The U.S. Office of Personnel Management (OPM) has decided to push back the planned launch of a controversial health claims database by one month.
The new database, which will eventually contain detailed health information on millions of Americans, was originally set to launch this morning. But in a notice issued today in the Federal Register, the agency said it was delaying the deadline to Dec. 15 so it can accommodate more comments from the public.
The OPM also said it may revise its original systems of records notice (SORN) about the database to better explain its authority to maintain such a system and to clarify its intent to "significantly limit" how health claims data will be shared. The OPM may also provide a more detailed explanation of planned security and privacy controls for the new database, the notice said.
It offered no details on when a revised SORN will be published.
The decision to push back the launch comes after privacy groups expressed considerable alarm over the OPM's planned Health Claims Data Warehouse. Much of the concern stemmed from what the groups said is a serious lack of details about why the new database is needed, with whom information will be shared, and how data will be protected.
According to the OPM, the database is designed to help the agency more cost-effectively manage the Federal Employee Health Benefit Program (FEHBP), the National Pre-Existing Condition Insurance Program and the Multi-State Option Plan.
The agency has said it will establish direct data feeds with each of these health plans and pull in data such as names of participating members, their addresses, Social Security numbers and dates of birth, plus the names of spouses and information about dependents and their healthcare coverage, procedures and diagnoses. In its original records notice, the OPM said it would share this data as required, for use in law enforcement, judicial or administrative proceedings and with third-party researchers and analysts. The OPM has noted that the data it collects would be de-identified in many instances, before any analysis takes place.
Privacy and rights groups such as the Center for Democracy and Technology, American Civil Liberties Unions and the American Federation of Government Employees have urged the OPM to delay the database rollout until others have had a chance to properly evaluate it. In a letter to OPM Director John Berry, the CDT and 15 other groups expressed concerns over the lack of details in the original SORN and called on the agency to scrap its plans for the database.
The groups have argued that there is no need for the database of healthcare information for the purposes described in the SORN. Instead, the OPM could simply ask each healthcare program to conduct its own analysis of the programs and submit it to the OPM, they argued.
Today's OPM notice, "indicates that they just feel they need to explain themselves better, rather than change anything about their system," said Harley Geiger, policy counsel for the CDT. "Persuading OPM to change how they will run this health records database will, I think, depend on whether the public sends in comments."
The OPM did not immediately respond to a request for comment.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.