Do Physicians Have a Right to Privacy?

As we move to Electronic Health Records (EHR), the debates over security and privacy are becoming more frequent and more poignant. We of course have HIPAA laws on the books and ONC has a Tiger team assembled to recommend privacy and security policies to Secretary Sebelius. CIOs and entire IT departments are all focused on protecting the privacy of patients and their Personal Health Information (PHI). This is, of course, as it should be, but how about privacy of those taking care of patients? Do physicians have a right to privacy too?

As EHRs become more prevalent and interconnected, increasing amounts of clinical and administrative data will be flowing out of doctors’ offices and into the great beyond. Most of this data is indeed patient data, but some of it could be combined, sliced and diced to derive pretty extensive information about doctors. For example, and in no particular order:

  • Prescribing patterns – Prescription data has been collected and sold to pharmaceutical companies for decades. EHRs will make this much easier to accomplish and the data will become richer and more granular, since it will contain the exact nature of the visit where a particular drug was prescribed or discontinued, including physician notes on the subject. Of course, such information finding its way to public websites would present a novel difficulty if, say, we can look up Dr. X and see that she wrote 30 prescriptions for contraceptives last month, half of which were for girls under 16 years of age.
  • In the interest of informing patients on physicians’ expertise, a company may decide to publish names and frequencies of procedures performed by physicians. In addition to the fact that the raw number of performed procedures is not indicative of proficiency if not accompanied by outcomes data which is almost impossible to obtain, our beleaguered Dr. X may find a web listing of the number of abortions she performed on teenage girls right next to her name and home address.
  • Administrative data can provide average times spent with patients, with no differentiation between the 5 minutes required for allergy meds renewal and the half hour you spent with elderly complex patients. Schedule data can also be manipulated to deduce when you take vacations. Is anybody watching your house while you’re enjoying those exquisite Hawaiian sunsets?
  • Of course the call for greater transparency will create numerous websites trying to provide patients with a Consumer Reports style rating of doctors. Quality measures similar, or identical, to the ones submitted to CMS will come in very handy. If you report that only 20% of your patients have an acceptable Hb1Ac level and I am a diabetic looking for a good doctor, I’d probably pick one with better “outcomes”. The fact that most of your patients are underserved, poor and even homeless and you are pretty much a saint is not evident in your outcomes. Sorry.
  • EHR progress note data can indicate how thorough you are. If you routinely document only a handful of Exam and Histories elements, maybe I should find a doctor that takes more time and is more thorough, or one who has an EHR that documents all negatives by exception, whether he looked at it or not. There will be very few patients savvy enough to know the difference.
  • Here is a more interesting possibility. By examining your SOAP notes, computers can figure out your decision making patterns. These patterns can be cross aggregated and will make for very interesting research. However, these patterns, once established, could also become admissible evidence in a court of law.
  • As data becomes richer and more liquid, more possibilities to monetize physician data will emerge, just like monetization of patient data will become rampant. Fortunately, patient privacy is central to all new standards and policies being created by the Government. By contrast, physician privacy is not even an afterthought. While physicians have always been morally and legally obligated to protect their patients’ privacy, perhaps the time has come to also consider the doctor’s privacy in this brave new digital world.

    Margalit Gur-Arie blogs frequently at her website, On Healthcare Technology. She was COO at GenesysMD (Purkinje), an HIT company focusing on web based EHR/PMS and billing services for physicians. Prior to GenesysMD, Margalit was Director of Product Management at Essence/Purkinje and HIT Consultant for SSM Healthcare, a large non-profit hospital organization.

    20 replies »

    1. There will be docs in practice who will charge for and be paid for a private records practice. Medical speak-easies. No one except hard core liberal policy wonks and EHR vendors think this (national EHR)is a good idea.

    2. Bev, when the medical record was between one and one’s doctor(s), youthful indiscretions and all sorts of mishaps could be safely related to the medical record with minimal “embarrassment”.
      Now that all this data is about to flow through NHINs and HIEs and HIOs and HISPs and all sorts of other acronyms before they reach another doctor and at each point in the system there is a risk of leakage in the form of security breaches, outright selling of data (a little deitentified, or a lot) and mandatory reporting to States and Feds, people may want to expunge certain things from their records, so to speak. I’m not sure they’ll be able to and I agree that medically speaking, most of the time, but not always, it is a bad idea.
      Anyway, how did we get back to talking about patient privacy? I thought this was supposed to be about the docs… 🙂

