The Right Prescription

Has the IRS Already Seized Your Medical Records?

If you think your intimate health information is private in the era of Obamacare, think again.

By 5.20.13

Send to Kindle

As gratifying as it was to see the “news” media actually do its job last week when the IRS scandal broke, it was also odd that the coverage focused exclusively on abuses of power relating to various Tea Party and anti-abortion groups. A much scarier IRS story has been virtually ignored by the establishment press. On Wednesday, it was reported that a class-action lawsuit had been filed against a group of IRS agents who, according to the complaint filed by “John Doe Company” in the Southern District of California, “stole more than 60,000,000 medical records of more than 10,000,000 Americans, including at least 1,000,000 Californians.”

Before I get to the feature of this case that will really scare the pants off you, a little more background: This tawdry tale began in 2011 with an IRS investigation concerning one former employee of “John Doe Company” pursuant to which a search warrant was obtained. This warrant didn’t authorize the seizure of anyone’s medical records, but the IRS agents “threatened to ‘rip’ the servers containing the medical data out of the building if IT personnel would not voluntarily hand them over.” They proceeded to seize the records “without making any attempt to segregate the files from those that could possibly be related to the search warrant.”

The leadership of “John Doe Company” attempted to make the IRS people understand that they had violated at least one federal law, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and that “unreasonable searches and seizures” violate the Fourth Amendment of the Constitution. The agents were unimpressed. As the complaint phrases it, “After being put on notice of the illicit seizure, the IRS agents refused to return the records, continued to keep the records for the prying eyes of IRS peeping toms, and keep the records to this very day.” The IRS also refuses to reveal who has seen the records or where they are located.

It would seem pretty obvious that this is another abuse of power by the IRS at least as serious as the abuses that dominated the news all last week. Thus far, though, only conservative and libertarian publications have afforded it serious attention. Why so much focus on one story and none on the other? It’s those two words, “medical records.” The MSM is attempting to build a firewall between the IRS scandal and Obamacare. This is why the mainstream outlets are publishing so many columns and blog posts, like this one by Jonathan Cohn, assuring us that attempts to link the IRS scandal with Obamacare are “laughable.”

In reality, of course, they are inextricably linked. And not merely because the IRS can, as Cohn himself puts it, “use its power to pry into individual medical records or otherwise invade personal liberty.” They are linked because Obamacare and the President’s second most ill-conceived domestic initiative, the “stimulus” package, mandated that every health care provider in the country adopt the very technology, electronic health records (EHR), which renders such abuse possible. Before these mandates, it wasn’t possible to steal 60 million confidential records from any single entity except from the federal government itself.

This brings us to the most ironic feature of our government-mandated EHR technology. The system most frequently promoted by “reformers” during the health care debate was VistA, a system that had been implemented by the Department of Veterans Affairs (VA). Thus, the technology mandated by Obamacare was largely inspired by VistA. But, as it happens, the most notorious medical record theft in history involved the VA. As CNN reported at the time, “The names, dates of birth and Social Security numbers of about 26.5 million active duty troops and veterans were on the laptop and external drive, which disappeared while in the custody of a Veterans Affairs data analyst …”

You will note that the person from whom these records were stolen was not a doctor or a nurse, but a data analyst who was carrying around huge amounts of medical information on a laptop. And this is where you should begin to have real fears for your privacy. Your medical records, once the province of highly trained medical professionals, are now routinely accessed by all manner of individuals uninvolved in your medical treatment. And many of these individuals are not closely supervised by medical professionals. Indeed, many of the people who have access to your medical records are not supervised by anyone.

For example, if you visit the ER tonight, the hospital will send a claim to your insurance company. Before that happens, however, a diagnosis code must be assigned to your record. Who does that? Typically, it is someone in her pajamas who uses a laptop to remote into the hospital’s IT system from home after the kids are in bed. She is not a physician or a nurse, yet she peruses your records, interprets your doctor’s notes, and then chooses an ICD-9 code from a drop-down box. It is likely that no one employed at the hospital has ever met this person in the flesh. Hospitals increasingly connect with such contract coders via outside agencies.

Assuming this coder is completely honest and very productive, as are most of them, what happens if her eldest son is addicted to narcotics and knows that she has routine access to the names, dates of birth and Social Security numbers of thousands of people? He has a golden opportunity to commit identity theft. All he has to do is wait until she forgets to lock her screen when she gets up to toss a casserole into the oven or run to the bathroom. If he is computer savvy, and what adolescent isn’t, he can access and steal your information in a matter of minutes. Such opportunities arise every minute of every day, all across the nation.

The point here is not that electronic medical records are inherently bad. It is rather that, in their mad rush to pass Obamacare and the stimulus package, the President and his accomplices on Capitol Hill mandated clunky, insecure systems that can be abused by politicized government agencies, mismanaged by innocent but incompetent bureaucrats, or even breached by the kid next door. At the same time, they augmented the already-immense power of the IRS exponentially. Thus, Jonathan Cohn and anyone else who pretends that the IRS scandals have no implications for Obamacare is either delusional or dishonest.

Last week’s revelations concerning that agency’s treatment of Tea Party and anti-abortion groups demonstrates that the IRS is sufficiently corrupt to abuse its power. And its theft of 60 million medical records shows that it is also eminently able to invade the privacy of any American. I’ll conclude, then, with a little more food for thought: The class action lawsuit filed by John Doe Company involves 10 million patients, “roughly one out of every twenty-five adult American citizens.” And, since only 10 percent of the affected patients reside in California, the rest are obviously scattered across the nation. Are you one of the other 9 million?

Photo: UPI

Like this Article

Print this Article

Print Article
About the Author

David Catron is a health care revenue cycle expert who has spent more than twenty years working for and consulting with hospitals and medical practices. He has an MBA from the University of Georgia and blogs at Health Care BS.