Berkman Center for Internet & Society
  • Privacy and Identity
  • Privacy Standards
  • Cross-Border Issues
  • Encryption
  • Cookies and Clickstreams
  • Free Speech and Filtering
  • Workplace Privacy
  • Medical Records
  • Lecture Hall

    Lesson beginning: May 15, 1999 - 12:00:00 AM (midnight Friday)

    Jump to: lessons

    8. Medical Records:

    Benefits of Increased Data Collection

    Greg Borzo, "Automation trends in medicine," AMNews staff. American Medical News, October 13, 1997

    This article discusses a new project at the University of California San Diego School of Medicine called the Patient Centered Access to Secure Systems Online (PCASSO). PCASSO will put patients' full medical records on the Internet, permitting physicians and health-care providers to view them from anywhere with Internet access. Borzo reports that such a system will help patients become "providers" of their own care, since they can ask doctors to define and clarify things in their records. Borzo talks briefly about the security measures the system will employ to prevent unauthorized users from gaining the patients' medical information.

    HealthCare Industry Report: Document Imaging, Workflow, and Electronic Patient Records

    This site provides three insightful articles relating to managing computerized patient records. In his article, "What Healthcare REALLY Needs to Know About Managing Electronic Documents," Bob Smallwood details the benefits health care providers derive from using Electronic Paper Records (EPR). He argues that they, "...reduce labor, eliminate lost files and loose sheets, improve access to authorized users, increase security (with a 100% audit trail), and provide quicker documentation for claims." Debbie Madison argues in her article, "Breaking Away from Paper," that "With the click of a button, the physician can access each chart to be reviewed and completed. Physicians can also edit transcribed documents online in real time rather than sending them back to the transcriptionists...The hospital estimates that emergency department physicians are completing charts in 1/15 of the time it previously took with paper..." And, finally, in their article, "The Journey to the Electronic Health Record," Mary Lu Lander and Angela Daniel give further explanation of the way electronic health records work and their benefits.


    This is the site to a health care environment entitled TelMed, created by the Los Alamos National Laboratory in collaboration with the National Jewish Center for Immunology and Respiratory Medicine. TelMed "is an intuitive patient-record system that supports image, audio, and graphical data, ... integrates complete patient records with detailed radiographic data, and allows the remote sharing of patient and radiological data over networks...TeleMed improves clinical diagnosis and reduces the cost of health care by eliminating the time-consuming and costly activity of data gathering and by enabling easy use of powerful analysis tools."

    LaserCard System

    This site advertises a LaserCard System, which stores a patient's medical information electronically on a card that the patient carries with him or her. The site claims that the optical memory card can "transport secure, partial or complete electronic patient records, helping to expedite care, reduce costs, and perhaps save lives."

    The Dystopic Alternative

    The 1997 movie "Gattaca," written and directed by Andrew Niccol, was an flashy flop that nevertheless prompted viewers to consider the society that we might end up with if medical databases were combined with a little biological determinism. Andrew Niccol spoke at the Computers, Freedom, and Privacy in Washington, D.C. this year.

    Current Federal Legislation

    The following two acts provide some limited protection for medical information privacy:

      The Privacy Act of 1974.  This act generally provides that no federal agency may disclose information without the consent of the individual.

      Americans with Disabilities Act.  This act provides that: employers may not ask for medical information prior to offering employment; once hired, the employer may not require any medical examination that is not required of all employees holding similar positions; if a potential employee is not hired, the employer must prove that it is physically impossible for the individual to do the work required. This act applies to businesses with more than 25 employees.

    In 1996, the Kennedy-Kassebaum Health Insurance Portability and Accountability Act of 1996 was enacted. Under one of its provisions to simplify the administration of health insurance, the Act calls for the Secretary of Health and Human Services (HHS) to develop standards for the exchange of electronic health information and for the creation of unique health identifiers for individuals, employers, and health plans.

    Within this same bill, Congress called for the development of recommendations to protect the privacy and confidentiality of Americans' health records.