    3. Margalit;
      To address the “voluminous relevance” issue, I was referring to the mounds of nursing notes, vital signs charts, EKG strips, etc. that one had to sift through to find the physicians’ notes or imaging reports. EMR’s would actually be better on that score.
      As to the medical record itself (either paper or electronic), one cannot arbitrarily edit out what might be embarrassing. What happens to you medically, embarrassing or not, needs to be recorded. For example, if I saw that a male patient had come in 10 years earlier with a coke bottle up his rectum (rectal foreign objects being common in the gay population), I might be more inclined to think of the odd infectious symptoms he now presents with as possibly a manifestation of AIDS and be more likely to order an HIV test and think of infections only occurring in the immune-suppressed population. Such odd coincidences can and have happened.
      Similarly, as a pathologist I was often frustrated that a patient’s race was no longer on the addressograph stamp (which was often all the medical history available to me), because certain cancers are much more common in certain races, and it would influence my universe of differential diagnoses on his biopsy.But we had to be politically correct.
      Political correctness and medical correctness cannot be reconciled by well-meaning “edits” of “irrelevant” information. This can be dangerous and even fatal to the patient.
      Although the privacy issue is an important one, guaranteeing it by editing the medical record is NOT addressing the right problem.

    4. Bev, in your experience, what percent of those voluminous charts were relevant to patient care?
      I just don’t see how a fake suicide attempt or rectal foreign body from 50 years ago can be relevant for someone presenting with chest pain at the ED. On the other hand I can see how items like that in your chart can cause plenty of embarrassment, loss of jobs, insurance denials, etc. In effect the medical record becomes a rap sheet.
      It seems to me that there must be some way to expire/expunge things from the “public” record, but I really don’t know how it should be done.
      I agree that interconnected EMRs are going to be very helpful, but as others have said before me, these are very powerful devices. They can do tremendous good, but if used unwisely, they can do tremendous damage too.

    5. Margalit;
      As with all things in life, a balance must be struck. When I was a medical student, one of my jobs was to track down the old charts on new admissions or on patients who came into ER’s. This was often an arduous job involving waiting in line and fighting with Medical Records clerks who weren’t interested, but you’d be surprised how useful those old charts were when the patient couldn’t or wouldn’t give an accurate medical history. (It was also my job to flip through their voluminous, poorly organized pages and cull out the relevant stuff)
      Now, as far as I can tell, no one even bothers – they just ask the family or do without. And don’t even mention if it’s at a different hospital than where they received care before. Clearly this is not good for patient care; I have experienced it myself as a patient and family member. So EMR’s have great potential in this way.
      But I repeat, if the patients want to see the record, then let them see it. Then they will find out what they are asking for. I don’t see any reason at all why physicians should edit MD as HELL’s examples (except for perhaps “3 hots and a cot” – although true, could be construed as uncaring. How about, “no organic disease identified.”(:)

    6. Exactly. “Someone” will be editing all this through a political filter and it will be totally useless. The only winning move is: not to play.

    7. Seriously, I’m starting to doubt the wisdom of having this life long medical record following you around for the rest of your life. So you did some stupid stuff when you were a kid, does every doctor you’ll ever see need to be made aware that you had issues with a tampon when you where a kid? Does your respectable family 20 years from now need to be made aware of your fake suicide attempt when Johnny skipped town with a two bit tramp?
      Is this the sort of stuff we need to store and secure in government databases?
      I know there’s other, more important and probably useful content, but I have no idea how you decide what’s important or who decides or whether anybody should.

    8. How about diagnoses like:
      “inappropriate drug seeking behavior”
      “Looking for 3 hots and a cot.”
      “Rectal foreign body.”
      “Retained tampon.”
      “Prescription drug abuse.”
      “Suicide gesture.”
      “Alleged sexual assault.”
      My nights in the ED should make for useful information and a movie with merchandising rights.

    9. Thanks, Margalit; I’ll take a look. I did write to the FDA, for what it’s worth, about possible regulation of EMR’s and cited these authors’ previous paper; thanks to Bobby G. for finding it.
      I have to agree with MD as HELL and rbar. Physicians have been trying to say these things all along, but have been drowned out by the patients who want to see all their data. I say, don’t change what you write in there and let the patients read it, as long as it is professionally worded, of course. There are such legitimate diagnoses as clinical depression, Munnchausen’s syndrome, etc. And there are things like “rule out malignancy”, etc. that will scare patients to death. But they want the record; let them see it. It’s a case of “be careful what you wish for.” Nothing else will convince them…..

    10. Bev, here is a new paper from Hoffman & Podgurski (the authors of the Harvard piece on the need for FDA oversight). I think it was published by Berkeley, but it’s not yet available at btlj.org online.
      It explores the new legal liabilities created by EHR technology adoption – E-Health Hazards: Provider Liability and Electronic Health Record Systems.
      I thought you may like this one too. Very well written as usual.

