by Dr. Joseph Mercola, Mercola:
STORY AT-A-GLANCE
- In mid-February 2023, I reported that the U.S. government has secretly been tracking those who didn’t get the COVID jab, or are only partially jabbed, through a previously unknown surveillance program
- Within days, fact checkers tried to debunk the idea that individual people are being tracked, or that these data could be misused by government or third parties
TRUTH LIVES on at https://sgtreport.tv/
- COVID “vaccination” status was not considered a private medical matter at all during 2021 and 2022, yet mainstream media now want you to believe that your COVID jab status is protected by medical privacy laws
- Your medical data are not nearly as private as you think. The Health Insurance Portability and Accountability Act (HIPAA) is rife with exemptions when it comes to your privacy. Federal agencies such as Health and Human Services (HHS) and the Centers for Disease Control and Prevention, for example, are exempt from the privacy clauses and can access identifiable data — especially if there’s an outbreak of infectious disease, be it real or fictitious
- Government agencies and a number of third parties or “covered entities” can also use a number of loopholes to re-identify previously de-identified patient data
In mid-February 2023, I reported that the U.S. government has secretly been tracking those who didn’t get the COVID jab, or are only partially jabbed, through a previously unknown surveillance program designed by the U.S. National Center for Health Statistics (NCHS), a division of the Centers for Disease Control and Prevention.1
Within days, fact checkers were burning the midnight oil trying to debunk the idea that individual people are being tracked, or that these data could be misused by government or third parties.
Strangely enough, the most egregious “misinformation” example USA Today’s fact checker could find was a social media post that “generated nearly 200 likes in less than a month.”2 Two hundred likes? To most influencers, that’s nothing, especially not over the course of 30 days.
Why is USA Today stressing over a post with 200 likes? Seems a bit panicky if you ask me. Reuters also came out with a fact check and, like USA Today, Reuters claimed there was a lack of “context:”3
“New diagnostic codes that describe a patient as under-immunized against COVID-19 were introduced to help doctors identify patients potentially at risk for more-severe COVID and to help health officials track vaccine effectiveness and mortality statistics, among other public health questions, not for U.S. government tracking of unvaccinated individuals, as some are claiming online.
The codes in an individual’s medical record, like all personal health information, are protected by U.S. privacy law and could only be analyzed at the group or population level uncoupled from individual identities …”
Your Medical Records Are Far From Private
As is so often the case, the fact checkers are the ones taking the issue out of context or, rather, not presenting the full picture. The fact is, your medical data are not nearly as private as you think. The Health Insurance Portability and Accountability Act (HIPAA) is rife with exemptions when it comes to your privacy.
Federal agencies such as Health and Human Services (HHS) and the Centers for Disease Control and Prevention have every right to access identifiable information, as they are exempt from the privacy clauses, and they’re particularly justified to access your private vaccination data if there’s an outbreak of infectious disease, be it real or fictitious. As noted in the HHS’s and CDC’s HIPAA guidance:4
“Balancing the protection of individual health information with the need to protect public health, the Privacy Rule expressly permits disclosures without individual authorization to public health authorities authorized by law to collect or receive the information for the purpose of preventing or controlling disease, injury, or disability, including but not limited to public health surveillance, investigation, and intervention …
[T]he Privacy Rule expressly permits PHI [protected health information] to be shared for specified public health purposes. For example, covered entities may disclose PHI, without individual authorization, to a public health authority legally authorized to collect or receive the information for the purpose of preventing or controlling disease, injury, or disability …
Further, the Privacy Rule permits covered entities to make disclosures that are required by other laws, including laws that require disclosures for public health purposes.”
Loopholes Also Allow Re-Identification of Personal Data
Government agencies and a number of third parties or “covered entities” can also use a number of loopholes to re-identify previously de-identified patient data. As explained in a CDC Public Health Law document detailing the lawful sharing of private medical data:5
“While HIPAA limits the use and disclosure of health information, it also permits certain secondary use exceptions for public health purposes. HIPAA provides certain circumstances under which patient data can be disclosed to health departments without patient authorization.
Under HIPAA, providers may disclose identifiable patient data (protected health information or PHI) if required by law, allowing states to pass legal exceptions to HIPAA restrictions.
Providers may also disclose PHI to health departments without patient authorization for public health activities, such as communicable disease reporting, or to a public health authority to prevent or control disease, injury, or disability under the public health exemption. A covered entity may access, use, and disclose PHI for clinical research without an individual’s authorization if:
1)it obtains documentation of waiver of individual’s authorization by an institutional review board or privacy board
2)the PHI is necessary for this research
3)the research is using PHI of decedents
Providers may disclose EHI without patient authorization when the data have been ‘de-identified’ … but still permits re-identification by providers or regional health information organizations through randomized patient source codes should a public health alert or case report become necessary.
Finally, providers may disclose a ‘limited data set,’ including dates and zip codes, without authorization and still re-identify patients if they maintain patient codes derived from certain identifiers.”
So, can your vaccination status be accessed by federal health agencies? Yes. Can that information be identifiable? Absolutely yes. Does that mean that you, as an individual, could be surveilled and/or get caught in a forced vaccination dragnet or end up experiencing negative repercussions in other areas of your life due to your vaccination status? Probably.
U.S. “privacy” laws certainly make allowances for such scenarios, and considering the behavior of government over the past three years, it would be naïve to believe they would never use your vaccination data against you.
Reuters Muddies the Water
Reuters also muddies the water in other ways. For example, the fact check stresses that medical providers have used the general code Z28.3 (which represents “underimmunized”) since 2015, and that “these codes are not used with purposes beyond monitoring and reporting diseases and mortality statistics or for insurance billing.”
While it’s true that the International Classification of Diseases (ICD) code Z28.3 has been around for years, the new subcodes that track COVID jab status were added in mid-September 2021 during a ICD-10 Coordination and Maintenance Committee meeting, and during that meeting, they specified that “there is interest in being able to track people who are not immunized or only partially immunized.”
Below is a screenshot of page 194 of the agenda6 distributed during that meeting. There’s no ambiguity here. The new ICD-10 codes were added for the specific purpose of “tracking people” who are unjabbed or only partially jabbed against COVID-19.
They didn’t say they wanted to track “general population data.” They specifically said “people” are to be tracked. They also clearly state that this tracking is “of value for public health” — and again, the key words “public health” open the door to federal health agencies accessing identifiable data.
Moreover, additional subcodes specify the “why” a person chose not to get the COVID shot or stopped getting boosters. Those codes are listed in the screenshot below, under Z28.3 Underimmunization Status.7
The use of “delinquent immunization status” under code Z28.39 also tells us something about where this is all headed. “Delinquent” means being “neglectful of a duty” or being “guilty of an offense.” Is refusing boosters a criminal offense? Perhaps not today, but some day, it might be, and these codes lay the foundation for that kind of medical persecution.
All Missed Vaccinations Will Be Tracked
Another tipoff that these codes will become part and parcel of the biosecurity control grid, even if they’re not used in this way now, is the fact that code Z28.39 — “Other underimmunization status”8 — is to be used “when a patient is not current on other, non-COVID vaccines.”9
In other words, they have already begun tracking ALL of your vaccinations, not just the COVID shot, and they can use the Z28.3 sub-codes to identify why you refused a given vaccine.
They’ve also added a billable ICD-10 code for “immunization safety counseling,” which explains the codes detailing “why” you refused a vaccine. So, if you didn’t get a vaccine due to “personal decision” (code Z28.2), or due to “personal beliefs or group pressure” (code Z28.1), then your doctor can bill your insurance for regurgitating vaccine propaganda and trying to change your mind.
