Medical privacy, or health privacy, is the practice of maintaining the security and confidentiality of patient records. It involves both the conversational discretion of health care providers and the security of medical records. The terms can also refer to the physical privacy of patients from other patients and providers while in a medical facility, and to modesty in medical settings. Modern concerns include the degree of disclosure to insurance companies, employers, and other third parties. The advent of electronic medical records (EMR) and patient care management systems (PCMS) have raised new concerns about privacy, balanced with efforts to reduce duplication of services and medical errors.
Most developed countries including Australia, Canada, Turkey, the United Kingdom, the United States, New Zealand, and the Netherlands have enacted laws protecting people's medical health privacy. However, many of these health-securing privacy laws have proven less effective in practice than in theory. In 1996, the United States passed the Health Insurance Portability and Accountability Act (HIPAA) which aimed to increase privacy precautions within medical institutions.
History
The history of medical privacy traces back to the Hippocratic Oath, which mandates the secrecy of information obtained while helping a patient.
Before the technological boom, medical institutions relied on the paper medium to file individual medical data. Nowadays, more and more information is stored within electronic databases. Research indicates that storing information on paper is safer because it is more difficult to physically steal, whereas digital records are vulnerable to hacker access.
In the early 1990s, to address healthcare privacy issues, researchers explored using credit cards and smart cards to enable secure access to medical information, aiming to mitigate fears of data theft. The "smart" card allowed the storage and processing of information to be stored in a singular microchip, yet people were fearful of having so much information stored in a single spot that could easily be accessed. This "smart" card included an individual's social security number as an important piece of identification that can lead to identity theft if databases are breached.
In a 2004 editorial in the Washington Post, U.S. Senators Bill Frist and Hillary Clinton supported this observation, stating "[patients] need...information, including access to their own health records... At the same time, we must ensure the privacy of the systems, or they will undermine the trust they are designed to create". A 2005 report by the California Health Care Foundation found that "67 percent of national respondents felt 'somewhat' or 'very concerned' about the privacy of their personal medical records".
The importance of privacy in electronic health records became prominent with the passage of the American Recovery and Reinvestment Act (ARRA) in 2009. One of the provisions (known as the Health Information Technology for Economic and Clinical Health [HITECH] Act) of the ARRA mandated incentives to clinicians for the implementation of electronic health records by 2015.Privacy advocates in the United States have raised concerns about unauthorized access to personal data as more medical practices switch from paper to electronic medical records. The Office of the National Coordinator for Health Information Technology (ONC) explained that some of the safety measures that EHR systems can utilize are passwords and pin numbers that control access to such systems, encryption of information, and an audit trail to keep track of the changes made to records.
Providing patient access to EHRs is strictly mandated by HIPAA's Privacy Rule. One study found that each year there are an estimated 25 million compelled authorizations for the release of personal health records. . Researchers, however, have found new security threats open up as a result. Some of these security and privacy threats include hackers, viruses, worms, and the unintended consequences of the speed at which patients are expected to have their records disclosed while frequently containing sensitive terms that carry the risk of accidental disclosure.
These privacy threats are made more prominent by the emergence of "cloud computing", which is the use of shared computer processing power. Health care organizations are increasingly using cloud computing as a way to handle large amounts of data. This type of data storage, however, is susceptible to natural disasters, cybercrime and technological terrorism, and hardware failure. Health information breaches accounted for the 39 percent of all breaches in 2015. IT Security costs and implementations are needed to protect health institutions against security and data breaches.
Health screening cases
Although privacy issues with the health screening is a great concern among individuals and organizations, there has been little focus on the amount of work being done within the law to maintain the privacy expectation that people desire. Many of these issues lie within the abstractness of the term "privacy" as there are many different interpretations of the term, especially in the context of the law. Privacy merchants are made up of two groups - one that tries to collect people's personal information while the other focuses on using client's information to market company products. The Privacy Act of 1974 offers more restrictions regarding what corporations can access outside of an individual's consent.
Efforts to protect health information
With the lack of help from the Department of Health and Human Services there is a conflict of interest that has been made clear. Some wish to place individual betterment as more important, while others focus more on external benefits from outside sources. The issues that occur when there are problems between the two groups are also not adequately solved which leads to controversial laws and effects. Individual interests take precedence over the benefits of society as a whole and are often viewed as selfish and for the gain of capital value. If the government does not make any more future changes to the current legislation, countless organizations and people will have access to individual medical information. Yet, there were many issues with the implementation. One issue was that there were inconsistent regulation requirements within the different states due to preexisting laws. These new regulations were supposed to safeguard health information privacy by creating extensive solutions for the privacy of patients. The new regulation goals included being notified once an individual's information is inspected, amend any medical records, and request communication opportunities to discuss information disclosure.
