Amgen is the Rumpelstiltskin of the drug industry.

As reported by MedPage Today/CardioBrief, “Doctors, pharmacists, patients and others are now starting to learn that in order to receive financial assistance from Amgen for its expensive new cholesterol drug Repatha, patients are being required to surrender rights to their personal information, including their personal health information.”

Not even HIPAA-protected health information is off limits.

“The agreement specifically states that by agreeing to the terms [of Amgen’s privacy policy] patients may lose federal HIPAA protection,” notes CardioBrief.

Patients must agree that they “understand that Amgen may use [their] personal information, including [their] personal health information, for 10 years once [they] accept this Authorization …”

What other nasty things must poor people agree to in order to get a copay card?

They must agree that:

  • “There is no guarantee that my personal health information received by Amgen from a Health Care Provider might not be released to a third party.”
  • A Health Care Provider may provide the patient’s personal health information on an on-going basis to Amgen
  • The patient’s personal information will be used to send product and disease-state information from Amgen, its affiliates, service providers, and co-promotion partners.

“Amgen’s policy seems to me to be an extraordinary overreach,” said Peter Berger, Senior Vice President of Clinical Research at the North Shore Long Island Jewish Health Care System.

“My concern is that most patients won’t read the small print, and sign to get the discount on their medication without realizing all their rights to privacy they are giving away. The agreement states that Amgen cannot guarantee that the patient’s private health information — their ‘entire medical file’ — won’t be released to any third party of Amgen’s choosing; that is inappropriate in my view.

“It states that the patient’s signature allows Amgen and any partner of its choosing to send the patient promotional materials — advertisements — , by ‘mail, email, phone … and text’; that too is awful, I believe.”

Well, maybe the latter is not that awful — certainly not as awful as giving up HIPAA protection of personal health data! How is it that physicians can even do that without direct permission from patients? Is it permissible for Amgen to obtain that permission and pass it on to physicians? How do they do that?

Meanwhile, you may be interested in this related story regarding health information privacy: