1 See William W. Lowrance, Department of Health and Human Services, Privacy and Health Research: a Report to the Secretary of Health and Human Services § 6 (May 1997), (visited Apr. 9, 1999) <http://www.aspe.os.dhhs.gov/datacncl/PHR6.htm>.

2 See Turkington, Richard C., Medical Record Confidentiality, Law, Scientific Research and Data Collection in the Information Age, 25 J.L. Med. & Ethics 113, 115 (1997)CrossRefGoogle Scholar.

3 Senator Edward M. Kennedy, Statement on the Introduction of the Medical Information Privacy and Security Act (Mar. 10, 1999).

4 See, e.g., The Fair Health Information Practices Act of 1994, H.R. 4077, 103d Cong. (1994).

5 During the 105th Congress, six bills aimed at creating a comprehensive federal regulatory scheme were introduced. They were: the Medical Information Protection Act, S. 2609; the Consumer Health and Research Technology Protection Act, H.R. 3900; the Health Care Personal Information Nondisclosure Act, S. 1921; the Medical Information Privacy and Security Act, S. 1368; the Medical Privacy in the Age of New Technologies Act, H.R. 1815; and the Fair Health Information Practices Act of 1997, H.R. 52.

6 Title V of The Patient Protection Act, passed by the House of Representatives on July 24, 1998, contained provisions that would authorize the use of identifiable health care information for “health care operations.” See H.R. 4250 § 1185, 105th Cong. (1998). Health care operations were broadly defined to capture underwriting, case management and health promotion activities. See id. The bill eliminated the requirement for patient authorization for covered disclosures. See Janlori Goldman, Protecting Privacy to Improve Health Care, 17 Health Aff., Nov.-Dec. 1998, at 47, 56.

7 See Health Insurance Portability and Accountability Act, Pub. L 104-191, § 264, 110 Stat. 1936 (1996) (codified as amended at 42 U.S.C. § 1320d-2).

8 See id. § 264(c)(1).

9 See id. § 264(a),(b).

10 See id. § 264(c)(1).

11 See Protecting Our Medical Information, Rights, Responsibilities and Risks, Hearings Before the Senate Comm. on Labor and Human Resources, 105th Cong. (Oct. 28, 1997) (testimony of Donald J. Palmisano M.D., J.D., on behalf of the American Medical Association; A.G. Breitenstein, J.D., on behalf of the National Coalition for Patient Rights) (visited Apr. 14, 1999) http://www.senate.gov/-labor/hear/10_28wit.htm; Confidentiality of Patient's Medical Records, Hearings Before the Subcomm. on Gov't Management, Info, and Technology of the House Comm. on Gov't Reform and Oversight, 105th Cong. (May 19, 1998) (statement of Richard Harding, M.D., on behalf of the American Psychiatric Association) (visited Apr. 14, 1999) <http://www.pysch.org/pub_pol_adv/testimony_confid.html> [hereinafter Statement of Harding].

12 See, e.g., Amitai Etzioni, Medical Records—Enhancing Privacy, Preserving the Common Good, 29 Hastings Ctr. Rpt., Mar.-Apr. 1999, at 14.

13 See, e.g., Frank Deford, Arthur Ashe's Secret, Newsweek, Apr. 20, 1992, at 62, 62 (describing how a newspaper's revelation of Arthur Ashe's human immuno deficiency virus (HIV) status forced him to publicly disclose his HIV status); Amitai Etzioni, The Limits of Privacy 140 (1999) (indicating that a banker inappropriately accessed Maryland's health care cost-containment database to call in the loans of customers who had cancer); Bob Van Voris, CVS Sued for Sharing Lists of Customers, Nat'L L.J., May 4, 1998, at Bl (reporting that CVS Pharmacy provided information to a marketing firm to provide refill reminders and targeted drug advertisements to pharmacy customers).

14 See, e.g., Pharmaceutical Research & Manufacturers' Association, Backgrounders: Patient Confidentiality (Nov. 1998) (visited May 20, 1999) <http://www.phrma.org/factsftkgrndr/patconfid.html> (supporting strong penalties for those who determine patient's identity by unauthorized manipulation of anonymized data, unauthorized use of an encryption key or encryption device or anyone who gains unauthorized access to medical information or who permits unauthorized disclosure of such information).

15 See Confidentiality of Medical Information, Hearings Before the Senate Comm. on Labor and Human Resources, 105th Cong. (Feb. 26, 1998) (statement of Christine Brunswick, Vice-President of the National Breast Cancer Coalition) (visited Apr. 14, 1999) <http://www.senate.gov/~labor/hear/2268hrg/bruns.htm> [hereinafter Statement of Brunswick],

16 See Patient Confidentiality, Hearings Before the Subcomm. on Health of the House Comm. on Ways and Means (Mar. 24, 1998) (statement of Harry A. Guess, M.D., Ph.D., on behalf of Merck & Co., Inc.) (visited May 10, 1999) <http://www.house.gov/ways_means/health/testmony/3-24-98/3-24gues.htm> [hereinafter Statement of Guess]. Harry Guess noted that “care must be taken not to inadvertently harm the interests of patients by unnecessarily restricting the access of medical information for medical research." Id.

17 The Communitarian Network, The Responsive Communitarian Platform (visited Apr. 14, 1999) <http://www.gwu.edu/~ccps/RCPlatform.html>.

18 id.

