| In 1818, British author Mary Shelley's tale of Dr. | | | | treat patients and offer advice. No longer are |
| Frankenstein's infamous creation startled and | | | | there barriers to the efficient exchange of health |
| captivated a receptive audience. Just as the | | | | information and critical life-saving medical |
| macabre, but resourceful, doctor created life from | | | | information. In addition to the many benefits of |
| non-life that terrorized the local countryside, we | | | | cyber access to medical information, there are |
| have created a "cyberspace monster" that "lives" | | | | also serious threats to our personal privacy and |
| and knows no boundaries. It may not actually | | | | our medical information. |
| terrorize us, but we are likewise captivated by it. | | | | The intense interest for the protection and |
| It profoundly influences and impacts our everyday | | | | privacy of medical information is driven by two |
| activities, but it is also out of control and has | | | | major developments. The first is the growth of |
| spawned many controversial issues involving free | | | | electronic medical record keeping that has |
| speech, censorship, intellectual property, and | | | | replaced paper records. A report from the |
| privacy. The free market and society norm may, | | | | National Academy of Sciences states that the |
| in some measure, be capable of regulating these | | | | healthcare industry spent between $10 and $15 |
| issues and eventually help allay many of our | | | | billion on information technology in 1996 (Mehlman, |
| concerns. A major and controversial concern that | | | | 1999). This was the year that the Health |
| requires additional discussion is safeguarding the | | | | Insurance Portability and Accountability Act was |
| confidentiality of private medical information. | | | | passed with most of the expenditure attributed |
| Expectations of Privacy and Private Medical | | | | to converting hard-copy information to electronic |
| Information | | | | formats.Electronic medical records (EMRs) present |
| According to attorney and privacy law specialist, | | | | a significant threat to maintaining the privacy of |
| Ronald B. Standler, "Privacy is the expectation | | | | patient-identifiable medical information. This medical |
| that confidential personal information disclosed in a | | | | information can be retrieved instantaneously by |
| private place will not be disclosed to third parties, | | | | anyone with access and passwords. Although |
| when that disclosure would cause either | | | | hard-copy medical information can be easily |
| embarrassment or emotional distress to a person | | | | copied, electronic records are much more easily |
| of reasonable sensitivities" (Standler, 1997). | | | | copied and transmitted without boundaries. |
| Another theorist, Ruth Gavison, defines privacy as | | | | The second major development that concerns |
| "the limitation of others' access to an individual | | | | the privacy of patient information is the overall |
| with three key elements: secrecy, anonymity, and | | | | growth of managed care organizations. There is a |
| solitude." Secrecy or confidentiality deals with the | | | | demand for an unprecedented depth and breath |
| limits of sharing knowledge of oneself. Anonymity | | | | of personal medical information by an increasing |
| deals with unwanted attention solitude refers to | | | | number of players. In contrast to traditional |
| being apart from others (Spinello, 2003). Basically, | | | | fee-for-service healthcare, the provider of care |
| we want to protect the integrity of who we are, | | | | and the insurer can be the same entity. In this |
| what we do, and where we do it. Regardless of | | | | situation, any medical information in the possession |
| our definition, the right of privacy usually concerns | | | | of the provider is also known to the insurer. This |
| individuals who are in a place reasonably expected | | | | is common in all forms of managed care, but |
| to be private. Information that is public record, or | | | | most evident in closed-panel HMOs. This sharing of |
| voluntarily disclosed in a public place, is not | | | | information increases the fear that the insurer |
| protected. | | | | may use the data to limit benefits or terminate |
| The open architecture of the modern | | | | insurance coverage (Mehlman, 1999). |
| phenomenon that we call the Internet raises very | | | | Some managed care companies are reporting |
| unique ethical concerns regarding privacy. | | | | private medical information to an extreme in |
| Information is sent effortlessly over this vast | | | | requiring providers to report to case managers |
