TUCoPS :: Privacy :: priv0807.txt

Privacy Digest 8.07 5/4/99

<HTML>
<head><TITLE>PRIVACY Forum Archive Document - (priv.08.07) </TITLE></head>
<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#660099" alink="#ff0000">

<table border=0 cellpadding=0 cellspacing=0 width=100%>
<tr>

<td bgcolor="#ffffcc" width=30%>

<table border=0 cellpadding=4 cellspacing=0 width=100%>
<tr>
<td>

<center>
<a href="/reality.html"><img src="/spkr1.gif" border=0 align=middle></a>
<font size=-1 face="Arial, Helvetica, sans-serif"><b>RealAudio</b></font><br>
A Moment of Sanity & Fun!<br>

<font size=-1 face="Arial, Helvetica, sans-serif">
<b>VORTEX REALITY REPORT</b><br>
<font color="#ff0000"><b>& UNREALITY TRIVIA QUIZ!</b></font>
</font><br>

<table border=0 cellpadding=0 cellspacing=0 width=100%>
<tr>
<td>
<center>

<table border=0 cellpadding=4 cellspacing=0>
<tr>
<td>

<b>
<a href="/reality.html"><i>LISTEN</i> or <i>INFO!</i></a></td>
</b>

</tr>
</table>

</center>
</td>
</tr>
</table>

</center>

</td>
</tr>

</table>

</td>

<td align=center>

<font size=+2><b>PRIVACY Forum Archive Document</b></font><br>

<A href="/privacy"><h3>PRIVACY Forum Home Page</h3></A><p>
<A href="http://www.vortex.com"><h4><i>Vortex Technology Home Page</i></h4></A><p>
<A href="/privmedia"><h4>Radio, Television, and Press Contact Information</h4></A><p>

</td>
</tr>
</table>

<hr>
<pre>

PRIVACY Forum Digest      Tuesday, 4 May 1999      Volume 08 : Issue 07

            Moderated by Lauren Weinstein (lauren@vortex.com)         
              Vortex Technology, Woodland Hills, CA, U.S.A.
	                 http://www.vortex.com 
	
                       ===== PRIVACY FORUM =====              

    -------------------------------------------------------------------
                 The PRIVACY Forum is supported in part by
               the ACM (Association for Computing Machinery)     
	         Committee on Computers and Public Policy,      
		 Cable &amp; Wireless USA, Cisco Systems, Inc., 
                           and Telos Systems.
                                 - - -
             These organizations do not operate or control the     
          PRIVACY Forum in any manner, and their support does not
           imply agreement on their part with nor responsibility   
        for any materials posted on or related to the PRIVACY Forum.
    -------------------------------------------------------------------


CONTENTS 
	"The Vortex Daily Reality Report and Unreality Trivia Quiz"
	   (Lauren Weinstein; PRIVACY Forum Moderator)
	Re: Health Care Financing Administration Database (John Bacon-Shone)
	Re: Privacy and "Dr. Death" (John Deters)
        Euthanasia / Kevorkian (James Cayz)
	Activism Without Principles is Futile (Dick Mills)
        US, Euro Consumer Groups Call for Privacy Convention (Roger Clarke)
	Mailing lists (Henry Keultjes)
	Carrying a Laptop into the UK - Rights to Search (Chris D'Arcy)
	S.782: Patients' Telephone Privacy Act of 1999 (Peter Marshall)


 *** Please include a RELEVANT "Subject:" line on all submissions! ***
            *** Submissions without them may be ignored! ***

-----------------------------------------------------------------------------
The Internet PRIVACY Forum is a moderated digest for the discussion and
analysis of issues relating to the general topic of privacy (both personal
and collective) in the "information age" of the 1990's and beyond.  The
moderator will choose submissions for inclusion based on their relevance and
content.  Submissions will not be routinely acknowledged.

All submissions should be addressed to "privacy@vortex.com" and must have
RELEVANT "Subject:" lines; submissions without appropriate and relevant
"Subject:" lines may be ignored.  Excessive "signatures" on submissions are
subject to editing.  Subscriptions are via an automatic list server system;
for subscription information, please send a message consisting of the word
"help" (quotes not included) in the BODY of a message to:
"privacy-request@vortex.com".  Mailing list problems should be reported to
"list-maint@vortex.com". 

