I. IntroductionIn 1997, Judi Selig, a secretary for a South Carolina machinery firm, probably did not anticipate her employer's reaction to her medical history. When her employer discovered that Ms. Selig had been exposed to hepatitis several years before, they demanded that she undergo a blood test and sign a medical release form so that the doctors in the employer's health plan could access her records. When Ms. Selig consented to the test but refused to sign the release form, her employer punished her by suspending her for a week without pay. Ms. Selig quit the company mainly because it threatened her privacy.1
Since then there have been steps taken to assure that patient privacy and confidentiality continues to be upheld. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was passed by Congress which created a deadline of August 21, 1999 for comprehensive Federal privacy legislation to be passed. Congress failed to act by that date, so the Secretary of Health and Human Services was required by HIPAA to issue regulations establishing Federal privacy standards by February 21, 2000.2
Guaranteeing privacy and confidentiality in the doctor-patient relationship is as old as the practice of medicine itself. The Hippocratic Oath, written in 400 BC states, "Whatever, in connection with my professional practice or not, in connection with it, I see or hear, in the life of men, which ought not to be spoken of abroad, I will not divulge, as reckoning that all such should be kept secret."3 and this oath is still maintained by countless physicians throughout the world.
In order for any health care system to work properly it is essential that those participating in it have confidence that whatever private health information they provide to their physician will be kept confidential and will not be become a matter of public record. Living in an electronic age it is possible to access almost anything via the internet. What if, with one click of the mouse, those who have no right to your private medical information access that information and do whatever they want with it? Imagine yourself receiving unsolicited calls from pharmaceutical companies offering to sell you the latest medication to control your high blood pressure or they can provide you with some medication to help you deal with a very sensitive and embarrassing sexual issue. Should patients begin to receive such phone calls? If so, what is the likelihood that they would be forthcoming with sensitive medical information to their physician in the future?
The issue of confidentiality also has ramifications in the area of public health. In order for epidemiologists and other public health professionals to be able to keep track of illnesses and maintain records necessary to assure public health it is essential that they have accurate information. The possibility that someone could be stigmatized by virtue of unauthorized access to private health information would not only make them less likely to provide such information, but may actually discourage those most in need of medical care to stop receiving the care that they need.
In Section two of this paper I will review the literature about the concept of confidentiality and electronic health information. In Section three I will discuss the efforts undertaken to safeguard confidentiality. Section four will look at confidentiality and public health. Section five will address some of the implications of the current literature surrounding confidentiality and section six will provide a conclusion.
II. The Concept of ConfidentialityThe ethos of confidentiality derives from privacy interests of the patient.4 Privacy, generally described as "the right to be let alone"5 is likened to autonomy, i.e. the ability to control one's destiny and limit others' physical access to one's person or to information about oneself.6 Confidentiality is a distinctive aspect of privacy in that it arises only within a special relationship, such as a physician-patient relationship. While anyone may be liable for invading a person's privacy7 only those with information derived from a special confidential relationship have a duty to maintain its confidentiality, i.e. to not share it without the person's permission or in the absence of a compelling reason to do so. Thus, confidentiality protects informational privacy interests by requiring recipients of information deemed confidential to restrict access to that information.8
Patient confidentiality, while extremely important, is not an absolute guarantee. Physicians are mandated to report cases of child abuse or neglect, third-party endangerment, and communicable diseases. Failure to report information such as child abuse or third-party endangerment can have serious legal consequences including a possible jail sentence, fines, and the potential loss of one's license to practice medicine.
In the past few people other than physicians were in a position to harm a patient's interest in his/her medical information. Parties not under a physician's direct supervision were not likely to have access to medical or related financial records, for physicians were the de facto custodians of medical records, and payment did not involve a third party. Today, medical care requires interaction and coordination among many individuals and services.9 Aspects of care are often delegated or first undertaken by licensed, or even unlicensed, care providers other than physicians. Information is obtained, coded, and processed by employees of the physician or health care system, maintained in paper or electronic form, and transmitted to third party payers.10 The expanding number of those whose jobs provide them with access to medical information increases the risk that individuals will act outside the scope of authorization to obtain information they do not legitimately need to perform their work. Mark Siegler spoke of his amazement that in 1982 as few as 25 and as many 100 health professionals and administrative personnel had access to patients' record and that each of them had a legitimate need and a professional responsibility to open and use those charts.11 After twenty-seven years those numbers have gone up, not down.
