Privacy of Medical Records: Difference between revisions

Study Guide

Catalyst

Most people require a certain amount of privacy. Everyone holds a certain information about themselves to be personal and to be shared with only people whom they trust. This is the major cause of medical privacy issues. Because doctors’ offices and hospitals keep records on each of their clients, the issue becomes, who has a right to access these records? The widespread use of databases and other technology to maintain this data has caused the medical privacy issue to blow up at an even greater rate. Now, not only do insurance companies and billing agencies have access to your medical records, but hackers can now access them also.

Content of Medical Records

Medical Records may include your medical history, details about your lifestyle such as smoking or involvement in high-risk sports, and family medical history. In addition, your medical records contain laboratory test results, medications prescribed, and reports that indicate the results of operations and other medical procedures. Your records could also include the results of genetic testing used to predict your future health. And they might include information about your participation in research projects. Information you provide on applications for disability, life or accidental insurance with private insurers or government programs can also become part of your medical file. So, it is easy to see why people consider information about their health to be highly sensitive.

Accessibility

Medical records are shared by people both in and out of the health care industry. These include:

• Insurance companies
• Government agencies
• Medical Information Bureau(MIB)
• Employers
• Subpoenaed for court

Generally, access to your records is obtained when you agree to let others see them. In reality, some situations offer no choice but to agree to the sharing of your health information in exchange for care and to qualify for insurance. Other places where identity may or may not be disclosed are:

• Health care operations, or the evaluations of hospitals or individual physicians
• Public health agencies for health research
• Direct marketers when you participate in informal health screenings

Electronic Medical Records/Electronic Health Records

An electronic medical record (EMR) is a medical record in digital format. In health informatics an Electronic Medical Records(EMR) are considered by some to be one of several types of EHRs (electronic health records), but in general usage EMR and EHR are synonymous.

Adoption of EMRs and other health information technology, such as computer physician order entry (CPOE), has been minimal in the United States. Less than 10% of American hospitals have implemented health information technology, while a mere 16% of primary care physicians use EHRs. The vast majority of healthcare transactions in the United States still take place on paper, a system that has remained unchanged since the 1950s. The healthcare industry spends only 2% of gross revenues on health information technology, which is meager compared to other information intensive industries such as finance, which spend upwards of 10%. The following issues are behind the slow rate of adoption:

Interoperability

In healthcare, interoperability is the ability of different information technology systems and software applications to communicate, to exchange data accurately, effectively, and consistently, and to use the information that has been exchanged.

In the United States, the development of standards for EMR interoperability is at the forefront of the national health care agenda. EMRs, while an important factor in interoperability, are not a critical first step to sharing data between practicing physicians, pharmacies and hospitals. Many physicians currently have computerized practice management systems that can be used in conjunction with health information exchange (HIE), allowing for first steps in sharing share patient information(lab results, public health reporting) which are necessary for timely, patient-centered and portable care. There are currently multiple competing vendors of EHR systems, each selling a software suite that in many cases is not compatible with those of their competitors. Only counting the outpatient vendors, there are more than 25 major brands currently on the market. In 2004, President Bush created the Office of the National Coordinator for Health Information Technology (ONC), originally headed by David Brailer, in order to address interoperability issues and to establish a National Health Information Network (NHIN). Under the ONC, Regional Health Information Organizations (RHIOs) have been established in many states in order to promote the sharing of health information. Congress is currently working on legislation to increase funding to these and similar programs.

The Center for Information Technology Leadership described four different categories (“levels”) of data structuring at which health care data exchange can take place. While it can be achieved at any level, each has different technical requirements and offers different potential for benefits realization.

The four levels are[7]:

1. Non-electronic data
2. Machine transportable data
3. Machine organizable data (structured messages, unstructured content)
4. Machine interpretable data (structured messages, standardized content)

Laws

Medical laws have been put into place for patient privacy protection. Under the Clinton Administration, the Health Insurance Portability and Accountability Act of 1996 was administered. Since then, there have been man amendments to the act, the most noteable being one of Clinton’s last actions as president. On Dec. 28, 2000, Clinton administered changes to the HIPAA of 1996. These changes gave patients unprecedented rights to track their medical files. It implemented new criminal and civil sactions for improper disclosure of medical records and it protects against unauthorized use of medical records for employment purposes. Although this last act gave patients unprecedented access and control of their medical records, some are not satisfied.

Genetic Mapping

More than 40 U.S. states have laws requiring hospitals to make available to insurance companies and researchers certain information about each visit they receive. With this information, hospital records can be obtained and all sorts of genetic testing can be done. This becomes extremely controversial because the laws are vague about what constitutes a research group.

Technology

Bibliography

How Private Is My Medical Information

Health Privacy Stories

Does Government Need to Know if Grandpa Curses?

Hospital Hacked - records stolen

PROTECTING THE PRIVACY OF PATIENTS' HEALTH INFORMATION

HHS ANNOUNCES FINAL REGULATION ESTABLISHING FIRST-EVER NATIONAL STANDARDS TO PROTECT PATIENTS' PERSONAL MEDICAL RECORDS

To amend title 17

Medical Records Privacy

President's Statement on Medical Privacy Information

Guidelines for medical and health information sites on the Internet

Guidelines for the Clinical Use of Electronic Mail with Patients

HPP Resources

Office for Civil Rights - HIPAA

Protecting Privacy In Computerized Medical Information (Office of Technology Assessment): Digest

Who Controls Your Medical Records?

The Medical Information Privacy and Security Act (MIPSA)

Institute for Health Freedom

Medical Net privacy? It's unhealthy

Guard Your Genetic Data from Those Prying Eyes

Should Community Rights Override Individual Rights to Privacy?

Key Elements Needed to Protect Medical Information Privacy

New Electronic Privacy Information Center

New Develop a HIPAA Privacy Policy

New U.S. Privacy Act outdated, hasn't kept up with technology, experts say

New Tech Firms Eye Medical Privacy Market

New Health Insurance Portability and Accountability Act.

New Medical records security at risk

New Electronic medical record

Topic Description

Original Page