About a year ago, I was stationed in downtown D.C. on an especially chilly spring day, watching hundreds of federalemployeesline up outside their office buildings.
In a humbling exercise, employees were waiting to test whether their entry badges still worked at the Department of Health and Human Services — or whether they’d be walked back out by security because they were among the 10,000 unlucky ones whose jobs had suddenly been eliminated.
I thought back to that day recently as I researched andreported ona significant, under-the-radar proposal from the Office of Personnel Management, which oversees federal workers.
According to anotice postedin December, OPM isseekingpersonally identifiable medical and pharmaceutical claims information on federal employees and retirees, as well as their family members, who are enrolled in the Federal Employees Health Benefits or Postal Service Health Benefits programs. Just over 8 million Americans get coverage through such plans.
Right now, 65 insurance companiesmaintaindata the agency wants, including information on prescriptions, diagnoses, and treatments. That would put a tremendous amount of personal information about federal employees in the hands of an administration that has earned a reputation for takingretaliatory actionagainst some workers andsharing sensitive dataacross agencies as part of its immigration and fraud crackdowns.
My colleague Maia Rosenfeld and I wanted to know what lawyers and ethicists who work on health policy issues think about this proposal.
On the one hand, sources toldus,this sort of detailed data could be used by the federal government to improve the largest employer-sponsored health insurance system in the country.
But doubts about the Trump administration’s motives percolated through every conversation we had.
“The concern here is the more information they have, theycould use it to discipline or target people who are not cooperating politically,” Sharona Hoffman, a health law ethicist at Case Western Reserve University, told me.
And, though the notice states that insurers are legallypermittedtodisclose“protected health information” to the agency for “oversight,” Hoffman and others raised questions about OPM’s access to such a sweeping database of medical records under federal health privacy laws.
Insurance companies — several of which declined to comment — would have to provide monthly reports to OPM with data on their members. One insurer, CVS Health, said in a public comment that insurers would be breaking the law by providing the information for OPM’s “vague and broad general purposes.” The association thatrepresentsmany of those companies also has voiced objections to the proposal, which has not yet beenfinalized.
OPM spokespeople did not respond to our repeated requests for comment.