Privacy rule has opt-out loophole

A federal regulation protecting the privacy of medical records has a major loophole that would allow marketers to get the names of patients and target them for unsolicited ads, witnesses told Congress on Thursday.

That means a woman whose pregnancy test from a medical lab is positive could be the recipient of ads about prenatal vitamins. Or a person filling a prescription for a diabetes drug could get a mailbox full of ads about a new product from a drug maker.

Under the rule, a person can opt out of receiving unsolicited information only after getting the first one.

The new regulation, one of the last actions of the Clinton administration, goes into effect Feb. 26, 2003. It covers medical data, most of which is stored in electronic form, from private and governmental providers.

But at a hearing on the new regulation, some lawmakers and public-interest groups said the rule does not go far enough.

"There is a growing fear that technology is being used not to improve our lives but to make it easier for others to rifle through our medicine cabinets and peer into our checkbooks," said Sen. Chris Dodd (D-Conn.), a member of the Senate Health, Education, Labor and Pensions Committee, which held the hearing.

Nevertheless, Dodd guaranteed that firewalls will be placed in the workplace between the people who run an employer's health insurance program and those who make the hiring and firing decisions.

"As we all know, the dot-com era enables personal health information to be transmitted with the click of a mouse, and we cannot ignore the profound consequences that can occur if such information is abused," said Sen. Edward Kennedy (D-Mass.), ranking member of the committee.

A General Accounting Office report released at the hearing said that the regulation marks the first standards regarding the use and disclosure of personal health records, and it would cost the health industry $17.6 billion to adhere to the rule over the first 10 years. Nevertheless, the GAO said the rule is an important first step.

The debate may be too early, however. GAO official Leslie Aronovitz told the panel that it was unclear whether privacy rule would be affected by the Bush administration's order freezing all regulations until they are reviewed.


  • Federal 100 Awards
    Federal 100 logo

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

  • Government Innovation Awards
    Government Innovation Awards -

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

Stay Connected