Texas employers get access to some workers' health info Access to health records bolstered for employers

Medical privacy has been protected for years by the most unlikely guardians: insurance companies.

Now, the Texas Legislature has become the first in the nation to force insurance companies to pass along sensitive employee health records to their companies, a practice permitted under federal law.

Starting Jan. 1, companies became entitled to receive a list of their employees and family members — identified by number or some other code, but not by name — whose health bills exceeded $15,000 during the previous year.

Employers also can obtain the diagnoses, dates of service, amounts paid, prognoses, future costs and treatment plans for each.

The law's supporters say they need the information to get a clear snapshot of health expenses, while critics fear it's an erosion of patient privacy.

Companies can also obtain the detailed health information on those who have been precertified for hospital stays of five or more days, according to the bill that sailed through the Texas House and Senate and was signed into law by Gov. Rick Perry last summer.

Mixed reactions

The law reinforces the new requirements with fines of up to $25,000 against insurers who don't comply, aiming to make costs more competitive.

For an employer facing skyrocketing premiums and the inability to get another bid, "it could end up that the only alternative is to stop the health insurance," said Sam Francis, a board member of the Texas Association of Benefit Administrators, whose members handle self-funded insurance plans.

Some privacy advocates, however, fear the new law will undermine decades of strict protections in Texas and open the door to discrimination.

"It appears to give employers the power to find out who is expensive and fire them," said Dr. Deborah Peel, a psychiatrist and founder and chairwoman of Patient Privacy Rights, an Austin-based consumer group.

Peel also said that even though the law keeps workers' names off the records, they can be deciphered easily by comparing payroll records with dates of medical care. If insurers use an employee's regular policy number, the match is even easier.

And because it's not difficult to rack up a $15,000 bill these days, employers will gain access to many records, Peel said.

Under the new statute, employers must pledge they won't use the protected information for anything except plan administration. Francis said he trusts employers to do the right thing.

Besides, said Francis, companies often know when employees are sick because of the time they take off.

Federal privacy laws already allowed companies to access their employees' protected medical information under the Health Insurance Portability and Accountability Act.

However, many insurance carriers — including those acting as third-party administrators for self-insured plans — have been loath to disclose it.

"It's driving everyone crazy," said Jesse Gelsomini, an employment lawyer with Haynes and Boone in Houston, referring to his corporate clients who have tried unsuccessfully to obtain the data. Without it, he said, companies couldn't shop for better rates.

The Texas Association of Benefit Administrators, which has been working on the legislation for several years, credited state Sen. Robert Duncan, R-Lubbock, and state Rep. John Smithee, R-Amarillo, for shepherding the bill.

Like many states, Texas had a hodgepodge of laws that dealt with the release of protected medical information.

The three statutes and conflicting rules weren't practical, said Francis, who is also executive vice president and general counsel of JI Specialty Services in Austin.

By the time information was provided, it was too old to be useful, said Francis, who added he has had several inquiries from counterparts in other states about following Texas' nationwide lead.

Under the new law, employees would have no way of knowing — or objecting — if their bosses sought their medical records, Peel said.

However, employers still cannot obtain health information protected by other state or federal laws, such as HIV status, genetic test results or mental illness.

Need questioned

Houston lawyer Richard Mithoff said he doesn't understand why employers or insurance brokers need such detailed medical information.

"I'm an employer, and I review new medical plans periodically," said Mithoff, who represents individuals in cases where medical privacy has been an issue. "If there is a legitimate need, it can be satisfied with data in the aggregate. But not individual data — what would be the purpose in that?

"I just see a lot of room for abuse," he said.

Further, fearful employees might delay or avoid treatment if they think it could hurt their standing at work, said Kim Ross, a health care policy consultant in Austin who represents medical industry firms.

That could cost companies and insurers more in the long run, said Ross, the former chief lobbyist for the Texas Medical Association.

If some diseases aren't managed early, the cost of acute care later can increase dramatically.

Houston employment lawyer Margie Harris, who represents workers who believe they were terminated because of a major health problem, said a company could have good reasons to fire an employee but still be accused of wrongdoing because it knew too much.

"If I were an employer, I wouldn't want that list," Harris said.

lm.sixel@chron.com