Overview of Generally Recognized Patient Privacy Issues

Healthcare Training Resource
July 11, 2013 — 1,157 views  
Become a Bronze Member for monthly eNewsletter, articles, and white papers.

The medical community since the time of Hippocrates has pledged to keep information about patients private and confidential. But with the advent of electronic health records (EHR), it is possible to gain access of electronic health information of a person without his/her knowledge.  This is a breach of a person’s privacy and is known as a patient privacy issue.

General Concepts

The Hippocrates Oath is one of the most popular Greek medical texts.  It requires a physician to swear that he/she will uphold the standards of professional ethics.  The English translation of one of the ethics is what a physician sees or hears in the course of the treatment or in the personal life of his patients should not be disclosed to a third party.  The doctor-patient confidentiality comes into question when there are legal issues or at times of important medical decision making, but without the full and explicit consent of the patient or authorization from law enforcement agencies, a doctor can never break this confidentiality. Currently, there is no legal obligation for new physicians to swear in accordance with the Hippocratic Oath, but research shows that upwards of 90% of new physicians swear the oath in some form or the other.

A few instances where doctor-patient confidentiality is of utmost importance are:

  • Information regarding serious communicable diseases.
  • Information about insurance, employment or other financial records.
  • Information on mental health.
  • Information about drug use.

The Federal Health Insurance Portability and Accountability Act (HIPAA) govern the rules regarding patient confidentiality and health information that may identify a person.  The physician under no circumstance can disclose any confidential information without explicit written consent from the patient.  However, there is an override to this rule in specific situations, for e.g., when disclosure is required by a court order or when a patient threatens to inflict physical harm to another person and there is a reasonable probability of it happening.

Substance Abuse Records

Medical information regarding substance abuse is very sensitive, and there are special statutes and regulations protecting such information.  The Substance Abuse and Mental Health Services Administration (SAMHSA) maintains the regulations in this regard.

The substance abuse records could contain the following:

  • Patient’s name and address
  • Patient’s insurance provider
  • Name of program or facility where the patient is undergoing treatment

Healthcare providers are bound by federal restrictions against disclosure of substance abuse information.

Mental Health Records

Similar to substance abuse, information regarding mental health records is also very sensitive and there are federal restrictions to protect such information.  The Substance Abuse and Mental Health Services Administration (SAMHSA) maintains the regulations in this regard.

The mental health records of a patient could contain the following:

  • Patient’s name, address, or social security number
  • Information regarding the patient’s insurance provider
  • Psychotherapy notes during a session with a psychotherapist
  • Information regarding drugs used

While any information regarding a patient, whether drug abuse records or mental health records, is sensitive and is restricted by federal regulations, with appropriate consent from the patient or a court order, the information may be shared.

Healthcare Training Resource