19 Atomism is the idea that people are “fully formed and self-sufficient individuals outside of society who assume social and political relationships and obligations only in order to further … [their] own predetermined (exogenous) interests and values.” Stephen A. Gardbaum, Law, Politics, and the Claims of Community, 90 Mich. L. Rev. 685, 692 (1992).

20 See Flaherty, David H., The Right to Privacy One Hundred Years Later: On the Utility of Constitutional Rights to Privacy and Data Protection, 41 Case W. L. Rev. 831, 832 (1991)Google Scholar.

21 See David Seipp, The Right to Privacy in American History 102-13 (1978); Note, The Right to Privacy in Nineteenth Century America, 94 Harv. L. Rev. 1892, 1892-96 (1981).

22 Samuel D. Warren & Louis D. Brandeis, The Right to Privacy, 4 Harv. L. Rev. 193, 193, 205 (1890). Justice Brandeis dissenting in Olmstead v. United States, a wiretapping case, stated that “[the makers of our Constitution] conferred, as against the government, the right to be let alone - the most comprehensive of rights and the right most valued by civilized men.” 277 U.S. 438, 478 (1928).

23 See Warren & Brandeis, supra note 22, at 206.

24 See Roe v. Wade, 410 U.S. 113 (1973) (enlarging the right of individuals to privacy in reproductive matters to include abortions); Eisenstadt v. Baird, 405 U.S. 438 (1972) (holding that the right of privacy inheres in individuals, not marital relationships alone); Griswold v. Connecticut, 381 U.S. 479 (1965) (establishing a privacy right of married persons to control reproductive decisions).

25 The Fourth Amendment to the U.S. Constitution guarantees “the right of the people to be secure in their persons, houses, papers and effects.” U.S. Const, amend. IV. However, the Fourth Amendment, and cases thereunder, did not establish a broad right to privacy. It only prevented government officials from unlawfully intruding into an individual's home or personal property, and left private citizens to do so at will.

26 The evidentiary privilege that prohibits physicians from giving testimony adverse to the interests of their patients is a modern embodiment of this principle.

27 429 U.S. 589(1976).

28 See id. at 598-99.

29 See id. at 599-600.

30 See id. at 600.

31 Id. at 602. Contrary to the challengers' arguments, the court concluded that the statute did not in fact reduce the demand for medications subject to the statute or dissaude physicians from prescribing them. See id. at 603. Interestingly enough, the very argument offered by the challengers and rejected by the U.S. Supreme Court features prominently in the arguments that privacy advocates make to Congress in seeking restrictive comprehensive privacy legislation. See, e.g., Statement of Harding, supra note 11.

32 See Lawrence O. Gostin et al., Legislative Survey of State Confidentiality Laws, with Special Emphasis on HIV and Immunization (1996) (visited Apr. 14, 1999) <http://www.epic.org/privacy/medical/cdc_survey.html> (discussing the variation in public health laws that exist from state to state). Records maintained by federal agencies, such as the Veteran's Administration Health System, are subject to the Privacy Act of 1974, a comprehensive statute regulating all aspects of federal records maintenance. See Gostin, Lawrence O., Privacy and Security of Personal Information in a New Health Care System, 270 JAMA 2487, 2489 (1993)CrossRefGoogle Scholar. The Department of Health and Human Services (HHS) conditions participation in the Medicare and Medicaid programs by requiring that participating institutions maintain the confidentiality of patient records. See 42 C.F.R. § 482.24(b)(3) (1999). Another federal law protects the confidentiality of persons who attend substance abuse programs. See 42 U.S.C. § 290dd-2 (1998).

33 See Dana C. Mcway , Legal Aspects of Health Information Management 85-89 (1996); see also McGarry v. J.A. Mercier Co., 262 N.W. 296, 297 (Mich. 1935) (finding that unless an agreement to the contrary exists, x-ray negatives are the property of the physician who made them incident to treating a patient). For this reason, it is generally accepted that providers are free to utilize nonidentifiable medical record information or anonymized medical record data as they see fit.

34 State laws governing the confidentiality of medical records, however, also contain exceptions permitting disclosure in cases where the public interest outweighs the patient's privacy interests. See William H. Roach, Jr. & Aspen Health Law Center, Medical Records and The Law 127-35, 177-98 (2d ed. 1994). These exceptions, which vary from state to state, require the disclosure of confidential medical information in certain cases. See id. at 127-35. State laws sometimes also make confidential medical information available to researchers without patient consent. See id. at 138-39. Cf. L. Joseph Melton III, The Threat to Medical-Records Research, 337 New Eng. J. Med. 1466, 1467 (1997) (describing barriers to nonconsensual medical records research under Minnesota law).

35 See Gostin, supra note 32, at 2489-90.

36 See Turkington, supra note 2, at 115, 119. Richard Turkington noted that blanket consent forms permitting the disclosure of confidential information are considered legal despite the lack of “the most rudimentary features of informed consent." Id.

37 See id. at 115. Turkington described the movement as “[t]he black hole of confidentiality for the private sector health records.” Id.

38 See id.

39 Id.

40 See id. Data provided to the Medical Information Bureau (MIB) is used by insurance companies to evaluate applications for coverage and to develop marketing lists targeting persons known to suffer certain ailments. See id. This data is made available to MIB through the general release. See id.