All messages included in this digest represent the views of their
individual authors and all messages submitted must be appropriate to be
distributable without limitations. 

The PRIVACY Forum archive, including all issues of the digest and all
related materials, is available via anonymous FTP from site "ftp.vortex.com",
in the "/privacy" directory.  Use the FTP login "ftp" or "anonymous", and
enter your e-mail address as the password.  The typical "README" and "INDEX"
files are available to guide you through the files available for FTP
access.  PRIVACY Forum materials may also be obtained automatically via
e-mail through the list server system.  Please follow the instructions above
for getting the list server  "help" information, which includes details
regarding the "index" and "get" list server commands, which are used to access
the PRIVACY Forum archive.  

All PRIVACY Forum materials are available through the Internet Gopher system
via a gopher server on site "gopher.vortex.com".  Access to PRIVACY Forum
materials is also available through the Internet World Wide Web (WWW) via
the Vortex Technology WWW server at the URL: "http://www.vortex.com";
full keyword searching of all PRIVACY Forum files is available via
WWW access.
-----------------------------------------------------------------------------

VOLUME 08, ISSUE 07

     Quote for the day:
         
         "Anyone who's always right makes me sick."

              -- Randall (David Rappaport)
		 "Time Bandits" (Handmade Films; 1981)

----------------------------------------------------------------------

Date:    Mon, 3 May 99 21:56 PDT
From:    lauren@vortex.com (Lauren Weinstein; PRIVACY Forum Moderator)
Subject: "The Vortex Daily Reality Report and Unreality Trivia Quiz"

Greetings.  As you might expect, I get a lot of e-mail, tending to run the
gamut in a variety of ways...  One frequent class of received messages is
requests for comments or advice on matters concerning not only privacy but
also a variety of related (and sometimes unrelated) fields.  Since there
tends to be considerable overlap between many such requests, suggesting
common points of interest, I've now launched the audio program with 
the long name:

"The Vortex Daily Reality Report and Unreality Trivia Quiz"

It's available via RealAudio over the net, and is updated each day from
Monday through Friday.  Essentially, it's a daily brief blast of (my)
opinionated commentary, focusing on exposing the fallacies of muddy thinking,
crazy ideas, misguided concepts, and other related areas that seem to be
sending the signal/noise ratio of our society down the drain.  As you can
imagine, privacy issues are included, but are but one of the topic areas
covered.  These short (just a minute or two) audio reports tend to be more
opinionated than my National Public Radio commentaries, and cover a much
wider range of subjects.

Each of these short audio reports also includes an "Unreality Trivia Quiz"
question (and the answer to the previous program's question).  What's an
"unreality" question?  Try it and see...

These daily features can be heard via a link at the 
main PRIVACY Forum page:

   http://www.vortex.com/privacy

or can be played directly via the RealAudio file URL:

   http://www.vortex.com/reality.ram

Please feel free to forward this announcement, or link 
to the associated program URLs, as you feel appropriate.

Comments, opinions, and ideas for segments are always welcome, of course!

Thanks very much.

--Lauren--
Lauren Weinstein
Moderator, PRIVACY Forum
http://www.vortex.com

------------------------------

Date:    Mon, 19 Apr 1999 07:24:21 +0800
From:    John Bacon-Shone &lt;johnbs@hku.hk&gt;
Subject: Re: Health Care Financing Administration Database

"Dennis S. Davies, P.T." &lt;davies@primenet.com&gt; said:

    ... The most recent intrusion however, is an intrusion into the lives of
    the clients of federal and state chartered home health agencies.  HCFA
    (the Health Care Financing Administration--the administrator of
    Medicare--pronounced "hecfa") now requires that a 17 page questionnaire
    be filled out on all clients of home health agencies...

As an applied statistician, I believe I can see very well the need 
for creating the database, but as a privacy advocate, I also believe 
that the database is being handled in a manner that yields 
unnecessarily high privacy risk.  Clearly, encryption could be used 
to ensure that the database cannot be easily linked back to an 
identifiable person.  In fact, this is another good illustration of 
why rubbishing of the EU directive by US privacy "experts" is so 
wrong.  Under Hong Kong's data protection law, which implements the 
directive in a manner that does not bring ethical business to a stop, 
this database could only be implemented with full informed consent 
(of the guardian where appropriate), no penalty for declining to 
participate, and would also require that the privacy commissioner be 
convinced that the privacy risks have been minimised.

