Articles, PSQH August 12, 2009

We Need Privacy Now

by Barry P Chaiken, MD

Does the Fourth Amendment apply to our medical data?

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

According to a report by Milt Freudenheim in the New York Times (And you thought a Prescription Was Private, August 9, 2009), it sure doesn’t look like it.

More than two years ago (Patient Information: Who’s Your Daddy) I warned that for-profit entities might use private patient data to market products to consumers.

Patient data may be used to target relevant product ads to individuals based upon the data contained in the medical record.

Today, patient information is actively being used to target market products and services to patients. Large pharmacy chains such as CVS Caremark and Walgreens regularly utilize pharmacy information to identify patients to whom they send out email messages, coupons, and flyers. Although the data they utilize is de-identified, they employ reverse lookup utilities to reconstruct the information with patient identifiers.

At a meeting with several health information technology leaders at the HIMSS 2008 Annual Conference, Google’s CEO, Eric Schmidt, was cautioned about the use of patient data contained within Google Health. Although WebMD and Microsoft currently acknowledge the privacy rules outlined in ARRA apply to them, Google disagrees. Freudenheim quoted in his article a representative of Google who said:

Google is bound by the privacy policy that people agree to when they sign up.

WOW. To this day I still have not met anyone who reads those legal notices we all are asked to accept before using software or accessing certain websites. To rely on the acceptance of the privacy policy upon sign up as a defense for using patient information in any commercial way deemed appropriate seems weak and suggests exploitation.

Excerpts from: We Need Privacy Now. PSQH, September/October, 2009


Comments 1
  • It’s disgraceful that these large companies are selling data about their customers. Sadly it’s consistent with today’s business ethics, if you can call it that. I say it’s an opportunity for regulation. There’s no privacy in the internet age, but that’s no excuse for them profiting from my data without giving me a cut.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.