Steve May: Personal information is not a commodity

Editor’s note: This commentary is by Steve May, who is a clinical social worker specializing in addiction medicine and has previously worked in multiple capacities for bleeding disorders health advocacy organizations; he resides in Richmond, where he is also on the town Selectboard.

The two most dangerous words in the English language are “trust me …” The two most dangerous words in public life are also, “trust me …” And the two most terrifying words in public health, you’ve probably guessed it by now, “… TRUST me …” The thing is that I am not a conspiracy theorist. No really, I’m not. And I don’t spend my intimate moments looking for the boogeyman … and I am not waiting for the forces of evil to forsake random acts of goodness.

Rather, I’ve had a window seat to one of the great public health catastrophes of this last century. In the 1980s and 1990s the United States public health apparatus completely failed a generation of patients with bleeding disorders. Men who were hemophiliacs, women who had von Willebrand’s disease and anyone who needed a transfusion or blood thinners had the awful opportunity to have used blood products which were potentially tainted. As a result of a systemic failure which can be only considered to have been massive in scope, thousands upon thousands of people here in the United States, then countless more around the globe, contacted both hepatitis and HIV.

Every institution and most every actor was compromised in that period. Just about everyone from the drug manufacturers, who made plasma products that were found to be complicit, to the government, who made it a point to tell patients and their families to act as though things were normal by treating themselves early and test often. In doing so, public health officials acted fully aware that they were in fact telling these patients, their families and the general public that they were disposable. Using tainted product was the public health equivalent of telling citizens to poison themselves because their drinking water — though tainted — has health impacts we find desirous. Sure, some people may suffer grave injury based on that advice, but at least the general public will continue to drink enough water daily. The well-being of people who relied on blood products was far less important than concern public health officials might create a panic if they leveled with the general public about the nature of the blood system emergency. Even the American Red Cross was complicit, batching together good and bad blood with only the most limited of concern for patient and consumer wellness. The Red Cross’ complicity was so severe that its blood services division was subject to multiple federal court orders and consent decrees as they failed to exercise a level of caution that court officials deemed necessary to end judicial oversight.

Over periods of time we have seen how new technology has been heralded as being life changing only to discover how the ethical, legal and societal impact of those very same technologies are subsuming opinion leaders and leaving a general public ill prepared​ to consider the consequences of rapid adaptation.


Having come out of this tragic experience as both a political and mental health professional and a more than interested spectator to a god-awful moment in human history, I can’t help but find myself firmly planted in the “trust but verify” camp. That’s why I am increasingly concerned about privacy in general and electronic health records, in particular. Over periods of time we have seen how new technology has been heralded as being life changing only to discover how the ethical, legal and societal impact of those very same technologies are subsuming opinion leaders and leaving a general public ill prepared​ to consider the consequences of rapid adaptation. What’s left in the wake of the change agents’ promising great bread and circuses is often crusty and stale remnants, delivering much less than that which was promised.

Electronic health records, in particular, raise concerns. The 2009 stimulus package offered by President Barack Obama and passed by Congress called for the creation of a digital superhighway intended to deliver lifesaving medical information as safely as humanly​ possible. While on one hand we are a society that is increasingly mobile, and it is essential that our personal health information be at least as mobile as we are, it is increasingly clear that technology has turned our personal health information into the kind of baseball card complete with stats for the world to exploit. In short, those who live by the logarithm will die by the logarithm; data and information are the double edged sword of our day. It is only through the kindness of strangers along our information digital super-highway that we manage to survive.

In the year 2017, nothing short of a completely networked public health IT architecture is adequate to serve the needs of a country as large and diverse as ours. Without question, greater inner-connectedness in the health and wellness space is a worthy goal for sure, but it has turned out that in spite of our best intentions, someone else will have to inject themselves into a confidential medical conversation. This someone else could be a nameless and faceless bot in cyberspace or a skin and bones assistant in your doctor’s office. These encounters which by their very nature must be treated as private or personally sensitive.

Personal privacy should not be the first casualty of convenience. The federal government has in recent days served to transform personal information into a commodity. The U.S. House of Representatives has passed a full repeal of GINA (the Genetic Information Non-Discrimination Act). GINA, considered the first major civil rights legislation, of the 21st century was passed by a Democratic Congress and signed into law by President George W. Bush. GINA prohibits the use of genetic information in hiring decisions or the underwriting of health insurance policies. The passage and adoption of GINA, though significant, left several areas exposed as a matter of law. For instance, under GINA, genetic information could not be used in underwriting a health insurance policy, but genetic information collected by health insurers could be used to inform conveyance of other insurance products and rate-setting for other insurance benefits not otherwise precluded by law including life, long-term care and disability coverage.

By comparison, lawmakers in Montpelier are moving to police the sale or transfer of data. H.467, introduced by Rep. Bill Botzow, D-Bennington, with his colleagues Reps. Michael Marcotte, R-Newport, and Jean O’Sullivan, D-Burlington, should be applauded. This measure represents the first attempt to regulate the act of buying, selling and trading in data. This proposal provides oversight for how lots of different kinds of data, including personal health information, should be handled. Right now there is no Senate companion bill, that will likely change in coming days, but simply introducing legislation of this kind can’t be underestimated for its relevance. For the first time, the states are exercising dominion over how its citizen’s personal health and other data is managed. Even if this bill goes nowhere in this session, the simple act of saying that this is an issue for the states to exercise control over is quite significant. The states have always reserved the right to act beyond the minimal standards set by the federal government. This action is much overdue, as historically our privacy patchwork has been spotty at best.

There is nothing more integral to one’s sense of self than their past, their preferences and their passions. These matters should be shared based on a conscious decision made by individuals; not the anonymous keystrokes of some presence collecting and dispersing data points from the great beyond. People are flesh and bone not a series of logarithm and it’s about time that our politics reflect that reality. While the federal government seeks to diminish the privacy rights of Vermont citizens lawmakers in Montpelier are seeking to provide added safeguards. D.C. and Montpelier couldn’t be further apart on this.

If you read us, please support us.

Comment Policy requires that all commenters identify themselves by their authentic first and last names. Initials, pseudonyms or screen names are not permissible.

No personal harrassment, abuse, or hate speech is permitted. Comments should be 1000 characters or fewer.

We moderate every comment. Please go to our FAQ for the full policy.


Recent Stories

Thanks for reporting an error with the story, "Steve May: Personal information is not a commodity"
  • rosemariejackowski

    Lack of confidentiality of electronic health records of the least of the problems. Books have been written about I.T. has undermined the practice of medicine. People have died.

    Recently a patient was scheduled for a risky cardiac procedure by a doctor who had never met or talked with the patient. The diagnosis was based on a stress echo cardiogram. It was probably the right diagnosis – BUT there was no consideration given to family medical history and other factors not in the electronic record.

    And there is the other issue of the dehumanization of the patient.