Patient Confidentiality Health Article

Definition

Confidentiality is the right of an individual patient to have personal, identifiable medical information kept private; such information should be available only to the physician of record and other health care and insurance personnel as necessary.

Description

Patient confidentiality means that personal and/or medical information given to a health care provider will not be disclosed to others unless the patient has given informed consent. This is becoming extremely difficult to ensure in an age of electronic medical records and third-party insurance payers.

Viewpoints

Because the disclosure of personal information could cause professional or personal problems, patients rely on physicians to keep their medical information private. It is rare for medical records to remain completely sealed, however. The most benign breach of confidentiality takes place when clinicians share medical information as case studies. When this data is published in professional journals the identity of the patient is never divulged, and all identifying data is either eliminated or changed. If this confidentiality is breached in any way, patients may have the right to sue.

The greatest threat to medical privacy, however, occurs because most medical bills are paid by some form of health insurance, either private or public. This makes it difficult, if not impossible, to keep information truly confidential. Health records are routinely viewed not only by physicians and their staffs, but by insurance companies, medical laboratories, public health departments, researchers, and many others. If health insurance is provided by an employer, they too may have access to their employees files.

Professional implications

The American Medical Association (AMA) encourages doctors to guard their patients' privacy despite the widespread use electronic health records. The organization advises its members to get patient consent for any and all releases of medical information, and recommends that all office personnel and consultants be aware of the paramount importance of maintaining confidentiality. Such policies must be in place, especially in care institutions, in order to maintain Joint Commission on Accreditation of Healthcare Organizations (JCAHO) accreditation. Most confidentiality releases identify the types of information that can be released, the people and/or groups that have been permitted access to the information, and limit the length of time for which the release is valid.

Despite these safeguards, unfortunately, patient confidentiality has eroded with the almost-complete dominance of health-maintenance organizations and other types of third-party payers. In light of this, the medical profession must remain constantly vigilant that their patients' right to privacy is upheld. Confidentiality is essential for a good relationship between patient and practitioner, whose duty to keep information private dates from the Hippocratic Oath. If personal information is disseminated without the patient's permission, it can erode confidence in the medical profession and expose health care professionals to legal action.

Physicians are increasingly being sued by patients whose information has been released without their permission, as the following legal cases show. Even though the plaintiffs do not always prevail, the costs of legal action are burdensome to both sides:

• Estate of Behringer v. Princeton Medical Center, 592A.2d 1251 (N.J. Super. Ct. Law Div. 1991). The late Behringer, a surgeon who worked at Princeton Medical Center, was diagnosed with and treated for AIDS at the same hospital. Behringer's chart, which included several references to his diagnosis, was kept at the nurses' station on his floor with no special protection. His condition became widely known as a result, and the hospital began requiring his patients to sign a form acknowledging the risk to their health. Ultimately, the doctor's surgical privileges were suspended. Behringer's estate sued the hospital for its failure to take reasonable steps to protect his privacy. The hospital was found to have breached confidentiality by leaving the chart out in the open, but the court said they did not discriminate against Dr. Behringer by requiring his patients' informed consent.
• Velazquez v. St. Clare's Hospital, (Kings County Supreme Court, New York, 1994). Nydia Velazquez was admitted to St. Clare's Hospital in 1991 after attempting suicide. In 1992, while she was running for election to U.S. House of Representatives, copies of her medical records were faxed anonymously to several newspapers, which ran them in front-page stories. It was never determined whether hospital personnel were responsible for the disclosure. Regardless, Velazquez sued the hospital for breach of contractual and fiduciary duties of confidentiality, for wrongful disclosure, and for negligence in maintenance of the security of her medical records. She won both the seat in Congress and the lawsuit.
• Doe v. Methodist Hospital, 690 N.E.2d 681 (26 Med.L. Rptr. 1289 (1997)), Hancock County Superior Court, Indiana. According to the filed complaint, Doe, a postal worker who was HIV positive, disclosed his HIV status to paramedics when he was taken to the hospital after a heart attack. The paramedics noted his status on their report, which became part of Doe's medical file. Several coworkers eventually learned of his condition and discussed his HIV status. They were sued, along with the hospital and some of its employees, for invasion of privacy and other wrongful conduct. The court found that Doe's privacy had not been invaded, nor had he been slandered or libeled.