The electronic health information systems, in particular, that have proliferated in the past ten to twenty years may be particularly vulnerable to improper or abusive dissemination of health and related information, including risk of appropriation of critical unique identifiers and financial information. Vast quantities of medical and other personal information are now stored in cyberspace. This information can be accessed by large numbers of health care workers, both physicians and non-physicians, and transferred in a matter of nanoseconds, posing the risk of inappropriate intrusion into highly sensitive personal information.12
In summary, the very concept of confidentiality is extremely important with regard to the physician-patient relationship. This relationship is built on trust between the patient and his/her physician. Anything which serves to potentially undermine this relationship, such as a breach of confidentiality on the part of the physician or others who have access to a patient's personal health and financial information will have an extremely adverse effect on the health care system. In the next section I will review the literature which addresses such weaknesses.
III. Safeguarding ConfidentialityThe Privacy Act of 1974, 5 U.S.C. § 552a, established a code of fair information practices that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies. A system of records is a group of records under the control of an agency from which information is retrieved by the name of the individual or by some identifier assigned to the individual. The Privacy Act requires that agencies give the public notice of their systems of records by publication in the Federal Register.13
The Privacy Act prohibits the disclosure of information from a system of records absent the written consent of the subject individual, unless the disclosure is pursuant to one of twelve statutory exceptions. The Act also provides individuals with a means by which to seek access to and amendment of their records, and sets forth various agency record-keeping requirements.14
HIPAA assigns to covered entities - such as health care plans, clearinghouses, and health maintenance organizations - "15 a duty to maintain "administrative, technical, and physical safeguards of health information" to preserve its "integrity and confidentiality".16
Lawrence Gostin writes about the goals of providing health care information. The collection and use of health information involves two important goals, yet sometimes competing goals: 1)gathering and disseminating accurate and timely information on the incidence and prevalence of disease, health information necessary for health care of individuals, assessment of health care and public health needs and evaluation of programs, services, institutions, and providers; and 2) protecting that information from uses or disclosures that cause harm to individuals to whom the information pertains.17
Every state and territory provides statutory protection for some types of personal health data maintained by a government agency. Forty-nine states and territories reported protection for general public health data, forty-two specifically protect communicable disease data, and forty-two specifically protect sexually transmitted disease data.18
Forty nine states reported some provision permitting public health officials or others to disclose public health information.19 Forty-two states reported statutory penalties for impermissible disclosures. Of these, thirty-one reported criminal penalties, eighteen reported civil penalties, and eight reported both.20
Privately held health care information can be protected in a number of ways. Thirty-seven states impose on physicians the duty to maintain the confidentiality of medical records. Twenty-six extend this duty to other health care providers. Thirty-three states and territories require health care institutions to maintain the confidentiality of medical records they hold. The survey found that only four states have specific legislation imposing this duty on insurers, despite the vast amount of information held by insurance companies. Nine states impose a similar duty on employers or other health care institutions. Due to the increase is computerization in the storage of medical data, the survey inquired about the existence of a duty to maintain the confidentiality of electronic or computerized medical records. Only twenty-two states have legislative provisions that protect computerized or electronically transferred data.21
Forty-two states protect information received during the course of a physician-patient relationship from disclosure in court proceedings, with certain exceptions. States permit disclosure of health care information for various reasons, including to another health care provider (18), to epidemiologists or researchers (16), and under a subpoena or court order (22).22
Twenty-eight states provide statutory penalties for unauthorized disclosure of health care information. Twelve impose criminal penalties; nineteen create civil penalties and three allow for both civil and criminal penalties.23
While Professor Gostin's report was issued before the implementation of HIPAA, the United States Department of Health and Human Services, which was given the task of implementing HIPAA, made provisions in the regulation that if a given state's procedure is more stringent than the guidelines set forth in HIPAA that state may maintain its current guidelines.
The fact is that, in spite of these safeguard which have been put in place there are still a variety of problems regarding the proper protection and dissemination of private health care information. On October 15, 2002, the Privacy Rule (HIPAA) when into effect, with a final compliance date of April 14, 2003 for subject health care organizations.