| global network without boundaries. Personal | | | | within twenty-four hours any case that is |
| information may pass through many different | | | | considered a high risk potential for the client, a |
| servers on the way to a final destination. There | | | | second party, the employer, or the managed care |
| are virtually no online activities or services that | | | | company. Examples include such things as possible |
| guarantee absolute privacy. It is quite easy to be | | | | danger to self or others, suspected child abuse, |
| lulled into thinking your activity is private when | | | | potential threats to national security or the client |
| actually many of these computer systems can | | | | organization, client's request for records, complaint |
| capture and store this personal information and | | | | about Employee Assistance Program services or |
| actually monitor your online activity (Privacy | | | | threat of a lawsuit, and potential involvement in |
| Rights Clearinghouse, 2006). The Net's underlying | | | | litigation including confession or knowledge of |
| architecture is designed to share information and | | | | criminal activity. No mention is made concerning |
| not to conceal or protect it. Even though it is | | | | client privacy or rights regarding the release of |
| possible to develop an adequate level of security, | | | | this information. Nothing is also said about what will |
| with an acceptable risk level, it is at enormous | | | | be done with the information that is shared |
| cost and considerable time. | | | | (Clifford, 1999). |
| Medical records are among the most personal | | | | Another issue with managed care companies is |
| forms of information about an individual and may | | | | the large volume of data processed and the |
| contain medical history, lifestyle details (such as | | | | carelessness in handling medical information. A |
| smoking or participation in high-risk sports), test | | | | salient example deals with lost records as noted in |
| results, medications, allergies, operations and | | | | a 1993 survey sample of San Francisco Bay Area |
| procedures, genetic testing, and participation in | | | | psychologists. In this survey, 59% of reports |
| research projects.The protection of this private | | | | were mailed or faxed to wrong persons, charts |
| medical information falls under the area of medical | | | | accidentally switched, or proper authorization not |
| ethics. The realm of medical ethics is to analyze | | | | obtained (Clifford, 1999). |
| and resolve ethical dilemmas that arise in medical | | | | Maintaining and Protecting Electronic Private Medical |
| practice and biomedical research. Medical ethics is | | | | Information |
| guided by strict principles or standards that | | | | In order to maintain and protect valued private |
| address: Autonomy, Beneficence, Nonmaleficence, | | | | medical information, we must always be vigilant |
| Fidelity, and Justice (Spinello, 2003). The principle of | | | | and proactive. Basic steps can be taken prior to |
| Autonomy includes a person's right to be fully | | | | using electronic information sharing. For example, |
| informed of all pertinent information related to his | | | | when signing a "Release of Information" form, |
| her healthcare. A discussion of medical ethical | | | | read everything carefully. If not clearly |
| principles and patient rights leads us to further | | | | understood, ask questions. Also, remember that |
| discuss legislation designed to maintain and protect | | | | HIPAA grants you the right to request that your |
| these cherished rights. | | | | healthcare provider restrict the use or disclosure |
| Access to Private Medical Information and the | | | | of your medical information. Make sure those who |
| Health Insurance Portability and Accountability Act | | | | ask for information are properly identified and |
| of 1996Since 400 B.C. and the creation of the | | | | authorized to collect this information. Finally, make |
| Hippocratic Oath, protecting the privacy of patient | | | | sure that the person collecting information uses at |
| medical information has been an important part of | | | | least two "identifiers" to ensure proper |
| the physician' code of conduct. Unfortunately, | | | | identification of patient (e.g. name, last four of |
| many organizations and individuals not subject to | | | | social security number, address, telephone, |
| this strict code of conduct are increasingly | | | | number, birth date etc. |
| requesting this private information.Every time a | | | | When dealing with electronic and computerized |
