Can a patient provide too much information? Margaret Faux discusses the laws around privacy and what health professionals can do to safeguard records.
In the provision of health care, it seems strange to even contemplate that there could be too much information about a patient. Doctors are trained to only consider diagnoses and treatment when all the available facts have been gathered. Yet even the smallest detail about a patient, such as their address or referring GP can be too much information should it enter the public domain and infringe the patient’s right to privacy.
Health information is valued and valid when it is required in the course of treatment. In this context, a ‘need to know’ approach should be taken. But when information is overheard or glimpsed by others, privacy laws may be breached.
Doctors and their surgery staff have always been aware of the importance of confidentiality and have taken measures accordingly. A document dealing with the US Health Insurance Portability and Accountability Act (HIPAA), entitled Improving the health, safety and well-being of America, refers to examples of such safeguards:
- By speaking quietly when discussing a patient’s condition with family members in a waiting room or other public are
- By avoiding using patient’s names in public hallways and elevators, and posting signs to remind employees to protect patient confidentiality
- By isolating or locking file cabinets or records rooms
- By providing additional security, such as passwords, on computers to maintain personal information