« السابقةمتابعة »
choose a program or register an opinion, a record will be made of it. Each time you send or receive an electronic letter, a record will be made of where it went and where it came from.
Records such as these can reveal a lot about your private affairs that you probably wouldn't want very many people to know. This is why many privacy experts, contemplating the potential misuse of the wealth of information being compiled on individuals, consider computers a more serious threat to privacy than any other technological development of the 20th century. However, they stress that if proper safeguards are included, protection and confidentiality are possible with computers.
The question boils down to this: What guarantees do private citizens have that these records won't be used against them by the businesses or government agencies that have access to them?
The threats to privacy
There are some federal and state laws already on the books to protect pri vacy, and some two-way television and computer companies have developed privacy codes of their own. But the collection and computerizing of personal information about you is proceeding at such a rapid rate that technological developments are rendering past protections obsolete.
Arthur Bushkin, who worked on privacy issues in the Carter adminis tration and is now a Washington consultant, sees three major threats. ► Eavesdropping Wiretapping and interception of private radio communications is generally prohibited by federal and state laws Law enforcement agents, for example, usually cannot engage in wiretapping without a court order. But eavesdropping on radio communications has become easier with the development of sophisticated scanners.
Privacy of records. This is Bushkin's principal area of concern. "The catalyst here is the computer and its magnificent ability to store and disseminate information," he says. Businesses, banks, governments and other institutions have been putting together fairly extensive records on all of us for a long time, but once records are fed into computers, it is possible
"We may soon be leaving
a computerized trail not only of financial transactions but also of our movements and habits."
not only to compile more information faster but also to provide almost instant access to it by people unknown to us and for reasons never stated to us.
► Surveillance. "Computers," notes Bushkin, "can follow you around." We may soon be leaving a comput erized trail not only of our financial transactions but also of our movements and habits. Credit-card transactions already leave a trail, and the smart card may reveal even more about you
"During the next two decades," Bushkin predicts, "we will become a wired nation. We will have the inherent capability to build up a much broader profile of people's habits and track the location of behavior. This will force us to examine some very fundamental questions about the kind of society we are."
Computer systems offer great potential for law enforcement, Bushkin believes. It will probably be possible to program them to find someone who is on the FBI's ten-most-wanted list. "On the other hand," he asks, "do we want to use these systems to search for people with more than three outstanding parking tickets?"
Robert Ellis Smith, publisher of Privacy Journal, a monthly newslet ter, fears that two-way television will create the major privacy problems of the future. Two-way television is a form of pay TV, he notes. The companies providing the programs and services must know when and how the systems are being used so that they can bill their customers. The by product of the billings is a computerized record of household habits.
Two-way TV can also provide burglar and fire alarm services. But to activate some systems, you must tell the company providing the services that you are leaving your home, thus creating a record of your comings and goings.
Smith, author of Privacy: How to Protect What's Left of It (Doubleday),
is also concerned about the ability of two-way TV and smart cards to monitor consumers' behavior without their knowledge.
He cites a recent experiment in Pittsfield, Mass., where consumers-voluntarily, in this case-agreed to have their purchases recorded to see how they were responding to television advertising The bar codes found on virtually all packaged goods make it easy to track purchases. In the Pittsfield experiment, purchases were measured through the use of con sumer identity cards as well as the bar codes. Such experiments, Smith fears, could be duplicated by exam ining the records of smart card and TV purchases without consumers' knowledge.
Sizing up the safeguards
Warner Amex Cable Communica tions, which operates the two-way interactive cable television service QUBE in cities in Ohio and several other states, is sensitive to the privacy issue. The company's 11-point Code of Privacy states that Warner Amex "shall maintain adequate safeguards to ensure the physical security and confidentiality of any subscriber information." The code also provides that information about individual subscriber viewing or responses "will be kept strictly confidential unless publication is an inherent part of the service (eg, announcing a game show prizewinner)" and that Warner Amex "will refuse requests to make any individual subscriber information available to government agencies in the absence of legal compulsion. If requests for such information are made, Warner Amex will promptly notify the subscriber prior to re sponding if permitted to do so by law."
