To the Editor:
In their recent report in Academic Medicine, Schroeder et al1 argued that state medical licensing applications commonly appear so intrusive as to violate the Americans with Disabilities Act (ADA). Unfortunately, authority to make intrusive personal inquiry, including inquiry into personal health matters covered by the ADA, is also increasingly demanded by private insurance corporations as a condition of applying to participate on provider panels.
For example, the Council for Affordable Quality Healthcare (CAQH), via its trademarked Universal Provider Datasource, collects credentialing information in a centralized database for its member insurance companies. As of April 13, 2010, the CAQH Web site reported that the credentials of 810,948 physicians and other health providers were included in its database (see http://www.caqh.org/ucd_physician_faq.php). Each physician whose credentials are included in the CAQH Universal Provider Datasource is required by CAQH to consent, in advance, to the release of whatever information CAQH may deem relevant, including but not limited to personal health and mental health information that would otherwise be legally privileged. The physician is required to waive notice as to whether, when, and from whom any confidential information is sought or obtained by CAQH. The physician is also required to agree, in advance, that CAQH is not engaging in an invasion of privacy and must promise not to sue CAQH for negligence.
Demands by private corporations for unlimited a priori authority to obtain physicians' privileged personal health information are troubling for many reasons. At a minimum, such demands blur the boundaries between the police power of a state licensing board, whose authority flows from a statutory duty to protect the public, and the private commercial interests of businesses, whose corporate duty is to protect the interests of shareholders.
Methods exist for collecting physician credentialing information that are far less intrusive. An excellent example is that used in the state of Massachusetts in what is known as the Massachusetts Physician Credentialing Initiative,2 which went into effect in 2004 and established a standardized process for physician credentialing by health plans and hospitals. Unlike CAQH, Massachusetts does not require that a credentialing applicant provide access to personal health records. Instead, Massachusetts limits its release to information relevant to professional qualifications, competency, performance, disciplinary history, and ethics. Also unlike CAQH, which demands a priori authority to obtain personal health and mental health records from all physicians, Massachusetts handles health issues, when relevant, by a provision for an ad hoc fitness-for-duty examination. Massachusetts also provides a right to review and correct errors in physician information obtained by an insurance company.
A health care corporation might argue that avoidance of negligent credentialing lawsuits warrants requiring physicians to consent to the release of otherwise privileged personal health information. Whether such corporate interests in litigation risk management should outweigh the privacy interests of hundreds of thousands of health professionals is a public policy question that has yet to be squarely addressed. Clearly, Massachusetts provides the model for credentialing that respects physicians' privacy.
Thomas E. Schacht, PsyD, ABPP
Professor, psychiatry and behavioral sciences, James H. Quillen College of Medicine, Johnson City, Tennessee; firstname.lastname@example.org.
1Schroeder R, Brazeau CM, Zackin F, et al. Do state medical board applications violate the Americans with Disabilities Act? Acad Med. 2009;84:776–781.