41 See, e.g., Jones v. Prudential Ins. Co., 388 A.2d 476 (D.C. 1978).

42 See Turkington, supra note 2, at 115.

43 For example, MIB stores personal medical information provided by more than 680 life and health insurers, and provides that information to health, life and disability insurers considering an individual's application for coverage. See National Academy of Sciences, For The Record: Protecting Electronic Health Information 32 (1997). IMS Health Inc., a Westport, Connecticut-based corporation, collects and processes 72 billion pharmaceutical records provided by doctors, hospitals, pharmacies and nursing homes. See Sam Loewenberg, The Politics of Medical Privacy, Legal Times, Mar. 22, 1999, at 4.

44 Barbara Flood, The Emotionality of Privacy, 23 Am. Socℙy for Information Sci. 7 (1997). Indeed, what motivated Samuel Warren to take up the issue was the fact that Warren, a Boston Brahmin, found his social life become grist for the mills of the tabloid press, a fact he found to be most disagreeable. See Robert C. Post, The Social Foundations of Privacy: Community & Self in the Common Law Tort, 77 Calif. L. Rev. 957, 958-59 (1989).

45 See Blendon, Robert J. et al., Data Watch: Who Has the Best Health Care System? A Second Look, 14 Health Aff. 220.; see also Equifax-Harris Consumer Privacy Survey (1994)CrossRefGoogle Scholar (finding public distrust to be rising, and noting a steady rise over the previous 15 years); Joseph S. Nye, Jr., Introduction: The Decline of Confidence in Government, in Why People Don't Trust Government 1, 1-2 (Joseph S. Nye, Jr. et al. eds., Harvard Univ. Press, 1997).

46 See Richard Morin & Dan Balz, Reality Check, The Politics of Mistrust: Americans Losing Trust in Each Other and Institutions, Wash. Post, Jan. 28, 1996, at Al.

47 Id. at A6.

48 See Melton, supra note 34, at 1466.

49 George J. Annas, Privacy Rules for DNA Databanks, 270 JAMA 2346, 2346 (1993).

50 See, E.G., Dorothy Nelkin & Laurence Tancredi, Dangerous Diagnostics: The Social Power of Biologic Information 6-7 (1989).

51 Mark A. Rothstein, The Law of Medical and Genetic Privacy in the Workplace, in Genetic Secrets: Protecting Privacy and Confidentiality in the Genetic ERA 281 (Mark A. Rothstein ed., 1997).

52 Id. at 281-82.

53 See id. at 282.

54 See Etzioni, supra note 13, at 144; see also Sheri Alpert, Smart Cards, Smarter Policy: Medical Records, Privacy, and Health Care Reform, Hastings Ctr. Rep., Nov.-Dec., at 13, 15 (1993) (citing an Office of Technology Assessment study that found many employers were not willing to hire employees with preexisting medical conditions).

55 29 U.S.C. §§ 1001-1461 (1994).

56 In Doe v. Southeastern Pa. Transp. Auth., 72 F.3d 1133 (3d Cir. 1995), an employee whose prescription for zidovudine, together with his identity, appeared in a utilization report, sued after learning that his supervisor shared the information of his HIV status with others in the company. See id. at 1135-37. Although he won at the trial court level, on appeal, his award of $125,000 was overturned, when the court held that an employer's interests in the pharmacy information outweighed the “minimal intrusion” into the employee's privacy. See id. at 1135, 1143.

57 See McGann v. H & H Music Co. et al., 946 F.2d 401 (5th Cir. 1991); see also Rothstein, supra note 51, at 310-11.

58 Rothstein, supra note 51, at 295.

59 Observing the changing paradigm in health care and its need for data, Janlori Goldman writes “Nearly every facet of health care—including health care delivery, payment, medication prescribing, outcomes analysis, research, and marketing—is undergoing dramatic changes as our society moves toward managed care and the development of integrated health data networks.” Goldman, supra note 6, at 48.

60 See Etzioni, supra note 13, at 153; see also Stephen C. Shoenbaum, Towards Fewer Procedures and Better Outcomes, 269 JAMA 794, 796 (1993) (observing that “[i]t should be disturbing to us as a profession that we have so few outcomes data and use so few in our practices").

61 See Lise Rybowski, Protecting the Confidentiality of Health Information (National Health Policy Forum, The George Washington University, July 1998).

62 Indeed, such information has been used by health maintenance organizations (HMOs) for cost-control purposes and not patient care. See Privacy? At Most HMOs You Don't Have Any, USA Today, July 13, 1998, at 12A. HMOs insist, however, that free access to such private information is needed “to identify physicians performing expensive treatments” and to keep track of patients who have obtained “unneeded medical care." See id. Additionally, HMOs do use private patient information in their quality assurance programs and in monitoring health care progress. See Karen Ignagni, Do Not Retard Progress, USA Today, July 13, 1998, at 12A (explaining that health plans also use private patient information to improve care, for example, by reminding women to have mammograms).

63 See Ellyn E. Spragins, What Are They Hiding? HMOs are getting more secretive about quality, Newsweek, Mar. 1, 1999, at 74, 74.

64 See Rybowski, supra note 61, at 3.

65 Etzioni, supra note 13, at 143.

66 California Health Care Foundation, Mysedical Privacy and Confidentiality Survey Summary and Overview (visited Jan. 28, 1999) <http://www.chcf.org/confernce/survey.pdf>.

67 See Phyllis Freeman & Anthony Robbins, The Health Data Privacy Debate, reprinted in Affiliated Health Information Networks of New England, 1998 Public Meeting Report Developing the Content and Technology of the Future 56-57 (1998); see also Alpert, supra note 54, at 19-21.

68 See Freeman & Robbins, supra note 67, at 57.

69 See Gostin, Lawrence O., The Public Health Information Infrastructure: A National Review of the Law on Health Information Privacy, 275 JAMA 1921, 1921 (1996)CrossRefGoogle Scholar.

70 See Gostin, supra note 32, at 2491; see also Office of Technology Assessment, Protecting Privacy in Computerized Medical Information 193 (1993) (containing the American Health Information Management Association model code of fair information practices).

71 See Gostin, supra note 32, at 2492.

72 Id.

73 See Gostin, supra note 69, at 1921.

74 See id. at 1926. The 1996 proposals stated that the highest protection would be given to “personally identifiable data” because they raise the most acute privacy concerns.” See id. at 1925-26. The authors define “personally identifiable data” as data that includes a uniquely identifiable characteristic, such as a name, social security number, fingerprint or genetic link, but their definition goes further. See id. at 1926. Even without a unique identifier, the data may provide sufficient evidence to make a connection to a specific person. See id. For example, information about race, sex, age and other personal characteristics may make it possible to identify a specific person in a small population. See id.

75 Id. at 1926-27.

76 See Pub. L. No. 104-191 § 264(a), 110 Stat. 2033 (1996).

77 See Confidentiality of Individually-Identifiable Health Information: Recommendations of the Secretary of Health and Human Services, Pursuant to Section 264 of the Health Insurance Portability and Accountability Act of 1996, Sept. 11, 1997 (visited May 19, 1999) <http://aspe.os.dhhs.gov/admnsimp/PVCRECl.HTM> [hereinafter Recommendations of the Secretary].

78 Id.

79 id.

80 See id.

81 The Secretary declined to enumerate all appropriate internal uses of health information, but noted that, for hospitals, the term includes management analysis, quality assurance and similar oversight activities, carrying out the mandates of law, teaching, training and research activities. See Recommendations of the Secretary, supra note 77.

82 The limited areas are (1) oversight of the health care system (audit, investigation of fraud and abuse, quality assurance and licensing), (2) public health to trace the source of rapidly spreading infectious diseases, finding links between diseases and their causes and rendering appropriate medical care, (3) research that is exempt from the informed consent requirements of existing federal human subjects regulation, and (4) law enforcement. See Recommendations of the Secretary, supra note 77. Donna Shalala's recommendations for broad public health and law enforcement access are sure to be viewed with controversy in the privacy community. Further discussion of this controversy is beyond the scope of this Article.

83 Protecting Our Medical Information, Rights, Responsibilities and Risks, Hearings Before the Senate Comm. on Labor and Human Resources, 105th Cong. (Oct. 28, 1997) (statement of A.G. Breitenstein, J.D. on behalf of the National Coalition for Patient Rights) <http://www.senate.gov/~labor/hear/1028hrg/breit.htm> [hereinafter Statement of Breitenstein].

84 id.

85 Denise Nagel, Files or Fishbowls, Worcester Med. 6, 12 (Winter 1988).

86 See Statement of Harding, supra note 11; Statement of Brunswick, supra note 15. Also, the Consumer Coalition for Health Privacy, a coalition of consumer, health care provider and disability groups based at the Institute for Health Care Research and Policy at Georgetown University, stated “Additional protections may be necessary for highly sensitive information.” See Health Privacy Project—Consumer Coalition (visited May 5, 1999) <http://www.healthprivacy.org/coalition/statementmission.shtml>.

87 See Recommendations of the Secretary, supra note 77 (stating that the intent is to provide a minimum floor under federal law for all types of information, but recognizing that existing state laws providing protections for certain information remain in place and leaving open the possibility of working with Congress on areas of information identified as “particularly sensitive” in the future).

88 See Statement of Breitenstein, supra note 83.

89 See id.

90 See Protecting Our Medical Information, Rights, Responsibilities and Risks, Hearings Before the Senate Comm. on Labor and Human Resources, 105th Cong. (Oct. 28, 1997) (statement of Donald J. Palmisano, M.D., J.D., on behalf of the American Medical Association) (visited Apr. 14, 1999) <http://www.senate.gov/~labor/hear/1028hrg/ama.htm> [hereinafter Statement of Palmisano]; Statement of Harding, supra note 11.

91 See Statement of Harding, supra note 11. This suggestion is likely to face vigorous opposition from hospitals and HMOs, which fear that missing information in a patient's file will create liability for treatment errors. See Medical Records Confidentiality in a Changing Health Care Environment Hearings Before the S. Comm. on Health, Education, Labor & Pensions, 106th Cong. (Apr. 27, 1999) (Statement of the American Association of Health Plans) http://www.aahp.org/services/government&advocacy/policy/testimony/4_27tes2.htm (visited June 2, 1999).

92 See Statement of Brunswick, supra note 15.

93 See id.

94 See, e.g., Confidentiality of Individually-Indentifiable Health Information Before the S. Comm. on Labor and Human Resources, 105th Cong. (Feb. 24, 1998) (Statement of Janlori Goldman, Director, Health Privacy Project, Institute for Health Care Research and Policy, Georgetown University) (visited May 10, 1999) <http://www.senate.gov/~labor/hear/2268hrg/goldman.htm> [hereinafter Statement of Goldman].