Effects of changing medical privacy laws
Physician-patient relationships
Patients want to be able to share medical information with their physicians, yet they worry about potential privacy breaches that can occur when they release financial and confidential medical information. In order to ensure better protection, the government has created frameworks for keeping information confidential - this includes being transparent about procedures, disclosure and protection of information, and monitoring of these new rules to ensure that people's information.
The American Medical Informatics Association has characterized medical emails as way to communicate "medical advice, treatment, and information exchanged professionally"; yet, the "spontaneity, permanence, and information power characterizing" role is significant because of its unknown affects. Although levels of confidentiality are changing, individuals often feel the need to share more information with their doctors in order to get diagnosed correctly. The full implementation incorporates an electronic summary prepared by nominated healthcare providers along with consumer-provided notes. Further, the summary includes information on the individual's allergies, adverse reactions, medications, immunizations, diagnoses, and treatments. The consumer notes operate as a personal medical diary that only the individual can view and edit. The opt-in system gives people the option to choose whether to register for the eHealth record or not.
As of January 2016, the Commonwealth Department of Health changed the name PCEHR to My Health Record.
Privacy – governance
The Personally Controlled Electronic Health Records Act 2012 and Privacy Act 1988 governs how eHealth record information is managed and protected. The PCEHR System Operator abides by the Information Privacy Principles in the Privacy Act 1988 (Commonwealth) as well as any applicable State or Territory privacy laws. A Privacy Statement sets out the application of the collection of personal information by the System Operator. The statement includes an explanation of the types of personal information collected, what the information is used for, and how the information is stored. The statement covers measures in place to protect personal information from misuse, loss, unauthorized access, modification, and disclosure.
Privacy – security measures
Security measures include audit trails so that patients can see who has accessed their medical records along with the time the records were accessed. Other measures include the use of encryption as well as secure logins and passwords. Patient records are identified using an Individual Health Identifier (IHI), assigned by Medicare, the IHI service provider.
Privacy – issues
A 2012 nationwide survey in Australia assessed privacy concerns on patients' health care decisions, which could impact patient care. Results listed that 49.1% of Australian patients stated they have withheld or would withhold information from their health care provider based on privacy concerns.
- How does consent impact privacy?
One concern is that personal control of the eHealth record via consent does not guarantee the protection of privacy. It is argued that a narrow definition, 'permission' or 'agreement', does not provide protection for privacy and is not well represented in Australian legislation. The PCEHR allows clinicians to assume consent by consumer participation in the system; however, the needs of the consumer may not be met. Critics argue that the broader definition of 'informed consent' is required, as it encompasses the provision of relevant information by the healthcare practitioner, and understanding of that information by the patient.
- Is it legitimate to use personal information for public purposes?
Data from the PCEHR is to be predominantly used in patient healthcare, but other uses are possible, for policy, research, audit and public health purposes. The concern is that in the case of research, what is allowed goes beyond existing privacy legislation.
- Are there sufficient safeguards for the protection of patient information?
Security experts have questioned the registration process, where those registering only have to provide a Medicare card number, and names and birth dates of family members to verify their identity. Concerns have also been raised by some stakeholders, about the inherent complexities of the limited access features. They warn that access to PCEHR record content, may involve transfer of information to a local system, where PCEHR access controls would no longer apply.
United Kingdom
The National Health Service is increasingly using electronic health records, but until recently, the records held by individual NHS organisations, such as General Practitioners, NHS Trusts, dentists and pharmacies, were not linked. Each organization was responsible for the protection of patient data it collected. The care. data programme, which proposed to extract anonymised data from GP surgeries into a central database, aroused considerable opposition.
In 2003, the NHS made moves to create a centralized electronic registry of medical records. The system is protected by the UK's Government Gateway, which was built by Microsoft. This program is known as the Electronic Records Development and the Implementation Programme (ERDIP). The NHS National Program for IT was criticized for its lack of security and lack of patient privacy. It was one of the projects that caused the Information Commissioner to warn about the danger of the country "sleepwalking" into a surveillance society. Pressure groups opposed to ID cards also campaigned against the centralized registry.
Newspapers feature stories about lost computers and memory sticks but a more common and longstanding problem is about staff accessing records that they have no right to see. It has always been possible for staff to look at paper records, and in most cases, there is no track of record. Therefore, electronic records make it possible to keep track of who has accessed which records. NHS Wales has created the National Intelligent Integrated Audit System which provides "a range of automatically generated reports, designed to meet the needs of our local health boards and trusts, instantly identifying any potential issues when access has not been legitimate". Maxwell Stanley Consulting will use a system called Patient Data Protect (powered by VigilancePro) which can spot patterns – such as whether someone is accessing data about their relatives or colleagues.