Effective in April 2003, the federal government gave six hundred thousand "covered entities" regulatory permission to use or disclose health information for treatment, payment, and health care operations" (known as TPO) without patient consent.24 Some of those "routine purposes" for which disclosures are permitted are far from treatment. In fact, "covered entities" and their "business associates" may share patients' sensitive personal information for treatment, payment, and health care operations without the patients' knowledge, over their opposition, and even if patients pay for treatment out of pocket or request the right to be asked for consent to disclosure of their medical records.25
Particularly troubling is the governmental authorization for covered entities to use patients' confidential health information without their consent for health care operations that are unrelated to payment or treatment. "Health care operations" (HCO) include administrative and profit-generating activities, such as auditing, data analyses of plan sponsors, training of non-health care professionals, general administrative activities, business planning and development, cost management, payment methods improvement, premium rating, underwriting, and asset sales - all unrelated to direct patient care.26 Health care operations also include some marketing (which otherwise requires signed authorization) fundraising for covered entities.27 In addition, covered entities may share patient information with millions of contracted "business associates" without patients' consent. Like covered entities, their business associates are supposed to keep patient information confidential.28
However, because amended HIPAA rules permit broad uses under health care operations and do not require an audit trail for "routine" disclosures, there is no way to monitor whether health information is shared in ways inconsistent with contractual requirements or patients' wishes. Thus, if patients have problems with employment or insurance because of unauthorized disclosure of their health information, the patient cannot trace the harm to a disclosure authorized under health care operations.29
Confidentiality is at the heart of the physician-patient relationship and consent is an essential means by which patients can assure that information remains confidential.30 There is a great need for such assurance because any problem that could arise with health care disclosures probably will as Ted Cooper of Kaiser Permanente noted in 2000 when he recommended that HIPAA be "crafted from the perspective of how we would want" our family's health data handled, "every permutation that can happen will happen."31 According to health attorney James Pyle, "information such as a name and diagnostic code …could be enough to derail your prospects for a loan or a job. You could be charged higher loans rates or lose a job because of what's in your medical record…and it will be impossible to prove it was because your data was shared…because there is no disclosure of audit" trail under HIPAA.32 For years medical privacy was protected - by ethical codes, state and federal statutes and administrative regulations, tort law (which, unlike HIPAA, gives patients remedies), accrediting organizations, hospital policies, even the market - long before HIPAA gleamed in a bureaucrat's eye. As Richard Epstein notes, before HIPAA we saw no "explosion of improper disclosures of sensitive information, and no systematic unwillingness to deal with the problems that do arise by private organizations or even by more limited and focused regulatory responses."33 Due to the lack of limitations, potentially harmful information is likely to be shared within the course of basic health care operations, and HIPAA actually facilitates that sharing, without patient authorization, even if other laws might prohibit the use of the information.34
In summary, as the foregoing review of the literature indicates, there are a variety of problems regarding the transmission of sensitive health care and other personal patient information which have not been adequately addressed by HIPAA. The unintended transmission of sensitive patient information can have a deleterious impact on the confidence patients must have in the health care system. The issue of patient confidentiality extends to the public health care literature as well. This will be addressed in the next section.
IV. Confidentiality and Public HealthSince the HIPAA privacy rule was put into effect in April 2003, health care providers have sometimes been confused regarding what information they can legally disclose to public health agencies.35 HIPAA is intended to protect the public from unauthorized access to, use of, and disclosure of individually identifiable health information. It places responsibility on health care providers to avoid using or disclosing protected health information (PHI) unless authorized by the person to whom it pertains, or unless the disclosure or use is required or permitted by regulation or law. Specifically excluded from the requirement for individual authorization are disclosures for public health activities. This means that sharing PHI for public health purposes is permitted as long as the agency to which the information is provided is legally authorized to collect and receive information.36
This specific exclusion was allowed because public health authorities have a legitimate need for PHI to ensure public health and safety, and because public health agencies have a track record of protecting the confidentiality of PHI. The HIPAA privacy rule attempts to strike a balance between individual privacy rights and the need for public protection.37
Collection of information is necessary for the basic public health care activities of reporting, case finding, and partner notification or contact tracing. Reliable aggregate information is also vital for policy-makers and program planners responsible for resource allocation, program design, and targeting of prevention programs. Public health policy makers and program managers need information that reveals differences in status by age, geographic area, and other risk factors. Accurate measurement of this information can help policy makers assess the barriers in the area of access, cost, or quality that affect health improvement efforts. Lack of reliable information hinders program planners and public health officials trying to stop outbreaks of disease or quantify local needs.38
Developing a public health information infrastructure is integral to contemporary efforts to "reinvent" the public health system. We define the public health infrastructure as the framework that undergirds the electronic information collection, storage, use, and transmission supporting the essential functions of the public health system.
Collecting accurate and complete health information from individual patients contributes to good patient care. Lack of current information on health status presents problems when an individual sees a health care provider who does not a have comprehensive record of that person's medical history. Lack of complete information can result in a lost opportunity to provide childhood immunizations or to correctly diagnose and treat serious acute and chronic illnesses in adults.
