August 12, 2013
This paper will discuss about the concept of confidentiality and electronic health information. It will also discuss the efforts undertaken to safeguard confidentiality. Additionally, this paper will look at confidentiality and public health. Lastly it will address some of the implications of the current literature surrounding confidentiality.
In 1997, Judi Selig, a secretary for a South Carolina machinery firm, probably did not anticipate her employer's reaction to her medical history. When her employer discovered that Ms. Selig had been exposed to hepatitis several years before, they demanded that she undergo a blood test and sign a medical release form so that the doctors in the employer's health plan could access her records. When Ms. Selig consented to the test but refused to sign the release form, her employer punished her by suspending her for a week without pay. Ms. Selig quit the company mainly because it threatened her privacy. Since then there have been steps taken to assure that patient privacy and confidentiality continues to be upheld. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was passed by Congress which created a deadline of August 21, 1999 for comprehensive Federal privacy legislation to be passed. Congress failed to act by that date, so the Secretary of Health and Human Services was required by HIPAA to issue regulations establishing Federal privacy standards by February 21, 2000. The concept of confidentiality and the ethos of confidentiality derive from privacy interests of the patient. Privacy, generally described as "the right to be let alone" is likened to autonomy, the ability to control one's destiny and limit others' physical access to one's person or to information about oneself. Confidentiality is a distinctive aspect of privacy in that it arises only within a special relationship, such as a physician-patient relationship. While anyone may be liable for invading a person's privacy only those with information derived from a special confidential relationship have a duty to maintain its confidentiality, to not share it without the person's permission or in the absence of a compelling reason to do so. Thus, confidentiality protects informational privacy interests by requiring recipients of information deemed confidential to restrict access to that information. In the past few people other than physicians were in a position to harm a patient's interest in his/her medical information. Parties not under a physician's direct supervision were not likely to have access to medical or related financial records, for physicians were the de facto custodians of medical records, and payment did not involve a third party. In 1982 as few as 25 and as many 100 health professionals and administrative personnel had access to patients' record and that each of them had a legitimate need and a professional responsibility to open and use those charts. Throughout the years those numbers have gone up, not down. The electronic health information systems, in particular, that have proliferated in the past ten to twenty years may be particularly vulnerable to improper or abusive dissemination of health and related information, including risk of appropriation of critical unique identifiers and financial information. Vast quantities of medical and other personal information are now stored in cyberspace. This information can be accessed by large numbers of health care workers, both physicians and non-physicians, and transferred in a matter of nanoseconds, posing the risk of inappropriate intrusion into highly sensitive personal information.
Safeguarding confidentiality has gone a long way. The Privacy Act of 1974, 5 U.S.C. § 552a, established a code of fair information practices that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is