There is an understanding between patients and their doctors that privacy will be maintained, that a patient’s personal information will not be shared without permission. When that privacy is denied, it can have serious repercussions. Patients need to be able to trust their doctors and other medical professionals in order to get the best care and breaches in confidentiality erode that trust and also cause emotional harm.
If you suffered because someone, a doctor, a tech, a nurse, or even a medical office administrator, shared your information or made it vulnerable through a mistake, you may have a case for medical malpractice. A lawyer that specializes in malpractice cases can help you file a lawsuit and prove that you were a victim of medical negligence and the harm it caused.
HIPAA Protects Patient Privacy
The Health Insurance Portability and Accountability Act of 1996, or HIPAA, is a law that was passed under President Clinton that is designed to protect patient confidentiality. It was written at a time when many medical offices were beginning to make patient records electronic, which raised a lot of concerns for security. The law also addressed the ability of patients to transfer healthcare when moving between jobs.
Medical professionals were already held to ethical standards that forbid them from sharing information about patients, but there had been no federal law to enforce it. This left a lot of holes in different parts of the country where a doctor or other caregiver could get away with breaches in confidentiality. HIPAA helped to set the standard for how to use an manage electronic medical records, to protect patient privacy, and to minimize fraud while also making medical administration smoother and more streamlined.
Patient Rights and Breaches of Confidentiality
According to HIPAA, medical professionals and other workers in healthcare and medical records are responsible for protecting and maintaining patient information, both to ensure that patients get continuity in coverage and care and also to protect patient privacy. Patients have certain rights under HIPAA, and it is important that they understand these rights. When they are violated it may be a case of medical negligence and malpractice. The rights under HIPAA include:
- Access to and copies of personal electronic medical records.
- The right to check and request changes to electronic medical records to correct errors.
- The right to make a notation about a perceived error in medical records even if the doctor disagrees that it is a mistake.
- The ability to send electronic medical records to a third party, such as a new doctor.
- To be contacted by medical professionals at an alternative address or phone number.
- The right to specify information that should never be shared, even with other medical professionals or in an anonymous way.
When HIPAA Violations are Malpractice
As with any type of medical malpractice, proving that it has occurred requires several steps. Regardless of the accusations made by the patient and their legal team, it must be proven that the person being accused had a duty to provide care to the patient. It must then be shown that there was a breach in that duty, in this case a breach in confidentiality, and that the breach led directly to harm to the patient that resulted in damages.
When it comes to confidentiality, there may also be other charges that come against the person responsible. This is because there are laws that protect patient privacy. A medical professional could face charges for breaking those laws and be accused of negligence and malpractice. Proving a breach in care in these cases is often simple because it is often intentional. In cases in which the breach in confidentiality was accidental, caused by a mistake someone made, it may be more complicated, but negligence can be proven if expert witnesses can show that they would have done something different in the same situation and that the mistake would not likely have occurred.
There are also instances in which a breach in confidentiality is acceptable, for instance when there is serious concern for the safety of the patient or others. An example may be when a psychiatrist hears from a patient that they want to commit a specific, violent act. The doctor has a duty to protect the intended victim. There may also be state laws that require information be shared, such as when someone has an infectious disease that could affect public health.
Consequences of Breaches in Confidentiality
Protecting individuals is an important reason to maintain privacy, but there is also a bigger picture. Maintaining confidentiality helps to establish trusting relationships between doctors and patients, and this is essential for patients to get the best care. If a patient does not trust medical professionals, he or she may not share all important information or take needed advice.
Other consequences of breaching confidentiality are more individualized and personal. These are largely related to mental and emotional health, but may also affect physical health. Sharing medical information can be embarrassing and can impact a person’s mental health, relationships with others, social life, and even work.
Examples of Privacy Lawsuits
The consequences of a breach in patient confidentiality can be very serious, often causing mental and emotional anguish more than physical harm. In one case a child suffered both as a result of a medical professional breaching his privacy. The eleven-year-old boy had attempted suicide and his mother sued the hospital where he received care, alleging that a staff member shared information about the incident with people at his school. The boy was bullied as a result.
In another case that exemplifies how emotionally damaging breaches of confidentiality can be, a young woman had her positive test results to human papilloma virus exposed on social media. A technician from the medical center where she was tested posted the result along with the patient’s full name and other identifying information. The victim’s lawyer was able to reach a settlement with the hospital without needing to file a lawsuit. She now sees a therapist regularly and still feels victimized and ashamed.
Many of these cases are personal. A woman won a jury award of $1.44 million after a pharmacist, at the time dating and later married to her ex-boyfriend, snooped in her medical records. The pharmacists then shared information with the ex-boyfriend, also the father of the victim’s child. Among the very personal information exposed was that the woman had stopped taking birth control before getting pregnant.
Maintaining privacy with respect to patient records is important for so many reasons, not least of which is the development of a trusting medical relationship. When confidentiality is breached, it can have far-reaching consequences, in some cases life-changing and devastating results for an individual. If you feel that someone who was responsible for your privacy was negligent in breaching it, you may have a case for malpractice that could lead to a settlement if you get the expert advice of an experienced lawyer.