PCM1: Confidentiality in Modern Medicine

=Confidentiality in Modern Medicine: A Collective Obligation=

Describe the legal concepts governing the patient-physician relationship and the confidentiality of medical information.
While not binding by law, the American Medical Association's Code of Medical Ethics addresses the patient-physician relationship, stating that “the information disclosed to a physician during the course of the patient-physician relationship is confidential to the utmost degree.” Full and frank disclosure of information to a physician is important for effective treatment. Such disclosure can be attained through trust and the knowledge that the physician will protect a patient’s confidentiality.

Legal concepts governing the patient-physician relationship and confidentiality, however, are taken largely from HIPAA, the Health Information Privacy and Accountability Act – and, specifically, the HIPAA Privacy Rule. The Privacy Rule outlines the protection for the privacy of a patient’s individually identifiable health data, referred to as protected health information (PHI). The regulations require that appropriate administrative, technical, and security safeguards be taken to ensure the privacy of protected health information – both written and oral.

HIPAA requires a Notice of Privacy Practices to be distributed to patients at the time of first service delivery. The notice explains how a physician may use and disclose a patient’s information and what rights a patient has with respect to the medical information about him/her.

Delivery of service also requires a patient’s informed consent – a detailed form that acknowledges that the physician has informed the patient of the following (known as “PARQ requirements”):
 * 1) 	Procedure to be undertaken
 * 2) 	Alternatives to procedure
 * 3) 	Risks of the procedure
 * 4) 	Answers to Questions or additional information, as requested by patient


 * Other important concepts from HIPAA Privacy Rules:

a) is created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse b) Relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual.
 * Protected Health Information
 * Any information, whether oral or recorded in any form or medium that:

Standard that requires a physician to make reasonable efforts to limit the amount of protected health information that the physician uses or discloses to the minimum amount that is necessary to accomplish the purpose of the use or disclosure. This requirement does NOT apply when a physician discloses information to another provider or requests information for treatment purposes.
 * Minimum necessary standard

Protected health information should be shared on a “need to know” basis. Unless you need the information as part of your job, you should not be exchanging protected health information.
 * Need to know


 * Common Law Exception to Confidentiality: Tarasoff v. Regents of the University of California (1976) – mentioned in lecture and small group


 * Patient kills ex-girlfriend after disclosing to psychiatrist his intention to do so.
 * Psychiatrist contacts police but not the intended victim.
 * Courts ruled psychiatrist had a duty to warn victim directly.


 * "When a physician determines that a patient presents a serious danger of violence to a specifically identifiable third party, the physician is required to use reasonable care to protect the intended victim even if such steps result in the disclosure of a confidential communication."

Describe the principles that guide confidentiality of medical information
Confidentiality: “a duty to restrict access to a private situation.” Enables full disclosure that allows physician to more effectively treat patient
 * From Dr Potter’s lecture:
 * Guided by the following principles:
 * 1) Protecting patient’s privacy. Privacy protects moral space; patient can be true self
 * 2) Respecting patient and maintaining patient’s dignity. Dignity maintained by avoiding shame/embarrassment.  Implication here is that disclosure of personal information can result in loss of dignity and diminished respect for patient
 * 3) Establish Patient-Physician Trust. Allows personal information to flow freely between patient and physician

Issues of confidentiality could also be guided by four basic ethical concepts/questions:
 * From the Mengel chapter on Medical Ethics (Chapter 26):
 * 1) Beneficence/Non-maleficence: Will the patient be benefitted/harmed?
 * 2) Autonomy: Will the action respect the patient’s privacy/autonomy?
 * 3) Justice: What would be fair in the situation?
 * 4) Virtue: Will an action allow me to remain faithful to my values and ideals, and to those of the medical profession?

"“What I may see or hear in the course of the treatment or even outside of the treatment in regard to the life of men, which on no account one must spread abroad, I will keep to myself holding such things shameful to be spoken about.”"
 * Values of the Medical Profession, as a whole, also guide patient confidentiality:
 * 1) Hippocratic Oath. Classical version

"“I will respect the privacy of my patients, for their problems are not disclosed to me that the world may not.”" "“I will respect the secrets which are confided in me, even after the patient has died”"
 * 1) Modern version
 * 1) Declaration of Geneva, adopted by General Assembly of World Medical Association. (Declaration of physician’s dedication to humanitarian goals of medicine)

*Principle IV: “A physician shall respect the rights of patients, colleagues, and other health professionals, and shall safeguard patient confidences and privacy within the constraints of the law.
 * 1) Principles of Medical Ethics, adopted by American Medical Association
 * Principle VIII: “A physician shall, while caring for a patient, regard responsibility to the patient as paramount.”

Describe the process for appropriately releasing medical records.
(The lecture and assigned readings for this week don’t explicitly outline a process for medical record release. I compiled the following using the HIPAA and Confidentiality excerpts.)

A physician may always disclose protected health information to another physician or other health care provider for treatment. Disclosure is OK under any method of communication – email, oral conversations, written letters, facsimiles, as long as physician uses “reasonable and appropriate safeguards” to protect communication.
 * Releasing medical records to physicians or other health care providers:
 * EXCEPTION: Mental health professional’s personal psychotherapy notes – may be disclosed ONLY with patient’s authorization
 * Releasing medical records to non-health care providers: If not disclosing to a physician or health care provider OR to the patient, you MUST get patient’s explicit consent and follow “minimum necessary” standard. If the patient is not a minor, there is no specific right to discuss medical treatment with family members or close friends.
 * EXCEPTIONS: Non-patients who are authorized to release or obtain a patient’s records. Parents or legal guardian, if patient is a minor (person under 18).  If minor is 15 or over, the minor can consent to his own medical treatment, and it’s up to physician to choose whether to defer decisions to the minor or to the parents.
 * Power of attorney for health care – legal document designating a particular person to make medical decisions for patient in the event that patient is incapacitated.


 * Disclosures without consent
 * Applies to government authorities as permitted or required by law, to investigate or regulate health related issues such as child abuse, communicable diseases, and prescription drugs.
 * “Duty to Protect”: When physician determines that a patient presents a serious danger of violence to an identifiable 3rd party and that disclosure can be used to protect victim (Tarasoff case).

As a general rule, HIV information should not be disclosed to any person other than colleague providing care to patient and who reasonably needs to know about the condition in order to provide care.
 * HIV information