Back in the 2004, a brash state senator from Illinois lit a fire at the Democratic National Convention with his soaring rhetoric. One of Barack Obama’s goals was to deliver a message of unity during a divisive campaign season, a message that Americans were more alike than they’re dissimilar:
While I like his sentiment, that last line has always stuck with me. Even at the time, it was bizarrely naïve: Monitoring library activity was an element of Red Scare Big Brother-ism that seemed out of date in an Internet-using America. Did Obama really think that the biggest potential violation of American privacy in 2004 happened at the library?
It wasn’t true then and it’s certainly not true now. In fact no president has overseen a more systematic violation of American privacy than Obama has, with federal agents “poking around” everything nowadays. The latest is Obamacare’s exploitation of private healthcare data.
The Centers for Medicare & Medicaid Services (CMS) is proposing to create a national database of highly sensitive personal health information for the approximately 30 million Americans with individual and small group coverage. The proposal, Section 153.610 of a new Health and Human Services (HHS) rule dealing with Obamacare, would require health plans to send CMS enrollee-level claims data on a massive scale, including:
· Member’s diagnoses
· Prescription drugs
· Procedures received
· Names of hospitals and health care providers
· Amount paid
· Out-of-pocket liabilities
· Demographics
· Social Security Number
· And so on
Furthermore, plans also would be required to send proprietary information about their contracted prices for their members’ hospitalizations, doctor visits, and prescription drugs. Now, the main stated purpose in mining all this personal data from American citizens is as innocent as could be. It’s to expand “HHS’s ability to use that enrollee-level data from risk adjustment covered plans to improve the risk adjustment model recalibration.”
So CMS claims this is mainly for actuarial pricing purposes, which are of course essential in any insurance-based business model, but the organization demurely admits it may use these data for other purposes, and may even provide data to third parties for research.
(Note: when the government says it “may” do something that never means it “won’t” and is sometimes code for “already started.” Ask Edward Snowden what he thinks about what the government “may” do.)
Morally, CMS needs to reject the national database proposal. The government has no mandate to create a national database of individuals’ sensitive health information, and one which would be extremely difficult – that’s Washington-ese for “expensive” – to build and maintain.
Not only is centralizing highly sensitive consumer information costly, it’s also dangerous. When data are compartmentalized, they are harder to find and a less attractive target. You put all your data eggs in one cyber-basket and you entice hackers. In the age of cyber-attacks and Wikileaks, millions of patients’ privacy are jeopardized in the event of a data breach, and CMS has failed to provide adequate (or any) justification for this high-risk approach.
Not only could aggressive third-parties compromise a patient’s privacy, but the government could as well.
Particularly troubling, the plan lacks detail for how the database would be implemented, which essentially would grant the agency unlimited powers to define their own data collection methods moving forward. (Again, ask Snowden about that idea.) Allowing the government to create this unprecedented collection of private information could also be a back door to the single-payer system we were told would never, ever happen.
Changing the current system is unnecessary as the existing server model for medical data (the “EDGE” system) offers an effective and less risky approach across the board. Moreover, CMS’s existing distributed model could be used to recalibrate the risk-adjustment model and perform essentially all the actuarial functions of a centralized database—but without any of the cost, risk, or privacy violation.
The state has absolutely no business harvesting and storing private citizens’ medical records. We need to rip Section 153.610 from the books, burn it, and throw the ashes in the Chicago River.
Now if you’ll excuse me, I’m afraid of Obama’s NSA spying on my Internet browsing, so I’m going to check out a book from my local library.