| patient sees a doctor, is admitted to a hospital, | | | | medical information, the situation gets more |
| goes to a pharmacist, or sends a claim to a | | | | tenuous and much more complex. Secure |
| healthcare plan, a record is made of their | | | | networks and websites, passwords, firewalls, and |
| confidential health information. In the past, all | | | | anti-virus software, are unquestionably the first |
| healthcare providers protected the confidentiality | | | | steps in a plan of protection. Passwords must be |
| of medical records by locking them away in file | | | | complex, using numbers, letters, and cases, yet |
| cabinets and refusing to reveal them to anyone | | | | also easily remembered. To maintain security, |
| else. Today, we rely on "protected" electronic | | | | experts suggest that passwords be changed |
| records and a complicated series of laws to | | | | every 90 days or if they are believed to be |
| maintain our confidential and private medical | | | | compromised. In addition, any private medical |
| records. | | | | information sent on the NET or non-secure |
| Congress duly recognized the need for national | | | | networks should be encrypted. Encryption (64 or |
| patient record privacy standards in 1996 when | | | | 128 bit) is translating information into a secret |
| they enacted the Health Insurance Portability and | | | | code where a key or password is required to |
| Accountability Act HIPAA). This act was effective | | | | read the information. |
| April 14, 2003 (small health plans implementation | | | | Further security is provided by using privacy |
| date was April 14, 2004) and was meant to | | | | enhancing P3P frameworks, filtering software (e.g. |
| improve the efficiency and effectiveness of the | | | | MIMESweeper), message authentication codes |
| nation's healthcare system. For the first time, | | | | "(MACs), and "digital signatures." The Platform for |
| federal law established standards for patient | | | | Privacy Preferences Project (P3P) is a |
| medical record access and privacy in all 50 states. | | | | technological framework that uses a set of |
| The act includes provisions designed to save | | | | user-defined standards to negotiate with websites |
| money for health care businesses by encouraging | | | | regarding how that user's information will be used |
| electronic transactions, but it also required new | | | | and disseminated to third parties (Spinello, 2003). |
| safeguards to protect the security and | | | | This P3P architecture helps define and improve |
| confidentiality of that information (Diversified | | | | cyberethics, improves accessibility, improves |
| Radiology of Colorado, 2002). | | | | consistency, and increases the overall trust in |
| There are three essential parts to HIPAA: Privacy, | | | | using cyberspace. MACs utilize a common key |
| Code Sets, and Security. The Security section is | | | | that generates and verifies a message whereas |
| further subdivided into four parts: Administrative | | | | digital signatures generally use two |
| Procedures, Physical Safeguards, Technical | | | | complementary algorithms - one for signing and |
| Security Services (covering "data at rest"), and | | | | the other for verification. |
| Technical Security Mechanisms (covering "data in | | | | There has also some creative technology |
| transmission"). | | | | proposed for maintaining and protecting private |
| PRIVACY: | | | | medical information. In October 2004, the |
| The intent of the HIPAA regulations is to protect | | | | "VeriChip" was approved by the FDA for |
| patients' privacy and allow patients greater access | | | | implantation into the triceps of patients. The chip |
| to their medical records. The Act specifically | | | | is about the size of a grain of rice and is inserted |
| addresses patients' Protected Health Information | | | | under the skin during a 20-minute procedure. This |
| (PHI) and provides patients with greater access to | | | | invisible chip stores a code that can scanned to |
| and modification of their medical records. Prior to | | | | further release a patient's private medical |
| providing patient services, the Covered Entity | | | | information. This code is then used to download |
| must first receive the patient's consent to share | | | | encrypted medical information. The procedure |
| PHI with such organizations as the insurance billing | | | | cost is about $150-200 (MSNBC, 2004). |
| company, the billing office, and physicians to which | | | | Another more commonly used medical |
| the patient may be referred. Individuals must be | | | | information tool is the "smart card," a credit card |
| able to access their records, request correction of | | | | sized device with a small-embedded computer |