Health care providers' collection of health information not only supports optimal care of individual patients but also facilitates achievement of systemic goals. These include assessing the quality and cost effectiveness of health services, monitoring fraud and abuse, tracking and evaluating access to health services and patterns of morbidity and mortality among underserved populations, and researching the determinants, prevention, and treatment of disease.39 The usefulness and accessibility of information collected as part of a written or computerized medical record is limited by the nature and structure of the specific confidentiality protection accorded to that information. While no system that collects a large volume of data on individuals can avoid all possible harms due to improper disclosure or misuse of information, certain broad goals guide efforts to collect and manage information. These include ensuring: 1) the integrity of health care data so that information is accurate, complete, and trustworthy - the integrity of information is critical to quality patient care, assessment of services, research, and public health; 2) the availability of health data so that authorized persons who need the information for legitimate health purposes have ready access to the data - if clinical information is not readily available to health providers, the best interests of patients may be significantly compromised; and 3) the privacy of patients so that they can be assured that personal information remains private and will not be disclosed without their knowledge and permission.40
Computers and other electronic media are fast becoming the strong method of choice for medical and other personal information. Despite this fact, only twenty-two states have specific provisions regarding the protection of confidentiality of records maintained on electronic or computerized media. These provisions offer varying degrees of protection. Several states, such as Tennessee, use the same standards for confidentiality of computerized or electronic records as those applied to paper records. In other states, including Arkansas, statutes governing confidentiality of computerized health care information apply only to public health data, private physicians, hospitals and other health care facilities may or may not be held to the same definition. Oklahoma's Health Care Information Act provides that individual forms, computer tapes or other forms of data collected by and furnished to the Division of Health Care Information or to a data processor shall be confidential. Statutory protection of computerized data may also lack specificity. Florida requires only that computerized records be kept in accordance with "sound" record keeping practices.41
The ability of public health officials to collect health data serves an important public health purpose; however, it also raises a number of concerns regarding privacy and confidentiality issues. Civil libertarians and consumers see informational privacy (and confidentiality) as a fundamental right and have vociferously asserted the importance of stronger legal safeguards. Public health professionals, on the other hand, have just as strongly asserted the need to use data to achieve important public health purposes. In order to reconcile these two different views, the Georgetown/Johns Hopkins Program on Law and Public Health convened a multi-disciplinary team of privacy, public health, and legislative experts to propose a model public health information privacy statute, known as "The Model Act".42
The Model Act's approach is to help maximize privacy safeguards where they matter most to patients while at the same time facilitating the collection of health data which is so essential to public health officials.43
There are several core assumptions with regard to The Model Act. For example, all identifiable health information deserves legal protection. The Model Act safeguards all personally identifiable data regardless of their source or holder. Non-identifiable health information requires no protection. The definition of "protected health information" specifically incorporates another core assumption: non-identifiable health data do not merit privacy protection. Disclosures must be strictly limited. While the Act affords public health agencies the power to acquire and use health data for important public health purposes, it grants very little authority to disclose identifiable data outside the public health system. Finally, the Act permits the exchange of data among public health agencies within a given state and outside the state.44
Though not perfect, the Act provides a balance between the social good of data collection (recognizing its substantial value to community health) and the individual good of privacy (recognizing the normative value of respect for persons)…States that adopt the Act or laws consistent with its structure can stabilize and modernize public health information practices.45
Since confidentiality impacts both the private and public health sectors, what are some of the implications regarding confidentiality, especially in light of President Barack Obama's health care reform proposal? This will be discussed in the next section.