95 See Recommendations of the Secretary, supra note 77. 96 Id.

97 See Statement of Goldman, supra note 94. The American Medical Association (AMA), supra note 11, generally sides with the privacy advocates on this issue saying that effective “firewalls” need to be put in place to “preclude the lateral drift of information once an initial consent is agreed to by the patient. Requests for information should be specific as to, for example, the portion of the records of information needed (the specific treatment or condition at issue[,] the time period of the records needed … and the purpose for which the information is requested.” Statement of Palmisano, supra note 90. However, the AMA would agree with Shalala that informed consent should not be required for research that is currently exempt from the informed consent requirements of federal human subjects regulation. See id.

98 Privacy Under A Microscope: Balancing the Needs of Research and Confidentiality, Hearings Before the S. Comm. on Health, Education, Labor and Pensions, 106th Cong. (Feb. 24, 1999) (statement of Chai R. Feldblum on behalf of the Consortium for Citizens with Disabilities) <http://www.senate.gov/~labor/hearings/febhear/022499wt/body_022499wt.htm> [hereinafter Statement of Feldblum].

99 See Recommendations of the Secretary, supra note 77.

100 See id.

101 Latanya Sweeney, Weaving Technology and Policy Together to Maintain Confidentiality, 25 J.L. Med. & Ethics 98, 100 (1997). Latanya Sweeney, however, makes a large leap of logic in this claim, in that she presupposes that one without a legitimate purpose could get the data set, or that one with a legitimate purpose would inappropriately link the data to identify individuals whose identity had been encrypted. This is an issue of conditional probability, wherein the probability of the first event's occurrence is glossed over and assumed in order to lead to the probability of the second event's occurrence. See Marcello Pagano & Kimberlee Gavreau, Principles of Biostatistics 117-19 (1993). But the probability of the first event's occurrence should not be assumed, and is not the same as the probability of the second event's occurrence. See id. Many privacy advocates essentially measure the probability of a disastrous data event from the point where one analyzes whether one could do it, instead of from the point where one analyzes whether one would do it.

102 Beverly Woodward, Medical Record Confidentiality and Data Collection, 25 J.L. Med. & Ethics 88, 92-93 (1997).

103 See id. at 93. Some in the research community answer this concern with the suggestion that researchers who attempt to reidentify “deidentified” data should be sanctioned. See Confidentiality of Medical Information, Hearings Before the Senate Comm. on Labor and Human Resources, 105th Cong. (Feb. 26, 1998) (statement of the Pharmaceutical Research and Manufacturers of America) (visited May 20, 1999) <http://www.senate.gov/~labor/hear/2268hrg/pharma.htm>.

104 For support that privacy advocates oppose complete preemption, see Consumer Coalition for Health Privacy—Statement of Principles, supra note 86; Goldman, supra note 6. To support the proposition that data users support complete preemption, see Pharmaceutical Research Manufacturers' Association: Patient Confidentiality, supra note 14; American Health Information Management Association, Press Release: Three New Confidentiality Bills Introduced: Medical Records Group Finds Several Provisions Worrisome (visited Mar. 15, 1999) <http://www2.ahima.org/media/releases/99.0315.html>.

105 See Goldman, supra note 6, at 52.

106 Gostin, supra note 32, at 2490. These are the very arguments put forth by data users in the current debate. See, e.g., See Privacy Under a Microscope: Balancing the Needs of Research and Confidentiality Hearings Before the S. Comm. on Health, Education, Labor, and Pensions, 105th Cong. (Feb. 24, 1999) (statement of Elizabeth B. Andrews, Director, Worldwide Epidemiology, GlaxoWellcome, on behalf of the Pharmaceutical Research and Manufacturers of America) (visited May 10, 1999) <http://www.senate.gov/~labor/hearings/febhear/022499wt/0224jmj/0224emk/0224frst/phrma/body_phrma.htm>; Protecting Our Medical Information, Rights, Responsibilities and Risks, Hearings Before the S. Comm. On Health, Education, Labor and Pensions, 105th Cong. (Oct. 28, 1997) (Statement of Spencer Foreman, M.D., on behalf of the American Hospital Association) <http://www.senate.gov/~labor/hear/1028hrg/foreman.htm>.

107 See Goldman, supra note 6, at 52 (1998). ·°8 Id. at 55.

109 Id. at 56.

110 See id. at 56. She offers no explanation for why such an analysis cannot be completed before the August 1999 deadline for federal legislation.

111 See id. at 52.

112 See id. The privacy movement has been particularly active in seeking privacy protection from the Massachusetts legislature. Massachusetts is home to leading privacy advocates Denise Nagel, Beverly Woodward, Latanya Sweeney and A.G. Breitenstein.

113 S. 573, 106th Cong., 1st Sess. (1999). The House companion bill, H.R. 1057, 106th Cong., 1st Sess., was introduced by Rep. Edward Markey (D-MA).

114 See 145 Cong. Rec. S2506-2507 (daily ed. Mar. 10, 1999) (statements of Senators Patrick Leahy and Edward Kennedy). See also Consumer Coalition for Health Privacy, Comparison of Comprehensive Health Privacy Bills with the Principles of the Consumer Coalition for Health Privacy (visited May 18, 1999) <http://www.healthprivacy.org/latest/sidebyside.shtml>.

115 S. 578, 106th Cong., 1st Sess. (1999).

116 145 Cong. Rec. S2510 (daily ed. Mar. 10, 1999) (comments of Senator Christopher Dodd).