| errors, and they must be informed of how their | | | | chip. This "computer in a card" can be |
| personal information will be used. Individuals are | | | | programmed to perform tasks and store |
| also entitled to file formal privacy-related | | | | important information. During an emergency, |
| complaints to the Department of Health and | | | | paramedics and emergency rooms equipped with |
| Human Services (HHS) Office for Civil Rights. | | | | smart card readers can rapidly access potentially |
| CODE SETS: | | | | life-saving information about a patient, such as |
| Under HIPAA, codes are standardized to improve | | | | allergies to medication, and chronic medical |
| safety and security of health information. | | | | conditions. There are different types of smart |
| According to these new standards, a code set is | | | | cards: memory cards, processor cards, electronic |
| any set of codes used for encoding data | | | | purse cards, security cards, and JavaCards. These |
| elements, such as tables of terms, medical | | | | cards are tamper-resistant, can be PIN protected |
| diagnosis codes, procedure codes, etc. | | | | or read-write protected, can be encrypted, and |
| SECURITY: | | | | can be easily updated. These unique features |
| The security section is divided into four major | | | | make smart cards advantageous for storing |
| parts: | | | | personal medical information and are popular |
| 1. Administrative, which requires documented | | | | throughout the world. In Germany and Austria, 80 |
| formal practices, the execution of security | | | | million people have the capability of using these |
| measures to protect data, policies and procedures | | | | smart cards when they visit their doctor |
| regulating conduct of personnel in protecting data, | | | | (Cagliostro, 1999). |
| security training, incident procedures, and | | | | There is also a recent proposed government plan |
| termination policies. | | | | to create a national system of electronic health |
| 2. Physical Safeguards relate to the protection of | | | | records (EHRs). Details include the building of a |
| physical computer systems, network safeguards, | | | | National Health Information Network that will |
| environmental hazards, and physical intrusion. One | | | | electronically connect all patients' medical records |
| must consider computer screen placement, pass | | | | to providers, insures, pharmacies, labs, and claim |
| code protection, and computer locks to control | | | | processors. The sharing of vital information could |
| access to medical information. | | | | improve patient care, include more accurate and |
| 3. Technical Security Services refers to PHI | | | | timely substantiation of claims, and be an asset to |
| stored on the computer network and how it is | | | | public health in emergencies. The goal is to have it |
| securely stored and accessed. Those using the | | | | operational by 2009. Even with laudatory goals of |
| PHI must be logged on and authenticated. An | | | | saving money, making medical care more |
| audit trail of authenticated access will be | | | | efficient, and decreasing drug reactions and |
| maintained for 6 years. | | | | interactions, there are still inherent dangers to this |
| 4. Technical Security Mechanisms refers to PHI | | | | national plan. There are valid concerns that |
| transmitted over a communication network such | | | | pharmaceutical companies may attempt to |
| as the Internet, frame relay, VPN, private line, or | | | | market a new drug or device for your specific |
| other network. PHI transmitted over a | | | | medical condition. There are also strong worries of |
| communication network must be encrypted. | | | | exploitation and abuse of personal data. Who will |
| There are also some noticeable shortcomings to | | | | monitor access to the information? There are also |
| HIPAA. The act did little to actually make health | | | | concerns that lenders or employers may rely on |
| insurance more "portable" when an employee | | | | private medical information to make business |
| changes employers. Also, the Act did not | | | | decisions. Then there is always the ever present |
| significantly increase the health insurers' | | | | fear of hackers and pranksters retrieving your |
| accountability for wrongdoing with provisions that | | | | personal information. There are still so many |
| are often difficult to monitor and enforce. There | | | | questions unanswered (Consumer Reports.org, |
| is also much confusion for patients, as well as | | | | 2006). |
| healthcare providers, in regard to the | | | | In conclusion, we are now stuck with a |