United States
Since 1974, numerous federal laws have been passed in the United States to specify the privacy rights and protections of patients, physicians, and other covered entities to medical data. Many states have passed its own laws to try and better protect the medical privacy of their citizens.
An important national law regarding medical privacy is the Health Insurance Portability and Accountability Act of 1996 (HIPAA), yet there are many controversies regarding the protection rights of the law.
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
The most comprehensive law passed is the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which was later revised after the Final Omnibus Rule in 2013. HIPAA provides a federal minimum standard for medical privacy, sets standards for uses and disclosures of protected health information (PHI), and provides civil and criminal penalties for violations.
Prior to HIPAA, only certain groups of people were protected under medical laws such as individuals with HIV or those who received Medicare aid.
The government authorizes the access of an individual's health information for "treatment, payment, and health care options without patient consent".
Hurricane Katrina
HIPAA does not protect the information of individuals as the government is able to publish certain information when they find it necessary. The government is exempted from privacy rules regarding national security. HIPAA additionally allows the authorization of protected health information (PHI) in order to aid in threats to public health and safety as long as it follows the good faith requirement - the idea that disclosing of information is necessary to the benefit of the public. The Model State Emergency Powers Act (MSEHPA) gives the government the power to "suspend regulations, seize property, quarantine individuals and enforce vaccinations" and requires that healthcare providers give information regarding potential health emergencies".
The implementation of these new goals was complicated by the change in administrations (Clinton to Bush), so it was difficult for the changes to be successfully implemented. The idea of an individual's DNA being compared to property occurred when research caused an individual's privacy to be threatened. Many individuals believed that their genetic information was "more sensitive, personal, and potentially damaging than other types of medical information." One of the issues that Connecticut tried to solve were issues with consent. Within the consent clause, health plans and health care clearinghouses do not need to receive consent from individuals because of a general provider consent form with gives healthcare providers permission to disclose all medical information.
California-specific laws
In California, the Confidentiality of Medical Information Act (CMIA), provides more stringent protections than the federal statutes. HIPAA expressly provides that more stringent state laws like CMIA, will override HIPAA's requirements and penalties. More specifically, CMIA prohibits providers, contractors and health care service plans from disclosing PHI without prior authorization.
These medical privacy laws also set a higher standard for health IT vendors or vendors of an individual's personal health record (PHR) by applying such statutes to vendors, even if they are not business associates of a covered entity. CMIA also outlines penalties for violating the law. These penalties range from liability to the patient (compensatory damages, punitive damages, attorneys' fees, costs of litigation) to civil and even criminal liability.
Likewise, California's Insurance Information and Privacy Protection Act (IIPPA) protects against unauthorized disclosure of PHI by prohibiting unapproved information sharing for information collected from insurance applications and claims resolution.
New Zealand
In New Zealand, the Health Information Privacy Code (1994) sets specific rules for agencies in the health sector to better ensure the protection of individual privacy. The code addresses the health information collected, used, held and disclosed by health agencies. For the health sector, the code takes the place of the information privacy principles.
Netherlands
The introduction of a nationwide system for the exchange of medical information and access to electronic patient records led to much discussion in the Netherlands.
Privacy for research participants
In the course of having or being part of a medical practice, doctors may obtain information that they wish to share with the medical or research community. If this information is shared or published, the privacy of the patients must be respected. Likewise, participants in medical research that are outside the realm of direct patient care have a right to privacy as well.
Future research
While medical privacy remains an important right, it is also crucial to balance privacy with innovation. By limiting patient data in response to privacy violations, it potentially hinders data-driven innovation in medicine. In addition, keeping data secret for a competitive advantage also poses multiple concerns, potentially slowing advances in medical testing (e.g. Myriad Genetics).
See also
- STD notifications in dating services
- Electronic health record (EHR)
- Electronic medical record (EMR)
- Exemptions on the GDPR: national security
- Genetic privacy
- Modesty in medical settings
- National Electronic Health Transition Authority (NEHTA)
- Personal health record
- Personally Controlled Electronic Health Record (PCEHR)
- Protected health information
- Intentional contagion of infection
References
Further reading
External links
- European Standards on Confidentiality and Privacy in Healthcare
- Opt out of the NHS Spine, or the NHS Confidentiality campaign
- Electronic Frontier Foundation on medical privacy