How EMR Privacy Affects Patient Health
The sacred respect that doctors have for the privacy of their patients has roots that go back to the Hippocratic Oath. Now that most medical information is primarily kept in digital format, the importance of medical information privacy is more hotly debated than ever.
- Thanks to new advances in “big data” technology, there are many within the medical community who are arguing that open, unrestricted sharing of patient medical information could revolutionize the way we treat diseases.
- Also, law enforcement agencies see potential value in data mining or electronic medical records and are placing pressure on lawmakers to provide them with warrantless access to patient records to help them prevent crime and protect the public.
Confidentiality is one of the core duties of a medical practitioner.
But why is the protection of patient privacy so important?
- Does the expectation of confidentiality affect patient health?
- What would be the consequences for a patient if this protection were taken away?
- And how does the use of electronic medical records complicate the protection of patient privacy?
There are several situations where a patient might not seek treatment for serious conditions if they feel that stigmatization, persecution, or other undesired consequences might occur. This is particularly true for things such as drug addiction, mental health issues, sexually transmitted diseases, or even terminal illnesses.
Recently, a Canadian woman was denied entry by U.S. Customs agents because she had previously been hospitalized for clinical depression in 2012. Despite her legally protected privacy rights, the Canadian government had made this information available to the FBI and U.S. Customs and Border Patrol.
For a salesperson who must travel abroad for meetings and conventions, seeking help for such a condition could potentially mean the end of a career.
Electronic medical records can pose particular challenges to patient confidentiality.Â Both HIPAA and PIPEDA require healthcare institutions to have policies to protect the privacy of patients’ electronic information, including procedures for computer access and security.
In 2009, the Office of US Health & Human Services reported that a shared computer used for backup was stolen from the unattended reception desk area of a California-based medical practice. The incident breached the names, dates of birth, and clinical information of over 5,000 patients.
Comingling of data can also increase the damage caused by data breaches since 87 percent of all Americans could be uniquely identified using only three bits of information: ZIP code, birthdate, and sex.
For example, The Massachusetts Group Insurance Commission released anonymized data on state employees that showed every single hospital visit. A researcher combined this data with other data sources and was able to link these patient records to their associated names, addresses, and social security numbers.
So how can medical professionals more adequately protect the confidentiality of their electronic patient data?
2 of the leading causes of privacy breaches are human error and unauthor