Question: Who sees my confidential information?
From: Brandon B. of Los Angeles, CA
Answer: The increased use of computerized medical records and intensified scientific research has caused concern about a patient’s right to medical privacy. Information is shared within and between many entities for very legitimate reasons but the opportunity for abuse of private information also exists. The Health Information Portability and Accountability Act (HIPAA) went into effect in 2003 but enforcement began in 1996. Your private physician must determine to whom your medical information may be relayed and in what format. You have probably been asked to complete a form to that effect. You should notify your healthcare provider if a family member or friend may be given information about your condition. You may be very specific in who should receive information and who should not. When you are in a hospital, your medical records may be accessed by your healthcare team, from your nurse to the X-ray technician. To protect your privacy from unauthorized users and staff who are not involved in your care, some hospitals have rules of conduct by which those staff members may be dismissed if they access your records. Remember that there is no guarantee that medical information that you share in a chat room will remain confidential. Healthcare organizations participate in research projects and provide share information on their patients, although you are not identified. If you make healthcare payments by credit card or check, your healthcare providers can be identified. Sharing of this information between financial institutions is not protected by HIPAA.
You may be asked to sign a waiver giving access to your health information by several entities. For example, health insurance companies may request medical information to make a payment or issue a new policy. Government agencies may request records to verify claims through Medicare, Medicaid, Social Security Disability, Workman’s Comp. If you are involved in litigation, relevant medical information may be subpoenaed. Be cautious when signing these authorizations. Make sure you understand to whom the information will be forwarded and how it will be used. Some medical providers will not fax medical records because of the possibility that confidentiality will be breached. An additional note: under the USA Patriot Act and HIPAA regulations, the hospital, physician’s office, pharmacy may ask that records be turned over to government for law enforcement or intelligence purposes.
Ruthann Russo, PhD, JD, MPH, RHIT, is a healthcare expert with more than 20 years of experience working in and advising healthcare organizations.