V. ImplicationsOn February 17, 2009, four weeks after his inauguration, President Barack Obama signed into law a $787 billion economic stimulus package. The economic impact of the American Recovery and Reinvestment Act of 2009, as the measure is officially known, will not be apparent for months. The Act directs that $150 billion in new funds is to be spent on health care. This spending includes $87 billion for Medicaid, $24.7 billion to subsidize private healthinsurance for people who lose or have lost their jobs, $19.2 billion for health information technology, and $10 billion for the National Institutes of Health (NIH).46
Improved safeguards for the privacy and security of individually identifiable health information and the prevention of commercial exploitation are critical to the success of a nationwide health information network which is to be implemented by 2014. The Act incorporates rule changes that privacy advocates and some lawmakers have been seeking for years. For example, it allows patients to request an "audit trail" showing all electronic disclosures of their health information and mandates that they be notified about any unauthorized disclosure or use. It extends protections to personally controlled electronic health data (such as those stored by Google Health, Microsoft HealthVault, and other on-line data repositories), as well as to "covered entities". When individually identifiable health information is transmitted or physically transported, such as on a laptop computer, outside a health care entity, it must be encrypted or otherwise rendered indecipherable to unauthorized individuals. The Act also includes limits on the sale of an individual patient's health information or its unauthorized use in marketing or fund-raising, increases penalties for violations and strengthens enforcement and oversight.47
Integrated PHRs (personal health records) are already used by millions of patients, and their adoption is reaching a tipping point in some regions of the country. For example, among the 250,000 patients in the San Francisco Bay area who receive primary care at a region of the Palo Alto Medical Foundation, 50% of adults use the groups PHR. Most patients and their physician still live in the world of paper medical records the Obama Administration has set a goal of computerizing all of America's medical records within five years as a means of improving efficiency, quality, safety, and ultimately saving money. The Stimulus Act will provide bonus payments of $44,000 to $64,000 to physicians who adopt and effectively use EHRs (electronic health records) from 2011 to 2015, and it is likely that penalties will then be introduced for physicians who do not adopt the technology. These incentives will probably make the use of EHRs common among all but the most resistant physicians during the next several years. Among the many questions likely to arise during the transformation will be how will the information reach the patient?48
The high technology components of the Stimulus Act (which are collectively known as HITECH) threatens financial penalties to spur adoption of the use of EHRs. Physicians who are not using EHRs meaningfully by 2015 will lose 1% of their Medicare fees, then 2% in 2016, and 3% is 2017. Hospitals, too, face penalties for non-adoption by 2015 - in their case, taking the form of cuts in their annual updates under the diagnosis-related group (DRG) system.49
If the Act is able to accomplish the goals that it has set forth, it will go a long way in helping to assure the public that the information they provide to their health care professional will not be used in ways or for purposes that were never initially intended.
National surveys show that both doctors and patients question HIPAA's benefits for medical privacy. Doctors, in particular, recognize problems with the HIPAA rule. According to a survey conducted in 2005 by Julia Slutsman and colleagues, most physicians…believe that the privacy rule does not improve the protection of confidential health information. While most physicians felt that some HIPAA provisions would "somewhat or greatly improve privacy protections," the majority did not think either the notice provision (64.2%) or privacy officers (60.3%) would improve protection of health information. Although one quarter felt that a violation of medical records privacy was a "very serious problem" less than a quarter (22.8%) agreed that the privacy rule would help them "maintain the confidentiality of patients' medical records". In fact, nearly half (45.4%) disagreed.50
While the use of electronic records by hospitals and physicians can, potentially, improve efficiency. There are some downsides which must be taken into consideration. Many times physicians have clearly cut and pasted large blocks of text, or even complete notes, from other physicians; we have seen portions of our own notes inserted verbatim into another doctor's note. This is, in essence, a form of clinical plagiarism with potentially deleterious consequences for the patient. Residents, rushing to complete numerous tasks for large numbers of patients, have sometimes pasted in the medical history and the history of the present illness from someone else's note even before the patient arrives at the clinic. Efficient? Yes. Useful? No. This capacity to manipulate the electronic record makes it far too easy for trainees to avoid taking their own histories and coming to their own conclusions about what might be wrong. Senior physicians also cut and paste from their own notes, filling each note with the identical medical history, family history, social history, and review of systems. Though it may be appropriate to repeat certain information, often the primary motivation for such blanket copying is to pass scrutiny for billing. Unfortunately, these kinds of repetitive notes dull the reader, hiding the important new data.51
Given the fact that both physicians and public health officials rely upon the accuracy of the information provided by patients in order to be of service to the individual patient as well as engage in epidemiological research and keep track of the potential spread of disease it is essential that the information provided be in a safe environment where the patient believes that the information they provide will not be used to harm them in any way. Even the perceived possibility that the information provided can be used against the patient in terms of job hiring, promotions, securing a loan, or being stigmatized will have the adverse effect of causing those who may be in most need to assistance to forego the help they need out of fear.
In his article entitled, "Breaking the Vicious Cycle: Toward Effective Risk Regulation", Stephen Breyer discusses basic "rational" values that the public assigns to risks. These values are Rule of Thumb, Prominence, Ethics, Trust in Experts, Fixed Position, and Mathematics.52
Justice Breyer uses the example of nuclear power plants as a source of public concern and possible risk. Using the "rule of thumb", the public would use readily understandable examples and tend to create binary choices: yes/no, safe/dangerous. These binary choices may help us to make an immediately decision regarding a particular potential risk, but they do not aid us in understanding the risk.
