CCHC's Comments on Centralized Medicare Database

January 15, 2002

Citizens' Council on Health Care
1954 University Ave. W., Suite 8
St. Paul, MN 55104

Director
Division of Data Liaison and Distribution
Centers for Medicare and Medicaid Services
Room N2-04-27
7500 Security Boulevard
Baltimore, Maryland 21244-1850

RE: Doc.01-3005 - Privacy Act of 1974; System of Records

Dear Director:

Citizens' Council on Health Care (CCHC) is responding to the request by the Centers for Medicare and Medicaid Services(CMS) for public comments on the new comprehensive centralized Medicare Beneficiary Database (MBD).

CCHC is a non-profit 501(c)3 health care policy organization based in St. Paul, Minnesota.

We are concerned not only about the eleven Routine Uses proposed for the data, for which you asked for comment, but also about the new Centralization of patient data on our nation's senior citizens, and its potential for privacy abuses and health care rationing.

CENTRALIZATION

We are opposed to the creation of a centralized database of health care data and other personal information that will be "a data base of pertinent and comprehensive personal data" (page 63392) on people who may or may not be enrolled in Medicare. We are concerned that it is, as the notice states, the "national source of comprehensive beneficiary information" and "the singular, reliable and authoritative data source, from which all systems can retrieve current, standard, valid and timely data necessary for Medicare Program administration" (page 63392)

One-Stop Data-Shop
Without patient consent, the agency plans to create a one-stop, data-shop on America's senior citizens that will include data that has nothing to do with paying the health claims of Medicare recipients, such as tracking of residential addresses.

Most citizens cannot choose to stay out of Medicare. Unless they are willing to give up their Social Security Benefits they are forced to join the hospital portion of Medicare (Medicare Part A) Medicare is therefore a coercive entitlement program. Once this database is created, every citizen will eventually become part of it, whether they want to or not--unless they die before they reach age 65, and even then they may be included if the Social Security Administration sends the identification data to the CMS at the age they would have turned 65.

Centralization of data and "a complete 'beneficiary insurance profile'" (page 63392) facilitates easy access, leads to greater breaches of privacy when security fails, and encourages the profiling and tracking of individual citizens and those who care for them.

Dignity Dismantled
The mission of Medicare is to provide senior citizens with payment for their health care expenses, not to strip them of all dignity in the process. Centralization of Medicare data and expansion of data collection into the far reaches of a citizens' life is an invasion of personal privacy and autonomy. It also stands as evidence that the agency sees Medicare recipients less as human beings than as a number to be collected, dissected, and used. This less-than-dignified treatment of individuals was never the purpose of Medicare.

Non-Recipients Included
We are opposed to the placement of non-Medicare patients onto the database without their consent, as the agency has no responsibility for their medical bills, and therefore no right to hold information on these individuals. The notice contradicts itself by at times noting in one place a list of non-enrolled individuals to be in the database and then noting elsewhere that the MBD is a "database of comprehensive data on people enrolled in Medicare" (pg. 63393) without mentioning plans to include others in the database. This may confuse the general public about the agency's intent.

New Data Sets
We are opposed to plans that call for adding "new sets of data that is not currently available" (page 63393) in the agency's enrollment database, group health plan database or Medicaid statistics information system. It appears that such data elements could be added at the whim of the agency. Such new elements, currently unavailable to the agency will permit more invasive tracking and profiling of senior citizens and their health care practitioners, impacting personal and professional autonomy. Every data element should be defined and made available for public comment prior to expanding the breadth of the database.

Special Data Not Protected
There is no indication within the notice that genetic data, DNA or mental health records will not be included on the database or will receive any special or specific protections from access.

Capturing the Private Payers
Even as the country moved inextricably toward Medical Savings Accounts for senior citizens, the agency is moving to capture the data that would be lost for those citizens who do not use the government to pay their bills. The notice acknowledges that the database "alters an old architecture that could only support two beneficiary Medicare choice options: Fee-for-service or traditional Health Maintenance Organization (HMO). As these models merge and additional choices become available (i.e., Medicare+Choice Organization, Medicare Savings Accounts (MSA) and Private Fee for Service options, CMS determined the need for a beneficiary management structure, the MGD, designed to support these expanded program and coverage options.