117 S. 881, 106th Cong., 1st Sess. (1999).

118 See 145 Cong. Rec. S4257 (daily ed. Apr. 27, 1999) (comments of Senator Robert Bennett).

119 Compare S. 573 § 2 with S. 578 § 2 and S. 881 § 2.

120 Compare S. 573 §§ 101-103 with S. 578 §§ 101-103 and S. 881 §§ 101-103. The Leahy bill suggests that patients should be notified of their right to segregate sensitive health information, a privilege not afforded by the Jeffords bill. See S. 573 § 103(a)(6). The Leahy bill also allows individuals who self-pay for a particular treatment or therapy the right to keep that information from an insurer. See S. 573 § 103(a)(8).

121 Compare S. 573 §§111-112 with S. 578 §§111-112 and S. 881 §§ 111-112.

122 Compare S. 573 §§ 311-323 with S. 578 §§ 301-312 and S. 881 §§ 301-313 (all bills include civil and criminal sanctions for wrongful disclosure).

123 Compare S. 573 § 201(a)(2) with S. 578 § 201(a)(2) and S. 881 §201(a).

124 S. 573 § 4(3)(A) (defining “de-identified health information”).

125 S. 578 § 4(18) (defining “nonidentifiable health information"); compare with § 4(21) (defining “protected health information”).

126 S. 881 § 4(15) (defining “nonidentifiable health information”).

127 See S. 578 § 202(a)(1).

128 See S. 578 § 4(8).

129 See id.

130 See S. 881 § 202(a). Providers are not required to seek such authorization as a condition of providing treatment but may do so at their option. See id. § 202(a)(5). The definition of “health care operations” in the Bennett bill generally parallels that in the Jeffords bill. Compare S. 881 § 4(7) with S. 578 § 4(8).

131 See S. 573 §202.

132 Compare S. 573 § 203 with S. 578 § 203 and S. 881 § 201. However, the Leahy bill would require a second consent for the disclosure of protected health information to “health care operations” activities that are not related to treatment or payment. See S. 573 § 203. Under the Bennett bill, individuals seeking life, disability or long-term care insurance must provide a blanket release similar to that required of applicants for health insurance or health plan participation. See S. 881 § 203(c).

133 The Leahy bill defines health researcher, see S. 573 § 4(13), and details the parameters for use of protected information for health research projects, see S. 573 § 210, though it does not explicitly define the term “health research.” The Jeffords bill defines a health policy researcher as one who engages in “investigation, testing or evaluation designed to contribute to generalized scientific and clinical knowledge.” S. 578 § 4(13). The Jeffords definition may unintentionally exclude independent health policy researchers whose work does not fall within the definition of “health care operations.” See S. 578 § 4(8). The Bennett bill defines health researcher as one who studies “health … , health care, or its delivery of financing including research, development, testing and evaluation." See S. 881 § 4(H).

134 SeeS. 573 § 210(f)(1).

135 See 45 C.F.R. §§ 46.01—.124. The Common Rule requires supervision of federally funded research by an institutional review board. See id.

136 See S. 573 § 210(a). Within twenty-four months after enactment of the Leahy bill, the Secretary of HHS would be required to provide Congress with recommendations on whether written informed consent should be required before protected health information can be used for health research. See id. § 210(b)-(d).

137 See 45 C.F.R. §46.116(d).

138 See S. 578 § 208(a) (disclosures remain subject to existing federal law such as the Common Rule and Food and Drug Administration (FDA) regulations, where applicable).

139 See id. § 208(d)(1).

140 See id. § 208(d)(3).

141 SeeS. 881 § 208(a)(1).

142 See id. § 208(a)(2). Within eighteen months after enactment of the Bennett bill, the Secretary of HHS must report to Congress on whether the policies and procedures adopted by the health care community under this section adequately protect the confidentiality of subjects while at the same time promote the use of data in research including epidemiology, health care outcomes and the cost effectiveness of health care interventions. See id. § 208(b).

143 See id. § 208(a)(3).

144 See S. 573 §401.

145 See S. 578 §§401, 402.

146 See § 401(a)(1).

147 See S. 881 § 401(a).

148 See Goldman, supra note 6, at 50.

149 See Regina E. Herzlinger, Market Driven Health Care: Who Wins, Who Loses in the Transformation of America’s Largest Service Industry 7-8 (1997) (arguing that informed and assertive consumers of health services demand efficient high quality care as never before).

150 Donald W. Morin, Health Information Policy: On Preparing For The Next War, 17 Health Aff., Nov.-Dec. 1998, at 9, 10.

151 See, e.g., Quality Check (visited May 24, 1999) <http://www.jcaho.org/qualitycheck> (information on Joint Commission for the Accreditation of Healthcare Organization accredited institutions), Accreditation (visited May 24, 1999) <http://www.ncqa.org/pages/policy/accreditation/mco/acred497.htm> (information on National Committee for Quality Assurance accredited institutions).

152 Patient Confidentiality, Hearings Before the Subcomm. on Health of the House Comm. on Ways and Means (Mar. 24, 1998) (statement of Sherine E. Gabriel, M.D., M.Sc, physician and researcher at the Mayo Clinic) (visited May 10, 1999) <http://www.house.gov/ways_means/health/testmony/3-24-98/3-24gabr.htm> [hereinafter Statement of Gabriel].