Regards

John

Dr John Bacon-Shone, Director, Social Sciences Research Centre,
The University of Hong Kong, Pokfulam Road, Hong Kong
Tel: 852-28592412  Fax: 852-28584327 E-mail: mailto:johnbs@hku.hk
Web http://www.ssrc.hku.hk

------------------------------

Date:    Mon, 19 Apr 1999 14:37:28 -0500
From:    John Deters &lt;jad@pclink.com&gt;
Subject: Re: Privacy and "Dr. Death"

First, I'd like to state my position on euthanasia:  I support a person's
right to make their own choices in life and in death.  I do not, however,
go out and march on behalf of this cause, nor will I place a "Free Jack"
bumper sticker on my vehicle.  I believe it's a private decision to be made
privately by a person, and personally I think it should be done only with
the full support of family.  That said, I also think anyone who wishes to
terminate their life is in need of professional counseling.  Euthanasia
should be considered as one of the options available at that time.

Does Dr. Kervorkian deserve his fate?  Perhaps not on second degree murder
charges, but certainly he should be sued for malpractice.

I think Dr. Kervorkian's methods were abnormal, and that they represented a
violation of the patient/physician relationship.  These people sought Dr.
Kervorkian out looking for assistance with suicide.  The fact that they
were turning to a professional for assistance implies that they were indeed
open to the idea of "legitimate" assistance.  If euthanasia were officially
practiced in this country, I believe they would have sought out euthanasia
the same way they sought out other medical services.

But Dr. Kervorkian performed his procedures without physician referrals (of
necessity), without studying patient backgrounds and with only cursory
counseling.  If you were a heart surgeon, would you perform a coronary
bypass on a patient who walked in your door that morning saying, "Doc, I
need a bypass?"  Of course not.  You'd want a referral from a licensed
doctor, and you'd examine the patient yourself.  You would examine X-rays,
you would run EKGs and have laboratories perform blood tests, and you would
counsel the patient to get a second opinion.  You'd schedule the surgery
with a hospital, and you would proceed knowing an entire board of review
would examine your surgery if the patient should happen to die.

Dr. Kervorkian didn't receive referrals from psychiatrists, psychologists
or clinicians.  He received people who knew of his reputation and found him
in the phone book.  He would offer perhaps one hour of "counseling" or
questioning, and then he would perform a procedure that we would consider
at least as major as open heart surgery, if not as complex.  His only board
of review was the coroner's certificate proving only that his patient did
indeed die.

I have also heard that in at least one case, (not the televised case for
which he was convicted,) he helped end the life of a patient who was
suffering only from depression, which is considered a treatable illness.

I believe that ultimately euthanasia will require as much examination of
the patient as open heart surgery.  The examination and decision processes
need to be much more refined in order for euthanasia to be accepted in this
country.  Dr. Kervorkian assumed for himself the role of hangin' judge,
jury, and executioner.  As patients with life-threatening problems seeking
medical assistance, we need to demand better treatment than that.

John Deters
jad@pclink.com

------------------------------

Date:    Mon, 26 Apr 1999 09:55:21 -0400 (EDT)
From:    James Cayz &lt;cayz@lib.de.us&gt;
Subject: Euthanasia / Kevorkian.

I find that today's society has the greatest case of "societal
selfishness" with regards to euthanasia.

We can allow perfectly good food to be thrown out and pets to be put
asleep simply because they are unwanted.  But if a person, who is in great
long term pain or suffering, wants to save himself some time, and his
family a lot of expense, and everyone a lot more pain &amp; suffering, this
isn't allowed???? 

Where did *someone* draw the line here? 

It certainly wasn't at the "pain" level - many pets are not in pain when
put to sleep.

It couldn't be at a "societal worth" level - a person with long term /
terminal disease, requiring constant medical attention, and unable to
work, is not contributing to the overall societal health.

What is left is a quasi-spiritual notion that Man is Master of everything
else, including the Earth and all its animals, and that although we can
pretty much do as we see fit with everything else, every HUMAN life is
sacred, even if that particular person doesn't agree.

Except for War.  And Crime.  And preventable disease.  And Hunger.

So, we spend our time &amp; money prosecuting people who only want to "make it
end".  And not enough time &amp; money on trying to solve bigger issues like
War, Crime, Disease, and Hunger.

