Prescription Drug Policing: The Right to Health Information Privacy Pre- and Post-Carpenter
79 Pages Posted: 20 Aug 2018 Last revised: 7 Jan 2020
Date Written: February 1, 2019
This article operates at the intersection of privacy law, Fourth Amendment doctrine, and public health realities triggered by the United States drug overdose epidemic. Reputable reporting sources, public health scholars, and pundits frequently frame the ongoing American overdose crisis as a prescription drug overdose problem attributable to the overprescribing of opioid analgesics. The problem with this narrative is that it runs counter to the current epidemiological data, which indicate that the majority of American overdose deaths are now a result of illicit drug use and not prescription drug abuse. The prescription-centric frame has nonetheless sparked the rapid rise of law enforcement and regulatory surveillance of prescribers and patients in the form of state prescription drug monitoring program (PDMP) databases. State PDMPs, which maintain and analyze significant data concerning every dispensed prescription, collect a stunning amount of patient protected health information (PHI). To put things in context, Americans filled 4,063,166,658 prescriptions at retail pharmacies in 2017 alone. PDMPs are largely criminal and regulatory law enforcement tools dressed up in public health promoting rhetoric. Under the guise of rogue prescriber, pill mill, and doctor shopper crack downs, the Drug Enforcement Administration (DEA) has made it a routine practice to self-issue administrative subpoenas to conduct warrantless, dragnet-style sweeps of the swarms of sensitive protected health data stored in state PDMP databases. This widespread law enforcement prescribing surveillance tactic, which reveals highly personal health information, including, among other things, patients’ contraceptive histories, gender transition decisions, and HIV diagnoses, raises serious constitutional privacy concerns. The Supreme Court’s recent Fourth Amendment decision, Carpenter v. United States, however, may limit law enforcement’s ability to continue to access droves of electronically-stored patient prescribing-related PHI in the custody of a state regulatory agency without a court order supported by probable cause. The Court’s decision in Carpenter already has been heralded as “a landmark privacy case,” which this article uniquely applies to prescription drug monitoring and law enforcement surveillance tactics provoked by the U.S. overdose crisis and its dominant narrative. Carpenter and the Fourth Amendment doctrines central to its holding motivate this article and animate its two core contentions. First, this article maintains that pertinent pre-Carpenter precedent requires the DEA to obtain a Fourth Amendment warrant in order to conduct sweeps of state PDMP databases searching patient protected health information. It then posits that courts are even more likely to rule that warrantless DEA searches of sensitive and frequently revealing health care data run afoul of the Fourth Amendment in the post-Carpenter world. Simply stated, PDMP protected health information is entitled to Fourth Amendment warrant protection.
Keywords: Opioids; Privacy; Protected Health Information; Law Enforcement; Fourth Amendment; Third Party Doctrine; Prescription Drugs
Suggested Citation: Suggested Citation