I will undergo biometric screening and respond to invasive questions, but Penn State will dock my pay $1,200 because I decline to release my medical records to WebMD. Oddly, Penn State claims that my records have already been shared with WebMD for two years and Highmark has not responded to my questions. Perhaps if additional employees ask these questions we can get some answers to help collective efforts to fix this mess.
When was my protected health information shared with WebMD?
Prior to that date, was I notified of my rights and offered a chance to decline sharing of my information?
Did I consent to sharing my information?
What essential service for managing my health care was WebMD providing at the start of this sharing?
Did release of my information to WebMD conform to the minimum disclosure rule, and the law that “Where the entire medical record is necessary ... policies and procedures must state so explicitly and include a justification”?
If sharing of my information with WebMD was legal, why must I consent now?
If I accept this data sharing, does it retroactively approve past releases?
Will these past practices and new coercive policy withstand a grievance filed with the federal Office of Civil Rights?
Is WebMD’s long-term aim only to provide a personal health record, or does approved possession of information enable a broader business plan? Will we soon need to enter symptoms on a web page before gaining approval for a Highmark-covered visit to a doctor?