Makes you feel Honored to be a Human, eh?

James

------------------------------

Date:    Mon, 19 Apr 1999 20:55:04 -0400
From:    Dick Mills &lt;dmills@albany.net&gt;
Subject: Activism Without Principles is Futile

As I read the most recent issue, PRIVACY Forum Digest Volume 08 : Issue 06, 
I was struck by the repetitive nature of the privacy gripes.  They follow a 
common theme.  We have a laudable motive for intrusion that must be 
"balanced" with a privacy interest.  Because there can never be unanimity 
about laudability, balances are always compromises.

I'm sick and tired of balancing my privacy.  Thousands of times per year we 
balance away some tiny bit of it.  After a long time, big mountains are 
eroded to molehills, one grain of sand at a time.

If our approach to protecting privacy is to strike balance after balance, 
the end result is inevitable.  We loose.

In the USA, our primary claim to a legal right to privacy comes from Warren 
and Brandeis' famous 1890 essay.  But their concept of "reasonable 
expectation of privacy" is deficient.  What is reasonable to expect 
today is less than it was in 1890, and it will be still less tomorrow and 
the day after that.  Reasonable expectation is a slippery and increasingly 
steep slope.  The slide down is a one way trip.

Every time one of us says, "Because of your laudable motives, I approve of 
your intrusion of someone else's privacy," we lower the bar of reasonable 
expectation another notch.

Laudable motives are seldom considered justification to encroach upon the 
rights of speech or religion.   We consider those rights absolute, not
relative.  We try to hold them inviolate.

Are there no inviolate principles of privacy?  

If privacy activism is worthwhile, then we must foresee the point where the
general erosion of privacy will bottom out and perhaps rebound.  If that's
not reasonably foreseeable, what's the point?

-- 
Dick Mills            http://www.albany.net/~dmills

------------------------------

Date:    Wed, 28 Apr 1999 09:18:17 +1000
From:    Roger Clarke &lt;Roger.Clarke@anu.edu.au&gt;
Subject: US, Euro Consumer Groups Call for Privacy Convention

Forwarded to me by Marc Rotenberg:

PRESS RELEASE

Wednesday, April 28 1999

  US and European Consumer Groups Call for Privacy Convention

                 TACD Rejects "Safe Harbor" Proposal

Brussels - The TransAtlantic Consumer Dialogue (TACD), a coalition
of sixty leading consumer organizations from the United States and
Europe, issued a resolution this week opposing the adoption of a
"Safe Harbor" proposal and recommended instead the establishment of
an International Convention on Privacy Protection to address growing
public concern about the absence of effective privacy protection in
transborder data flows.

The TACD said that the Safe Harbor proposal under consideration by
the governments of the United States and the European Union fails to
provide adequate privacy protection for consumers.

Jim Murray, Director of the European Consumers' Organization (BEUC)
based in Brussels, said that consumers are entitled to legal redress
for the protection of personal privacy. "We do not feel that the
Safe Harbor proposal provides adequate enforcement to safeguard the
interests of European citizens. We are also not pleased about the
elaborate procedures that consumers will be required to follow to
pursue privacy violators."

The TACD specifically called on the European Commission and the
Ministers of the European Council to reject the Safe Harbor
proposal, saying that the proposal would "undermine the purpose of
the EU Data Directive and compromise the privacy interests of
European citizens."

Among the objections to the proposal, the TACD further said that the
proposal lacks an effective means of enforcement and redress for
privacy violations. The consumer coalition also said that the
proposal fails to ensure that individual consumers will be able to
access personal information obtained by businesses.

Marc Rotenberg, executive director of the Electronic Privacy
Information Center in Washington, DC said that the TACD resolution
underscored the need for greater public participation in the
development of international privacy policies.  "We are simply past
the day when the government and the industry can propose sweeping
polices that affect the privacy interests of consumers without
taking the time to seek substantial public input."

The resolution on Safe Harbor was one of several resolutions issued
by the TACD during the two-day meeting in Brussels. The consumer
organizations also addressed food safety and standards, electronic
commerce, trade and other issues.

