A Primer on The Privacy Act of 1974

Given the release yesterday of a “medical record” by the nation’s top politician, we couldn’t think of a better time to discuss one of the most important pieces of legislation to ever get passed into law. While all of the statutes we have lately discussed are, we argue, vitally important to every American, we think that in a visceral sense, understanding this statute is a very good way to see how, where and why all of the others work (or don’t) both individually and together. It is also a statute that applies to every American regardless of race, gender, sexual preference or disability.

In broad terms, The Privacy Act governs the collection, use and dissemination of personally identifiable information by the federal government. It also requires (with a few specific exceptions) that release of said information by the government may not happen without the specific written consent by said individual. Obviously, this also extends to medical records, even as HIPAA flows from this statute and extends it in a particular arena.

The Act also requires (remember this was immediately after Watergate) that any individual could request any and all government held files and further permits individuals to request amendments to such records if they are incorrect.

Where this statute becomes germaine for our purposes specifically, is that it deals directly with a tangential issue also addressed by HIPAA and the ADA. Specifically, the Privacy Act not only builds on the Constitutionally protected right to privacy, but also creates the ability for individuals (for example) on a government-funded health insurance plan, to be able to demand that medical records accessed by the government be updated and kept current. It also means that individuals on government healthcare have the right to expect that their disabilities (for example) not be used against them when seeking employment.

There are those who might find the argument that disability is as much if not greater a “liability” as race in seeking equal opportunity in America offensive. However just a comparison between the state of the PWD vs. the African-American community (which is statistically about half the size of the PWD community even as it also includes minorities of course) shows that the former is in far worse shape due to discriminatory attitudes and practices that are so ingrained that they are often invisible to those not affected. Starting with (for example) the fact that the federal Department of Labor does not have or even attempt to officially track statistics on the real unemployment rate of this community. Discriminatory attitudes are also on prominent display at the Department of Education, where for example in North Carolina, any “gimp” with an entrepreneurial bent (no matter what kind of disability they have) must take a psychological test before being given grants or loans from the Department of Ed. We understand that ink blots for one are inherently fascinating to headshrinkers if not bureaucrats, but don’t really see how this predicts entrepreneurial ability much less success. This treatment stands in stark contrast to the way the “able-bodied” are treated not only by the Department of Education but all other federal and state agencies. Imagine the outcry if the SBA (for example) implemented a similar across-the-board approach to the average entrepreneur.

Under Constitutional rights to privacy, individuals are supposedly protected by “tort” law to guard against false statements and premises made against them. In the case of the PWD community, where “ability” is frequently dismissed or ignored in favor of focusing on the disability, there are very few remedies and rights that ultimately escape without the shadow of doubt and/or prejudice.

And amidst all the overtones of the current discussions of Obama’s heritage based on his skin color if not his “ability” to get into some of the nation’s top schools and offices, we can’t help but think, what if he had a disability instead of extra melanin in his skin?

Getting “Hip” With HIPAA

Since we are on a bit of a statutory roll here, we thought we would continue to knock out a few more primers on some of the most important statutes that impact our business. Starting with this “strange animal.” Word to the wise, it has nothing to do with African semi-aquatic mammals of a similar sounding name.

This statute (known formally as the Health Insurance Portability and Accountability Act) was passed in 1996 during the Clinton era discussions about healthcare reform. It covers many areas important to everyone who needs healthcare, but there are some particular aspects of this law that we wanted to highlight, specifically as they interact with both Privacy Act requirements (a topic for a blog post coming soon), and of course our favorite two civil rights bills, the ADA and the Civil Rights Act of 1991.

Title I of HIPAA was the first real attempt to limit the ability of health insurers to exclude individuals for coverage based on pre-existing conditions. It is nowhere near as declarative in this regard as Obama’s current law, which is why we support this critical aspect of healthcare reform. This however, we anticipate will become less of an important piece of this statute as some form of Obamacare comes into practice.

Title II of HIPAA however, still has a lot of teeth, and we anticipate that this segment of the legislation will only grow in importance. Specifically, this section deals with the creation of standards for the dissemination of healthcare related information. Again this is tied into Privacy Act issues we’ll discuss another day, but these provisions are critical in maintaining not only medical privacy for individuals but their basic Constitutional Rights under both the ADA and The Privacy Act which include not only privacy but the right of due process. In the former, for one, it directly addresses the right of a PWD, for example, to better control who knows what about their disability. As the ADA is very clear on the rights of individuals who are “perceived” to have disabilities (whether they have them or not), this statute compliments that legislation for this demographic in very positive ways.

The so-called “Security Rule” deals with electronically transmitted medical information specifically. In other words, one has to be very careful where and how medical records are transmitted and stored on what databases and who should have access to them. This is the part of HIPAA that has proved to be particularly problematic for some of the larger IT players (and indeed some state actors, starting with North Carolina) to comply with.

Our service provision model we believe not only creates an answer for some of those ongoing issues and problems, we also plan to give access to advertisers to a very valuable demographic while protecting our customers’ medical privacy. We believe our model is unique among IT players who are entering this space or have wanted to for some time (such as Google and Facebook). What the specifics are we will decline to elaborate upon further at this time, but we have provided one model we intend to use on this site. Click on the taxi to the left of the blog post and we hope readers will see what we mean.

We as a company will be operating in some very highly regulated waters. We actually think its a very good thing. One of what we believe to be the value adds we bring to the table is a profitable operating model that actually makes its business case BECAUSE of regulation rather than in spite of it. While this may not be the case for every private enterprise out there, we think that some of the ideas and models we have created set new benchmarks and open new doors to profitability and innovation.