Although I’ve been on what amounts to the injured-reserve list for Serious Academic Researchers, I follow developments in my fields, particularly medical ethics and technology. While the August 4th Washington Post article, “Prescription Data Used To Assess Consumers – Records Aid Insurers but Prompt Privacy Concerns” contained no new information for me, it reminded me I just got another idiotic letter from the prescription drug managers for our health insurance plan. I get these letters every couple of months. You probably do, too, if you fill prescriptions at a brick and mortar pharmacy.

The letter cheerfully tells me how much I can save my using mail-order instead of my local pharmacy, and then it usually lists the 4 or 5 drugs I take according to their records. Usually between 1 and 3 of the drugs listed are correct. These drugs also aren’t available through their mailorder service, which I know because I always call about the letter and they tell me I can’t mailorder, as if it were my idiotic idea to try to order them in the first place. The other drugs on the list are usually ones I’ve never even heard of, let alone taken.

I’m sure I’m not the only one this happens to. It isn’t just irritating, it could have a profound impact on our lives, particularly since this data is increasingly available to prospective insurers, life insurers, prospective employers, and the Federal Government. Additionally, a person’s access to health insurance or life insurance or whole fields of employment doesn’t just impact them, it impacts their entire family.

I’m reminded of a lunch at a conference a few years ago. One of the (European) participants at the table mentioned what a vital tool it would be to compile a list of all individuals in the E.U. with “Arab-sounding” names who take anti-depressants (which are, incidentally, described for a wide range of conditions). Presto! Instant watch-list of potential suicide bombers. Chilling. The Americans at the table seemed to feel that this would never happen in the U.S. because of our privacy rules. The sad part was, these were people who should know better, which makes me feel rather hopeless about whether the average person will understand the path we’re on before it’s too late.

In February, the Federal Trade Commission issued an order saying that MedPoint and IntelliScript are consumer reports under the Fair Credit Reporting Act, so the companies must notify insurers that consumers denied insurance on the basis of these reports have the right to request a copy of the report and that errors be corrected. The FTC’s order followed a settlement of allegations that the companies violated the credit-reporting law by failing to provide such notice to insurers.

Bob Gellman, an independent privacy consultant in Washington, said the FTC’s decision not to fine the companies sends “the message that it is okay to ignore the law.” That, he said, “is absolutely outrageous.”

As more health records become electronic, he said, more parties will compete to sell more comprehensive patient data to insurers, driving down data prices. “It will all likely be lawful,” Gellman said, “but consumers will likely continue to have no real meaningful choices if they want insurance.”

Consumer groups have got to speak up and speak up soon about creating a mechanism to audit and correct this kind of data. The unfortunate thing is that, in order to correct an insurance record, the pharmacy needs to be contacted and the doctor or doctors needs to be contacted to confirm a drug was or wasn’t prescribed. Many doctors will find a way to bill this, probably to the insurance company, who will find some way to hold the consumer accountable for the charge for an action that is necessary to clean up their data in the first place.

Someone needs to put this issue into plain language and start a serious national conversation. It’s ever-so-slightly heartening to see articles on the front page of the Post, but that’s not enough to effect change.