The Verizon order, the NSA, and what call records might reveal about psychiatric patients
Over on PogoWasRight.org, I’ve covered some of last week’s revelations about domestic surveillance activities by the NSA. The first revelation, that of a secret FISC order compelling Verizon to turn over its business call records on a daily basis to the NSA, alarmed me. Although government officials – including President Obama – were quick to try to minimize the significance of metadata, those of us who are concerned about privacy know that metadata of calls (information about the calls, but not including the content) can tell you a lot. Metadata might tell us even more than most privacy advocates realize.
As most people know, when I’m not blogging pseudo-anonymously online, I’m a licensed mental health professional and the author of a few books on certain neuropsychiatric disorders. Approximately 20 years ago, I noticed certain cyclicity in my patients’ symptoms – a cyclicity that had not been reported in any of the published clinical literature on the disorder in question. Reaching out to other professionals specializing in the same disorder, I inquired as to whether they, too, had noted what appeared to me to be a fairly predictable pattern of symptom worsening. Somewhat to my surprise, they hadn’t.
And so I made a suggestion to one of the leading experts in the psychiatric treatment of patients with this disorder: “Just check your call records,” I suggested. “Do a simple frequency count of the number of phone calls you get each day from patients and plot the data. I bet you’ll see the pattern.”
She did. And the patterns/cyclicity turned out to be extremely useful clinically in helping us help patients understand the variability in their symptoms and in helping school personnel predict and understand the variability in students’ symptoms and functioning.
Fast forward to last week and the announcement that Verizon had been ordered to turn over its call records to the NSA. I started thinking about what those records and metadata could reveal. Because my phone is used mainly for calls to and from patients and clients, can the NSA figure out who my patients are? And could they, with just a query or bit of analysis, figure out when my patients were going into crisis or periods of symptom worsening? I suspect that they can. And because I am nationally and internationally known as an expert on a particular disorder, could the government also deduce the diagnosis or diagnoses of my patients or their family members? Probably.
Of course, the government will argue that there are stringent controls on querying and analyzing the data they’ve scooped up, and in all likelihood, they probably don’t give a damn about most of my patients or clients – or callers. But what about the ones who might be famous, politically connected, or even a member of a royal house? Would they feel as free to seek therapy or help if the government could figure this out? As psychiatrist Dr. Deborah Peel of Patient Privacy Rights and I have often discussed, mental health patients concerned about stigma or repercussions often avoid submitting their bills to insurance so that there’s no record of their diagnoses. But while they can avoid insurance companies, how can they avoid the NSA?
As a healthcare professional and HIPAA-covered entity, I try hard to protect my patients’ privacy and confidentiality. I am dismayed to learn that the government has in its huge databases data that could compromise both.
There are calls for Congress to look at the entire situation with a Church-type commission. There are calls for the executive branch to be more forthcoming about domestic surveillance. Those are reasonable requests and a good start. But when all is said and done, those of us with additional duties of confidentiality – such as doctors and lawyers – need to advocate for our patients’ and clients’ confidentiality by seeking limits on the government’s use of dragnet surveillance.
In the meantime, I’ve reached out to a number of tech-savvy people to ask – no, beg – them to come up with some point-and-click instructions for doctors and lawyers to use to protect our calls and e-mails better so that the identity of those calling or e-mailing us has better protection.