 |
 |
 |
 |
|
|
|
||||||||||||||||||||||||||||||||||||||||||
President's Page
December 2006
Hurrican John, part II
Grappling with privacy in medical technology
2006 DCMS PresidentOnce we had completed our preparations for the storm, we had nothing to do but wait, pray, and read a novel. I picked up a Robin Cook novel titled “Marker” to help pass the time. Dr Cook is a physician who has written many novels, but this was my first time to read one of them. Briefly, the plot evolved around the mysterious deaths of post-operative healthy people who underwent relatively minor surgery. The cases were all in hospitals owned by the same healthcare company. The final explanation of the deaths involved blood test “markers” the patients had that indicated they later would require extensive treatments and cost the company significant funds. So, the patients were expunged.
You say this is only a novel and nothing like this could happen in the real world, and I agree. As we move toward implementing the electronic medical record, the issues of privacy and accuracy become more important. Access to these records through regional information technology will enhance the opportunity for error.
We hear every day about thefts of computers that contain personal information about financial issues and medical issues. The DCMS committee working on development of a RHIO (Regional Health Information Organization) struggles with the privacy issue, and this must be overcome before a RHIO will be widely accepted.
The AMA raised concerns about these issues in a statement to the US House of Representatives. “Forming a national health information infrastructure without adequate federal privacy protection threatens not only the privacy of patients but also the viability of such a system.” The legislation the House passed did not include any additional safeguards. The health information technology bill approved in November of 2005 also does not include any additional privacy protection. Most physicians are not happy about the HIPAA requirements, but they may be meager compared to the requirements of the electronic medical record.
The possibility of identity theft also complicates the privacy issues. For example, a patient presented at a Dallas-area hospital in labor. She showed a valid insurance card and identification. She received care appropriately. Only after she was discharged was it discovered that the ID was stolen from another individual. The victim of the theft had to prove to the hospital that she did not owe the charges not covered by insurance and to prove to the insurance company that she had not received the care regarding that claim.
The Dallas Morning News (10/9/06) has enumerated the many facets of ID theft and medical records. Erroneous information also can put careers and insurance at risk. Many employers demand access to medical records when making hiring, promotion, or benefits decisions. Health and life insurance companies routinely scan medical files or payout reports before issuing new policies. Medical records can be scattered across dozens of physicians’ offices, hospitals, and clinics. Federal privacy rules intended to protect private information can make it difficult for patients to obtain their own records when theft is suspected.
The same Dallas Morning News article detailed the case of a woman who was threatened with losing her children because her hospitalized infant had tested positive for methamphetamine. The woman had not delivered a baby in two years. Her driver’s license had been stolen and the thief used her identification when she delivered a baby. She had to hire an attorney to disentangle the legal and medical records, and she still is fighting a collection agency over the medical bill.
The Aug 10, 2006, New England Journal of Medicine discussed several issues regarding genetic privacy. The direct-to-consumer marketing of genetic testing allows the consumer to order tests with a credit card and a few clicks of a computer mouse. They can order a test for the BRCA1 or BRCA2 genes, or hundreds of other diagnostic assays—all without involving their physician or health plan. Proponents laud the promise of anonymity to consumers. Critics counter that the testing companies exploit the consumers and frequently do not offer adequate counseling necessary to understand the results. Consumers may find themselves ineligible for life insurance if they report a genetic predisposition for a disease or the policy may be voided if the company discovers the consumer failed to disclose the test results. Furthermore, unlike physicians, hospitals, and laboratories, the companies that offer online testing services are not subject to HIPAA regulations.
When DNA testing is done and the samples are collected and stored, violation of genetic privacy likely will follow. People give up more than they realize when they hand over their DNA. Consent forms typically contain a provision permitting the researchers to retain and reanalyze DNA. The DNA samples would become the property of the researchers, who can control the sample for their own benefit. Our DNA is not like our credit cards--we cannot simply get a new number. As long as someone has our identifiable DNA sample, they can learn things about us we may not know, may not want to know, and do not want others to know.
The EMR is an important advance and has many patient safety features. Physicians should promote and accept its implementation quickly, but DO NOT accept any system that does not ensure safeguards for patient privacy.
List of Past President Pages
Home | Who
We Are | Membership | DCMS
In Action | Communications
| Community Service
Products & Services
| Business of Medicine | Legislative
Issues | Physician
Finder | DMJ On-Line
 |
Copyright © 1997-2004, Dallas
County Medical Society. Information contained in this site does not constitute
legal or medical advice. |
