Privacy Can Be Lethal

Article excerpt


Anyone visiting a physician's office or health facility since April 14, 2003, has almost surely been handed a complicated legal document defining newly acquired patient privacy rights.

These stem from the Health Insurance Portability and Accountability Act (HIPAA) of 1996. And the Department of Health and Human Services (HHS), charged with implementing the law, calls them "the first-ever federal privacy standards to protect patients' medical records and other health information provided to health plans, doctors, hospitals and other health care provider. ... They represent a uniform, federal floor of privacy protections for consumers across the country"

Normally, privacy would be considered to be a good thing. But the law is sufficiently complex and quirky for benefits and risks to be highly unpredictable. Consequently, in a recent column in Internal Medicine World Report, addressed to physicians, I parodied what it would take to configure my medical office to accommodate the requirements of the Privacy Act. The idea of partitions between the seats in the waiting room (analogous to those between stalls in public restrooms), burkas (bought as war surplus from Afghanistan) to completely obscure individual patient identity and ingenious ways to call patients in without using their names struck me just what the doctor might need for comic relief.

The more thought I give the subject, however, the more convinced I become that the HIPAA law is not just an overly complex and bureaucratic way of serving a good cause. Instead, HIPAA's underlying philosophy of privacy-at-all-costs now strikes me as fanatical and, in some respects, dangerous. It is based on the notion you can never have too much privacy. And the law's passage represents a glorious victory for single-issue privacy monomaniacs who believe in one-sided coins.

I got an inkling of how wrong this can be when I ran into two of my patients busy gabbing away in the open doorway of one of the examining rooms. Their families had been friends, but since the death of one of the husbands, they hadn't gotten together. Now they were delighted at the accidental encounter as one was departing and the other was arriving for an office visit.

Jokingly, I said: "I don't know if it's still legal for you two to talk to each other. You are violating each other's privacy." They laughed, until I began explaining how visiting the doctor is now expected to be done so privately that all people who haven't been screened and approved in advance are to be considered potentially dangerous to the patient as if they are pathogenic germs.

This New Victorianism places psychological and communication barriers between people quite analogous to the physical barriers created by Victorian dress. It makes going to the doctor an unmentionable, comparable to going to the toilet, and it creates the illusion that perhaps there are people who do neither. At a minimum, ministering to physical imperfections is perceived as sufficiently embarrassing for it to be concealed or disguised, much as the original Victorians did with bodily functions.

Privacy has always been important in medical practice, but over the years, I have tried to make the therapeutic experience as natural as possible. A solo practice like mine has been for some 30 years is uniquely suited to treat patients in a friendly and personal way. Perhaps HIPAA struck me as a solution in search of a problem because I've never had a patient complain because a name was called or visible on the file in the chart rack. To my knowledge, nobody worried that the Spanish-speaking janitor might peruse his or her chart during breaks from dusting and vacuuming at night. Maybe that's why having patients sign off on receiving a copy of their privacy rights and having me sign privacy contracts right and left strikes me as surrealistic. …