153 Freeman & Robbins, supra note 67, at 61.

154 See JO Anne Czecowski Bruce, Privacy and Confidentiality of Health Care Information 1 (1984) (quoting Alan F . Westin, Privacy and Freedom 7 (1970)).

155 Id.

156 Flood, supra note 44.

158 See. e.g., Canterbury v. Spence, 464 F.2d 772 (D.C. Cir. 1972); Chouinard v. Marjani, 575 A.2d 238 (Conn. App. Ct. 1990).

159 105 N.E. 92 (N.Y. 1914).

160 Id. at 93.

161 See, e.g., Bouvia v. Superior Court, 225 Cal. Rptr. 297 (Cal. App. 1986).

162 See, e.g., In re Westchester County Medical Center on Behalf of O'Connor, 531 N.E.2d 607 (N.Y. 1988) (holding that a hospital is authorized to insert a feeding tube into an incompetent patient unless there is clear and convincing proof that the patient had made a firm commitment to decline such assistance when competent); Cruzan v. Director, Missouri Dep't of Health, 497 U.S. 261 (1990) (holding that the U.S. Constitution does not forbid a state from requiring clear and convincing evidence of an incompetent's wishes before withdrawing life-sustaining treatment and that due process does not require a state to accept the substituted judgment of close family members absent substantial proof that their views reflect those of the patient).

163 Rybowski, supra note 61, at 10.

164 Woodward, supra note 102, at 92.

165 See Statement of Feldblum, supra note 98.

166 See Morin, supra note 150, at 13.

167 See Ignagni, supra note 62, at 12A.

168 See e.g.. Randy Shilts, and the Band Played on: Politics, People, and the AIDS Epidemic (1987) (arguing that government footdragging left researchers of the acquired immune deficiency syndrome without adequate funding, and silence by the mainstream press left Americans uninformed until the disease was found in more mainstream populations).

169 See Melton, supra note 34, at 1466.

170 See id. at 1469.

171 See id. at 1467-69. By systematically different, Joseph Melton refers to the fact that those who opt out are not doing so randomly, but are of discrete age, sex and health status, and hence were opting out in particular patterns. This is a concern to any study that seeks validity and generalizability, because the result of a study where discrete populations have opted out likely could not be applied to the general public, and hence the research would be of limited value. See, e.g., Charles H. Hennekens & Julie E. Buring, Epidemiology in Medicine 37-38 (1987).

172 Id.

173 See, e.g., Rebecca Dresser, Wanted: Single, White Male for Medical Research, Hastings Ctr. Rep., Jan.-Feb. 1992, at 24 (analyzing the arguments against including women as research subjects).

174 See 21 C.F.R. § 5.60 (1999). This term comes from the FDA regulatory process. After a drug has been tested, it is released. However, its release is conditional because the FDA continues to collect data about the drug's performance once it is disseminated to the general population. See id.

175 See Statement of Gabriel, supra note 152.

176 See Woodward, supra note 102, at 94. She cites Hans Jonas for this proposition. However, Jonas's work, Philosophical Re/lections on Experimenting with Human Subjects, 98 Daedelus 219 (1969) may be inapposite to the instant consideration. In 1969, when his work was published, Americans were still coming to terms with the ghastly human subject experiments performed during the Holocaust on captive populations, and were learning about other inappropriate experiments performed on vulnerable populations in the United States.

177 William R. Lund, Politics, Virtue, and the Right To do Wrong: Assessing the Communitarian Critique of Rights, J. Soc. PHIL., Winter 1997, at 101, 103 (explaining the communitarian view of liberalism). For a strong defense of rights theory, see Ronald Dworkin, Taking Rights Seriously (1977).

178 John Rawls, A Theory of Justice 3-4 (1971) (providing a view of society premised on the concept that individual rights override communal ends).

179 Id. at 92-93.

180 Michael Sandel, Liberalism and the Limits of Justice 64 (2d ed. 1982).

181 Lund, supra note 177, at 103 (citing Michael Sandel, Morality and the Liberal Ideal, New Republic, May 7, 1984, at 15).

182 3 Joel Feinberg, the Moral Limits of the Criminal Law 47 (1986).

183 Sandel, supra note 180, at 64.

184 Frederick Schauer, Community. Citizenship, and the Search For National Identity, 84 Mich. L. Rev. 1504, 1504 (1986).

185 Id.

186 See, e.g. Carol Gentry, Breaches of Medical Records A Tough Condition to Treat, Wall St. J., May 5, 1999, at NE1 (describing Maine's attempt to implement a medical records confidentiality law). Among the unintended consequences resulting from the law were that hospitals would not tell family members that their loved ones were in the hospital or provide information on their condition, florists could not deliver flowers, clergymen were unable to visit congregants and pharmacists would not release prescription medications to anyone but the intended patient, even if that patient was bedridden. See id. Shortly after the law took effect, the state legislature reconsidered the legislation and postponed its effective date. See id. Senator Bennett's bill addresses some of these deficiencies; it affirmatively authorizes the release of patients' names, general location and general condition to any person unless the patient has previously objected to the release of such information. See S. 881 § 204(b).

187 See supra notes 158-62 and accompanying text.

188 Donald L. Beschle, The Role Of Courts In The Debate On Assisted Suicide: A Communitarian Approach, 9 Notre Dame J. L., Ethics, & Pub. Pol'y 367, 389 (1995).

