Confidentiality and Government Medical Records
Confidentiality
Confidentiality means that healthcare practitioners can't share a patient's personal healthcare information. It cannot be overstated that no information regarding a patient's identity, diagnosis, treatment, or any other healthcare information can be shared without the patient's expressed consent. Confidentiality is at the core of healthcare practice. The American Medical Association (AMA) Code of Medical Ethics states that information shared with a doctor in a doctor-patient relationship is confidential to the utmost degree. According to the AMA's Council on Ethical and Judicial Affairs, the purpose of confidentiality is for the patient to feel comfortable being completely honest with the healthcare professional. Accurate and honest information is needed to diagnose and treat patients correctly. Otherwise, the standard of care may be compromised. Courts have used ethical obligations as the basis for imposing legal obligations. Maintaining patient confidentiality is a legal duty as well as an ethical duty. A patient can sue a healthcare professional or facility for sharing confidential medical information without proper authorization. The AMA can discipline a healthcare professional for breaching confidentiality. A pharmacy technician may be disqualified from certification or licensure for violating confidentiality policies. Today, other factors must be considered in the confidentiality issue. For example, third parties like insurance companies and managed-care organizations are often involved in the delivery of and payment for healthcare. This makes the ethics of confidentiality more complicated. Now, people other than the practitioner and the patient have an interest in a patient's medical information. Electronic health information systems make it easier to transmit patient information. Confidential information is spread through clinical repositories and shared databases. Sharing information makes it safer and more efficient to treat patients, but using this technology while respecting patient confidentiality is a challenge. In addition, breaches in the security protocols that control electronic health information, such as compromised passwords, can affect confidentiality. Legal Basis of Confidentiality Obligations The right to privacy is derived from the Constitution, statutes, and common law. It's the legal basis for confidentiality. Many state and federal statutes create privacy rights and confidentiality obligations. Violation of those obligations can be the basis for lawsuits against healthcare providers. Common law also includes various causes of action for damages resulting from improperly obtaining, disclosing, or using private information. For example, a pharmacy technician who improperly reveals medical information about a patient could be sued for invasion of privacy or infliction of emotional distress.
Records in Possession of Government Agencies
Federal statutes and regulations apply to healthcare providers working for the federal government. They also apply to private healthcare providers participating in a government program or receiving federal funds. FOIA and Open Records Acts The Freedom of Information Act (FOIA) is a federal law that provides access to government records. It includes exceptions for the privacy of medical information held by federal agencies. States have similar open-record statutes, as well as exceptions for medical information that protect the privacy of health information in the hands of state agencies. Privacy Acts The Privacy Act of 1974 is a federal law. It forbids government agencies from sharing certain medical information unless the patient gives written consent. Some government agencies, such as the Social Security Administration and the Department of Health and Human Services, release data they've collected for purposes of research. In that case, statutes require that they remove any data that might identify the patients, such as name, Social Security number, or home address. The Privacy Act also requires the government to keep records of disclosures of information, including the date, nature and purpose of the disclosure, and to whom the disclosure is made. Additional statutory protections apply to certain specific types of information. They cover information about drug and alcohol abuse treatment and participation in Medicaid. These rules apply to private healthcare providers who accept federal funds as well as to government agencies. Some states also have privacy statutes similar in structure to the federal Privacy Act.
Informed Consent and Healthcare Information
Informed consent is a process of communication between a healthcare professional and a patient in which the practitioner explains the factors involved in a recommended medical process. The result is the patient's authorization or agreement (consent) to undergo the process. Patients need sufficient information to make an informed decision about whether to consent to treatment. Failure to provide such information and obtain informed consent can constitute malpractice. However, special problems arise when the person isn't able to give consent. This can happen when a patient is unconscious, mentally incompetent, or a minor. In such cases, the law allows for substituted consent. Recall that this means that an authorized person makes decisions for a person who is unable to do so. Rules for informed consent and substituted consent may extend to the release of confidential health information. For example, a parent can authorize the release of medical information for an infant. There's a special exception to consent requirements in emergency situations. In such cases, life-and-death decisions must be made immediately. The information can be released because of an imminent danger to the public or for a law-enforcement investigation.