If a risk stands out from its surroundings, people tend to give it more credence. We will often notice the more obvious low risk before seeing the higher risk. Journalists rely on this psychological fact when reporting a given news story. Also, our feelings of obligation regarding a potential risk diminish with distance. Using the example of a nuclear power plant, someone in Shoreham, NY would have a much stronger feeling of obligation than someone in Evansville, IN where there is no nuclear power plant present.
When it comes to experts, the public seems to distrust them as well as the institutions which employ them. Also, someone who has already made up their mind about a particular issue is often extremely reluctant to change it. People tend to overestimate small risk probabilities, while underestimating larger ones.53
While this article uses nuclear power plants as an example, the fact is that the same is true when it comes to private health information. The experts can tell us that there is a very minor risk that information may be used improperly; however, if we or someone we know have an experience where we believe that our personal information was used improperly that risk becomes "major" as far as we are concerned.
If the issues addressed in Robert Steinbrook's article are sufficiently dealt with so that patients are able to request an "audit trail" to see who is accessing their information and they will be notified of any unauthorized disclosure or use then the public will have a sense of safety regarding their information and will likely not feel uneasy about providing sensitive information to their physician. However, even the slightest breach of that confidence can have devastating effects on the health care system.
Even before the American Recovery and Reinvestment Act has been fully implemented, there is already a lawsuit pending in Federal court. In the case of Heghmann v. Kathleen Sebelius et al., the plaintiff is alleging that the Act (also known as the Stimulus Act) is unconstitutional since it violates the First, Third, Fourth, Fifth, Ninth, Tenth and Fourteenth Amendments of the United States Constitution. The plaintiff is asking the United States District Court for the Southern District of New York to declare the Act unconstitutional and to enter aseries of injunctions to prevent the provisions of the Act from taking place as well as preventing the United States Department of Health and Human Services or any other government agency from accessing personal health information from any person in the United States who is not already covered by Medicare or Medicaid.54
It will be interesting to see how this case is decided in the court and what impact it will have, if any, on the Act and its provision for mandating that all health records be electronically recorded by 2014.
VI. ConclusionAs the discussion of health care reform continues and the Congress begins to iron out the details of the legislation which they will present for a vote it is important that they keep uppermost in their minds the good of the people they have been elected to serve. While HIPAA privacy rule was put in place in order to assure the public that our confidential health information would not be misused, the fact is that there are some loopholes which need to be addressed:
First, given the fact that it is no longer the physician alone who is the custodian of patient medical records, the expanding number of people whose job provides them with access to medical information increases the risk that individuals will act outside the scope of their authorization to obtain information they are do not legitimately need to perform their work.
Second, the collection and use of health information involves two important, and yet sometimes competing goals: 1) gathering and disseminating accurate and timely information necessary for the health care of individuals, assessment of health care and public health needs and evaluation of programs, services, institutions, and providers; and 2) protecting that information from uses and disclosures that cause harm to individuals to whom the information pertains.
Third, the usefulness and accessibility of information collected as part of written or computerized medical records is limited by the nature and structure of the computerized medical records as well as by the nature and structure of the specific confidentiality protection accorded that information. While no system that collects a large volume of data regarding individuals can avoid all possible harm due to improper disclosure or misuse of information, certain broad goals can guide efforts to collect and manage information provided to public health officials as well as physicians.
Fourth, as stated earlier, improved safeguards for the privacy and security of individually identifiable health information and the prevention of commercial exploitation are critical to the success of a nationwide health information network which is to be implemented by 2014. The American Recovery and Reinvestment Act incorporates rule changes that privacy advocates and some lawmakers had been seeking for years. For example, it allows patients to request an "audit trail" showing all electronic disclosures of their health information and mandates that they be notified about any unauthorized disclosure or use. It extends protections to personally controlled electronic health data (such as those stored by Google Health, Microsoft HealthVault, and other on-line data repositories), as well as to "covered entities".
Finally, patients must be free to pursue treatment from their physician without any fear that the information they provide in the short-term will lead to long-term problems, such as denial of a job or a promotion. The essence of medical treatment is meant to restore a patient to health, not to provide businesses with marketing information. Any new health care reform legislation must enable patients to seek the treatment they need and deserve.