Warner Amex's code has been tested at least once, and the company has stuck by its pledge. When a movie theater operator in Columbus, Ohio, was accused of showing a pornographic film, he protested that the film had already been on the QUBE cable system in Columbus and asked the company for the names of the people who watched it. A judge ruled that Warner Amex need not provide individual names, but the company was ordered to make public the percentage of its subscribers that or
dered the movie and presumably saw it as well
On a broader scale, only three states California, Illinois and Wisconsin-now have laws seeking to insure privacy for subscribers to cable systems and two-way TV. The provisions are similar to the Warner Amex code. In addition, the California law prohibits a cable system operator from using "any electronic device to record, transmit, or observe any events or listen to, record, or monitor any conversations which take place inside a subscriber's residence, workplace, or place of business, without obtaining the express written consent of
This section, which is similar to one in the Illinois law, is designed to protect people from abuse of systems that, in effect, listen in to homes in order to provide fire and security protection. One such system links a TV set to a computer monitor capable of electronically sweeping a household every seven seconds.
So far, the interest in privacy-protection laws on a national scale is practically nil in Washington. A report on privacy dangers was issued by a special presidential commission six years ago. Its recommendations have not been enacted by federal agencies or Congress. Congressional hearings will be held this spring on safeguards for the use of tax information.
Little more than a decade ago, in fact, proposals were made for a centralized federal computer list that would combine all the information the government had about an individual, from social security records to military service and even arrest records. The proposals, which were backed and pushed largely by lawenforcement agencies, never got se rious consideration.
Today there is no longer any talk about centralizing information because computer techniques have advanced so quickly that one master file is unnecessary. The same purpose can be served by computer matching programs. Two or more tapes containing different kinds of information can be run through a computer and compared to discover which names or information appear on both lists. Such matching of tapes is being performed to find people suspected of being welfare cheats and govern
ment workers who have failed to pay their federal student loans, and to identify youths who have not registered with the Selective Service System. In the last case, the social security numbers of youths who reach registration age are checked against selective service and armed forces lists. If a name on the social security list is not on the selective service or armed forces lists, the government scores a "hit" and provides the Selective Service System with the name and address of that person.
Information gathered about all of us by the government is supposed to be used only for the purpose for which it is obtained. But the interpretation of laws and regulations differs, and new laws can be passed. The Privacy Act of 1974, which spells out the rules for government agencies, restricts the use and disclosure of information. However, the selective service matching program was specifically authorized by Congress, and federal guidelines have been revised to facilitate computer checking for welfare cheats and delinquent student loans and to leave more discretion to individual federal agencies.
Henry Geller, former head of the National Telecommunications and Information Administration, a federal agency within the Department of Commerce, contends that for sensitive information there must be "an expectation of confidentiality" of information obtained from individuals by the government or anyone else. The U.S. Postal Service and the Internal Revenue Service have generally good records of protecting the pri vacy of the mails and sensitive tax information, says Geller, who is now a Duke University professor.
People worried about computerassisted invasions of privacy insist that they do not want to thwart the computer industry. Rather, they say they seek a balance between technological advancement and citizens' well-established right of privacy.
"What makes America unique," says Geller, "is its treatment of the individual, and that must include a guarantee of the right of privacy. It is a part of the quality of life. Privacy and the dignity of the individual go together."
Illustration by Dick Cole
Your medical records. How private are they?
By Alec Dubro
There was a time when medical records consisted of a few hastily scribbled notes stuck in a dog-eared file folder and shoved into the bottom drawer of the family physician's desk. If not exactly superfluous, they were almost incidental to the practice of medicine. All the really important information about a patient - often beginning with his birth - was filed away in the physician's memory.
All that has changed drastically in the past 50 years. As medicine has become more sophisticated and special
ized, and as the population has become ever more mobile, the need for complete medical records has increased significantly. Today, an individual's records can run to hundreds of pages and are likely to be found in several physicians' offices and hospitals as well as in electronic data banks. Until this year, however, the patient himself did not have an automatic right to see his own medical records. If he wished to obtain them, he generally had to hire an attor ney and have the records subpoenaed
When Assembly Bill 610 became effective on January 1, a five year legislative battle to open medical records to the consumer came to an end. The bill, sponsored by former Assemblyman Howard Berman (since elected to Congress), allows an individual to obtain his records without using the services of an attorney. The new law says, "(E)very person having ultimate responsibility for decisions respecting his or her own health care also possesses a concomitant right of access to complete information respecting his or her condition and care provided." Health & SC §25250.
