And while the legislators are at it -- repairing privacy breaches that is -- they are going to want to revisit a program adopted two years ago, but becoming a reality next summer. That program, the Vermont Prescription Drug Monitoring Program, created a statewide database of prescription drugs and who received them from what doctor and for what ailment.
The purpose is ostensibly to prevent "doctor shopping," which is going to different doctors and trying to cadge prescription drugs to either abuse or sell so that others can abuse them. Such a database would alert state authorities that John Smith or Jane Doe had visited six doctors in northern and central Vermont complaining of migraines or backaches and received multiple prescriptions for narcotics or other controlled substances.
As originally designed only people at the highest levels of the health department would know what John or Jane received and for what, and how they paid for the drugs. As implemented, the program has veered far afield from that goal. Now state employees much further down the line will have access to that extremely private and personal information.
Preventing prescription drug abuse is a laudable goal, but is it really appropriate to make information about people's health, their medical records and their prescriptions so available and so potentially breachable?
How does this not violate HIPAA standards? How can it be appropriate for mid-level state employees to know who takes anti-retroviral drugs for AIDS/HIV, and who takes Viagra, and who takes Prozac, who takes anti-anxiety or insomnia medication or who takes Antabuse or who receives medicine for herpes outbreaks or who has pink eye or whose kids have head lice?
This is private information that does not belong in the hands of any state bureaucrats.
{loadnavigation}