    The recommendations, presented to Congress by HHS Secretary Donna Shalala, propose to "provide important new rights for patients and define responsibilities and limitations for those who need to have access to these medical records." Shalala's recommendations include: a nationwide standard; leave for the states to enact stronger standards if they wish; granting patients access to their own medical records and the ability to make corrections; ensuring that those who provide and pay for health care give patients clear written explanations of how they intend to use, keep and disclose the information; and providing punishment for those who misuse personal health information.

    The recommendations provide for an exception to privacy requirements for law enforcement officials acting in their official capacities. If Congress does not pass legislation with regard to privacy, the Health Insurance Portability and Accountability Act of 1996 calls for the Secretary of the Health and Human Services to impose confidentiality controls on electronic transaction systems.

    The ACLU has voiced concerns with the HHS recommendations. The organization claims the proposal: fails to allow individuals to insist on paper records; fails to protect records from being up-linked to national databases; and fails to prohibit the creation of a system of "unique health identifiers" (a de facto national health I.D., much like one's Social Security Number) that would be attached to every piece of medical information. The organization also claims the law enforcement exception is too wide and could lead to abuses.  

    Proposed Federal Legislation

    The following bills, introduced during the current session of Congress, are attempts to provide federal protection to health and medical information in an age of computerization.

    Currently there are several proposed laws designed specifically to protect genetic information from misuse. For the purposes of this course, we will highlight proposed laws that seek to protect health and medical information generally.

    S. 1921 Health Care PIN Act

    Introduced by Senator Jeffords (R-VT), this bill seeks to protect against the unauthorized and inappropriate use of health information that is created or maintained as part of medical treatment, health care plan administration, or medical research.  If enacted, this bill would allow individuals to inspect and copy their individual medical information upon written request.  Additionally, this bill would require health care providers, employers, health or life insurers, and health researchers to provide notice of their confidentiality practices.

    S.1368. Medical Information Privacy and Security Act (MIPSA)

    Introduced by Senators Leahy (D-VT) and Kennedy (D-MA), this bill would prohibit discrimination on the basis of all protected health information in employment and insurance. Protected health information is defined to include any individually identifiable information that is created during, or becomes part of the health care treatment, diagnosis, enrollment, payment, plan administration, testing, or research processes. In addition, every patient would have the right to challenge the accuracy and completeness of his or her protected health information. The bill would also establish an Office of Health Information Privacy within the Department of Health and Human Services.

    H.R. 52: Fair Health Information Practices Act of 1997

    This bill is an amendment to section 552a of title 5, United States Code to protect personally identifiable health information, as improper use "may unfairly affect the ability of the individual to obtain employment, education, insurance, credit, and other necessities." Representative Condit (D-CA) offers the movement of individuals and health information across state lines, the computerization of health information, and the emergence of multi-state health care providers as justifications for the need for uniform Federal law.

    H.R. 1367. Federal Internet Privacy Protection Act of 1997

    Introduced by Representative Barrett (D-WI), this bill is designed to prohibit Federal agencies from making available through the Internet certain confidential records with respect to individuals, including medical history records. It also provides for remedies in cases in which such records are made available through the Internet.

    H.R. 1815. Medical Privacy in the Age of New Technologies Act of 1997

    This bill, introduced by Representative McDermott (D-WA), notes the lack of protection of health information in some states and the threats to confidentiality posed by computerization and the possibility of unauthorized electronic access and suggests the need for minimum Federal standards of protection. One of the stated purposes of H.R. 1815 is to restrict the gathering of aggregate health information for financial gain or other purposes without obtaining the consent of each subject.

    H.R. 2368: Data Privacy Act of 1997

    Introduced by Representative Tauzin (R-LA), this proposed act includes a provision that restricts the use, for commercial marketing purposes, of any personal health or medical information obtained through an interactive computer service without the consent of the individual.


    Privacy Laws by State, Electronic Privacy Information Center, Current as of October 1994.

    This extensive database allows users to click on any state and provides a chart for each state's privacy legislation. If a state legislates privacy for a certain topic (medical records is an included area), an X appears next to the topic.

