Clinton Preparing To
Give Medical I.D. to
Every American
By Sheryl Gay Stolberg
The New York Times

WASHINGTON -- As legislation that would protect patient privacy languishes in Congress, the Clinton administration is quietly laying plans to assign every American a "unique health identifier": a computer code that could be used to create a national database that would track every citizen's medical history from cradle to grave.
The electronic code was mandated by a 1996 law and would be the first comprehensive national identification system since the Social Security number was introduced in 1935. Although the idea has attracted almost no public attention, it is so contentious that federal health officials, who were supposed to propose a plan for the identifier by February, have made little headway and are instead launching a series of hearings beginning on Monday to solicit public comment.
Proponents, including insurance companies and public health researchers, say the benefits would be vast. Doctors and hospitals would be able to monitor the health of patients as they switch from one insurance plan to the next. Patients would not have to wade through a cumbersome bureaucracy to obtain old records. Billing would be streamlined, saving money. A national disease database could be created, offering unlimited opportunities for scientific study.
But opponents, including privacy advocates and some doctors' groups, say the code smacks of Big Brother. They warn that sensitive health information might be linked to financial data or criminal records and that already tenuous privacy protections would be further weakened as existing managed care databases, for example, are linked. They say that trust in doctors, already eroded by managed care, would deteriorate further, with patients growing reluctant to share intimate details. And in a world where computer hackers can penetrate the Pentagon's computer system, they ask, will anyone's medical records be safe?
"We have very grave concerns about the unique patient identifier," said Dr. Donald Palmisano, the American Medical Association's expert on medical privacy. "If this information ended up in some central repository, some giant clearinghouse, what protection do we have that some vandal would not break in?"
The identifier was ordered by Congress in 1996 as part of legislation that permits employees to take their health insurance with them when they switch jobs. That law, the Health Insurance Portability and Accountability Act, also requires codes for employers, health plans, doctors and hospitals.
But none of the requirements for what is being called "administrative simplification" has generated as much debate as the idea of a patient identification number.
"We are taking a slow approach," said Campbell Gardett, a spokesman for the Department of Health and Human Services, which is charged with creating the system. "This will be an issue that has a lot of sensitivity and a lot of feeling," so much so, he said, that if no consensus can be reached on how to develop the system, the administration could be forced to drop the plan and report to Congress that it was impossible to achieve.
Experts say crucial questions remain, among them what kind of identifier should be used. Some have proposed using the Social Security number, which is already used as an identifier by many health plans. But critics complain that too many people, including credit card company clerks and state motor vehicles officials, already have access to Social Security numbers.
Others have suggested a composite number, consisting of the patient's date of birth, the latitude and longitude of the hometown and some additional digits. Still others say the identifier should not be a number at all but rather a "biomedical marker," like a thumb print or an electronic scan of the retina -- an option that is considered remote. "My own feeling is that you do need to have a way to identify people uniquely," said Dr. Don Detmer, chairman of the National Committee on Vital and Health Statistics, a citizens panel that is advising Donna Shalala, the health and human services secretary, on the issue. "Now the challenge comes down to what is the best way of doing that."
To sort out these and other issues, Shalala's agency is deviating from its customary rulemaking procedure. Rather than issuing a proposal and inviting public comment, as it already has with regulations for the employer and provider identifier codes, the department is sponsoring a series of public hearings on the unique patient identifier. The first is scheduled for Monday in Chicago.
"It will be interesting," predicted Dr. Christopher Chute, the head of medical information resources at the Mayo Foundation. "It could reduce to yet another forum for the disgruntled and the paranoid to vent."
Chute, who will sit on a panel on Monday, is a strong advocate of the patient identifier. The alternative, he said, is to "rely on folklore and anecdote in health care." An epidemiologist, he envisions a day when a patient with an unusual combination of diseases can walk into a doctor's office, and the doctor can tap into a national repository that will turn up other patients with the same complex history, along with advice about what treatments work best.
"That's the fantasy," Chute said. "We have the technology to do such a thing. What we don't have is the social infrastructure to support it." But Americans may not accept that vision, said Dr. Richard Sobel, a research fellow at Harvard Law School. Sobel, who studies the political and constitutional questions raised by government databanks, said the nation has a suspicion of technological efficiency that dates to the Founding Fathers.
"The American political system was set up to be inefficient, to divide power," Sobel said. "What ID numbers do is centralize power, and in a time when knowledge is power, then centralized information is centralized power. I think people have a gut sense that this is not a good idea."
An earlier proposal for a national medical identification card, put forth by the Clinton administration in 1993 as part of its ill-fated plan to provide universal health insurance, generated huge opposition. Critics complained that the card would become the equivalent of a domestic passport; the idea dropped by the wayside when the plan to overhaul the health system fell apart.
The current debate is sharpened, both sides say, by the lack of a federal law to protect patient privacy.
"There's a federal law right now that protects the privacy of the titles of the videos you rent, but not one that protects your medical history," said Mary Jane Collipriest, a spokeswoman for Sen. Robert Bennett, R-Utah, who is drafting privacy legislation and expects to introduce his bill later this month.
In addition to Bennett's draft, there are five bills already circulating in Congress. Each delineates who can have access to medical records without a patient's consent and stipulates penalties for the unauthorized release of medical information. But each bill varies on several crucial points.
For instance, Sen. Patrick Leahy, D-Vt., would allow patients to opt out of the electronic data system entirely, a feature the other bills do not contain. Leahy would also require a court order for law-enforcement officials to have access to medical records without patient consent, a provision that is opposed by Bennett as well as Ms. Shalala.
Another contentious issue is whether federal privacy legislation should override stricter state laws.
In the absence of any legislation, many say, privacy has already been seriously compromised. "There is no privacy anymore," said Rep. Jim McDermott, D-Wash., who is author of another of the bills. "It has been eroded in so many ways that you can find out almost anything about anybody if you know how to work the computer well enough."
He cites one incident that, he said, "set my teeth on edge." In 1996, a Medicaid clerk in Maryland tapped into a computerized database and sold patient names to a health maintenance organization for as little as 50 cents per record.
Some ethicists, including Dr. Arthur Caplan, director of the Center for Bioethics at the University of Pennsylvania, contend that debate over the unique health identifier is nothing more than a red herring. "It's illusory to give people the idea that they can protect privacy," Caplan said. "Your managed care company knows what doctors you see, what pills you take, how often they are prescribed. What don't they know?"
But the current system is highly balkanized; the computers at one managed-care company cannot communicate with those at another. Critics of the national identification code say that once different plans can talk to one another, linking medical records for years and even decades, patient privacy will be virtually nonexistent.
A.G. Breitenstein, director of the Health Law Institute, an advocacy group based in Boston, said: "That information will be irrevocably integrated into a cradle-to-grave medical record to which insurers, employers, government and law enforcement will have access is, to me, exactly what privacy is not. People are not going to feel comfortable going to the doctor, because now you are going to have a permanent record that will follow you around for the rest of your life that says you had syphilis, or depression, or an abortion or whatever else."

Sightings HomePage