Health Information Compliance Alert

Published on Thu Jan 03, 2013 PDF

The Pentagon has a plan in the works that aims at preventing acts of terrorism — but will this brave new system come at the expense of your private and personal medical information?

A plan for constructing a vast computer network filled with Americans’ personal information is in its nascent stage at the Pentagon, and it has many worried that civil liberties are at stake. The system —  known as the “Total Information Awareness System” and developed under the auspices of the Office of Information Awareness at the Defense Advanced Research Projects Agency — would provide law  enforcement officials and intelligence gatherers with access to e-mail messages, financial transactions and other data. That list of data would almost certainly include medical and health information.

Vice Admiral John Poindexter, the director of the TIA system, is arguing for more power to seek and store information for the network, according to the New York Times.

The aim is to create a counter-terrorism information system that relays information among the many state and federal agencies that may prove useful in stopping and apprehending terrorists before they strike.

The plan would call for suspension of some provisions of the Privacy Act of 1974 that outlaw access to such information by government agencies. New legislation similar to the Homeland Security Act would also be required, the Times reports.

According to Under Secretary of Defense for Acquisition, Logistics, and Technology Edward C. “Pete” Aldridge, the system has three main aspects to aid in the war against terrorism. It would:

• increase information coverage and creating better technologies that permit rapid language translation and voice recognition capabilities;
• discover “connections between transactions” that would include the use of passports, visas, work permits, driver’s licenses, credit cards, airline tickets and others; and
• support analytical reasoning and information sharing to aid analysts in evaluating the impact of current or future policies and prospective courses of action.

Reacting to public concerns that privacy rights may become a thing of the past, Aldridge said it was absurd to think that DARPA is “somehow trying to become another police agency. DARPA’s purpose is to demonstrate the feasibility of this technology.

“If it proves useful, [TIA] will then be turned over to the intelligence, counterintelligence and law enforcement communities as a tool to help them in their battle against domestic terrorism,” Aldridge said.

At this stage the Pentagon has no implementation policy in hand for TIA, and sources tell Eli that the system is currently in a test phase.

Robert Gellman, a privacy and information policy consultant in Washington and a former member of the Department of Health and Human Service’s National Committee on Vital and Health Statistics, says the Pentagon’s plan is worrisome, to say the least. “It’s beyond Orwellian,” Gellman proclaims.

While Gellman warns that the TIA system could easily become a Big Brother that obliterates privacy rights, he cautions that the system is nowhere near complete.

The system would necessitate legislative authority for “even a fraction of what [the Pentagon] is intending to do, and that will produce a political debate,” he notes.

And as far as what TIA could mean for the Health Insurance Portability and Accountability Act’s privacy rule, Gellman says that because HIPAA permits broad disclosures for law enforcement and national security purposes, it’s not certain that HIPAA would impose a barrier to the system.

However, he notes that state laws with particularly stringent privacy laws might impose barriers in the absence of a federal law requiring disclosure. Some states simply wouldn’t allow the kinds of disclosures the Pentagon would seek.

Additionally, unless the disclosures were mandated by law — a proposal Gellman says would be highly unlikely to pass and is an idea that would garner sparse political support — many of the health care institutions that had information sought by TIA would refuse to turn it over.

Also, Gellman says TIA’s potential potency may be diluted due to the paper (not electronic) format of most health records. He believes it will be an extremely long time before a substantial number of health records are electronic, and once they are placed in electronic format, “they’re all likely to have multiple formats, systems, operating instructions and everything else. So, it’s going to be technically very challenging to do this.”

Gellman says there’s a fundamental question that the government must ask itself: Is there information that the government could glean from the health system that would enable it to identify terrorists?

For instance, “do all terrorists go to the doctor and complain of lower back pain?” Gellman quips. “The logic behind this escapes me.”

But don’t fear, citizens: two plus two still equals four, and whatever the scope TIA takes in the coming months, Gellman says for the time being, at least, the implications of the system “are far in the future, at best.”