Physicians

Do Physicians Have a Right to Privacy?

As we move to Electronic Health Records (EHR), the debates over security and privacy are becoming more frequent and more poignant. We of course have HIPAA laws on the books and ONC has a Tiger team assembled to recommend privacy and security policies to Secretary Sebelius. CIOs and entire IT departments are all focused on protecting the privacy of patients and their Personal Health Information (PHI). This is, of course, as it should be, but how about privacy of those taking care of patients? Do physicians have a right to privacy too?

As EHRs become more prevalent and interconnected, increasing amounts of clinical and administrative data will be flowing out of doctors’ offices and into the great beyond. Most of this data is indeed patient data, but some of it could be combined, sliced and diced to derive pretty extensive information about doctors. For example, and in no particular order:

  • Prescribing patterns – Prescription data has been collected and sold to pharmaceutical companies for decades. EHRs will make this much easier to accomplish and the data will become richer and more granular, since it will contain the exact nature of the visit where a particular drug was prescribed or discontinued, including physician notes on the subject. Of course, such information finding its way to public websites would present a novel difficulty if, say, we can look up Dr. X and see that she wrote 30 prescriptions for contraceptives last month, half of which were for girls under 16 years of age.
  • In the interest of informing patients on physicians’ expertise, a company may decide to publish names and frequencies of procedures performed by physicians. In addition to the fact that the raw number of performed procedures is not indicative of proficiency if not accompanied by outcomes data which is almost impossible to obtain, our beleaguered Dr. X may find a web listing of the number of abortions she performed on teenage girls right next to her name and home address.
  • Administrative data can provide average times spent with patients, with no differentiation between the 5 minutes required for allergy meds renewal and the half hour you spent with elderly complex patients. Schedule data can also be manipulated to deduce when you take vacations. Is anybody watching your house while you’re enjoying those exquisite Hawaiian sunsets?
  • Of course the call for greater transparency will create numerous websites trying to provide patients with a Consumer Reports style rating of doctors. Quality measures similar, or identical, to the ones submitted to CMS will come in very handy. If you report that only 20% of your patients have an acceptable Hb1Ac level and I am a diabetic looking for a good doctor, I’d probably pick one with better “outcomes”. The fact that most of your patients are underserved, poor and even homeless and you are pretty much a saint is not evident in your outcomes. Sorry.
  • EHR progress note data can indicate how thorough you are. If you routinely document only a handful of Exam and Histories elements, maybe I should find a doctor that takes more time and is more thorough, or one who has an EHR that documents all negatives by exception, whether he looked at it or not. There will be very few patients savvy enough to know the difference.
  • Here is a more interesting possibility. By examining your SOAP notes, computers can figure out your decision making patterns. These patterns can be cross aggregated and will make for very interesting research. However, these patterns, once established, could also become admissible evidence in a court of law.
  • As data becomes richer and more liquid, more possibilities to monetize physician data will emerge, just like monetization of patient data will become rampant. Fortunately, patient privacy is central to all new standards and policies being created by the Government. By contrast, physician privacy is not even an afterthought. While physicians have always been morally and legally obligated to protect their patients’ privacy, perhaps the time has come to also consider the doctor’s privacy in this brave new digital world.

    Margalit Gur-Arie blogs frequently at her website, On Healthcare Technology. She was COO at GenesysMD (Purkinje), an HIT company focusing on web based EHR/PMS and billing services for physicians. Prior to GenesysMD, Margalit was Director of Product Management at Essence/Purkinje and HIT Consultant for SSM Healthcare, a large non-profit hospital organization.

    Livongo’s Post Ad Banner 728*90

    20
    Leave a Reply

    20 Comment threads
    0 Thread replies
    0 Followers
     
    Most reacted comment
    Hottest comment thread
    8 Comment authors
    Internet T1GoMotionElectronic Medical RecordsrbarMD as HELL Recent comment authors
    newest oldest most voted
    Internet T1
    Guest

    All people have a private life. Regardless of who that person is and what is that person’s status in the community. That person is still a human. The post is very nice. – Internet T1

    GoMotion
    Guest

    THIS IS NOT SPAM!!!!
    http://www.zoomerang.com/Survey/WEB22AUMJHAHPJ
    Please take my Survey about Health and Fitness!!!!
    Your Participation is appreciated!!! Chance to win $50 Amazon.com Gift Card!!!
    Thanks!!!
    GoMotion

    Electronic Medical Records
    Guest

    Electronic health/medical records are very useful to keep the results of AIDS status of a patient. right?
    I want to know how this technology works?
    what is the basic concept in it?

    MD as HELL
    Guest
    MD as HELL

    There will be docs in practice who will charge for and be paid for a private records practice. Medical speak-easies. No one except hard core liberal policy wonks and EHR vendors think this (national EHR)is a good idea.