Four previous attempts to pass legislation granting consumers access to their medical records had been defeated, almost entirely as a result of concerted efforts by the California Medical Association and the California Hospital Association. The CMA
Few documents contain more
intimate detail than
argued that open records would inhibit the physician's freedom to speculate about a patient's condition without fear of legal retribution, and would thereby diminish the quality of medical care.
Barbara Holstead of the Institute for the Study of Medical Ethics, a group organized to lobby for open records, said of the CMA's successful opposition to an earlier bill, "They've fought the bill for two reasons: One, they've always done things their way, and two, they want to preserve the present paternalistic system of medicine."
But paternalistic medicir.e had had little popular support in recent years. A 1979 Harris poll ("Dimensions of Privacy") showed that 91 percent of Americans, including 64 percent of physicians, supported the idea of open medical records. Nevertheless, the CMA opposed AB 610 until the organization was successful in adding an amendment allowing physicians the option of providing summaries of a record, rather than the entire document.
Before passage of AB 610, the State Board of Medical Quality Assurance received 300 to 500 complaints annually about denial of access to medical records, principally by private physicians. "Since few consumers are even aware of the BMQA," says its executive director, Robert Roland, "I assume that these complaints were just the tip of the iceberg."
Other complaints found their way to the Department of Consumer Affairs in Sacramento. Consumer Liaison Officer Candis Cohen says she found three groups of people who wanted their medical records. "The first group were changing doctors. The second were people who simply wanted to take more responsibility for their own health care. And the third group were women involved in DES cases." Many women who took diethylstilbestrol during pregnancy say they have had difficulty obtaining their medical records, as have their daughters, who want to see their mothers' records because DES has been linked to increased risk of uterine cancer in women whose mothers took the drug. DES mothers and daughters have also complained of slipshod or non-existent record keeping, uncooperative physicians and instances of "missing" files.
Like some physicians, a number of hospital administrators have consistently opposed the idea of open records. The Chicago-based American Hospital Association currently states that medical re
Alec Dubro is a free-lance writer and editor living in Berkeley.
cords "are regarded as the property of the hospital."
An administrator for one of California's largest health care organizations, who asked not to be identified, says that he feels there is no good reason to allow patients access to their records. Aside from those with a legal claim against the hospital-who could get their records through an attorney - he says the only people who would want to see their records would be "paranoids, criminally minded people trying to finagle a disability claim, and curiosity seekers." Of the Berman bill, this administrator says, "It will be an annoyance or nuisance at best. It creates a huge editing task, and if summaries are done by a physician, the reasonable cost will be from $50 to $100 an hour."
On the other hand, William Petrick, general counsel for the Permanente Medical Group, California's largest physician group practice, says, "We have always attempted to satisfy patients who wished to see their records. We have suggested they make appointments with their physicians to discuss their records, and we will continue to do so after the Berman bill takes effect. There are some unclear passages in the new law, but we will abide by its intent. We have, in fact, prepared request forms and established fees for those who do want to review their records or have them copied."
The CMA argued that open records would diminish the quality of health care.
Some lawyers also question the wisdom of showing a patient his medical record. Oakland attorney Steven Kazan, who frequently represents plaintiffs in asbestosis cases, says, "There could be good reasons for patients wanting to see records, specifically if they are receiving bad health care. But I'm not sure that unlimited access to records is productive. What one has the right to, and what is best, are not necessarily the same thing."
Kaiser-Fremont pediatrician Bennett Coplan feels otherwise. "If a patient asks to see his chart," says Coplan, "it is destructive to the doctor-patient relationship to deny access. There is a danger of misinterpretation by the patient, of course, but that's why I'll guide the patient through the chart. As for the supposedly chilling effect open records have on a doctor's candid observations, a lot of those things doctors are now afraid to write shouldn't be written anyway. There are ways to describe conditions so that colleagues can
understand without resorting to valueladen conclusions."