189 See Roach & Aspen Health Law Center, supra note 34, at 147-48.

190 See, e.g., Alaska Stat. 18.065.087 (1998), which authorizes the Department of Public Safety to maintain a central registry of sex offenders and to make the following information about those offenders available to the public: name, address, photograph, place of employment, date of birth, crime for which convicted, date of conviction, place and court of conviction and lengthy of sentence. This information is posted on the Internet at Sex Offender Registration Report (visited May 24, 1999) <http://www.dps.state.ak.us/sorcr>.

191 See Jane Mansbridge, Social and Cultural Causes of Dissatisfaction with U.S. Government, in Why People Don’t Trust Government 134, 134 (Joseph S. Nye, Jr. et al. eds.).

192 Id.

193 See id. at 145-46.

194 Id. at 146.

195 See Beschle, supra note 188, at 405.

196 See Mansbridge, supra note 1921, at 152.

197 Beschle, supra note 188, at 405.

198 See Rosa Eckstein, Comment, Towards a Communitarian Theory of Responsibility: Bearing the Burden for the Unintended, 45 Univ. Miami L. REV. 843, 855, 864-878, 907-09 (1991) (arguing that a rejection of liberalist jurisprudence in employment discrimination in favor of a communitarian definition of responsibility will enable plaintiffs to prevail more often, by shifting the inquiry away from intent, which is by nature individualistic, toward an inquiry that includes an examination of the structural problems that may contribute to the discriminatory environment).

199 It has been suggested by privacy advocates and some members of Congress that the Common Rule be extended to privately funded research involving the use of health data. See Loewenberg, supra note 43, at 4. It has alternatively been suggested that alternative arrangements between data providers and data users, such as confidentiality policies or confidentiality agreements, may provide adequate protection with less burden. Id. at 5. The author believes that each of these positions has merit and should be given full consideration before Congress.

200 See id. at 4-5.

201 See Freeman & Robbins, supra note 67, at 60, 73.

202 Indeed, Amitai Etzioni, widely regarded as the father of communitarian thinking, uses a similar framework in his recent article on resolving the privacy stalemate. See Etzioni, supra note 13, at 15. Etzioni suggests that those who are directly responsible for treating patients should have broad access to identified health information while those who seek to use data simply for profit, such as marketing interests, should have little or no access. See id. at 19, 20. Health researchers fall somewhere in the middle. See id. Etzioni proposes a system under which each individual would be issued a Unique Personal Identifier (UPI) number. See id. at 20-21. Data given to researchers would be encrypted, in most cases only with the UPI. See id. This, he believes, would answer the objection of the research community that arbitrarily encrypted data precludes researchers from tracking patients' health conditions over time. See id. Researcher access to additional patient identification data would only be available on a showing of critical need and would be edited to preclude further identification of the subject. See id. This paper does not endorse Etzioni's approach. Health researchers work within an ethical framework that is similar to those who provide patient care. To the extent that researchers need any further incentive to protect the confidentiality of research subjects, it can be found in the sanctions language of each of the major privacy bills. Etzioni's proposal would unjustifiably penalize the health research community for indiscretions committed by unscrupulous individuals and other communities of data users by increasing the cost of access to data. Moreover, the practicability of the UPI system is doubtful in the face of opposition from civil liberties interests that have traditionally argued against the issuance of national identification cards.

203 Letter from Richard Zeckhauser, Frank P. Ramsey Professor of Political Economy, John F. Kennedy School of Government, Harvard University, to Massachusetts State Representative Harriet Chandler, Chair of the Joint Committee on Health Care 1 (Mar. 15, 1977) (on file with the author).

204 See Gentry, supra note 186, at NE1 (discussing the experience of a Massachusetts physician who was questioned about items in his medical record by an attorney who obtained the record from a data clearinghouse).

205 Goldman told a congressional subcommittee about the story of an “Orlando woman who had her doctor perform some routine tests, and received a letter weeks later from a drug company touting a treatment for her high cholesterol." Statement of Goldman, supra note 94.

206 Although significant law enforcement interests exist for obtaining this information, allowing the government access to medical records data poses significant risks of government misuse. See, e.g., Christopher Matthews, Kennedy & Nixon 302, 302 (1996) (discussing the Nixon administration's decision to obtain medical records information unlawfully). These difficult questions are beyond the scope of this Article.

207 See, e.g., Etzioni, supra note 13.

208 Another approach may be to provide pharmacy customers with the opportunity to state whether they wish to receive patient education materials when they fill their prescriptions. Those customers who affirmatively decline would not receive letters such as those mailed by Cvs's marketing partner.

209 Compare S. 573 and S. 578 with S. 881.

210 See S. 881 §401.

211 See S. 578 §401.

212 See S. 573 §401.

213 State adoption of restrictive medical records privacy legislation may have other undesirable consequences. To the extent that state legislation restricts the use of data in addition to its acquisition, it could place researchers located in the state at a competitive disadvantage in obtaining research funds and deter medical technology-oriented firms from locating in the state. It could also cause health plans that rely on data to evaluate the cost effectiveness of medical care to abandon the state or, in the alternative, to restrict access to some services, e.g. disease management programs, to citizens of those states.

214 Rabbi Hillel lived from the end of the first century B.C.E. to some point in the first century C.E., toward the end of the Second Temple Period. See Yitzhak Buxbaum, the Life and Teachings of Hillel 268-70 (1994).