News10 anchor Cristina Mendonsa interviews privacy attorney Lee Tien.
We have all come to expect a certain amount of privacy with our doctors. Like you, I have spent many first visits to a doctor filling out the federal HIPAA information forms, which are filled with assurances of privacy. California also has a privacy law called CMIA or Confidentiality of Medical Information Act. Both of these laws are supposed to close off easy access to our personal medical information.
As I found through my research these past few weeks, there are many loopholes.
Originally, I pitched this story after reading about FICO's medical adherence score. As you may know FICO stands for Fair Isaac Corporation. It's a company that creates and computes credit scores. They have a score for all of us and that helps banks and other agencies decide whether to lend us money. The medical adherence score is something relatively new (2011). FICO is collecting prescription information from major pharmacies.
RELATED STORY: Who has access to your medical records? More people than you think
The information has removed all identifiers so they don't know what specific meds you're taking, but they DO know how many of us are filling prescriptions late, ordering too many refills or not picking up our prescriptions at all. They give each of us a score and say it's to help medical providers serve us better. Privacy advocates and skeptics insist that information does or will serve another purpose. For example, insurers can use the score to determine creditworthiness or cost of care.
The fact that the public doesn't have access to this medical adherence score on themselves is also a red flag to privacy advocates. Even credit reporting agencies are compelled to allow us to see our credit score for free once a year.
The research on HIPAA was also enlightening. When I asked privacy attorney Lee Tien who could get past HIPAA to see our private medical records he said it's a tough question to answer.
Tena Friery with the Privacy Rights Clearing House gave me a list of potential medical file crashers. The most surprising one on the list? Bill collectors.
RELATED STORY: Q&A: What is health privacy, who has access to your medical info
One of the points Tien made during our interview in San Francisco was that some of the loss of privacy is due to information we willingly provide. Those online symptom checkers, employee Wellness programs, even some store loyalty programs, capture and keep health information we provide.
Tien told me a story of a man who was notified about his teenage daughter's pregnancy from a store. Certain health related purchases she made at the store triggered the correct algorithm and sent diaper coupons and baby formula samples to his home. When he called to complain that no one in his house was pregnant, they stopped. He didn't know at the time his daughter was pregnant, but the store's database knew. That's a little creepy.
Yes, I know I'm only scratching the surface with this story and it's not meant to produce paranoia. I also think we all have the right to know who is collecting what on us and if we can't stop the flow, we can try to manage it as best we can.
Are you ready to reclaim some control? Check out resource links I've included below.
To your health!