The governor tried to kill it. Lawmakers wouldn’t fund it. Few used it.
And now, less than two years since its birth, Florida’s Prescription Drug Monitoring Program is the subject of new criticism, legal action and calls that it be overhauled — or abolished.
On Monday, the Florida Department of Health will hold a workshop in Tallahassee to discuss further limiting access to records of who writes and fills prescriptions for the most addictive drugs.
The meeting comes in response to allegations last month that medical data for 3,300 Floridians had been “leaked.” The American Civil Liberties Union of Florida demanded a federal investigation, and critics pointed to the incident as evidence that the system was fundamentally flawed and had allowed an inevitable breach of privacy.
It also proved a rare point of agreement between the ACLU and conservative lawmakers who have opposed the database for years, even as Florida gained a reputation as ground zero of a deadly prescription drug abuse epidemic.
“I think this leak by the PDMP proves it is a risk for patients,” said state Rep. Rob Schenck, R-Spring Hill. “We should do away with the whole database.”
But a closer look at the case reveals that the fault for the leak may not lie with the program.
Court records indicate that an agent with the Drug Enforcement Administration had discovered that four Central Florida doctors were victims of fraud by people using false identities and made-up symptoms so they could get drugs. The agent queried the program for names of the doctors’ patients and got about 3,300 in return. That request led to six arrests, seven people whose identities had been stolen and 63 fake names used to get fraudulent prescriptions.
The names of all those patients, including those not under investigation, were provided on computer discs to prosecutors and to the defense attorneys of those charged. They included clear warnings that the records were confidential.
But one of those defense attorneys recognized a name on the disc — fellow lawyer Michael Lambert — and gave him a copy of all the names, despite the confidentiality warning. Lambert filed a lawsuit, alleging that law enforcement should never have received information about innocent patients.
He demanded an injunction and asked the court to determine if the program is “an unconstitutional infringement upon the fundamental rights of the plaintiff and other Florida citizens.”
In a subsequent complaint to the U.S. Department of Health and Human Services, the ACLU of Florida echoed Lambert’s objections. But no one asked an obvious question: was the “leak” made by the agent who included the names on the disc, or by the attorney who gave the disc to Lambert?
“I think that anyone who gains access to this type of confidential and private information has a duty to maintain its confidential status,” said Maria Kayanan, ACLU of Florida’s associate legal director. “I don’t think the defense attorneys should have received that information to begin with.”
Lawyers are often entrusted with highly sensitive information that they’re expected to keep private, such as statements from clients, trade secrets and the identities of sexual assault victims or children.
What makes the prescription information gleaned from the database any different?