Privacy rule has opt-out loophole

A federal regulation protecting the privacy of medical records has a major loophole that would allow marketers to get the names of patients and target them for unsolicited ads, witnesses told Congress on Thursday.

That means a woman whose pregnancy test from a medical lab is positive could be the recipient of ads about prenatal vitamins. Or a person filling a prescription for a diabetes drug could get a mailbox full of ads about a new product from a drug maker.

Under the rule, a person can opt out of receiving unsolicited information only after getting the first one.

The new regulation, one of the last actions of the Clinton administration, goes into effect Feb. 26, 2003. It covers medical data, most of which is stored in electronic form, from private and governmental providers.

But at a hearing on the new regulation, some lawmakers and public-interest groups said the rule does not go far enough.

"There is a growing fear that technology is being used not to improve our lives but to make it easier for others to rifle through our medicine cabinets and peer into our checkbooks," said Sen. Chris Dodd (D-Conn.), a member of the Senate Health, Education, Labor and Pensions Committee, which held the hearing.

Nevertheless, Dodd guaranteed that firewalls will be placed in the workplace between the people who run an employer's health insurance program and those who make the hiring and firing decisions.

"As we all know, the dot-com era enables personal health information to be transmitted with the click of a mouse, and we cannot ignore the profound consequences that can occur if such information is abused," said Sen. Edward Kennedy (D-Mass.), ranking member of the committee.

A General Accounting Office report released at the hearing said that the regulation marks the first standards regarding the use and disclosure of personal health records, and it would cost the health industry $17.6 billion to adhere to the rule over the first 10 years. Nevertheless, the GAO said the rule is an important first step.

The debate may be too early, however. GAO official Leslie Aronovitz told the panel that it was unclear whether privacy rule would be affected by the Bush administration's order freezing all regulations until they are reviewed.


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.