Medical records contain sensitive information, and increasing computerization and other policy factors have increased threats to their privacy. This page has information about
threats to privacy from modern record-keeping systems and from
legislation. It also includes information about some
current legal protections and other methods for
maintaining your medical privacy. Finally, it provides links to
other information about medical record privacy.
What's In Your Medical Records?
Besides information about physical health, these records may include infomation about family relationships, sexual behavior, substance abuse, and even the private thoughts and feelings that come with psychotheraphy. This information is often keyed to a social security number. Because of a lack of consistent privacy protection in the use of Social Security Numbers, the information may be easily accessible. Information from your medical records may influence your credit, admission to educational institutions, and employment. It may also affect your ability to get health insurance, or the rates you pay for coverage (OTA report). More importantly, having others know intimate details about your life may mean a loss of dignity and autonomy.
Threats to Medical Record Privacy
- Administrative Actions. This includes errors that release, misclassify or lose information. This includes compromised accuracy, misuse by legitimate users, and uncontrolled access.
- Computerization. While in some situations computerization increases privacy protection (for example, by adding passwords to sensitive areas), it may also decrease privacy protection for the following reasons.
- Computerization enables storage of large amounts of data in small spaces. Thus when an intruder gains access, it is access not just to certain discrete amount of data, but to larger collections, and perhaps keys to even further information.
- Networked information is accessible from anywhere at any time, allowing a larger number of people access. This increases the possibility of mistakes or other problems such as misuse or leaks of data.
- New databases and different types of data sets are more easily created. This both drives demand for new information and makes possible its creation.
- Information is easily gathered, exchanged and transmitted. Thus potential dissemination theoretically limitless.
- Access by unrelated parties.
- Insurance companies. They may either check records before approving treatment or who may check records before extending coverage.
- Drug companies. These companies may have deals with doctors and hospitals, and who may use the list for marketing. (Consumer Reports)
- For example, PCN (Physician's Computer Network) has access to the patient records of 41,000 doctors, which is about 10% of office-based doctors in the United States. By participating in the PCN, a doctor requires a doctor to view promotions from drug manufactures. In addition, PCN reserves the right to copy information from the ocmputer to is won and to sell if to other companies. Of course, this can only be aggregate data, but may include ages, diagnoses, treatments, and presciptions. Most policies that consumers fill out have an authorizations to relase information to the insurance compnay. Most insurance policies sold in the U.S. and Canada also give notice that a reprt may be filed with the Medical Information Bureau (MIB), which is financed and run by the insurance industry to detect fraudulent applications. Of course, not everyone is included in the MIB database.
- Employers
- Court subpoenas. Often a patient will be unaware when her or his records have been subpoenaed. Even worse, unnecessary information is often included when the records are not adequately screened.
Legislative Risks to Medical Record Privacy
- A national medical records data bank without adequate privacy safeguards.
- Medical ID cards.
- These are problematic because of the backup databank necessary. They may also be a first step toward a national ID card.
Current Protections
- Medical Ethics
- The privacy portion of the Hippocratic Oath: "Whatsoever I shall see or hear in the course of my intercourse with men, if it be what should not be published abroad, I will never divulge, holding such things to be holy secrets."
- The 1992 AMA statement, which states that medical information must be confidential to the greatest possible degree.
- Laws and Other Legal Protection
- The Privacy Act of 1974, which states that no federal agency may disclose information without the consent of the person. Agencies must also meet certain requirements for protecting the information.
-
- Other Federal Laws
- These laws only cover federal agencies, such as Medicare and Medicaid. The bulk of medical records are covered by various, inconsistent and often ineffectual state laws.
-
- State Laws.
- This document allows you to look at the privacy laws, including medical privacy laws, for each state. Only about half of the states guarantee patients the right to see their medical records (CR, Oct. 1994, p. 629). You can obtain more information by looking in your state code or by contacting Privacy Journal.
- Tort Law. This may include defamation, breach of contract, and other privacy-related torts.
Maintaining Medical Record Privacy
- Protect the privacy of your social security number.
- Tell your physician everything necessary for proper treatment, but "think twice before disclosing information that has no bearing on your health." (Consumer Reports, Oct. 1994, p. 629).
- Ask your doctor if any of the records can be accessed from outside th office. If so, ask for what purpose they may be accessed.
- Before the office sendes your medical records to another party, such as an insurance company, ask to view them for accuracy.
- Ask for a notification if the records are ever subpoenaed.
- Controlling access to other personal information.
Other Information about Medical Records Privacy
by http://epic.
0 comments:
Post a Comment