In short, the CMS intends to capture all senior into the database whether or not they use Medicare, pay privately for care, or have a Medical Savings Account which they use to pay their own bills. We believe that this is a violation of citizens' constitutional right to privacy and personal autonomy.

Health Care Rationing
Finally, we are concerned that the centralization of Medicare data, and the potential for profiling health care practitioners will lead to health care rationing for one of our nation's most vulnerable groups of people. Knowing that their every treatment decision will be recorded in a centralized database, physicians and other health care practitioners may feel pressured to alter their treatment of patients from the best course of care to the federally-prescribed course of care, so that they can avoid being charged with doing anything that federal regulators may consider "waste, fraud, or abuse."

ROUTINE USES OF PATIENT DATA

First of all, the public is likely to be confused by this terminology. The phrase "routine uses" should be changed to " routine disclosures" to more properly identify the actions of the agency.

Secondly, because the notice does not provide a comprehensive list of the current or planned data elements, the agency has made it impossible for citizens to fully comment on the planned Routine Uses. Health care data is not even listed but when we talked with the agency's contact person, it was made clear that when the database becomes the "singular, authoritative, database of comprehensive data on people enrolled in Medicare" (page 63393), all health care data will be included. The words "not limited to" in the notice should not be used as a valid reason to exclude health care data from the list of data elements mentioned in the notice.

Additionally, our concerns about the planned "routine disclosures" include:

Privacy Act (Routine Uses)
According to the Federal Privacy Act of 1974, the data collected by federal agencies must only be used for the purposes for which it was collected. It requires a great stretch of the imagination to believe that those purposes include many of the eleven "routine disclosure" categories planned for the Medicare Beneficiary Database. Instead, the agency proposes to allow disclosures for the broad purpose of "Medicare Program administration." (page 63392)

Specifically, the medical data was not collected for perusal by courts systems and government agencies interested in ongoing litigation of interest, peer review, fishing expeditions for fraud, Medicaid program administration, IRS tax evasion investigations, and research (public policy, medical, cost containment, quality measurement). Data was and is to be collected simply as a means to communicate with the agency that a bill must be paid for services rendered.

Research
The agency's power to grant public and private entities access to individually-identifiable data on senior citizens according to their determination of a "justified business need" (words of the CMS contact) is too broad.

According to the CMS contact listed in the notice, one solitary person, the systems manager, has the power to grant access to anyone or any entity claiming to be involved in research. Federal rules on research require the use of an Institutional Review Board to carefully evaluate research projects and assess the risk to patients, including the risks to their privacy. In this case the agency does not follow the federal government's own requirements for federally-funded research. It would seem that proposed research using federally-acquired data should follow the same rigorous examination of purpose and risk.

Genetic and Mental Health Data
There are no special considerations or protections given to genetic data or mental health data. In fact, the collection of genetic or mental health data is neither specified nor denied. It appears that genetic and mental health data will be as widely available as all other data on the database, when in fact neither should even be collected for the database.

The notice purports to follow the federal Medical Privacy Rule, but it should be noted that the rule is not yet in effect when the first disclosures are planned, published guidances on the rule are loosening patient consent provisions, government agencies are not required to follow the privacy rule, patient consent requirements in the privacy rule are extremely weak, genetic data is not part of the privacy rule, and two separate lawsuits have been filed to prevent the rule from implementation.

Fraud and Abuse
The agency plans to use the Medicare Beneficiary Database for fishing expeditions. Access to patient data will not only be given to investigate suspected cases of fraud, but will be used to "prevent, deter, discover, detect, investigate, examine, prosecute, sue with respect to, defend against, correct, remedy, or otherwise combat fraud or abuse in such programs."

The agency's plans will further discourage physicians and other practitioners from involvement with the Medicare program, which in turn will limit access to care for the growing senior population. With 132,000 pages of Medicare regulations (and growing), health care practitioners most certainly violate some Medicare rules without even knowing that they are doing so. Many of those charged with fraud have lost their practices proving their innocence. Many others pay exorbitant fines to avoid the expense of defending themselves. This database will be used to tap into the cash cow federal regulators have created for themselves on the backs of primarily innocent practitioners.

Minimum Data
The notice states "We will only disclose the minimum personal data necessary to achieve the purpose of MBD." Disclosures should not be made to achieve the purposes of the database. They should be made only to pay the bills of Medicare recipients, unless a non-coercive, voluntary consent is obtained in writing from the patient.

We appreciate the "higher level of security" (pg. 63397) provided to the database, however, the level of security speaks mostly about how the data is handled once it is collected or disclosed. With eleven broad disclosures planned, it speaks little about protecting the data from disclosure for any purpose for which it was not collected which included many of the eleven routine uses.

Physical Safeguards
Access is granted to "those support personnel with a demonstrated need for access." (pg. 63397) In the large bureaucracy of the government, combined with the eleven routine uses, it seems likely that those without a demonstrated need will slip through the cracks and into the system. After all it was recently reported that the IRS lost over 2,000 of its computers along with sensitive information. Again, the centralization of data makes any safeguards difficult to maintain.

In addition, any system with dial-in access in fraught with the potential for hacker-access and hacker targeting.

Archived Data
Since Medicare data is collected simply for the payment of claims, the CMS has no right to maintain and permanently archive personal, medical, mental health, and genetic data on those who have died. Medicare recipients did not sign over their lives to science when they were forced to signed onto the program.

Pretense of Patient Consent
The notice says, "CMS will make disclosure from the proposed system only with consent of the subject individual, or his/her legal representative, or in accordance with an applicable exception provision of the Privacy Act" (pg. 63397) Since the exception provision of the Privacy Act has been interpreted by the agency to eliminate the privacy rights of senior citizens, this declaration is quite disingenuous, and merely a legal formality. No consent will be required and no consent will be obtained for eleven broad disclosures of the medical records and personal information of senior citizens.

CONCLUSION

Citizens' Council on Health Care is opposed to the creation of a centralized database that enters the data of pre-senior, presumed-eligible, Medicare-entitled, and Medicare-eligible citizens without their informed voluntary written consent. We also oppose the collection of new data sets, the lack of specific protection for mental health or genetic data, the broad permitted disclosures of private data, the lack of adherence to federally-required research subject protections, the archiving of data on deceased senior citizens, the capture of data on private payers and non-recipients of Medicare services, the planned profiling of citizens and tracking of professional treatment decisions, the pretense of patient consent, and the undignified treatment of senior citizens as mere research subjects.

Please consider our comments prior to making disclosures under the routine use provision of the notice.

And please notify us when the CMS response has responded to the public's comments on this notice and the MBD. We would be interested in reading the response. Thank you.

Sincerely,

Twila Brase, R.N.
President
651-646-8935

------------------------------------------

Addendum Sent Separately January 15, 2002:

------------------------------------------

January 15, 2002

Citizens' Council on Health Care
1954 University Ave. W., Suite 8
St. Paul, MN 55104

Director
Division of Data Liaison and Distribution
Centers for Medicare and Medicaid Services
Room N2-04-27
7500 Security Boulevard
Baltimore, Maryland 21244-1850

RE: Doc.01-3005 - Privacy Act of 1974; System of Records

Dear Director:

Please accept this addendum to the public comments submitted today by email to Ned Burford (nburford@cms.hhs.gov).

Citizens' Council on Health Care requests that a 90-day extension to the public comments period on the Medicare Beneficiary Database and the eleven proposed routine uses. We understand that disclosure under the eleven routine uses can begin tomorrow.

Given the timing of the notice - in the midst of holiday festivities - the public has had little time to become informed or to react to the CMS notice for the Medicare Beneficiary Database. And public policy organizations, including ours, needs more time to inform the public about the agency's plans.

In addition, the mail in D.C. has been slowed by the Anthrax scare, many senior citizens who will be placed on the database may not have access to the Internet to read the notice and there was initially no email address for response.

You have stated in the Federal Register notice that public comments may persuade you to defer implementation of the Medicare Beneficiary Database. It is important that you allow enough time to receive those comments.

Thank you for considering our request.

Sincerely,

Twila Brase, R.N.


President, CCHC

Media Contact:

Twila Brase, President
Phone: 651-646-8935 (office)
/