Roland agrees. "Health care ought not to be run for the bureaucrats, but for the consumers," he says. "People have a right to examine their records; the reason why doesn't matter. It should be a necessary and acceptable cost for the doctors and the hospitals."
Perhaps the most solid evidence in support of open records was revealed in hearings conducted in the mid-1970s by the Privacy Protection Study Committee. According to the committee's 1977 report, "Not one witness was able to identify an instance where access to records had had an untoward effect on a patient's medical condition."
If access to medical records has been the consumer's most immediate concern, the issue of access by third parties has raised the hackles of civil libertarians as well as consumers. A number of committees of the American Civil Liberties Union have devoted themselves to shoring up laws which limit access by those other than the health care provider and consumer, but the law, alone, does not ensure the privacy of medical records.
San Francisco attorney Wes W. Wagnon has handled a number of DES cases for the San Francisco firm of Hersh & Hersh. He notes that although the law limits what medical records can be subpoenaed in a medical case (the Confidentiality of Medical Information Act, CC §56 et seq), the health care practitioner usually complies with a subpoena, regardless of its validity.
"We had a case recently," he says, "where opposing counsel subpoenaed psychiatric records which we deemed to be wholly irrelevant to the case. By the time we found out and made the motion to quash, the subpoena service had the records, and they were viewed by counsel. Ultimately we did obtain the return of the records, but the burden was on us to prevent private records from being made public."
The majority of records in third-party hands are not those subpoenaed in legal proceedings, however, but those in possession of insurance carriers. Since at least three-quarters of all medical bills are paid for by either public or private insurance, a lot of medical records leave doctors' offices.
In the past, abuse of medical record privacy by insurance companies was not uncommon. Insurance carriers readily exchanged information on persons seeking to purchase new insurance. Moreover, the records themselves were frequently out of date. Beyond the reach of the consumer, the records in insurance companies' data bases were not updated
as were records in doctors' offices. "It is
Two years ago, the Legislature passed a law based on the National Association of Insurance Commissioners model bill, which guarantees the consumer a modicum of privacy and the ability to check his insurance records and correct mistakes (Ins C §§791.01-.26).
"The bill provides the same protection to the consumer as does the (federal) Fair Credit Reporting Act in other areas,' says one insurance company's in-house counsel. "Basically, our problem has been one of balance- how to protect the privacy of our clients, and how to satisfy our need to check on what we are paying for. This law also enumerates carefully under what circumstances the carrier can disclose information to other agencies. The insurance companies here have become more sophisticated about disclosure; they've been feeling the pressure of
media stories and punitive damage judgments."
A great deal of medical insurance is carried by public agencies, where there is an even greater risk of record disclosure. State and local governments frequently maintain comprehensive files on abortions, for instance, ostensibly for public health reasons. Such files have been known to wind up in the hands of antiabortion groups.
Frequently, it is simply the fear that medical records may fall into the wrong hands that proves detrimental to health care. Under the state's Short-Doyle law (Welf & I C §§5600 et seq), anyone seeking psychotherapeutic counseling may use community clinics, which are regulated by county health departments. In Los Angeles County, computerization of medical records has resulted in the inclusion of intake information on ShortDoyle patients, many of whom are labeled "mentally disabled" for recordkeeping purposes. Patients so categorized have complained that this terminology goes into county files and is ultimately available to numerous data workers.
Fears of breach of privacy are not unfounded. Missouri Senator Thomas Eagleton's vice-presidential aspirations were dashed in 1972 when his psychiatric records were leaked to the press, even though they were protected by law.
Where protective legislation is concerned, the health care consumer in California has been gaining ground. Recent laws not only give patients access to their records but also seek to protect those records from unscrupulous insurance investigators and overzealous law enforce ment personnel. None of these protections, however, alters the fact that the number of medical record data bases continues to increase. And the records they contain include a great deal of very personal information. As the executive director of the American Medical Record Association told the federal Privacy Protection Study Committee, "A complete medical record may contain more intimate details about an individual than could be found in any single document." It is no wonder, then, that medical records will be the focus of continuing concern for both consumers and attor neys. 0