    Margalit Gur-Arie
    Guest

    Bev, when the medical record was between one and one’s doctor(s), youthful indiscretions and all sorts of mishaps could be safely related to the medical record with minimal “embarrassment”. Now that all this data is about to flow through NHINs and HIEs and HIOs and HISPs and all sorts of other acronyms before they reach another doctor and at each point in the system there is a risk of leakage in the form of security breaches, outright selling of data (a little deitentified, or a lot) and mandatory reporting to States and Feds, people may want to expunge certain things… Read more »

    bev M.D.
    Guest
    bev M.D.

    Margalit; To address the “voluminous relevance” issue, I was referring to the mounds of nursing notes, vital signs charts, EKG strips, etc. that one had to sift through to find the physicians’ notes or imaging reports. EMR’s would actually be better on that score. As to the medical record itself (either paper or electronic), one cannot arbitrarily edit out what might be embarrassing. What happens to you medically, embarrassing or not, needs to be recorded. For example, if I saw that a male patient had come in 10 years earlier with a coke bottle up his rectum (rectal foreign objects… Read more »

    Margalit Gur-Arie
    Guest

    Bev, in your experience, what percent of those voluminous charts were relevant to patient care? I just don’t see how a fake suicide attempt or rectal foreign body from 50 years ago can be relevant for someone presenting with chest pain at the ED. On the other hand I can see how items like that in your chart can cause plenty of embarrassment, loss of jobs, insurance denials, etc. In effect the medical record becomes a rap sheet. It seems to me that there must be some way to expire/expunge things from the “public” record, but I really don’t know… Read more »

    bev M.D.
    Guest
    bev M.D.

    Margalit; As with all things in life, a balance must be struck. When I was a medical student, one of my jobs was to track down the old charts on new admissions or on patients who came into ER’s. This was often an arduous job involving waiting in line and fighting with Medical Records clerks who weren’t interested, but you’d be surprised how useful those old charts were when the patient couldn’t or wouldn’t give an accurate medical history. (It was also my job to flip through their voluminous, poorly organized pages and cull out the relevant stuff) Now, as… Read more »

    MD as HELL
    Guest
    MD as HELL

    Exactly. “Someone” will be editing all this through a political filter and it will be totally useless. The only winning move is: not to play.

    Margalit Gur-Arie
    Guest

    Seriously, I’m starting to doubt the wisdom of having this life long medical record following you around for the rest of your life. So you did some stupid stuff when you were a kid, does every doctor you’ll ever see need to be made aware that you had issues with a tampon when you where a kid? Does your respectable family 20 years from now need to be made aware of your fake suicide attempt when Johnny skipped town with a two bit tramp? Is this the sort of stuff we need to store and secure in government databases? I… Read more »

    MD as HELL
    Guest
    MD as HELL

    How about diagnoses like:
    “inappropriate drug seeking behavior”
    “Noncompliance.”
    “Malingering”.
    “Looking for 3 hots and a cot.”
    “STD.”
    “HIV”
    “Rectal foreign body.”
    “Retained tampon.”
    “Prescription drug abuse.”
    “Suicide gesture.”
    “Alleged sexual assault.”
    My nights in the ED should make for useful information and a movie with merchandising rights.

    bev M.D.
    Guest
    bev M.D.

    Thanks, Margalit; I’ll take a look. I did write to the FDA, for what it’s worth, about possible regulation of EMR’s and cited these authors’ previous paper; thanks to Bobby G. for finding it. I have to agree with MD as HELL and rbar. Physicians have been trying to say these things all along, but have been drowned out by the patients who want to see all their data. I say, don’t change what you write in there and let the patients read it, as long as it is professionally worded, of course. There are such legitimate diagnoses as clinical… Read more »

    Margalit Gur-Arie
    Guest

    Bev, here is a new paper from Hoffman & Podgurski (the authors of the Harvard piece on the need for FDA oversight). I think it was published by Berkeley, but it’s not yet available at btlj.org online.
    It explores the new legal liabilities created by EHR technology adoption – E-Health Hazards: Provider Liability and Electronic Health Record Systems.
    http://www.wcpn.org/photos/soi/2010/e-health-hazards.pdf
    I thought you may like this one too. Very well written as usual.

    Margalit Gur-Arie
    Guest

    MD as HELL and rbar, you are bringing up something quite different and in my opinion very important. How accurate and how “good” will the records be if both patients and doctors know that whatever happens in the exam room will not be confined to the exam room any longer? If patients hold back information, or feelings, are there going to be more diagnosis errors? If doctors don’t write down stuff they would want a colleague to know, but wouldn’t necessarily want the patient (or his family) to see, would transitions of care become a bit more “fuzzy”? Is keeping… Read more »

    rbar
    Guest
    rbar

    I think that in some respects, openness of medical records combined with patient centeredness, has some downsides: most docs feel that they cannot tell (and cannot document) what (they think) a patient does not want to hear. These things include (but are not limited to): -your health would improve with lifestyle changes (e.g. stop smoking, start exercising, loose weight) -your complaint is not organic in nature -you complain in most dramatic terms about medical symptom x, but from your own report, it does not appear to affect your work or private/social life. -you express frustration with the care for a… Read more »