The single deadliest blow to confidentiality by all health professionals ... is their collusion with managed care.
--Bollas & Sundelson (1995, p. 130)
Managed care organizations have become one of the dominant approaches to health care delivery in the United States. This approach has important implications for the confidentiality of patients' medical records; specifically, close scrutiny suggests an inherent paradox concerning the maintenance of patient confidentiality in the age of complex managed care arrangements. Although these systems are designed to provide less expensive, quality care for patients and streamlined efficiency for health care providers, they concomitantly compromise privacy by making patients' confidential records available to a wide range of internal and external audiences. It is this important paradox and its impact on health communication that we seek to address by presenting a case study framed by an extension of Communication Boundary Management (CBM) theory (Petronio, 1991).
Managed care is a broad, and often confusing, term that refers to a multifaceted and continuously evolving system designed to provide quality health care and simultaneously contain costs (Integrated Health Care Association, 2000). Managed care organizations are responsible for the health of an enrolled group of people and, consequently, seek improvements in both the results and the cost-effectiveness of services provided. These organizations include a wide array of health insurers, medical groups, hospitals, and integrated health care systems. Management and control of spending are maintained by closely monitoring how physicians and other medical professionals care for patients; techniques include not allowing procedures to be performed, refusing physicians' permission to discuss alternative procedures, limiting coverage to care by preferred primary care physicians and hospitals, and requiring preauthorization for specialty care (American Medical Association, 1999; Integrated Health Care Association, 2000; University of California, 1999).
Managed care was designed to simplify health care systems and contain health care costs; paradoxically, it has simultaneously created an exponential increase in the number of individuals who have access to patients' files, access that may compromise the confidentiality of patients' health communication and their health care. In the managed care environment, the approach to protecting patients' confidentiality seems to be dictated by business interests rather than traditional codes of ethical conduct, which state that health care professionals will do their patients "no harm" by maintaining a "duty of silence" regarding communication of patients' private information, (Everstine et al., 1980). In the current managed care environment, instead of just the primary physician and immediate staff having access to a patient's information, as many as 17 people now have authorized access to a patient's record (Munson, 1996; Rock & Congress, 1999). Within this system, individuals, such as administrators, employers, insurance company representatives, legal experts, researchers, and police officers, have easier access to a patient's personal health data ("Association Cites Confidentiality Problems," 1999).
Even with confidentiality policies in place at health care organizations and with employees signing confidentiality agreements upon being hired, more breaches of confidentiality may be occurring simply because the number of individuals with access to confidential information increases in a managed care environment. With so many individuals accessing and communicating patients' confidential data through the widespread use of computerized records (Anderson & Brann, 2000; Pendrak & Ericson, 1998; Shalala, 1998; Weingarten, 1992), multidisciplinary health care teams (Cummings, 1993; Dodek & Dodek, 1997; Lazoritz, 1994), and primary care physicians serving as gatekeepers to specialists (Bodenheimer, Lo, & Casalino, 1999; Grumbach et al. …