When is medical information too much information?
In the provision of health care, it seems strange to even consider that there could be too much information about a patient. Doctors are trained to only consider diagnosis and treatment when all the available facts have been gathered.
And yet, even the smallest detail about a patient, such as their address or referring GP, can be too much information should it enter the public domain and infringe the patient’s right to privacy.
Health information is valued and valid when it is required in the course of treatment. In this context, there is a ‘need to know’. But when it is overheard or glimpsed by others, it may breach privacy laws.
Doctors and their surgery staff have always been aware of the importance of confidentiality and have taken measures accordingly. The US Health Insurance Portability and Accountability Act website (which enjoys the acronym HIPAA), refers to examples of such safeguards:
- By speaking quietly when discussing a patient’s condition with family members in a waiting room or other public area
- By avoiding using patients’ names in public hallways and elevators, and posting signs to remind employees to protect patient confidentiality
- By isolating or locking file cabinets or records rooms
- By providing additional security, such as passwords, on computers to maintain personal information
In Australia, the legislation which covers the individual’s, or patient’s, right to privacy is the 1988 Commonwealth Privacy Act. It states 10 principles of privacy which include such things as how information may be collected; how it must be held securely and disposed of; how it must be accurate and kept up to date; and, how the individual concerned must be able to access the information and have it corrected.
Some States have their own statutes governing health records which essentially echo the Commonwealth Act and take it a little further. They vary slightly from each other. So, for example, in NSW, there are an additional five privacy principles, for good measure, and the requirement that patient-doctor confidentiality be observed up to 30 years after the death of the patient – an obligation not imposed in Victoria.
When considering patient privacy, there is no real or useful distinction to be made between health information and personal information. As a rule of thumb, all personal information collected in the context of a health service is considered health information. Even a residential address which can be linked to a patient is ‘health information’ and is privacy protected.
Something as apparently innocuous as a patient sticker is therefore captured by the legislation. Hospitals across Australia use patient stickers to record a patient’s full name, date of birth, address, telephone number, health fund, medicare number, the name of the hospital, the doctor treating or referring, an admission date and a medical record number. That’s a lot of sensitive information!
The issue of privacy has become more complex with the advent of electronic transmission of health data. It’s no longer the case that locking up records in a filing cabinet or speaking in hushed tones about a patient’s condition is sufficient to tick the boxes. While privacy protections are becoming more stringent, the means for breaching privacy are becoming more numerous.
I mentioned earlier the example of HIPAA, and it’s fair to say that the US legislation provides even more safeguards than our own domestic privacy laws.
In researching privacy with respect to medical billing across the globe, some companies handling US billing go to quite extraordinary lengths to satisfy privacy requirements. For example, all of their staff computers have the USB function disabled so that health information can’t be copied and removed from the premises via memory stick. All the computers face in a certain direction so that people walking by can’t glance at the screens as they pass, and windows that allow viewing into work areas are covered with dark film. Entry in and out of work areas is by security swipe card. There are no printers at the facility because no documents may be printed.
We have not reached that level in Australia, but we still take privacy very seriously here.
With the introduction of national identifiers, which will soon be introduced, all health records will be kept in a central place. From as early as 2006, the authority charged with the transition, NEHTA (National E-Health Transition Authority), had commissioned three independent Privacy Impact Assessments of the program. As one of the reports stated:
“NEHTA is to be commended for its proactive approach to building privacy issues into the design and development of all its work including the Unique Health Identifier Program from the outset.”
Privacy concerns will certainly have an increasing impact on the health professions. But having said that, there is no reason to be afraid of handling information. Without transmitting patient information, your practice would cease to function. Bills wouldn’t be paid, referring letters wouldn’t be sent, and so on.
You just need to consider how you are transmitting the information and to whom. The general rule is can it be ‘reasonably expected‘ that you would be providing this information to a third party. Here are some examples of where such an expectation applies:
- for quality assurance activities
- managing a legal claim or complaint
- engaging pathology services
- administrative needs (letters and bills)
In conclusion, when you are transmitting patient information in the course of your practice as a medical professional, be wary about emailing because it does not provide an acceptable level of security. And if you are routinely emailing to any third party, such as a billing service, speak to them about more secure ways of passing on information.