On its surface, HIPAA and the concept of patient confidentiality and privacy seem rather straightforward. Protecting a patient’s confidentiality and privacy is a critical part of establishing and maintaining trust between a patient and a healthcare provider. Obviously, there is a need to share the patient’s information with critical individuals – namely those individuals who are assisting in providing care. But the issue becomes gray, or certainly less black and white, when it comes to questions of family members and other loved ones (not to mention technology). After all, it seems like the compassionate thing to do when a patient’s family member asks how the patient is doing, especially if the family member seems distraught, and many healthcare providers consider compassion a significant part of their jobs. As it happens, healthcare providers are also subject to many legal and ethical considerations in the performance of their duties which sometimes make the compassionate thing to do – namely giving out patient information – inappropriate (McGowan, 2012). In fact, many healthcare institutions’ policies, “state regulations, and federal law” are “aimed at protecting patients’ confidentiality” (McGowan, 2012, p. 61), regardless of the interests of the patients’ family members and loved ones. In some ways, HIPAA makes this issue more black and white: in general, HIPAA prohibits healthcare providers from giving out information at all, but there are exceptions. According to the Office for Civil Rights (n.d.), which falls under the auspices of the Department of Health and Human Services, a healthcare provider “may share relevant information” in several circumstances which include: the individual gives “the provider or plan permission to share the information”; the individual is present at the time of the request and does not object to the sharing of the information; and the individual is NOT present but the provider “determines based on professional judgment” that it is in the individual’s best interest to share that information (p. 1).
These exceptions make sense and seem reasonable and logical. But other researchers raise questions of public health interests which are also reasonable and logical. After all, if patient data were more readily available, “National, longitudinal patient data could be used to monitor and respond to public health problems in ways” that are not currently available, not to mention the ways in which the data “could help identify a wide range of other public health and safety problems and track differences in various organized health care systems” such as identifying “the extent of the prescribing of drugs for unapproved uses that lack scientific support” (Rodwin, 2010, p. 587). In other words, the kind of data protected by HIPAA could be very useful to the public at large, especially those organizations responsible for public health and safety. It is difficult to ignore such considerations. However, the confidentiality and privacy of the patient must take center stage, and other ways of gathering such data for such purposes must be identified.
As with most issues, there are two sides to patient privacy and confidentiality – the patient’s side and everybody else’s side. Both sides may have legitimate reasons for wanting to protect – or access, or provide access to – that information. Ultimately, however, the patient’s information is their own, and it should be protected and respected. This may mean depriving their family members and loved ones of the information, which may seem cruel, but the patient is the healthcare provider’s main focus. There are exceptions which may offer healthcare providers a little leeway in terms of supplying information to individuals other than those who are part of the patient’s care team or plan. But these exceptions mostly include the patient as part of the decision-making process of releasing information and, as such, should be respected carefully.
- McGowan, C. (2012). Patients’ confidentiality. Critical Care Nurse, 32(5), 61-65.
- Office for Civil Rights. (n.d.). Sharing health information with family members and friends. The
Department of Health & Human Services, USA. Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/sharing-family-friends.pdf
- Rodwin, M. A. (2010). Patient data: Property, privacy & the public interest. American Journal of
Law & Medicine, 36(4), 586-618.