| interpretation of the act (Diversified Radiology of | | | | "Cyberspace Monster" and all of its advantages |
| Colorado, 2002). | | | | and shortcomings. When we use cyberspace, we |
| Other Laws, Regulations, and Decisions Regarding | | | | can have no expectations of privacy and we |
| Private Medical Information | | | | must accept a level of risk. Therefore, when |
| Besides HIPAA, there are important state | | | | transmitting and sharing private medical |
| regulations and laws, and federal laws and legal | | | | information, we must be always aware to take |
| decisions, concerning the privacy and | | | | precautions in safeguarding our privacy as much |
| confidentiality of medical information (Clifford, | | | | as possible by using secure networks, P3P |
| 1999): | | | | architecture, passwords, firewalls, encryption, |
| The Privacy Act of 1974 limits governmental | | | | message codes, digital signatures, and devices like |
| agencies from sharing medical information from | | | | smart cards and "VeriChips." Medical records are |
| one agency to another. Congress declared hat | | | | among the most personal forms of information |
| "the privacy of an individual is directly affected by | | | | about an individual, but we are challenged to find a |
| the collection, maintenance, use and dissemination | | | | balance between society's interest in protecting |
| of personal information ...," and that "the right to | | | | medical confidentiality and the legitimate need for |
| privacy is a personal and fundamental right | | | | timely access to critical medical information |
| protected by the Constitution of the United | | | | especially with fears of influenza pandemics and |
| States ..." (Parmet, 2002). | | | | bioterrorism. When this information is transferred |
| The Alcohol and Drug Abuse Act, passed in 1988, | | | | into electronic format, we have heightened |
| establishes confidentiality for records of patients | | | | concerns about maintaining and protecting this |
| treated for alcohol or drug abuse (only if they are | | | | private data. With managed care, there is a |
| treated in institutions that receive federal funding). | | | | demand for an unprecedented depth and breath |
| The Americans with Disabilities Act, passed in | | | | of personal medical information by an increasing |
| 1990, prohibits employers from making | | | | number of players. While the HIPAA provisions |
| employment-related decisions based on a real or | | | | are a welcomed start in protecting our private |
| perceived disability, including mental disabilities. | | | | medical information, we must remain vigilant of |
| Employers may still have access to identifiable | | | | the ever increasing need to protect this special |
| health information about employees for | | | | information. |
| reasonable business needs including determining | | | | References: |
| reasonable accommodations for disabled workers | | | | Cagliostro, C. (1999) Smart card primer. |
| and for addressing workers compensation claims. | | | | Clifford, R. (1999) Confidentiality of records and |
| Supreme Court decision in Jaffee v. Redmond: On | | | | managed care legal and ethical issues. |
| June 13, 1996, the Court ruled that there is a | | | | Consumer Reports.org (2006). The new threat to |
| broad federal privilege protecting the confidentiality | | | | your medical privacy. |
| of communication between psychotherapists and | | | | Diversified Radiology of Colorado (2002) History: |
| their clients. The ruling applies to psychiatrists, | | | | HIPAA general information. |
| psychologists and social workers. | | | | Mehlman, M. J. (1999) Emerging issues: the privacy |
| Freedom and Privacy Restoration Act of 1999: | | | | of medical records. |
| Designed to prohibit the creation of government | | | | MSNBC (2004) FDA approves computer chip for |
| unique medical ID numbers. | | | | humans. |
| Managed Care and Cyber Threats to Private | | | | Parmet, W. E. (2002) Public health protection and |
| Medical Information | | | | privacy of medical records. |
| The introduction of the Internet and the advances | | | | Privacy Rights Clearinghouse (2006) Internet |
| in telecommunications technology over the last | | | | privacy resources. |
| two decades allows us to access vast amounts | | | | Spinello, R. A. (2003) CyberEthics: Morality and law |
| of medical information, regardless of time, | | | | in cyberspace. Jones and Bartlett Publishers, |
| distance, or remoteness, with relative ease. This | | | | Sudbury, MA |
| cyber access to medical information has | | | | Standler, R. B. (1997) Privacy law in the USA. |
| profoundly changed how healthcare providers | | | | |