LINKS

Trans Atlantic Consumer Dialogue
http://www.tacd.org/

TACD Resolution on Safe Harbor Proposal and International Convention 
on Privacy Protection
http://www.tacd.org/meeting1/electronic.html#safe

Safe Harbor Proposal, US Department of Commerce
http://www.ita.doc.gov/media/

European Consumers' Organization (BEUC)
http://www.beuc.org/
Jim Murray, BEUC, tel: +32 2 743 1590

Electronic Privacy Information Center
http://www.epic.org/
Marc Rotenberg, EPIC, tel +1 202 544 9240

RESOLUTION

             Resolution on the "Safe Harbor" Proposal and
             International Convention on Privacy Protection

     Adopted by the Trans Atlantic Consumer Dialogue (TACD)
                      Brussels, Belgium
                         April 1999


RESOLVED

The Safe Harbor proposal now under consideration by the United
States and the European Union fails to provide adequate privacy
protection for consumers in the United States and Europe. It lacks
an effective means of enforcement and redress for privacy
violations. It places unreasonable burdens on consumers and unfairly
requires European citizens to sacrifice their legal right to pursue
privacy complaints through their national authorities. The proposal
also fails to ensure that individual consumers will be able to
access personal information obtained by businesses.

Therefore,

	1.	The TACD urges the European Commission and the Ministers
	of the European Council to reject the Safe Harbor proposal.
	The proposal will undermine the purpose of the EU Data
	Directive and compromise the privacy interests of European
	citizens.

	2.	The TACD recommends the development and adoption of an
	International Convention on Privacy Protection that will help
	safeguard the privacy interests of consumers and citizens in
	the twenty-first century.

	3.	The TACD further urges national governments to ensure
	that consumer organizations are given a more central role in
	the future development of international privacy policies and
	practices that affect consumer interests.


				-------

Roger Clarke              http://www.anu.edu.au/people/Roger.Clarke/

Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke@xamax.com.au            http://www.xamax.com.au/

Visiting Fellow                       Department of Computer Science
The Australian National University     Canberra  ACT  0200 AUSTRALIA
Information Sciences Building Room 211       Tel:  +61  2  6249 3666

------------------------------

Date:    Fri, 30 Apr 1999 06:36:45 -0400
From:    Henry Keultjes &lt;keultjes@sprintmail.com&gt;
Subject: Mailing lists

While the mailing list industry likes to talk about their "clean" lists,
it is still a very backward industry that does not want to get "with the
program" because they get paid by the thousand names.  In this
electronic age, where a mailing list for a magazine can be transmitted
from one place in the world to another in minutes, those folks still
print labels on rolls weeks and sometimes months ahead of the actual
printing.  If one calls to be removed from a list, as I frequently do,
the typical answer is "you will still be receiving three or four of
these because the labels have been printed  already".

Efforts to get off mailing lists are only moderately successful because
the companies that mail the stuff and the companies that sell the lists
have diverse interests.  Therefore if I  receive a mailing from
OfficeMax and I ask to be taken off their mailing list, the typical
answer is that it was not their list and it was rented for a one time
use and they don't know who the list was bought from.

Simple solution:

Require that for rented mailing lists only the email address of the list
owner appear at the top of the label, the location where such info
customarily is listed.  Therefore I don't have to waste my time to
contact a company that has no control over that particular situation.
The email address will always be the list owner because if it is not a
rented list it will be the email address of the solaced house list.

I mentioned diverse interests between mailing list companies and the
companies that rent these lists.  I am sure that mailing list companies
initially will hate this idea.  However, the companies that rent these
list would greatly benefit from it because soon the lists they rent
would be much cleaner and be much better targeted to those that are
actually interested in opening these mailings and the list rental
companies will eventually see the benefit of selling cleaner lists.

I would like to see this idea get posted and, if it has merit in the
eyes of the beholder, let them contact the companies that they trust
their names to and suggest this solution.

Henry Keultjes
Microdyne Company
POB 1056
Mansfield OH 44901-1056
email keultjes@sprintmail.com
Voice 419-525-1111 Fax 525-1883

------------------------------

Date:    Fri, 30 Apr 1999 14:10 +0100 (BST)
From:    cdarcy@cix.co.uk (Chris D'Arcy)
Subject: Carrying a Laptop into the UK - Rights to Search

In the June edition of Personal Computer World, under the headline 
"Travelers face filth check" there is an article about speculation (i.e. 
the company MD says he "has reason to believe") that UK Customs and Excise 
will start to use forensic software from Vogon International 
(www.authentec.co.uk) to scan travelers' laptops for child pornography.