    11. MD as HELL and rbar, you are bringing up something quite different and in my opinion very important. How accurate and how “good” will the records be if both patients and doctors know that whatever happens in the exam room will not be confined to the exam room any longer?
      If patients hold back information, or feelings, are there going to be more diagnosis errors?
      If doctors don’t write down stuff they would want a colleague to know, but wouldn’t necessarily want the patient (or his family) to see, would transitions of care become a bit more “fuzzy”?
      Is keeping things private, as they have been for centuries, not just about being politely discreet (or paternalistic), but also about good medicine?

    12. I think that in some respects, openness of medical records combined with patient centeredness, has some downsides: most docs feel that they cannot tell (and cannot document) what (they think) a patient does not want to hear. These things include (but are not limited to):
      -your health would improve with lifestyle changes (e.g. stop smoking, start exercising, loose weight)
      -your complaint is not organic in nature
      -you complain in most dramatic terms about medical symptom x, but from your own report, it does not appear to affect your work or private/social life.
      -you express frustration with the care for a chronic medical condition, but you also have a history of not following doctors’ recommendations for no good reason, and of changing physicians frequently and quickly
      That’s the problem with client centeredness; being client centered with reasonable patients (especially sick ones) is a no brainer, but how about all the individuals who have 1. psychiatric/personality issues interfering with their care, unbeknownst to them and 2.people who have a nonmedical agenda when seeing a physician?

    13. Yes, I have a right to privacy. I also own my proprietary medical decision making process. It may be similar to others, but mine is mine. How I choose to treat a patient and with which tests and with which agents is also proprietary. You may know I prescribed a medicine and you may know the patient’s problem list and diagnoses, but you may not know how I make my decisions.
      You are making a false assumption that patients want all of their private info out there for wedsites, vendors, regulators, employers, and advertisers to access and use for unrelated purposes. HIPAA is a sham now. Just wait until EHR puts your colonscopy on YouTube, or would that be YourTube.
      And I can hardly wait to see all the mental health records go live. Garbage in, garbage out.
      Right now law enforcement cannot even unite in a single system all the info on criminals. Add all the rest of us into a larger system and you will have a useless gridlocked pile of junk for which you paid a fortune and will get nothing back from it in a useful time frame. When I need information I need it in real time and not tomorrow. I spend too much time at the computer now. You want me to spend more? Let the patients pile up in the lobby. Have them bring food and a big book. I will enter which book they are reading and what they are eating.
      Better yet, we can have computer kiosks in the lobby so patients can enter other patients information while they are waiting. Patients will need to be wired to polygraph machines, though. They lie all the time.
      Please don’t ask for CPR while I am completing the Central Committee report on why you are short a Percocet. You are just one life, but all those missing Percocets are killing many more people than just your MI.

    14. bev, I think that what needs to be protected against is distortion of facts. There have been studies showing that outcomes measurement for a small practice is statistically unreliable. Will that stop Internet companies from posting these “ratings” online? People are smart enough to understand that a “dissed” patient is not objective, but are they savvy enough to understand that data coming straight from the Government, as I am sure it will be advertised, is sometimes relevant and sometimes not indicative of anything?
      As ONC is continuing the national debate on patients’ rights to opt-in or opt-out of reporting, do physicians have a right to opt-in or out? Should they have such right? Should physician data be de-identified in some situations, like patient data is? Should malpractice attorneys be entitled to review this data? Should it be admissible in court?
      I think as Dr. Schattner wrote above, we need to figure these things out before the floodgates are opened.
      Dr. Steven Waldren brought to my attention that the AAFP has given some thought to this subject and here are their recommendations

    15. There is something about the invasion of medical care by industry that smells. The profession has been depreciated. Medical care is a commodity. The HIT vendors have not any interest in patients, their care or their safety…except when their CEOs are sick. They care about the bottom line and rolling out the crap products that hinder medical care, but scrutinize how many boxes the doctors click. The health care professional should resist the temptation to be obedient to the US Government.
      Do Not Buy.

    16. Thank you for this thought-provoking post –
      I think a lot of physicians feel they’ve lost control over their reputations, deserved or not, due to so much inaccurate on-line information. Some is malicious, and some comes from unresponsive robots that generate errors.
      This topic deserves more consideration, for sure.

    17. A very thought-provoking post on a subject I had not considered. However, I don’t see anything in your examples that should be protected. How a physician does his/her job is just out there; it’s not like the information is revealing s/he is having an affair or has a venereal disease or something. And all the ill-considered ratings information is already possible, just by one angry patient dissing you on a ratings website with no data.
      The abortion issue is something else again – but that is mainly because that sort of information puts the physician’s life in danger. However, we all can be shot by a nut, so I don’t see how that can be helped either, as long as there are nuts out there.