1 Sharon Hussong "Medical Records and Your Privacy: Developing Federal Legislation to Protect Patient Privacy Rights" American Journal of Law & Medicine (2000) pp. 453-474
2 Hussong, p. 454
3 Francis Adams (trans.) http://classics.mit.edu/Hippocrates/hippooath.html (accessed 10/28/09)
4 Ilene N. Moore et al. "Confidentiality and Privacy in Health Care from the Patient's Perspective: Does HIPAA Help?" Journal of Law Medicine Vol. 17:215, 2008, pp. 215-272 citing AMA Code of Medical Ethics which distinguishes confidentiality from privacy: "Confidentiality is information told in confidence or imparted in secret. However, patient privacy encompasses information that is concealed from others outside of the patient-physician relationship." AMA CODE OF ETHICS E-5.059.
5 Moore et al. citing William L. Prosser, Handbook of the Law of Torts 802 (4th Ed., 1971).
6 Moore et al citing Lawrence Gostin et al., Privacy and Security of Health Information in the Emerging Health Care System, 5 Health Matrix 1, 21 (1995; Anita L. Allen Taking Liberties: Privacy Private Choice, and Social Contract Theory, 56 U. Cin. Law Review 461, 464 (1987) ("Privacy refers to conditions of restricted access. This usage is in keeping with the popular theoretical definitions of 'privacy as the inaccessibility of persons, their mental states, and information about them to the senses and surveillance devices of others.'").
7 Moore et al., citing Gostin et al. supra note 22, at 3.
8 Moore et al. citing Judy Zelin, Annotation, Physician's Tort Liability for Unauthorized Disclosure of Confidential Information About Patient, 48 A.L.R. 4TH 688, 679 (1986) (citing Humphers v. First Interstate Bank, 696 P. 2d. 527, 530 (plaintiff could proceed against physician's estate under a breach of confidentiality claim but not an invasion of privacy claim). Cf., Horne v. Patton 287 S. 2d 824, 830-32 (1973) (allowing claims for both breach of confidentiality and invasion of privacy to go forward).
9 Moore et al. citing Gostin, supra note 22, at 2 ("All participants … (consumers and patients, health plans, and federal and state regulatory agencies)…need access to high quality information for informed decision making.")
10 Moore et al, p. 225
11 Mark Siegler "Medical Confidentiality - A Decrepit Concept" NEJM, Vol. 307:1518-1521, December 9, 1982, No. 24
12 Moore et al, p. 226
14 Moore et al. citing HIPAA preamble
15 Moore et al, citing C.F.R. § 160.101 (2003) (implementing sections 1171 through 1179 of the Social Security Act)
16 Moore et al. citing Office of Civil Rights (OCR) Guidance explaining significant aspects of the Privacy Rule, supra note 3 at 41-42.
17 Lawrence O. Gostin et al. "Legislative Survey of State Confidentiality Laws, with Specific Emphasis on HIV and Immunization" Report given in 1995. p. 5 of 66, (Accessed 10/6/2009) http://www.epic.org/privacy/medical/cdc_survey
18 Gostin et al, p. 5 of 66
19 Gostin et al. p. 5 of 66
20 Gostin et al. p. 5 of 66
21 Gostin et al. p. 5 of 66
22 Gostin et al. p. 5 of 66
23 Richard Sobel "The HIPAA Paradox: The Privacy Rule That's Not" Hastings Center Report 37, no. 4, (2007) pp. 40-50 citing 64 Federal Register 53,211, August 14, 2002, sec. 164.506a.
24 Sobel, p. 41
25 Sobel, p. 42 citing Sec. 164.501, 506. The American Medical Association has long argued against issuing the broad definition of health care operations. See G. Aston "Pushed by a Looming Legislative Deadline, AMA Delegates Adopted New Policy on Patient Confidentiality Issues Tied to Participation in Medical Research," American Medical News, July 12, 1999.
26 Sobel, p. 42.
27 Sobel, p. 42. HIPAA creates rules for confidentiality (limitations of the range of records sharing, not privacy (patients' control of information).
