Minnesota Legislators Introduce Bills to Bypass Consent Requirements and End Patient Privacy
Citizens’ Council for Health Freedom: If Passed, Bills Would Circumvent Minnesota’s Strongest-in-the-Nation Privacy Law and Render It Useless
ST. PAUL, Minn.—Two newly introduced bills would provide a sweeping exception to the patient consent requirements found in the Minnesota Health Records Act (MHRA). On Monday, Minnesota Rep. Nick Zerwas (R.-Elk River) introduced HF 3312 and State Sen. Eric Pratt (R.-Prior Lake) introduced SF 2975. Now, Citizens’ Council for Health Freedom (CCHF, www.cchfreedom.org) is encouraging concerned citizens to reach out to lawmakers before the House committee hears the bill on Thursday.
As Minnesota employs some of the country’s toughest patient privacy laws, this exception downgrades Minnesota’s consent requirements to the level of the federal HIPAA “No Privacy” rule, says CCHF. The bills, if passed, would circumvent Minnesota’s strongest-in-the-nation privacy law and render it useless.
“MHRA is focused on privacy and consent, while the federal HIPAA rule is focused on disclosure,” says CCHF president and co-founder Twila Brase, “the difference being that the Minnesota law centers on the patient while the federal rule centers on the industry. The original HIPAA rule actually required patient consent for things like payment, treatment and health care operations. But big business and the industry don’t want to ask patients for their permission to share, store and use their information. Almost two decades ago, they lobbied federal lawmakers to remove these privacy provisions, therefore, Minnesotans are now only protected by state consent laws. We must not allow big business to bypass privacy rights at the state level.”
Supporters of these bills are arguing that Minnesota needs to conform to the “HIPAA standard.” But what does the “HIPAA standard” mean? According to the National Governors Association: “A ‘no-consent’ HIO [Health Information Organization] model abides by the HIPAA standard and automatically shares or stores patient information without obtaining patient consent for participation.”
“In other words, the ‘HIPAA standard’ means using and sharing private health information without consent,” Brase added.
The Minnesota Department of Health (MDH) acknowledged in a 2017 proposal that getting rid of Minnesota’s consent and privacy rights “removes certain privacy protections for MN patients, especially related to sensitive information such as mental health, HIV/STD, and genetic information.” In addition, MDH wrote, “This approach may raise privacy concerns because of the broad scope of health care operation” [emphasis added].
“Big business and the industry are saying that Minnesota’s laws are raising the costs of medical care, but that’s not true,” says Brase. “A 2017 MDH report showed the cost of adhering to Minnesota’s strong privacy and consent requirements averaged to just 83 cents per patient, or 0.16 percent of the total operating budget.”
Before the hearing of the bill by the House Health and Human Services Reform Committee, set for 8:15 a.m. CT Thursday, CCHF is asking state residents to either volunteer to testify or contact committee members and urge them to oppose the bill. Those interested in providing testimony may call (651) 296-5999 or email firstname.lastname@example.org. To provide written testimony through CCHF, call (651) 646-8935 or email email@example.com.
CCHF opposes the repeal of the Minnesota Health Records Act for the following reasons:
- HIPAA eliminates patient privacy rights and consent requirements.
- Minnesota is compliant with HIPAA—the federal law allows states to enact real privacy protections—and has a state preemption.
- Repealing MHRA gets rid of privacy and consent requirements for payment, treatment and health care operations.
- MDH proposal includes law enforcement access to the state Health Information Exchange (HIE) and the state Prescription Monitoring Program.
- MHRA repeal is the “Kelo” of private health information, a reference to the 2005 Supreme Court case of Kelo v. City of New London concerning use of eminent domain to transfer land from one private owner to another private owner to further development—an analogy that shows that big business and government are not above forcibly taking personal information, even under protest.
For more information about CCHF, visit www.cchfreedom.org, its Facebook page or its Twitter feed @CCHFreedom. Also view the media page for CCHF here. For more CCHF reports on health privacy and surveillance, visit the CCHF privacy page.