Jump to content

Medical privacy

From Wikipedia, the free encyclopedia

Medical privacy, or health privacy, is the practice of maintaining the security and confidentiality of patient records. It involves both the conversational discretion of health care providers and the security of medical records. The terms can also refer to the physical privacy of patients from other patients and providers while in a medical facility, and to modesty in medical settings. Modern concerns include the degree of disclosure to insurance companies, employers, and other third parties. The advent of electronic medical records (EMR) and patient care management systems (PCMS) have raised new concerns about privacy, balanced with efforts to reduce duplication of services and medical errors.[1][2]

Most developed countries including Australia,[3] Canada, Turkey, the United Kingdom, the United States, New Zealand, and the Netherlands have enacted laws protecting people's medical health privacy. However, many of these health-securing privacy laws have proven less effective in practice than in theory.[4] In 1996, the United States passed the Health Insurance Portability and Accountability Act (HIPAA) which aimed to increase privacy precautions within medical institutions.[5]



The history of medical privacy traces back to the Hippocratic Oath, which mandates the secrecy of information obtained while helping a patient.

Before the technological boom, medical institutions relied on the paper medium to file individual medical data. Nowadays, more and more information is stored within electronic databases. Research indicates that storing information on paper is safer because it is more difficult to physically steal, whereas digital records are vulnerable to hacker access.

In the early 1990s, to address healthcare privacy issues, researchers explored using credit cards and smart cards to enable secure access to medical information, aiming to mitigate fears of data theft. The "smart" card allowed the storage and processing of information to be stored in a singular microchip, yet people were fearful of having so much information stored in a single spot that could easily be accessed.[6] This "smart" card included an individual's social security number as an important piece of identification that can lead to identity theft if databases are breached.[6] Additionally, there was the fear that people would target these medical cards because they have information that can be of value to many different third parties, including employers, pharmaceutical companies, drug marketers, and insurance reviewers.[6]

In response to the lack of medical privacy, there was a movement to create better medical privacy protection, but nothing has been officially passed. The Medical Information Bureau was thus created to prevent insurance fraud, yet it has since become a significant source of medical information for over 750 life insurance companies; thus, it is very dangerous as it is a target of privacy breaches.[6] Although the electronic filing system of medical information has increased efficiency and administration costs have been reduced, there are negative aspects to consider. The electronic filing system allows for individual information to be more susceptible to outsiders; even though their information is stored on a singular card. Therefore, the medical card serves as a false sense of security as it does not protect their information completely.

Patient care management systems (PCMS)


With the technological boom, there has been an expansion of the record filing system and many hospitals have therefore adopted new PCMS.[1] PCMS store large amounts of medical records, and hold the personal data of many individuals. These have become critical to the efficiency of storing medical information because of the high volumes of paperwork, the ability to quickly share information between medical institutions, and the increased mandatory reporting to the government.[1] PCMS have ultimately increased the productivity of data record utilization and have created a large dependence on technology within the medical field.

It has also led to social and ethical issues because basic human rights are considered to be violated by the PCMS, since hospitals and health information services are now more likely to share information with third-party companies.[1] Thus, there needs to be a reformation to specify which hospital personnel have the access to medical records. This has led to the discussion of privacy rights and created safeguards that will help data keepers understand situations where it is ethical to share an individual's medical information, provide ways for individuals to gain access to their own records, and determine who has ownership of those records.[1] Additionally, it is used to ensure that a person's identity is kept confidential for research or statistical purposes and to understand the process to make individuals aware that their health information is being used.[1] Thus, a balance between privacy and confidentiality must be kept in order to limit the amount of information disclosed and protect patients' rights by safeguarding sensitive information from third parties.

Electronic Medical Records (EMR)

Sample view of an electronic health record in action.

Electronic medical records are a more efficient way of storing medical information, yet there are many negative aspects of this type of filing system as well. Hospitals are willing to adopt this type of filing system only if they are able to ensure that the private information of their patients is sufficiently protected.[2]

Researchers have found that U.S. state legislation and regulation of medical privacy laws reduce the number of hospitals that adopt EMR by more than 24%.[2] This is due to decreasing positive network externalities that are created by additional state protections.[2] With increases in restrictions against the diffusion of medical information, hospitals have neglected to adopt the new EMRs because privacy laws restrict health information exchanges. With decreasing numbers of medical institutions adopting the EMR filing system, the U.S. government's plan of a national health network has not been fully recognized.[2] The national network will ultimately cost US$156 billion in investments, yet in order for this to happen, the U.S. government needs to place a higher emphasis on protecting individual privacy.[2] Many politicians and business leaders find that EMRs allow for more efficiency in both time and money, yet they neglect to address the decreasing privacy protections, demonstrating the significant trade-off between EMRs and individual privacy.[2]

Privacy and Electronic Health Records (EHR)


The three goals of information security, including electronic information security, are confidentiality, integrity, and availability. Organizations are attempting to meet these goals, referred to as the C.I.A. Triad, which is the "practice of defending information from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction."[7]

In a 2004 editorial in the Washington Post, U.S. Senators Bill Frist and Hillary Clinton supported this observation, stating "[patients] need...information, including access to their own health records... At the same time, we must ensure the privacy of the systems, or they will undermine the trust they are designed to create". A 2005 report by the California Health Care Foundation found that "67 percent of national respondents felt 'somewhat' or 'very concerned' about the privacy of their personal medical records".

The importance of privacy in electronic health records became prominent with the passage of the American Recovery and Reinvestment Act (ARRA) in 2009. One of the provisions (known as the Health Information Technology for Economic and Clinical Health [HITECH] Act) of the ARRA mandated incentives to clinicians for the implementation of electronic health records by 2015.Privacy advocates in the United States have raised concerns about unauthorized access to personal data as more medical practices switch from paper to electronic medical records.[citation needed] The Office of the National Coordinator for Health Information Technology (ONC) explained that some of the safety measures that EHR systems can utilize are passwords and pin numbers that control access to such systems, encryption of information, and an audit trail to keep track of the changes made to records.[citation needed]

Providing patient access to EHRs is strictly mandated by HIPAA's Privacy Rule. One study found that each year there are an estimated 25 million compelled authorizations for the release of personal health records. [citation needed]. Researchers, however, have found new security threats open up as a result. Some of these security and privacy threats include hackers, viruses, worms, and the unintended consequences of the speed at which patients are expected to have their records disclosed while frequently containing sensitive terms that carry the risk of accidental disclosure.[8]

These privacy threats are made more prominent by the emergence of "cloud computing", which is the use of shared computer processing power.[9] Health care organizations are increasingly using cloud computing as a way to handle large amounts of data. This type of data storage, however, is susceptible to natural disasters, cybercrime and technological terrorism, and hardware failure. Health information breaches accounted for the 39 percent of all breaches in 2015. IT Security costs and implementations are needed to protect health institutions against security and data breaches.[10]

Health screening cases


Although privacy issues with the health screening is a great concern among individuals and organizations, there has been little focus on the amount of work being done within the law to maintain the privacy expectation that people desire.[11] Many of these issues lie within the abstractness of the term "privacy" as there are many different interpretations of the term, especially in the context of the law.[11] Prior to 1994, there had been no cases regarding screening practices and the implications towards an individual's medical privacy, unless it was regarding HIV and drug testing.[11] Within Glover v Eastern Nebraska Community Office of Retardation, an employee sued her employer against violating her 4th amendment rights because of unnecessary HIV testing.[11] The court ruled in favor of the employer and argued that it was unreasonable search to have it tested. However, this was only one of the few precedents that people have to use. With more precedents, the relationships between employees and employers will be better defined. Yet with more requirements, testing among patients will lead to additional standards for meeting health care standards.[11] Screening has become a large indicator for diagnostic tools, yet there are concerns with the information that can be gained and subsequently shared with other people other than the patient and healthcare provider

Third party issues


One of the main dangers to an individual's privacy are private corporations because of the profits they can receive from selling seemingly private information.[12] Privacy merchants are made up of two groups - one that tries to collect people's personal information while the other focuses on using client's information to market company products.[12] Subsequently, privacy merchants purchase information from other companies, such as health insurance companies, if there is not sufficient information from their own research.[12] Privacy merchants target health insurance companies because, nowadays, they collect huge amounts of personal information and keep them in large databases. They often require patients to provide more information that is needed for purposes other than that of doctors and other medical workers.[12]

Additionally, people's information can be linked to other information outside of the medical field. For example, many employers use insurance information and medical records as an indicator of work ability and ethic.[12] The selling of privacy information can also lead employers to make much money; however, this happens to many people without their consent or knowledge.

Within the United States, in order to define clear privacy laws regarding medical privacy, Title 17 thoroughly explains the ownership of one's data and adjusted the law so that people have more control over their own property.[13] The Privacy Act of 1974 offers more restrictions regarding what corporations can access outside of an individual's consent.[13]

States have created additional supplements to medical privacy laws. With HIPAA, many individuals were pleased to see the federal government take action in protecting the medical information of individuals. Yet when people looked into it, there was proof that the government was still protecting the rights of corporations.[13] Many rules were seen as more of suggestions and the punishment for compromising the privacy of its patients were minimal.[13] Even if release of medical information requires consent, blank authorizations can be allowed and will not ask for individuals for additional consent later on.[13]

Although there is a large group of people who oppose the selling of individual's medical information, there are groups such as the Health Benefits Coalition, the Healthcare Leadership Council, and the Health Insurance Association of America that are against the new reforms for data protection as it can ruin their work and profits.[12] Previous controversies, such as Google's "Project Nightingale" in 2019 have demonstrated potential holes in regulations of patient data and medical information. Project Nightingale, a joint effort between Google and the healthcare network Ascension, saw to the selling of millions of patients' identifiable medical information without their consent. Though Google claimed that their process was legal in obtaining the information, there was concern between researchers on this claim.[14]

Efforts to protect health information


With the lack of help from the Department of Health and Human Services there is a conflict of interest that has been made clear. Some wish to place individual betterment as more important, while others focus more on external benefits from outside sources. The issues that occur when there are problems between the two groups are also not adequately solved which leads to controversial laws and effects.[15] Individual interests take precedence over the benefits of society as a whole and are often viewed as selfish and for the gain of capital value. If the government does not make any more future changes to the current legislation, countless organizations and people will have access to individual medical information.[15]

In 1999, the Gramm-Leach-Billey Act (GLBA) addressed the insurance privacy debate regarding medical privacy.[16] Yet, there were many issues with the implementation. One issue was that there were inconsistent regulation requirements within the different states due to preexisting laws.[16] Secondly, it was difficult to combine the pre-existing laws with the new framework.[16] And thirdly, in order for the federal government to implement these new rules, they needed state legislature to pass it.[16]

GLBA aimed to regulate financial institutions so that corporations could not affect people's insurance. Because of the difficulty of the implementation of the GLBA, state legislatures are able to interpret the laws themselves and create initiatives to protect the medical privacy.[16] When states are creating their own independent legislature, they create standards that understand the impact of the legislation.[16] If they stray from the standard laws, they must be valid and fair. The new legislation must protect the rights of businesses and allow them to continue to function despite federally regulated competition. Patients gain benefits from these new services and standards through the flow of information that is considerate with medical privacy expectations.[16]

These regulations should focus more on the consumer versus the benefits and political exploitation. Many times, regulations are for the personal gain of the corporation, therefore, state legislatures be wary of this and try to prevent it to the best of their abilities.[16] Medical privacy is not a new issue within the insurance industry, yet the problems regarding exploitation continue to reoccur; there is more focus on taking advantage of the business environment for personal gain.[16]

In 2001, President George W. Bush passed additional regulations to HIPAA in order to better protect the privacy of individual medical information.[17] These new regulations were supposed to safeguard health information privacy by creating extensive solutions for the privacy of patients. The new regulation goals included being notified once an individual's information is inspected, amend any medical records, and request communication opportunities to discuss information disclosure.[17]

However, there are exceptions to when the disclosure of PHI can be inspected. This includes specific conditions among law enforcement, judicial and administrative proceedings, parents, significant others, public health, health research, and commercial marketing.[17] These aspects of lack of privacy have caused an alarming number of gaps within privacy measures.

Ultimately, there is still an issue on how to ensure privacy securities; in response, the government has created new regulations that makes trade offs between an individual's privacy and public benefit. These new regulations, however, still cover individually identifiable health information - any data that contains information unique to an individual.[17] However, non-identifiable data is not covered as the government claims it will cause minimal damage to a person's privacy. It also covers all health care organizations and covers businesses as well.

Additionally, under new HIPAA additions, the state legislation is more protective than national laws because it created more obligations for organizations to follow. Ultimately, the new rules called for expansive requirements that created better safety measures for individuals.[17] Yet, there are still ways that businesses and healthcare organizations can be exempt from disclosure rules for all individuals. Thus, the HHS needs to find more ways to balance personal and public trade offs within medical laws. This creates a need for extra government intervention to enforce legislation and new standards to decrease the number of threats against an individual's privacy of health data.[opinion]

The COVID-19 pandemic led to a global effort to use technologies, like contact tracing, to reduce the spread of the disease. Contact tracing involves notifying people that they have been in contact with an individual who has tested positive for the virus. This led to the general public being concerned about the privacy risks of this technology. In response, in April 2020 Apple and Google created a contact tracing API.[18]

Effects of changing medical privacy laws


Physician-patient relationships


Patients want to be able to share medical information with their physicians, yet they worry about potential privacy breaches that can occur when they release financial and confidential medical information.[19] In order to ensure better protection, the government has created frameworks for keeping information confidential - this includes being transparent about procedures, disclosure and protection of information, and monitoring of these new rules to ensure that people's information.[19]

Effects of Technological Advances


Recently physicians and patients have started to use email as an additional communication tool for treatment and medical interactions. This way of communication is not "new", but its effects on doctor patient relationships has created new questions regarding legal, moral, and financial problems.[20]

The American Medical Informatics Association has characterized medical emails as way to communicate "medical advice, treatment, and information exchanged professionally"; yet, the "spontaneity, permanence, and information power characterizing" role is significant because of its unknown affects.[20] However, the use of emails allows for increased access, immediate aid, and increased interactions between patients and doctors.[20] There are many benefits and negative aspects of using emails; doctors feel a new sense of negative responsibility to respond to emails outside of the office, but also find benefits with facilitating rapid responses to patient's questions.[20]

Additionally, the use of email between physicians and their patients will continue to grow because of the increasing use of the Internet. With the Internet, patients are able to ask for medical advice and treatment, yet issues regarding confidentiality and legal issues come up.[20] Ultimately, emails between a physician and patient are supposed to be used as a supplement for face to face interactions, not for casual messages. If used properly, physicians could use emails as a way to supplement interactions and provide more medical aid to those who need it immediately.[20]

Traditional beliefs on doctor-patient relationship


Although many people believe that the technological changes are the reason for fear of sharing medical privacy, there is a theory that states that institutional ideals between doctors and their patients have created the fear of sharing medical privacy information.[21] Although levels of confidentiality are changing, individuals often feel the need to share more information with their doctors in order to get diagnosed correctly.[21] Because of this, people are concerned with how much information their physicians have. This information could be transferred to other third-party companies. However, there is a call for smaller emphasis on sharing and confidentiality in order to rid patients from their fears of information breaching.[21] There is a common belief that the confidentiality of one's information also only protects the doctors and not the patients, therefore there is a negative stigma towards revealing too much information.[21] Thus it causes patients to not share vital information relevant to their illnesses.

Standards and laws by country


Australia – eHealth


On July 1, 2012, the Australian Government launched the Personally Controlled Electronic Health Record (PCEHR) (eHealth) system.[22] The full implementation incorporates an electronic summary prepared by nominated healthcare providers along with consumer-provided notes. Further, the summary includes information on the individual's allergies, adverse reactions, medications, immunizations, diagnoses, and treatments. The consumer notes operate as a personal medical diary that only the individual can view and edit.[23] The opt-in system gives people the option to choose whether to register for the eHealth record or not.[24]

As of January 2016, the Commonwealth Department of Health changed the name PCEHR to My Health Record.[25]

Privacy – governance


The Personally Controlled Electronic Health Records Act 2012[26] and Privacy Act 1988 governs how eHealth record information is managed and protected.[27] The PCEHR System Operator abides by the Information Privacy Principles[28] in the Privacy Act 1988 (Commonwealth) as well as any applicable State or Territory privacy laws.[29] A Privacy Statement[30] sets out the application of the collection of personal information by the System Operator. The statement includes an explanation of the types of personal information collected, what the information is used for, and how the information is stored. The statement covers measures in place to protect personal information from misuse, loss, unauthorized access, modification, and disclosure.[31]

Privacy – security measures


Security measures include audit trails so that patients can see who has accessed their medical records along with the time the records were accessed. Other measures include the use of encryption as well as secure logins and passwords. Patient records are identified using an Individual Health Identifier (IHI),[32] assigned by Medicare, the IHI service provider.[31][33]

Privacy – issues


A 2012 nationwide survey in Australia assessed privacy concerns on patients' health care decisions, which could impact patient care. Results listed that 49.1% of Australian patients stated they have withheld or would withhold information from their health care provider based on privacy concerns.[34]

  • How does consent impact privacy?

One concern is that personal control of the eHealth record via consent does not guarantee the protection of privacy. It is argued that a narrow definition, 'permission' or 'agreement', does not provide protection for privacy and is not well represented in Australian legislation. The PCEHR allows clinicians to assume consent by consumer participation in the system; however, the needs of the consumer may not be met. Critics argue that the broader definition of 'informed consent' is required, as it encompasses the provision of relevant information by the healthcare practitioner, and understanding of that information by the patient.[35]

  • Is it legitimate to use personal information for public purposes?

Data from the PCEHR is to be predominantly used in patient healthcare, but other uses are possible, for policy, research, audit and public health purposes. The concern is that in the case of research, what is allowed goes beyond existing privacy legislation.[35]

  • What are 'illegitimate' uses of health information?

The involvement of pharmaceutical companies is viewed as potentially problematic. If they are perceived by the public to be more concerned with profit than public health, public acceptance of their use of PCEHRs could be challenged. Also perceived as problematic, is the potential for parties other than health care practitioners, such as insurance companies, employers, police or the government, to use information in a way which could result in discrimination or disadvantage.[35]

  • What are the potential implications of unwanted disclosure of patient information?

Information 'leakage' is seen as having the potential to discourage both patient and clinician from participating in the system. Critics argue the PCEHR initiative can only work, if a safe, effective continuum of care within a trusting patient/clinician relationship is established. If patients lose trust in the confidentiality of their eHealth information, they may withhold sensitive information from their health care providers. Clinicians may be reluctant to participate in a system where they are uncertain about the completeness of the information.[36]

  • Are there sufficient safeguards for the protection of patient information?

Security experts have questioned the registration process, where those registering only have to provide a Medicare card number, and names and birth dates of family members to verify their identity. Concerns have also been raised by some stakeholders, about the inherent complexities of the limited access features. They warn that access to PCEHR record content, may involve transfer of information to a local system, where PCEHR access controls would no longer apply.[33]



The privacy of patient information is protected at both the federal level and provincial level in Canada. The health information legislation established the rules that must be followed for the collection, use, disclosure and protection of health information by healthcare workers known as "custodians". These custodians have been defined to include almost all healthcare professionals (including all physicians, nurses, chiropractors, operators of ambulances and operators of nursing homes). In addition to the regulatory bodies of specific healthcare workers, the provincial privacy commissions are central to the protection of patient information.



The privacy of patient information is guaranteed by articles 78 and 100 of legal code 5510.

On the other hand, the Social Security Institution (SGK), which regulates and administers state-sponsored social security / insurance benefits, sells patient information after allegedly anonymizing the data, confirmed on October 25, 2014.[37]

United Kingdom


The National Health Service is increasingly using electronic health records, but until recently, the records held by individual NHS organisations, such as General Practitioners, NHS Trusts, dentists and pharmacies, were not linked. Each organization was responsible for the protection of patient data it collected. The care. data programme, which proposed to extract anonymised data from GP surgeries into a central database, aroused considerable opposition.

In 2003, the NHS made moves to create a centralized electronic registry of medical records. The system is protected by the UK's Government Gateway, which was built by Microsoft. This program is known as the Electronic Records Development and the Implementation Programme (ERDIP). The NHS National Program for IT was criticized for its lack of security and lack of patient privacy. It was one of the projects that caused the Information Commissioner to warn[38] about the danger of the country "sleepwalking" into a surveillance society. Pressure groups[according to whom?] opposed to ID cards also campaigned against the centralized registry.

Newspapers feature stories about lost computers and memory sticks but a more common and longstanding problem is about staff accessing records that they have no right to see. It has always been possible for staff to look at paper records, and in most cases, there is no track of record. Therefore, electronic records make it possible to keep track of who has accessed which records. NHS Wales has created the National Intelligent Integrated Audit System which provides "a range of automatically generated reports, designed to meet the needs of our local health boards and trusts, instantly identifying any potential issues when access has not been legitimate". Maxwell Stanley Consulting[39] will use a system called Patient Data Protect (powered by VigilancePro) which can spot patterns – such as whether someone is accessing data about their relatives or colleagues.[40]

United States


Since 1974, numerous federal laws have been passed in the United States to specify the privacy rights and protections of patients, physicians, and other covered entities to medical data. Many states have passed its own laws to try and better protect the medical privacy of their citizens.

An important national law regarding medical privacy is the Health Insurance Portability and Accountability Act of 1996 (HIPAA), yet there are many controversies regarding the protection rights of the law.

Health Insurance Portability and Accountability Act of 1996 (HIPAA)


The most comprehensive law passed is the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which was later revised after the Final Omnibus Rule in 2013. HIPAA provides a federal minimum standard for medical privacy, sets standards for uses and disclosures of protected health information (PHI), and provides civil and criminal penalties for violations.

Prior to HIPAA, only certain groups of people were protected under medical laws such as individuals with HIV or those who received Medicare aid.[41] HIPAA provides protection of health information and supplements additional state and federal laws; yet it should be understood that the law's goal is to balance public health benefits, safety, and research while protecting the medical information of individuals. Yet many times, privacy is compromised for the benefits of the research and public health.

According to HIPAA, the covered entities that must follow the law's set mandates are health plans, health care clearinghouses, and health care providers that electronically transmit PHI. Business associates of these covered entities are also subject to HIPAA's rules and regulations.

In 2008, Congress passed the Genetic Information Nondiscrimination Act of 2008 (GINA), which aimed to prohibit genetic discrimination for individuals seeking health insurance and employment. The law also included a provision which mandated that genetic information held by employers be maintained in a separate file and prohibited disclosure of genetic information except in limited circumstances.

In 2013, after GINA was passed, the HIPAA Omnibus Rule amended HIPAA regulations to include genetic information in the definition of Protected Health Information (PHI). This rule also expanded HIPAA by broadening the definition of business associates to include any entity that sends or accesses PHI such as health IT vendors.


The Health Insurance Portability and Accountability Act (HIPAA) is critiqued for not providing strong medical privacy protections as it only provides regulations that disclose certain information.[42]

The government authorizes the access of an individual's health information for "treatment, payment, and health care options without patient consent".[42] Additionally, HIPAA rules are very broad and do not protect an individual from unknown privacy threats. Additionally, a patient would not be able to identify the reason for breach due to inconsistent requirements.[42] Because of limited confidentiality, HIPAA facilitates the sharing of medical information as there is little limitation from different organizations.[42] Information can easily be exchanged between medical institutions and other non-medical institutions because of the little regulation of HIPAA - some effects include job loss due to credit score sharing or loss of insurance.[42]

Additionally, doctors are not required to keep patients information confidential because in many cases patient consent is now optional. Patients are often unaware of the lack of privacy they have as medical processes and forms do not explicitly state the extent of how protected they are.[42] Physicians believe that overall, HIPAA will cause unethical and non-professional mandates that can affect a person's privacy and therefore, they in response have to provide warnings about their privacy concerns.[42] Because physicians are not able to ensure a person's privacy, there is a higher chance that patients will be less likely to get treatment and share what their medical concerns are.[42] Individuals have asked for better consent requirements by asking if physicians can warn them prior to the sharing of any personal information.[43] Patients want to be able to share medical information with their physicians, yet they worry about potential breaches that can release financial information and other confidential information and with that fear, they are wary of who may have access.[43]

In order to ensure better protection, the government has created frameworks for keeping information confidential - some of which include being transparent about procedures, disclosure and protection of information, and monitoring of these new rules to ensure that people's information is not affected by breaches.[43] Although there are many frameworks to ensure the protection of basic medical data, many organizations do not have these provisions in check. HIPAA gives a false hope to patients and physicians as they are unable to protect their own information. Patients have little rights regarding their medical privacy rights and physicians cannot guarantee those.[44]

Hurricane Katrina

HIPAA does not protect the information of individuals as the government is able to publish certain information when they find it necessary. The government is exempted from privacy rules regarding national security. HIPAA additionally allows the authorization of protected health information (PHI) in order to aid in threats to public health and safety as long as it follows the good faith requirement - the idea that disclosing of information is necessary to the benefit of the public.[45] The Model State Emergency Powers Act (MSEHPA) gives the government the power to "suspend regulations, seize property, quarantine individuals and enforce vaccinations" and requires that healthcare providers give information regarding potential health emergencies".[45]

In regards to Hurricane Katrina, many people in Louisiana relied on Medicaid and their PHI was subsequently affected. People's medical privacy rights were soon waived in order for patient's to get the treatment they needed. Yet, many patients were unaware that their rights had been waived.[45] In order to prevent the sharing of personal information in future natural disasters, a website was created in order to protect people's medical data.[45] Ultimately, Katrina showed that the government was unprepared to face a national health scare.

Medical data outside of HIPAA

Many patients mistakenly believe that HIPAA protects all health information. HIPAA does not usually cover fitness trackers, social media sites and other health data created by the patient. Health information can be disclosed by patients in emails, blogs, chat groups, or social media sites including those dedicated to specific illnesses, "liking" web pages about diseases, completing online health and symptom checkers, and donating to health causes. In addition, credit card payments for physician visit co-pays, purchase of over the counter (OTC) medications, home testing products, tobacco products, and visits to alternative practitioners are also not covered by HIPAA.

A 2015 study reported over 165,000 health apps available to consumers. Disease treatment and management account for nearly a quarter of consumer apps. Two-thirds of the apps target fitness and wellness, and ten percent of these apps can collect data from a device or sensor. Since the Food and Drug Administration (FDA) only regulates medical devices and most of these applications are not medical devices, they do not require FDA approval. The data from most apps are outside HIPAA regulations because they do not share data with healthcare providers. "Patients may mistakenly assume that mobile apps are under the scope of HIPAA since the same data, such as heart rate, may be collected by an application that is accessible to their physician and covered by HIPAA, or on a mobile app that is not accessible to the physician and not covered by HIPAA.


In 2000, there was a new surge to add new regulations to HIPAA. It included the following goals: to protect individual medical information by providing secure access and control of their own information, improving healthcare quality by creating a more trust between consumers and their healthcare providers and third party organizations, and improve the efficiency of the medical system through new rules and regulations put forth by the local governments, individuals, and organizations.[46]

The implementation of these new goals was complicated by the change in administrations (Clinton to Bush), so it was difficult for the changes to be successfully implemented.[46] HIPAA, in theory, should apply to all insurance companies, services, and organizations, yet there are exceptions to who actually qualifies under these categories.

Yet, within each category, there are specific restrictions that are different in every category. There are no universal laws that can be easily applied that are easy for organizations can follow. Thus, many states have neglected to implement these new policies. Additionally, there are new patient rights that call for better protection and disclosure of health information. However, like the new rules regarding insurance companies, the enforcement of the legislation is limited and not effective as they are too broad and complex.[46] Therefore, it is difficult for many organizations to ensure the privacy of these people. Enforcing these new requirements also causes companies to spend many resources that they are not willing to use and enforce, which ultimately leads to further problems regarding the invasion of an individual's medical privacy.[46]

Oregon-specific laws


The Oregon Genetic Privacy Act (GPA) states that "an individual's genetic information is the property of the individual".[47] The idea of an individual's DNA being compared to property occurred when research caused an individual's privacy to be threatened. Many individuals believed that their genetic information was "more sensitive, personal, and potentially damaging than other types of medical information."[47] Thus, people started calling for more protections. People started to question how their DNA would be able to stay anonymous within research studies and argued that the identity of an individual could be exposed if the research was later shared. As a result, there was a call for individuals to treat their DNA as property and protect it through property rights. Therefore, individuals can control the disclosure of their information without extra questioning and research.[47] Many people believed that comparing one's DNA to property was inappropriate, yet individuals argued that property and privacy are interconnected because they both want to protect the right to control one's body.[47]

Many research and pharmaceutical companies showed opposition because they were worried about conflicts that might arise regarding privacy issues within their work. Individuals, on the other hand, continued to support the act because they wanted protection over their own DNA.[47] As a result, lawmakers created a compromise that included a property clause, that would give individuals protection rights, but also included provisions that would allow research to be done without much consent, limiting the benefits of the provisions.[47] Afterwards, a committee was created to study the effects of the act and how it affected the way it was analyzed and stored.[47] They found that the act benefited many individuals who did not want their privacy being shared with others and therefore the law was officially implemented in 2001.[47]

Connecticut-specific laws


In order to solve HIPAA issues within Connecticut, state legislatures tried to create better provisions to protect the people living within the state.[41] One of the issues that Connecticut tried to solve were issues with consent. Within the consent clause, health plans and health care clearinghouses do not need to receive consent from individuals because of a general provider consent form with gives healthcare providers permission to disclose all medical information.[41] The patient thus does not get notification when their information is being shared afterwards.[41]

Connecticut, like many other states, tried to protect individual's information from disclosure of information through additional clauses that would protect them from businesses initiatives.[41] In order to do so, Connecticut legislature passed the Connecticut Insurance Information and Privacy Protect Act, which provides additional protections of individual medical information. If third parties neglect to follow this law, they will be fined, may face jail time, and may have their licenses suspended.[41] Yet, even in these additional provisions, there were many holes within this legislation that allowed for businesses agreements to be denied and subsequently, information was compromised. Connecticut is still working to shift its divergent purposes to creating more stringent requirements that create better protections through clear provisions of certain policies.[48]

California-specific laws


In California, the Confidentiality of Medical Information Act (CMIA), provides more stringent protections than the federal statutes.[49] HIPAA expressly provides that more stringent state laws like CMIA, will override HIPAA's requirements and penalties. More specifically, CMIA prohibits providers, contractors and health care service plans from disclosing PHI without prior authorization.

These medical privacy laws also set a higher standard for health IT vendors or vendors of an individual's personal health record (PHR) by applying such statutes to vendors, even if they are not business associates of a covered entity. CMIA also outlines penalties for violating the law. These penalties range from liability to the patient (compensatory damages, punitive damages, attorneys' fees, costs of litigation) to civil and even criminal liability.[50]

Likewise, California's Insurance Information and Privacy Protection Act[51] (IIPPA) protects against unauthorized disclosure of PHI by prohibiting unapproved information sharing for information collected from insurance applications and claims resolution.

New Zealand


In New Zealand, the Health Information Privacy Code (1994) sets specific rules for agencies in the health sector to better ensure the protection of individual privacy. The code addresses the health information collected, used, held and disclosed by health agencies. For the health sector, the code takes the place of the information privacy principles.



The introduction of a nationwide system for the exchange of medical information and access to electronic patient records led to much discussion in the Netherlands.[52]

Privacy for research participants


In the course of having or being part of a medical practice, doctors may obtain information that they wish to share with the medical or research community. If this information is shared or published, the privacy of the patients must be respected. Likewise, participants in medical research that are outside the realm of direct patient care have a right to privacy as well.

Future research


While medical privacy remains an important right, it is also crucial to balance privacy with innovation. By limiting patient data in response to privacy violations, it potentially hinders data-driven innovation in medicine. In addition, keeping data secret for a competitive advantage also poses multiple concerns, potentially slowing advances in medical testing (e.g. Myriad Genetics).[53]

See also



  1. ^ a b c d e f Hiller, Mare (1982). "Patient Care Management Systems, Medical Records, and Privacy: A Balancing Act". Public Health Reports. 97 (4): 332–45. PMC 1424350. PMID 7111656 – via JSTOR.
  2. ^ a b c d e f g Miller, Amalia (2009). "Privacy Protection and Technology Diffusion: The Case of Electronic Medical Records". Management Science. 55 (7): 1077–1093. doi:10.1287/mnsc.1090.1014.
  3. ^ Manager, Web (2011-09-28). "Australian Privacy Law & Practice - Key Recommendations for Health Information Privacy Reform". www.alrc.gov.au. Retrieved 2018-12-03.
  4. ^ Andriole, Katherine P. (2014). "Security of Electronic Medical Information and Patient Privacy: What You Need to Know". Journal of the American College of Radiology. 11 (12 Pt B): 1212–1216. doi:10.1016/j.jacr.2014.09.011. PMID 25467897.
  5. ^ Edemekong, Peter F.; Haydel, Micelle J. (2018), "Health Insurance Portability and Accountability Act (HIPAA)", StatPearls, StatPearls Publishing, PMID 29763195, retrieved 2018-12-03
  6. ^ a b c d Alpert, Sheri (1993). "Smart Cards, Smarter Policy Medical Records, Privacy, and Health Care Reform". The Hastings Center Report. 23 (6): 13–23. doi:10.2307/3562918. JSTOR 3562918. PMID 8307741.
  7. ^ "The Confidentiality – Integrity – Accessibility Triad into the Knowledge Security. A Reassessment from the Point of View of the Knowledge Contribution to Innovation". ResearchGate. Retrieved 2020-10-24.
  8. ^ Lee, Jennifer; Yang, Samuel; Holland-Hall, Cynthia; Sezgin, Emre; Gill, Manjot; Linwood, Simon; Huang, Yungui; Hoffman, Jeffrey (2022-06-10). "Prevalence of Sensitive Terms in Clinical Notes Using Natural Language Processing Techniques: Observational Study". JMIR Medical Informatics. 10 (6): e38482. doi:10.2196/38482. ISSN 2291-9694. PMC 9233261. PMID 35687381.
  9. ^ Knorr, Eric (2018-10-02). "What is cloud computing? Everything you need to know now". InfoWorld. Retrieved 2020-11-11.
  10. ^ Angst, Corey M., Emily S. Block, John D'Arcy, and Ken Kelley. 2017. "When Do IT Security Investments Matter? Accounting for the Influence of Institutional Factors in the Context of Healthcare Data Breaches." MIS Quarterly 41(3):893–916.
  11. ^ a b c d e Simms, Michele (1994). "Defining Privacy in Employee Health Screening Cases: Ethical Ramifications Concerning the Employee/Employer Relationship". Journal of Business Ethics. 13 (5): 315–325. doi:10.1007/bf00871760. S2CID 143963963 – via JSTOR.
  12. ^ a b c d e f Etzioni, Amitai (2000). "The New Enemy of Privacy: Big Bucks". Challenge. 43 (3): 91–106. doi:10.1080/05775132.2000.11472156. S2CID 157158591 – via JSTOR.
  13. ^ a b c d e Zittrain, Jonathan (2000). "What the Publisher Can Teach the Patient: Intellectual Property and Privacy in an Era of Trusted Privication". Stanford Law Review. 52 (5): 1201–50. doi:10.2307/1229513. JSTOR 1229513. PMID 11503653 – via JSTOR.
  14. ^ Ledford, Heidi (2019-11-19). "Google health-data scandal spooks researchers". Nature. doi:10.1038/d41586-019-03574-5. PMID 33203980. S2CID 212914522.
  15. ^ a b Van der Goes, Jr., Peter (1999). "Opportunity Lost: Why and How to Improve the HHS-Proposed Legislation Governing Law Enforcement Access to Medical Records". University of Pennsylvania Law Review. 147 (4): 1009–1067. doi:10.2307/3312766. JSTOR 3312766. PMID 12755153 – via JSTOR.
  16. ^ a b c d e f g h i Zielezienski, Stephen (2002). "Insurance Privacy after Gramm-Leach-Bililey- Old Concerns, New Protections, Future Challenges". Tort & Insurance Law Journal. 37: 1139–1179.
  17. ^ a b c d e Gostin, Lawrence (2002). "The Nationalization of Health Information Privacy Protections ". Tort & Insurance Law Journal. 37: 1113–1138 – via JSTOR.
  18. ^ Sharon, Tamar (November 2021). "Blind-sided by privacy? Digital contact tracing, the Apple/Google API and big tech's newfound role as global health policy makers". Ethics and Information Technology. 23 (S1): 45–57. doi:10.1007/s10676-020-09547-x. ISSN 1388-1957. PMC 7368642. PMID 32837287.
  19. ^ a b Hosek, Susan (2013). "Privacy of Individual Health Information". Patient Privacy, Consent, and Identity Management in Health Information Exchange: Issues for the Military Health System: 19–30 – via JSTOR.
  20. ^ a b c d e f Wieczorek, Susan (2010). "From Telegraph to E-mail: Preserving the Doctor-Patient Relationship in a High-Tech Environment". ETC: A Review of General Semantics. 67: 311–327 – via JSTOR.
  21. ^ a b c d Bradburn, Norman (2001). "Medical Privacy and Research". The Journal of Legal Studies. 30 (2): 687–701. doi:10.1086/342031. PMID 12656089. S2CID 28493631 – via JSTOR.
  22. ^ "Australian Government - Department of Health and Ageing". PCEHR Governance. Archived from the original on 13 May 2013. Retrieved 18 May 2013.
  23. ^ "National E-Health Transition Authority (NEHTA)". Our Work - PCEHR. Retrieved 18 May 2013.
  24. ^ "Australian Government - Department of Health and Ageing". Expected benefits of the national PCEHR system. Archived from the original on 13 May 2013. Retrieved 18 May 2013.
  25. ^ [1]
  26. ^ Personally Controlled Electronic Health Records Act 2012
  27. ^ "Australian Government - ComLaw". Personally Controlled Electronic Health Records Act 2012. Retrieved 18 May 2013.
  28. ^ Information Privacy Principles
  29. ^ "Australian Government - Office of the Australian Information Commissioner". Information Privacy Principles under the Privacy Act 1988. Retrieved 18 May 2013.
  30. ^ Privacy Statement
  31. ^ a b "Australian Government - Department of Health and Ageing". Privacy. Retrieved 18 May 2013.
  32. ^ Individual Health Identifier (IHI)
  33. ^ a b Showell, CM (2011). "Citizens, patients and policy: a challenge for Australia's national electronic health record". Health Information Management Journal. 40 (2): 39–43. doi:10.1177/183335831104000206. PMID 28683627. S2CID 1953918. http://www.himaa.org.au/members/journal
  34. ^ Anonymous (2012). "e-Health". Australian Nursing Journal. 20 (2): 20.
  35. ^ a b c Spriggs, Merle; Arnold, Michael V; Pearce, Christopher M; Fry, Craig (2012). "Ethical questions must be considered for electronic health records". Journal of Medical Ethics. 38 (9): 535–539. doi:10.1136/medethics-2011-100413. PMID 22573881. S2CID 19771269.
  36. ^ Liaw, S. T; Hannan, T (2011). "Can we trust the PCEHR not to leak?". The Medical Journal of Australia. 195 (4): 222. doi:10.5694/j.1326-5377.2011.tb03287.x. PMID 21843131. S2CID 38807826.
  37. ^ ""Sağlık Bakanlığı SGK bilgilerini sattığını doğruladı: İsim vermeden sattık" ("The Ministry of Health confirms the sale of information [to third parties] through SGK database: 'We sold [data] without [patients'] names'")". Birgün. Archived from the original on 26 October 2014. Retrieved 25 October 2014.
  38. ^ Amoore, Louise & Ball, Kirstie & Graham, Stephen & Green, Nicola & Lyon, David & Murakami Wood, David & Norris, Clive & Pridmore, Jason & Raab, Charles & Rudinow Saetnan, Ann. (2006). A Report on the Surveillance Society.
  39. ^ "maxwell stanley consulting | committed to providing clients with expert services". maxwellstanley.co.uk.
  40. ^ "Paperless NHS supplement: Data protection – it's a breach of trust". Health Service Journal. 13 March 2015. Retrieved 28 April 2015.
  41. ^ a b c d e f Butera, Adam (2002). "HIPAA Preemption Implications for Covered Entities Under State Law". Tort & Insurance Law Journal. 37: 1181–1211 – via JSTOR.
  42. ^ a b c d e f g h Sobel, Richard (2007). "The HIPAA Paradox: The Privacy Rule That's Not". Hastings Center Report. 37 (4): 40–50. doi:10.1353/hcr.2007.0062. PMID 17844923. S2CID 73012540 – via JSTOR.
  43. ^ a b c Hosek, Susan (2013). "Privacy of Individual Health Information". Patient Privacy, Consent, and Identity Management in Health Information Exchange: Issues for the Military Health System: 19–30.
  44. ^ Sobel, Richard (2007). "The HIPAA Paradox: The Privacy Rule That's Not". Hastings Center Report. 37 (4): 40–50. doi:10.1353/hcr.2007.0062. JSTOR 4625762. PMID 17844923. S2CID 73012540.
  45. ^ a b c d Parver, Corrine (2006). "Lessons From Disaster: HIPAA, Medicaid, and Privacy Issues- The Nation's Response to Hurricane Katrina". Administrative Law Review. 58: 651–662 – via JSTOR.
  46. ^ a b c d Woody, Robert (2002). "Health Information Privacy: The Rules Get Tougher". Tort & Insurance Law Journal. 37: 1051–1076 – via JSTOR.
  47. ^ a b c d e f g h Everett, Margaret (2007). "The 'I' in the Gene: Divided Property, Fragmented Personhood, and the Making of a Genetic Privacy Law". American Ethnologist. 34 (2): 375–86. doi:10.1525/ae.2007.34.2.375 – via JSTOR.
  48. ^ Baum, Stephanie (2013-09-23). "10 things you need to know about HIPAA Omnibus final rule". MedCity News. Retrieved 2016-10-08.
  49. ^ "The Law and Medical Privacy". Electronic Frontier Foundation. Retrieved 2016-10-08.
  50. ^ Henry, Davis Wright Tremaine LLP-Karen A.; Keville, Terri D. (19 April 2013). "What you don't know about California's Confidentiality of Medical Information Act might hurt you! | Lexology". Retrieved 2016-10-08.
  51. ^ "California Legislative Information". leginfo.legislature.ca.gov. Retrieved 2016-10-08.
  52. ^ EPD enquête, archived from the original on 2016-01-12
  53. ^ Price, W. Nicholson; Cohen, I. Glenn (January 2019). "Privacy in the age of medical big data". Nature Medicine. 25 (1): 37–43. doi:10.1038/s41591-018-0272-7. ISSN 1546-170X. PMC 6376961.

Further reading

  • Adam Tanner (2018). Our Bodies, Our Data: How Companies Make Billions Selling Our Medical Records. Beacon Press. ISBN 978-0807059029.