[ Monday, August 22, 2005 ]
Constitutional Right to Privacy.
According to the 10th Circuit
Court of Appeals, you have a constitutional right to privacy in your prescription records. Of course, the drafters of the Constitution intended that; remember the kerfuffle that erupted when word of George Washington's wooden teeth got out? I think it was addressed in the Federalist Papers, probably number 21 or so (John Jay, naturally).UPDATE:
Ed Richards, a health law professor at LSU, notes that a 1977 Supreme Court case
specifically upheld the right of a state (New York) to enact and enforce a law where pharmacies and physicians had to report prescriptions for particularly dangerous drugs to state administrative and enforcement personnel. There were protections in place to ensure the confidentiality of the names of the individuals receiving the prescriptions, but you know how "safe" those records would be. This case grants a constitutional right to privacy where the Supreme Court's decision implied that none existed.UPDATE II:
Jim Pyles, an ardent privacy advocate, notes that Supreme Court in that 1977 decision specifically sidestepped the constitutional right to privacy issue: "The right to collect and use such data for public purposes is typically accompanied by a concomitant statutory or regulatory duty to avoid unwarranted disclosures. Recognizing that in some circumstances that duty arguably has its roots in the Constitution, nevertheless, New York's statutory scheme, and its implementing administrative procedures, evidence a proper concern with, and protection of, the individual's interest in privacy. WE THEREFORE NEED NOT, AND DO NOT, DECIDE ANY QUESTION WHICH MIGHT BE PRESENTED BY THE UNWARRANTED DISCLOSURE OF ACCUMULATED PRIVATE DATA WHETHER INTENTIONAL OR UNINTENTIONAL OR BY A SYSTEM THAT DID NOT CONTAIN COMPARABLE SECURITY PROVISIONS. We simply hold that this record does not establish an invasion of any right or liberty protected by the Fourteenth Amendment" (emphasis Jim's). The Supreme Court noted that the NY regulatory scheme had enough protections that the Court determined that improper disclosure was not a high risk, and therefore the state only needed to show a legitimate need for the information as part of the regulatory scheme. If there was a risk of unwarranted disclosure, then the Constitutional right to privacy would be implicated, and the state would need to show a compelling need for the information as part of the regulatory scheme.
Keep in mind that this was a 1977 case, so the technology involved was 1977 technology. The "safeguards" included the fact that the computer on which the information was stored was not connected with any other computer, the information gathered could already be gathered in paper format by the state (although Brennan noted, in his concurrence, that the way the state gathers the information might have a 4th Amendment implication), only a few state officials could access the information (less than 50), and any other public disclosure was strictly prohibited.
Jeff [1:30 PM]
Blogger: HIPAA Blog - Edit your Template