28 Sobel, p. 42
29 Sobel, p. 42 citing: For a discussion of the essential nature of confidentiality and consent for quality care, see the amicus briefs in Citizens and Althaus v. Cohen of the Program in Psychiatry and the Law at Harvard Medical School, http://www.pipatl.org/amicus.php
30 Sobel, p. 42 citing M. Doscher, HIPAA: A Short and Long Term Perspective on Health Care (Chicago, IL: American Medical Assn. Press, 2002), p. 90
31 Sobel, p. 42 citing "Eyes on Your Records" Consumer Reports, March 2005 http://www.consumerreports.org/cro/health-fitness/health-care/electronic-medical-records-306/eyes-on-your-record/index.htm; Also citing "The New Threat to Your Medical Privacy" Consumer Reports, March 2006, pp. 39 and 42
32 Carl E. Schneider, "HIPAA-cracy" Hastings Center Report, Jan.-Feb. 2006, pp.10-11
33 Sobel, p. 42
34 Sobel, p. 42
35 Douglas Campos-Outcalt "How Does HIPPA Affect Public Health Reporting?" The Journal of Family Practice, Sept. 2004/ Vol. 54, No. 9, pp. 701-704
36 Campos-Outcalt, p. 701
37 Campos-Outcalt, p. 701
38 Gostin et al, p. 12 of 66
39 Gostin et al, p. 12 of 66
40 Gostin et al. p. 12 of 66
41 Gostin et al. p. 24 of 66
42 Lawrence Gostin (ed.) Public Health Law and Ethics: A Reader (CA: University of California Press, 2002), pp.328-333
43 Gostin, p. 329
44 Gostin, pp. 330-331
45 Gostin, p. 331
46 Robert Steinbrook "Health Care and the American Recovery and Reinvestment Act" NEJM, March 12, 2009, Vol. 360: 1057-1060
47 Steinbrook, p. 1058
48 Paul C. Tang and Thomas H. Lee "Your Doctor's Office or the Internet? Two Paths to Personal Health Records", NEJM, Vol. 360:1276-1278, March 26, 2009, No. 13
49 David Blumenthal "Stimulating the Adoption of Health Information Technology", NEJM, Vol. 360:1477-1479, April 9, 2009, No. 15
50 Sobel, p. 44
51 Pamela Hartzband and Jerome Groopman "Off the Record - Avoiding the Pitfalls of Going Electronic" NEJM, Vol. 358: 1656-1658, April 17, 2008, No. 163 [
52 Stephen Breyer "Breaking the Vicious Cycle: Toward Effective Risk Regulation" MA: Harvard University Press, 1993 reprinted in Public Health Law and Ethics: A Reader, University of California Press, 2002, Lawrence Gostin (ed.), pp.140-144
53 Breyer, p. 141
54 Hegemann v. Sebelius et al. United States District Court (June 12, 2009) CV 5880 Judge Jones
- Annas, George J. "HIPAA Regulations - A New Era in Medical Privacy?" NEJM, Vol. 348: 1486-1490, April 10, 2003, No. 15
- Blumenthal, David "Stimulating the Adoption of Health Information Technology", NEJM, Vol. 360:1477-1479, April 9, 2009, No. 15
- Campos-Outcalt, Douglas "How Does HIPAA Affect Public Health Reporting?" The Journal of Family Practice, Sept. 2004/Vol. 54, No. 9, pp. 701-704
- Gostin Lawence et al, "Legislative Survey of State Confidentiality Laws, with Specific Emphasis on HIV and Immunization" (1995) http://www.epic.org/privacy/medical/cdc_survey
- Gostin Lawrence (ed.) Public Health Law and Ethics: A Reader (CA: University of California Press, 2002)
- Hartzband, Pamela and Jerome Groopman "Off the Record - Avoiding the Pitfalls of Going Electronic" NEJM, Vol. 358: 1656-1658, April 17, 2008, No. 163
- Hussing, Sharon "Medical Records and Your Privacy: Developing Federal Legislation to Protect Patient Privacy Rights" American Journal of Law and Medicine 26 (2000), pp. 453-474
- Moore, Ilene N. et al "Confidentiality and Privacy in Health Care Reform from the Patient's Perspective: Does HIPAA Help?" Journal of Law Medicine, Vol. 17: 215, 2008, pp. 215-272.
- Schneider, Carl E. "HIPAA-cracy" Hastings Center Report, Jan.- Feb. 2006, pp. 10-11
- Siegler, Mark "Confidentiality in Medicine - A Decrepit Concept" NEJM, Vol. 307: 1518-1521, December 9, 1982, No. 24
- Sobel, Richard "The HIPAA Paradox: The Privacy Rule That's Not" Hasting Center Report 37, no. 4 (2007), pp. 40-50
- Steinbrook, Robert "Health Care and the American Recovery and Reinvestment Act" NEJM Vol. 360:1057-1060, March 12, 2009, No. 11
- Tang, Paul C. and Thomas H. Lee "Your Doctor's Office or the Internet? Two Paths to Personal Health Records, NEJM, Vol. 360:1276-1278, March 26, 2009, No. 13