DEA Pursues Vast Expansion of Patient Surveillance

    The Drug Enforcement Administration (DEA) is looking to expand its anti-diversion surveillance infrastructure by being able to search and analyze myriad patient behaviors for the vast majority of controlled and scheduled drug prescriptions—all accompanied by a rapid process for legally unveiling personally identifying information.

    In early September, the agency requested proposals for the creation of software capable of searching at least 85 percent of all US residents’ controlled-substance prescriptions for certain patient behaviors, as well as prescriber and pharmacist practices.

    The Pharmacy Prescription Data system would cede patient-level data to the federal drug-war agency to a far greater extent than comparable existing databases.

    According to the agency’s request for proposal (RFP), the DEA is interested in its agents having “unlimited access to patient de-identified data” on re/filled prescriptions, daily supply, payment type, dosing information and gender, among other characteristics, until at least 2025. 

    At publication time, the DEA had not responded to Filter‘s request for comment. This article will be updated if comment is received.

    The Pharmacy Prescription Data system, as the RFP calls it, would cede patient-level data to the federal drug-war agency to a far greater extent than comparable existing databases. The current Automated Reports and Consolidated Orders System (ARCOS), created by the Controlled Substances Act alongside the DEA itself, only monitors controlled substances’ manufacture, supply chains and distribution. 

    RFP for DEA’s Prescription Data Software

    The DEA’s desired ability to search controlled-substance prescriptions to this degree targets seemingly mundane behaviors—like the number of times a patient paid in cash for a Schedule II substance like Adderall or OxyContin, or the geographic distances between patients and their prescribers and pharmacies.

    But it also subjects people prescribed medications for opioid use disorder (OUD) to even more surveillance than is currently the case. In particular, the Pharmacy Prescription Data system would allow the DEA to track patients by their “Number of Opiate and Buprenorphine combinations.”

    Buprenorphine patients’ records have already been available to some state law enforcement, if such agencies operate a state’s prescription drug monitoring program (PMDP). As of August 2020, a new federal regulation permits patients’ methadone records to be entered into state PMDPs by providers.

    PDMPs’ capabilities are a patchwork in comparison to the streamlined Pharmacy Prescription Data system requested by the DEA. For example, PDMPs’ data refresh at varying intervals by state, ranging from real-time to daily to weekly updates, as Dr. Peter Kreiner, a senior scientist at Brandeis University’s Institute for Behavioral Health, explained to Filter. The DEA’s software would involve data refreshed each day.

    “The impact of including buprenorphine will be appalling for people’s health.”

    Scrutiny of OUD treatments will also be applied to prescribers and pharmacists. For the former, the DEA will be able to scrutinize their “percentage of patients receiving an Opioid and Buprenorphine together,” and, for the latter, the “Number of Oxycodone and Buprenorphine within an overlapping window” and “Percentage of scripts that are Oxy Buprenorphine within an overlapping window.”

    “The impact of including buprenorphine will be appalling for people’s health,” Dr. Hannah Cooper, the chair of substance use disorder research at Emory University, told Filter. Applying more scrutiny to an already stigmatized medication could deter patients from accessing it and pharmacists from providing it, she said. That would add onto pharmacists’ existing hesitations, or oughtright refusal, to supply buprenorphine, which has been linked by Cooper and colleagues to existing DEA regulations.

    Although the Pharmacy Prescription Data system will track individual patients with unique “encrypted identifiers,” the chosen contractor must be able to facilitate a three-business-day retrieval of personally identifying patient information when served with an administrative subpoena by the DEA. 

    The DEA has a history of exploiting administrative subpoenas to build a mass surveillance apparatus. Pre-dating—and outlasting—the National Security Agency’s infamous bulk telephone metadata collection revealed by whistleblower Edward Snowden, one DEA program, launched in 1992 and apparently still kicking, gathers international phone call data en masse.

    The drug-war agency used its administrative subpoena power, according to a 2019 DEA inspector general report, to “collect data in bulk without making a prior finding that the records were […] ‘relevant or material’ to any specific defined investigation”, and it failed to develop “a robust legal review” of its practices. The watchdog agency called the DEA’s conduct “troubling.” 

    “The idea that patient-level data is available to the DEA is quite frightening. We don’t want to make people worry that their decisions will be monitored by this highly punitive federal agency,” said Cooper. “If you’ve been inhabiting a space where you’ve been persecuted by the federal government for some time, and they now have access to your private medical information, there will be tremendous consequences for population health and health equity.”

     


     

    Photograph of a DEA agent via the DEA/public domain

    • Show Comments