Ignore Subpoenas...

...That
is probably bad advice.  Never take legal advice from someone
who is not your lawyer.  The only thing worse than taking
legal advice from someone who is not your lawyer, is to take legal
advice from somebody else's lawyer.



With that disclaimer out of the way, I am going to tell you what I find
particularly galling about the href="http://www.huffingtonpost.com/huff-wires/20070309/national-security-letters">FBI
"National Security Letter" scandal.  Yeah, it shows
that we can't trust our own law enforcement agencies.  But we
knew that already.  So why do I find this issue to be
troubling?  It has to do with some of my own experiences.
 



On an
abstract level, one aspect that is really irksome about this, is that
it shows how hazardous it is when we neglect one of the fundamental
principles of our democracy: the balance of powers.  The
National Security Letters allow the Executive Branch to circumvent
oversight From the Judicial Branch.  That is what most of the
fuss is about.  But there is more to it than that.  



You see, the NSLs also deprive the recipient of the right to
representation.  As I understand it, if you get an NSL that
demands information, you are not allowed to tell anyone about it.
 That means you cannot seek legal advice about the NSL,
specifically, you cannot ask an expert if it is a legal order, in order
to determine whether you really do need to comply.  There is
no recourse, no due process, no option.  Either you comply in
silence, or you put yourself in legal jeopardy.  



When I first heard about them, I thought about what I would do if I
ever got a NSL demanding that I turn over href="http://aspe.hhs.gov/admnsimp/final/pvcfact2.htm">protected
health information.  Protected health information,
by the way, is a special class of information defined by the Health
Insurance Portability and Accountability Act of 1996 (HIPAA).
 The law is such that it is a good idea to comply:



ESTABLISH
ACCOUNTABILITY FOR MEDICAL RECORDS USE AND RELEASE



In HIPAA, Congress provided penalties for covered entities that misuse
personal health information.



    * Civil penalties. Health plans,
providers and clearinghouses that violate these standards will be
subject to civil liability. Civil money penalties are $100 per
violation, up to $25,000 per person, per year for each requirement or
prohibition violated.



    * Federal criminal penalties. Under
HIPAA, Congress also established criminal penalties for knowingly
violating patient privacy. Criminal penalties are up to $50,000 and one
year in prison for obtaining or disclosing protected health
information; up to $100,000 and up to five years in prison for
obtaining protected health information under "false pretenses"; and up
to $250,000 and up to 10 years in prison for obtaining or disclosing
protected health information with the intent to sell, transfer or use
it for commercial advantage, personal gain or malicious harm.



So this is not a trivial matter.  The law does permit
disclosure for "activities related to national defense and security,"
but due to the nature of the NSL, the health care provider is not in a
position to make an independent judgment about the relevance or
legitimacy of the demand for information.



Why the question?  Part of the law pertaining to protected
health information states:



SPECIAL
PROTECTION FOR PSYCHOTHERAPY NOTES



Psychotherapy notes (used only by a psychotherapist) are held to a
higher standard of protection because they are not part of the medical
record and are never intended to be shared with anyone else. All other
personal health information is considered to be sensitive and protected
consistently under this rule.



I suppose that turning over protected health information in the context
of an NSL would not expose the health care professional to legal action
for the consequences of the disclosure.  But health care
professionals in general want to do the right thing, regardless of
whether legal jeopardy ensues.  In situations such as these,
there are all kinds of questions.  OK, NSLs are special, which
presumably trumps the fact that protected health information is
special.  But psychotherapy notes are extra-special.
 Does an NSL, being special, trump something that is
extra-special?  Who knows?  It'd be nice to be able
to ask someone, but you can't.  



Why do I find this issue to be troubling?  It has to do with
some of my own experiences.  It has happened a couple of times
that I have gotten subpoenas requesting protected health information
regarding persons involved in nasty divorces.  The opposing
attorney sends the subpoena, hoping to find something damaging.
 



Now, a lot of health care professionals, upon receiving an
official-looking subpoena, will just go along with it, and send the
records.  But I have learned that it is not always necessary
or proper to do so.  So now when I get one of those subpoenas,
I first copy it and send it to my patient's attorney.  Let
them fight it out.  Usually the subpoena just goes away.
 These experiences show that official-looking documents are
not always valid.  They may carry threats, but the threats may
be empty.  It makes it hard to have confidence in the system.



More like this

In July 2005 when there was a terrorist bombing in the London subway system the FBI, using a perfectly valid and legal subpoena, asked for and obtained documents from North Carolina State University about a possible conspirator. That apparently wasn't good enough for the FBI. They wanted the agent…
There have been stories and novels about the end of privacy.  1984, by George Orwell, comes to mind.  I also remember reading a science fiction short story once, about how technology had made privacy so difficult to maintain, and so accepted by society, that it was considered rude to want privacy…
OK, this post gets a big IANAL stamped across it. I don't know the legal ins and outs here (and I'm not sure if anyone does), but the new announcement by the Department of Homeland Security (DHS) regarding laptop computers puts physicians and other health care providers in a bit of a spot. HIPAA (…
You might think that developing a system for EMR would be fairly straightforward.  After all, some of the things that computers are really good for, are the storing, retrieval, and display of information.  But somehow, developing a system that actually works AND is easy to use in a hospital…

IANAL. I Am Not A Lawyer. It is a felony to practice Law without a license in California, where I live. Hence I am merely stating my personal opinion.

I would rather go to jail than divulge confidential information on someone else, with whom I promised to maintain confidentiality.

The way things are going, this may yet come to pass.

It is important, in my opinion, to write to our Congressional Representatives and express our opinions on the abuse of privacy by an administration that creates more secrets than any before in history, but spies on more of its own citizens than any before in history -- without even following their own rules.

This goes far beyond Democrats and Republicans. Let me end with one crucial quotation:

Each president recites the following oath, in accordance with Article II, Section I of the U.S. Constitution:

"I do solemnly swear (or affirm) that I will faithfully execute the office of President of the United States, and will to the best of my ability, preserve, protect and defend the Constitution of the United States."

Another useful quotation on the subject:

Prisoner: Where am I?
Number Two: In The Village.
Prisoner: What do you want?
Number Two: Information.
Prisoner: Which side are you on?
Number Two: That would be telling. We want information, information, information...
Prisoner: You won't get it.
Number Two: By hook or by crook we will.
Prisoner: Who are you?
Number Two: The new Number Two.
Prisoner: Who is Number One?
Number Two: You are Number Six.
Prisoner: I am not a number. I am a free man.
Number Two: Ha, ha, ha, ha....

How do you know that a National Security Letter is the real thing?

There's a form of email fraud called "phishing" that tries to steal your bank or credit card information by posing as the bank or the credit card company. Phishing by telephone is called voice phishing, or "vishing."

Isn't the National Security Letter a perfect setup for fraud? You can't tell anyone, you can't seek advice, and you can't say no.

It's time for the NSL debate we should have had a long time ago.