Wednesday, September 12, 2007

Violating Patient Confidentiality

If doctors were reimbursed for each time they told a patient to stop smoking, lose weight and/or exercise, their incomes would soar. Unfortunately, such warnings tend to fall on deaf ears. Most patients continue to smoke, eat what they want, and maintain sloth-like lifestyles despite a physician's repeated warnings about the ramifications of such behavior.

Health information managers run into similar problems when trying to warn doctors about violating the confidentiality of the physician/patientrelationship. Newsmagazines have recently aired television programs about the hazards of casually discussing a patient's situation with another physician while in a public space or crowded elevator.

Recent advances in telecommunications equipment are causing a more serious problem. No matter how many times doctors are warned about this situation, they think that the warning must be intended for someone else. Their level of denial is no different than the reckless behavior exhibited by people who thought they could not possibly contract AIDS.

As a doctor, you want to be extremely careful not to violate the confidentiality of the patient/physician relationship while attempting to document patient care. Although a new piece of technology can make your life easier, its use may be accompanied by risk factors which deserve more careful consideration.

The following three incidents illustrate just how vulnerable a hospital or physician can be to pranksters, blackmail, and electronic sabotage:

  • In February 1995, a 13-year-old girl whose mother worked in a hospital admissions office in Jacksonville, Florida accessed the records of several patients who had recently been admitted to the hospital. As a "practical joke," the teenager called the patients' families and informed them that the patients had tested positive for the HIV virus. After only being told that she was HIV positive and had had a positive pregnancy test, one of the "victims" of this prank attempted suicide.

  • Pat Forbis , the former Associate Executive Director of the American Association for Medical Transcription, frequently tells the sobering story of the call she received from a stranger who had managed to hack his way into a hospital's digital dictation system. When this person contacted AAMT to ask if the information he had obtained was worth anything on the street, Forbis kept him on the phone long enough to determine how he had penetrated the hospital's digital dictation system. As soon as the conversation ended, she called the hospital's medical record director and told her about the recent breach in security.

  • On April 5, 1995, Dan Farmer released his computer security software program entitled SATAN (Security Administrators' Tool for Analyzing Networks) onto the Internet, offering it to millions of people without charge or copying restrictions. Developed with co-author Wietse Venema, SATAN offered people with even limited technical prowess the ability to scan and infiltrate UNIX-based computer networks that had not been tightly secured.

Next: Cellular Phones

[Table of Contents] [Cartoons]
[Home] [Exercises] [Worksheets]

No comments: