Doctor - patient confidentiality is an urban myth
“Whatsoever things I see or hear concerning the life of men, in my attendance on the sick or even apart therefrom, which ought not be noised abroad, I will keep silence thereon, counting such things to be as sacred secrets. “
Hippocrates 4th Century B.C
Medical confidentiality is as old as the practice of medicine, but in the computer and bureaucratic age it is quickly becoming an obsolete fantasy.
Doctors are perfectly happy to respect a confidence, but there are any number of other data analysts, paper pushers, and insurance company assassins all waiting to get their hands on a juicy bit of medical data that is basically none of their damn business.
Consider the following true examples of how low privacy has sunk. A Boston hospital worker who was a convicted child rapist allegedly used a former employee's password to access nearly 1,000 computerized patient records. He was using the records to target potential future victims. A Tampa public health worker walked off with a computer disk containing the names of 4,000 people who tested positive for HIV and sent it to two newspapers. A New York Congresswoman's hospital records, including details of a bout with depression and a suicide attempt, were faxed to the local media on the eve of her primary election.
Thousands of University of Michigan health system patients had personal and medical information released over the Internet without knowing it. They didn’t know it because their hospital didn’t even know it. The records were on line for several months before a medical student trying to help a friend find a doctor happened to stumble across them. As well as containing medical information the database also included social security numbers, employment information, and birth dates - enough information to steal someone’s identity with easy if found by an unscrupulous person .
Delta Airlines got into trouble without even getting into actual medical records. Its managers compiled a list of workers suspected of having AIDS by reviewing attendance records, attitude and physical appearance. “No malice intended”, the airline claimed. It was simply determining what counseling and training programs it needed to set up. But when an employee on the list sued for invasion of privacy, the jury awarded him $275,000 for emotional distress.
Informal studies have shown that as many as 80-120 individuals in a health care setting may have access to a patients file. As is common in many records this information could contain information about physical health, family relationships, sexual behavior, substance abuse, and private thoughts and feelings related to mental health. All good potential for a bit of juicy gossip for a bored employee with a few minutes to kill on the computer.
The security of these records is almost nil in many cases. Evan Hendricks, a noted privacy expert, has put it like this -- “ video rental records in this country are afforded more privacy protection under law than are medical records. “ And corporate culture wants this information. Medical information may influence ones employment or employability, credit rating, or ability to get life insurance. Doctors collect medical information for one reason - to help prevent and treat illness. But every agency even remotely associated with the practice of medicine would love to get ( and does get ) their hands on this information, for reasons that have nothing to do with helping the patient get better.
The second largest drug store chain in the U.S. recently got into hot water by targeting direct advertising specifically to people with certain health problems. It got the information directly from its prescription database. A 1997 report by the National Research Council found that many employees use computer databases to check up on friends and family, or even to check potential dates out for sexually transmitted disease information.
You may wish to ponder a newer version of the Hippocratic Oath, attributed to an American health care executive.
“Whatever I see or hear in my attendance on the sick or even apart therefrom will be divulged to physicians, nurses, aides, surgeons, anesthesiologists, dietitians, physical therapists, admitting clerks, billing clerks, utilization review personnel, discharge planners, records coders, medical records filing staff, chaplains, volunteers, performance evaluators, insurers, medical transcriptionists, accrediting agencies, public health officials, other government officials, social workers, and employers. And to whomever else requests them for whatever reason.”
Dr. Patrick Nesbitt
Hippocrates 4th Century B.C
Medical confidentiality is as old as the practice of medicine, but in the computer and bureaucratic age it is quickly becoming an obsolete fantasy.
Doctors are perfectly happy to respect a confidence, but there are any number of other data analysts, paper pushers, and insurance company assassins all waiting to get their hands on a juicy bit of medical data that is basically none of their damn business.
Consider the following true examples of how low privacy has sunk. A Boston hospital worker who was a convicted child rapist allegedly used a former employee's password to access nearly 1,000 computerized patient records. He was using the records to target potential future victims. A Tampa public health worker walked off with a computer disk containing the names of 4,000 people who tested positive for HIV and sent it to two newspapers. A New York Congresswoman's hospital records, including details of a bout with depression and a suicide attempt, were faxed to the local media on the eve of her primary election.
Thousands of University of Michigan health system patients had personal and medical information released over the Internet without knowing it. They didn’t know it because their hospital didn’t even know it. The records were on line for several months before a medical student trying to help a friend find a doctor happened to stumble across them. As well as containing medical information the database also included social security numbers, employment information, and birth dates - enough information to steal someone’s identity with easy if found by an unscrupulous person .
Delta Airlines got into trouble without even getting into actual medical records. Its managers compiled a list of workers suspected of having AIDS by reviewing attendance records, attitude and physical appearance. “No malice intended”, the airline claimed. It was simply determining what counseling and training programs it needed to set up. But when an employee on the list sued for invasion of privacy, the jury awarded him $275,000 for emotional distress.
Informal studies have shown that as many as 80-120 individuals in a health care setting may have access to a patients file. As is common in many records this information could contain information about physical health, family relationships, sexual behavior, substance abuse, and private thoughts and feelings related to mental health. All good potential for a bit of juicy gossip for a bored employee with a few minutes to kill on the computer.
The security of these records is almost nil in many cases. Evan Hendricks, a noted privacy expert, has put it like this -- “ video rental records in this country are afforded more privacy protection under law than are medical records. “ And corporate culture wants this information. Medical information may influence ones employment or employability, credit rating, or ability to get life insurance. Doctors collect medical information for one reason - to help prevent and treat illness. But every agency even remotely associated with the practice of medicine would love to get ( and does get ) their hands on this information, for reasons that have nothing to do with helping the patient get better.
The second largest drug store chain in the U.S. recently got into hot water by targeting direct advertising specifically to people with certain health problems. It got the information directly from its prescription database. A 1997 report by the National Research Council found that many employees use computer databases to check up on friends and family, or even to check potential dates out for sexually transmitted disease information.
You may wish to ponder a newer version of the Hippocratic Oath, attributed to an American health care executive.
“Whatever I see or hear in my attendance on the sick or even apart therefrom will be divulged to physicians, nurses, aides, surgeons, anesthesiologists, dietitians, physical therapists, admitting clerks, billing clerks, utilization review personnel, discharge planners, records coders, medical records filing staff, chaplains, volunteers, performance evaluators, insurers, medical transcriptionists, accrediting agencies, public health officials, other government officials, social workers, and employers. And to whomever else requests them for whatever reason.”
Dr. Patrick Nesbitt