If this were to be true, it strikes me that it is an incredible 
infringement of a travelers rights.  Customs should have the right to 
search property upon entry into the UK where they have reasonable grounds 
to believe there is a problem.  But this development would allow the 
wholesale stop and search of anyone traveling with a laptop.  If material 
were to be found, what rights would there be for a traveler who was using 
a laptop from a pool, or carrying one on behalf of a colleague?

What is also not clear is if this technology would raise the alarm if it 
found something it couldn't read (for example, someone's encrypted e-mail) 
- would it assume it was dubious leading to delays and embarrassment for 
the traveler?  And what would be the position if something out of the 
ordinary was detected, what guarantees would there be that the software 
would not false alarm?

On the whole, it sounds like a very sinister twist.

Chris D'Arcy, UK

	[ This topic has been discussed previously here in the 
	  PRIVACY Forum Digest, but is certainly worthy of another note.

		 -- PRIVACY Forum Moderator ]

------------------------------

Date:    Sun, 2 May 1999 15:01:48 -0700
From:    Peter Marshall &lt;techdiff@ix.netcom.com&gt;
Subject: S. 782: Patients' Telephone Privacy Act of 1999

                        S.782

SPONSOR: Sen Feinstein, Dianne (introduced 04/13/99)

          Patients' Telephone Privacy Act of 1999


A bill to amend title 18, United States Code, to modify the exception to
the prohibition on the interception of wire, oral, or electronic
communications to require a health insurance issuer, health plan, or health
care provider obtain an enrollee's or patient's consent to their
interception, and for other purposes.

Apr 13, 99:
     Read twice and referred to the Committee on Judiciary.


Mrs. FEINSTEIN.

Mr. President, today I introduce a bill to protect the
medical privacy rights of patients when they talk to their health care
insurers or providers. The bill requires health care insurers and providers
to obtain patients' `express consent' before tape-recording or monitoring
conversations.

Today, the health insurance industry routinely tape-records and monitors
incoming telephone calls of patients with questions about their health
insurance coverage. This bill halts that common practice with two simple
rules.

First, health insurance companies and health care providers must obtain the
patient's `express consent' before tape-recording or monitoring a
conversation. Second, health insurance companies and health care providers
must give patients the option not to be tape-recorded or monitored.

The bill puts control of medical privacy back where it belongs--in the
hands of patients who have no choice but to share personal information with
their health insurance and health care providers.

The bill protects all patients--

Whether covered by private or public health plans,

Whether covered by group, individual, or self-insured health plans,

Whether covered by Medicare or Medicaid,

Whether covered by Federal health plans, or

Whether covered by the Children's Health Insurance Plan.

Let me emphasize again who would be subject to the bill--the health
insurance and health care industry--a huge industry that necessarily
affects all of us. First, the bill would cover communications between
patients and health insurers. Second, the bill would cover communications
between patients and `health care providers,' which includes physicians and
other health care professionals.

Federal law now requires that only one party must consent to the
tape-recording or monitoring of a telephone conversation. In California,
state law provides that all parties must consent before a telephone
conversation may be tape-recorded. Nearly a dozen other states have adopted
similar two-party consent laws. They include Delaware, Florida, Illinois,
Kansas, Maryland, Massachusetts, Michigan, Montana, New Hampshire,
Pennsylvania, and Washington.

Even two-party consent laws, however, do not adequately address this
problem. Health insurance companies tape-record or monitor patients' calls
based on the patient's implied consent. Implied consent arises from the
patient talking after hearing the health insurer's recording that the call
may be tape-recorded or monitored. In this case, courts have held that
consent is given implicitly.

Consequently, merely changing federal law to a two-party consent rule would
not solve the problem. The key requirement must be that the health insurer
or health care provider obtains the patient's express consent. Only this
change will protect individuals when they call their health insurance
provider with questions about their health care coverage. When my office
contacted the top 100 health insurance providers in this country, we
learned from nearly all who responded that they routinely monitor or
tape-record calls received from patients.

Let me share with my colleagues some responses that we received.

Kaiser Permanente operates in nineteen states and the District of Columbia,
and provides care to more than nine million members. Their practice varies
from state to state, depending on applicable state laws. Kaiser Permanente
may: Monitor randomly selected calls, in which case it may, or may not,
notify patients in advance; or tape-record all or randomly selected calls,
in which case it may, or may not, notify patients in advance.

