New Chink in Privacy Armor Feared in Proposed Health Care Data Bank

As President Clinton considers creating a national health care data bank to cut costs as part of his reform effort, civil libertarians are raising an alarm over breaches of privacy that might result from such a computerized network.

Officials representing the American Civil Liberties Union and other privacy groups are already mounting a campaign to tighten laws protecting the confidentiality of medical records.

Clinton’s advisers have proposed requiring everyone enrolled in the new health plan to carry a “smart card” imprinted with computer chips containing their medical history. Doctors’ and insurers’ computers could scan the card to call up information about a patient’s medical records and health insurance.

But existing privacy laws do a better job of shielding an individual’s video rental records from prying eyes than keeping medical records private, contends Janlori Goldman, director of the ACLU’s Project on Privacy and Technology.

“Most Americans are shocked to learn that federal law better protects the records that show that they’ve rented ‘Basic Instinct’ than those that show their illnesses and treatments,” Goldman said. “Any health care plan that bears the government’s stamp must therefore go the extra mile to convince individuals that their privacy is protected.”

The idea of a centralized medical records storage system also has attracted attention from some lawmakers.

Rep. Gary A. Condit (D-Ceres) has expressed a willingness to push a bill through Congress that would make it a crime for anyone to reveal medical records to unauthorized persons or organizations.

“It is clear that computerized records are coming,” said a congressional staffer who is researching the matter with an eye toward writing and introducing a bill before the end of the year. “Nothing about that is inherently bad or good, but the real question is what are the rules.”

Administration officials insist that any effort aimed at reducing paperwork and improving doctor and insurer record-keeping must employ a state-of-the-art computer system linking payment information, medical histories and other health data. Such an idea was proposed by Clinton in his campaign manifesto “Putting People First.”

“We want to create an integrated system . . . with a card that everyone will get at birth,” Ira Magaziner, the White House official charged with supervising the health care task force, has said.

While the system’s start-up costs would be enormous, the future savings could be even greater. Coopers & Lybrand, the New York accounting giant, estimated that if every hospital and medical center in the nation participated in a computerized medical and accounting data bank, up to $80 billion could be trimmed annually from administrative and overhead costs.

But the ACLU’s Goldman warns that the explosion of computer technology may make it impossible for Americans to shield the intimate details of their medical histories from prying fingers on a keyboard after their records are reduced to byte-sized blips in a data base.

“While a hospital storage room full of paper files may raise some very serious worries, the threat to privacy is at least limited to those who are physically there and can get into the room,” Goldman said. “With remote access from around the country and around the world, electronic data interchange might make possible multiple invasions at the same time by people scattered across the globe.”

Many users of data storage and retrieval systems, such as bank teller machines and credit reporting bureaus, are among those most critical of their vulnerabilities. But supporters of computerized data bases argue that the cost-saving benefits outweigh the potential liabilities.

At Boston’s Beth Israel Hospital, a computer record-keeping system has been in place tracking patients’ bills, medical histories, lab results and demographic information without “knowingly having had any break-ins in 20 years and having had any loss of information,” said Dr. Daniel Sands, a hospital administrator.

Use of the system is strictly monitored by the hospital staff, and access is coded to specific tasks to prevent tampering with data or random inquiries by unauthorized individuals.

“People should be concerned about security, but they shouldn’t be overly concerned,” Sands said. “There is no such thing as a totally secure medical record. The most secure record is one that you can’t find or that you can’t get. But we can’t take care of patients without having access to their records, so there is a balance that has to be struck between access and confidentiality.”