is in keeping with a couple of threats to American privacy. We have seen Janet Reno suggesting to the group of eight justice ministers last December that we put a unique identifying tag on over a packet of data on the Internet so that the police can track things as they go through the Internet, quote, "the same way we tag explosives.'

The FCC has turned down a Reno request to do what other countries have done.

Mr. MCINTOSH. What is a packet of data? Is that e-mail?

Mr. NORQUIST. It is e-mail. It is the whole kit and kaboodle. Of course, the present legislation that the Clinton administration has

been pushing for to not allow inscription domestically would allow them to read e-mail. Tagging would be a step beyond that.

The FCC has turned down an effort that Reno suggested to follow where Japan and Switzerland have already gone. In Japan, the National Telephone Co., NTT, maintains a Web site where it is possible to get the exact location of anyone carrying a cell phone in Tokyo. Because these things emit little beepers when they are on, you can tell where a cell phone is.

In Switzerland, the location of every cell phone is logged every 3 hours and the data is kept for 6 months. So, you can find out where somebody is by where they are keeping their cell phone, and it is possible to keep that information.

Now, if you take the post office, in order to fight fraud, wants to have a to and from address that can be read technologically on every letter, so that the post office could keep and maintain a list of every letter that went to and from you, indefinitely into the future, and hold onto it. It becomes easier to store data. You keep that stuff indefinitely into the future.

Put that together with efforts toward a national ID card and you have really got a tremendous web of the government expanding the data that it can have. And the challenge is, when you have data like that, there is a tremendous temptation to do something with it. And people are constantly coming up with new ideas. "Gee, if we have an ID card, why don't we put everybody's health stuff in a little chip in the middle of the ID card?" Well, if you are going to do that, why not put their tax data on it?

There are going to be a number of arguments, each of them to make life simpler and easier. And people like me who stand there and are told, "Do you want to get your driver's license or what," will surrender each day a little of their privacy.

And even what you may promise people in law, you will never have to give your Social Security number, well, the bureaucrat who wouldn't let me have my driver's license without it may or may not have read your law, but at some point that protection did not matter, and people do trade.

The only good that I can see that comes out of this effort by the transportation people is it might put an end to the enemies of the second amendment who always say, "Oh, you shouldn't worry about licensing guns. No one has ever had trouble with licensing cars and driver's licenses." Now they are going to be using that as an argument for a national ID card, and I think there are some potential dangers there.

I would certainly support the efforts by Congressman Barr to undo this, and certainly Ron Paul's efforts to make it clearer legislatively that Social Security numbers cannot be used for other purposes.

Thank you.

[The prepared statement of Mr. Norquist follows:]

« Previous Continue »

Books

A National ID Card: Big Government at Its Worst Or Technological Efficiency ...