A Practitioner's Response to the New Health Privacy Regulations
Yang, Julia A., Kombarakaran, Francis A., Health and Social Work
This policy shift requires social workers to develop new ways of managing client information and to respond strategically to the way in which client health information is managed in the health care industry.
HISTORY OF PRIVACY AND PRIVACY REGULATION
The genesis of medical privacy and confidentiality is found in the Hippocratic Oath, which directs the physician not to reveal private patient information (Resier, Dyck, & Curran, 1977). Before the legal establishment of physician--patient testimonial privilege in New York State in 1828 (Nye, 1982), there had already been a long-standing and widespread acceptance of the physician's duty to maintain patient information as private and confidential. The importance of protecting patient health information by nonphysicians was prompted by the growth of health care in the mid-20th century and was acknowledged by the expansion of testimonial privilege to other health and mental health professionals. This privilege was first established in the state court systems (Foster, 1982) and was later introduced to the federal judiciary for social work psychotherapists in the Jaffee v. Redmond (1996) decision.
The regulation of confidentiality in health care was extended to conditions such as AIDS and substance abuse, then to public health and research. Although confidentiality protects the patient from harm caused by disclosure, exceptions may require disclosure to protect third parties from harm (Tarasoff v. Regents of the University of California, 1976). The importance of maintaining confidentiality can be seen in the sanctions and penalties provided by law (Dickson, 1998).
The complexity and specialization in health care has given rise to reorganization of service delivery into new forms, including preferred provider organizations, health maintenance organizations, large group practices, and multiple-hospital corporations. As a result,more people have access to patient medical records than previously. Not only has computerization of patient records expanded access, it has increased the potential for breaches of privacy to a level that was previously impossible (Rice & Katz, 2001). Access continued to expand with the growth of third-party payer systems and their demands to justify payment. The compilation of patient records in large databases made possible large-scale public health research into patterns of illness, effective treatments, and improved quality of care. The benefits associated with patient data banks encouraged the creation of a national health information infrastructure (Committee on Maintaining Privacy, 1997).
In 1996 the drive to establish this infrastructure received a boost with the establishment of HIPAA. Before HIPAA, employee benefits terminated with employment. HIPAA established the continuity of these benefits for an 18-month transition period to new employment. The portability mandate necessitated the development of a unique health identifier to track the medical services provided throughout a person's lifetime. …