United HealthCare wrote to me that they did not believe that tape-recording
or monitoring calls even presents a privacy issue. Their rationale was that
they only randomly tape-record calls and only after advising the caller
that they may record the call.

Great-West responded that a patient has the option of communicating in
writing if the patient does not want a telephone call to be tape-recorded.
Let me say simply--that is not good enough for me. Imagine the undue burden
the task of writing a letter may place on elderly or seriously ill patients.

Despite the two-party consent rule in California, New York Life Care Health
Plans, Inc., asserted that no violation of California law occurs without a
`confidential communication.' Under California state law, the definition of
a `confidential communication' does not include communications where the
parties may expect that the call may be recorded. New York Life asserted
that, since they told patients that their calls could be monitored, their
calls were not confidential calls.

New York Life's display of legal bootstrapping shows little, if any, regard
for medical privacy rights. Their interpretation of the word `confidential'
turns its commonly understood meaning on its head! In the minds of most
people, what could be more confidential than matters about one's personal
health problems? Surely little, if anything. How many of my colleagues in
the Senate would say that communications about their health problems with
health insurance or health care providers are not confidential?

Blue Cross Blue Shield of the National Capital Area does not give patients
any notice that their calls may be monitored. Their Associate General
Counsel responded that, in both Maryland and the District of Columbia,
telephone communications in the normal course of business do not meet the
definition of an `interception.' Thus, consent is not required. Although
Virginia law considers a telephone to be an `intercepting device,' Virginia
follows the one-party consent rule.

Finger Lakes Blue Cross Blue Shield randomly tape-records calls from
patients and only now is setting up a front-end recording to inform
patients of that practice. New York requires only one party to consent.

None of the health insurance providers who responded to my office gave me a
valid reason for tape-recording or monitoring patients' calls. The standard
response from health insurers was that they tape-record or monitor
patients' calls for so-called `quality control,' an ambiguous term at best.
Indeed, no one explained what that term means, how tape-recording calls
benefits patients, or why tape-recording calls was necessary.

Of course, health insurance providers are not the only business entities
that tape-record telephone conversations. How many of us realize that when
we call for airline tickets, bank account information, mutual fund
transfers, or any myriad of other daily concerns, the other party on the
telephone line will be tape-recording the conversation? Yet, personal health
information is far more personal in nature and, accordingly, entitled to
greater protection. It stands alone as uniquely different from other
commercial transactions.

This bill does not attempt to change the consent rule for other business
entities. It would apply only to health insurance and health care
providers. Most patients today have almost no choice about their health
insurer provider or, increasingly, about their health care provider. In
turn, the health insurer may give the patient no option except to submit to
tape-recording the conversation. An elderly, or seriously ill patient, is
simply not going to object.

Admittedly, much disclosure of medical information occurs both with patient
consent and for valid medical reasons. For instance, insurance companies
receive information from physicians based upon a written consent form
signed by the patient at the physician's request. Yet, increasingly,
threats to medical health privacy have become less visible and, in that
sense, more alarming. Many individuals are left with a false sense of
privacy. The potential for misuse of personal health information is real
and growing.

A fundamental right to medical privacy is embedded in American society.
Most Americans presume that telephone conversations about their health
problems are confidential. Sadly, they are wrong.

Conversations with our health insurance and health care providers often
contain deeply personal information, including prescription drugs,
psychiatric care, alcohol dependency--the list goes on and on. Surely they
deserve protection. Traditionally, Americans have relied upon a
confidential relationship with their doctors.

Let's restore at least some measure of protection to telephone
conversations about our personal health problems. This bill allows health
insurance and health care providers to continue their routine practice of
tape-recording or monitoring patients' calls--but only with the patient's
express consent.

------------------------------

End of PRIVACY Forum Digest 08.07
************************
</pre>
<hr>
<center>
<A href="/privacy"><h3>PRIVACY Forum Home Page</h3></A><p>
<A href="http://www.vortex.com"><h4><i>Vortex Technology Home Page</i></h4></A><p>
<A href="/privmedia"><h4>Radio, Television, and Press Contact Information</h4></A><p>
</center>


<p> 
<font size=-2>Copyright &copy; 2000 Vortex
Technology.  All Rights Reserved.</font> 
</body>
</HTML>

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH