How private are your medical records?

Technology watch
By MARY ANN SORRENTINO  |  April 30, 2008

In Rhode Island, where everyone knows everyone, how safe are our own “confidential” medical records?

Any visit to a local health facility carries the risk of bumping into a friend or acquaintance. We may tolerate this at less intimate treatment centers — for sports medicine, podiatry, or dentistry, for example — but seeing a doctor for substance abuse, reproductive health, STDs, or cosmetic surgery may have patients longing for greater privacy.

If the records of Britney Spears and Maria Shriver can be breached, as was recently reported to be the case at the UCLA Medical Center, it can happen to us.

It’s not just the impact of celebrity, as evidenced by how, as the Atlanta Journal-Constitution recently reported, the federal government has told 71,000 poor and low-income Georgians that their medical records were mistakenly placed on the Internet.

Last month, wire services reported that the Social Security numbers, phone numbers, and personal data of 50,000 New York-area patients were allegedly sold by a former worker at New York-Presbyterian/Weill Cornell Medical Center. The suspect told authorities he sold two batches of data: one for $750 and one for $600, placing a street value on the intimate details of anyone’s life and health at about 33 cents.

In 2003, the federal government implemented the bureaucratically labeled Health Insurance Portability and Accountability Act (HIPAA). The law was supposed to strengthen patient privacy.

Instead, HIPAA is seen as having made it more difficult for caregivers to communicate on behalf of sick and often confused loved ones, while patient confidentiality remains as compromised as ever.

HIPAA was on a collision course with technology. Just as Uncle Sam was deciding to plug holes in the privacy system, health-care bureaucracies and providers — awash in paper — saw electronic medical records as the answer. As a result, “private” records, once locked in steel cabinets with limited access, were placed on the Internet, available to enterprising hackers.

More terrifying is the persistence of human curiosity, error, greed, and the other failings that make a UCLA clerk want to know what’s ailing Spears and Shriver, results in the Georgia Medicaid computer nightmare, or tempts folks to sell Social Security number for pennies.

I switched facilities for my annual mammogram, because I could not, despite HIPAA guidelines, convince the former desk personnel to stop shouting out each woman’s full name across a crowded waiting room. It was suggested that they use first names, or better, a number system.

They said, “Older patients think first names are disrespectful.” They also declined to confront “older persons” with a copy of federal (and state) laws protecting confidentiality. 

At local laboratories, patients seeking HIV- or drug-abuse screening, or routine blood work, all sign in on the same sheet. Everyone signing in subsequently sees patient names, insurers, and other personal information.

This doesn’t factor in the possibility that neighbors, disgruntled employees, ex-lovers working at local hospitals, labs, or medical insurance companies might be just plain curious about someone’s psychiatric or physical history, and more.

Let’s face it: the worldwide Web is making privacy obsolete.

Related: Interview: Jim Langevin, Kennedy vs. the Catholic Church, Critics target fight against real ID, More more >
  Topics: This Just In , Politics, Britney Spears, Domestic Policy,  More more >
| More

Most Popular
Share this entry with Delicious
  •   FERRARO, A PHOTO, AND A LEGACY  |  March 30, 2011
    Geraldine Ferraro's photograph stands proudly in a silver frame, inscribed to my daughter with the words, "You are my hero."
  •   TWO MURDERS AND AN UNHEEDED CALL  |  December 29, 2010
    When Rhode Islanders mention former Rhode Island Supreme Court Chief Justice Thomas Fay, they often focus on the scandal that forced him to resign from the bench.
    Angel Taveras may soon be Providence’s first Latino mayor. But his victory in the recent Democratic primary is much more than a triumph of the city’s growing Hispanic population.
    Recently OB-GYN Associates, a respected women's health care practice with offices in Rhode Island and Massachusetts, admitted to Rhode Island Department of Health officials that it had implanted in patients birth control intrauterine devices (IUDs) apparently manufactured in Canada and not approved by the United States Food and Drug Administration (FDA).
    Low-numbered plates may be Valhalla for Rhode Island’s vainglorious. But they are hard to come by. So for the average driver looking for attention, “vanity” and “special category” plates are the way to go.

 See all articles by: MARY ANN SORRENTINO