    "Legislative Survey of State Confidentiality Laws, with Specific Emphasis on HIV and Immunization," Final Report Presented to the U.S. Centers for Disease Control and Prevention, Professor Lawrence O. Gostin, J.D., LL.D. (Hon.), Georgetown University Law Center and The Johns Hopkins School of Hygiene and Public Health; Zita Lazzarini, J.D., M.P.H., Harvard School of Public Health; and Kathleen M. Flaherty, J.D., Georgetown/Johns Hopkins Program on Law and Public Health , Feb. 1997.

    This report provides a thorough overview of state laws for each area of medical privacy concern. For each sub-topic, the researchers have analyzed how states handle privacy concerns and how many states legislate privacy in medical records. For example, the report analyzes state laws regarding health care information, public health data, redress of medical privacy violations, and protection for HIV and immunization information. Below, we provide only a small sample of the information that is available in this report regarding medical privacy and electronic media. The report also provides an overview of gaps in federal and state laws and provides recommendations for new legislation.

    "Computers and other electronic media are fast becoming the storage method of choice for medical and other personal information. Despite this fact, only twenty-two states have specific provisions regarding the protection of confidentiality of records maintained on electronic or computerized media. These provisions offer varying degrees of protection. Several states, such as Tennessee, use the same standards for confidentiality of computerized or electronic records as those applied to paper records. In other states, including Arkansas, statutes governing confidentiality of computerized health care information apply only to public health data; private physicians, hospitals and other health care facilities may or may not be held to the same definition. Oklahoma's Health Care Information System Act provides that individual forms, computer tapes or other forms of data collected by and furnished to the Division of Health Care Information or to a data processor shall be confidential. Statutory protection of computerized data may also lack specificity. Florida requires only that computerized records be kept in accordance with "sound" record-keeping practices."


    Case Law

    Cases involving medical records privacy generally implement a balancing test, weighing an individual's right or expectation of privacy against the employer's or government's need to access medical records. As you read these cases, apply your own balancing test:  do you feel that individual privacy is being sufficiently protected?

    Also, bear in mind that computer networks can collect, aggregate, and disseminate personal medical information on a vastly increased scale. What effect, if any, will cyberspace have on future judicial determinations similar to these cases?

    Whalen v. Roe, 429 U.S. 589 (1977)
    (When you reach the Supreme Court search screen, enter 429 U.S. 589 in the citation search.)

    Patients and physicians brought an action challenging the constitutionality of New York statutes that mandated that the state be provided with a copy of every prescription for certain drugs and that also provided security measures to protect that information. The Supreme Court reversed a lower court decision and held that the statutes were a reasonable exercise of the state's broad police power. Other courts interpret this decision as recognizing that individuals do have a limited right to privacy in their medical records. What do you think?

    United States v. Westinghouse Elec. Corp., 638 F.2d 570 (3d Cir. 1980) [full text available on Lexis/Nexis or Westlaw]

    The United States sought to compel an employer--by authority of the Occupational Safety and Health Act--to produce employee medical records. The employer objected, raising the privacy interests of its employees and their medical records. The Court of Appeals held that strong public interest in facilitating research and investigations of the National Institute for Occupational Safety and Health justified minimal intrusion into privacy surrounding employees' medical records, and that the employer was not justified in its blanket refusal to give the Institute access to records or in seeking to condition their disclosure on compliance with the employer's strict terms.

    Doe v. SEPTA 72 F.3d 1133 (3d Cir. 1995)
    (When you reach the 3d Circuit search screen, enter "SEPTA" in the party name search.)

    A public employee filed suit against his employer and supervisor for violating his right to privacy after the employer discovered that the employee had AIDS. This discovery was made by examining records of drug purchases made through its employee health program. The Court of Appeals recognized a limited constitutional right to privacy in one's prescription records; however, the Court held that the employer's need for access to employee prescription records outweighed the employee's interest in confidentiality.

    Bloodsaw v. Lawrence 1998 WL 39209 (9th Cir.(Cal.))
    (When you reach the 9th Circuit search screen, enter "Bloodsaw" in the party name search.)

    The Court of Appeals held, inter alia, that the constitutionally protected privacy interest in avoiding disclosure of personal matters clearly encompasses medical information and its confidentiality.

    Electronic Privacy Information Center, "Minnesota Takes the Lead on Agreement to Protect 41 Million Americans,"Oct. 25, 1995.

    This article describes a settlement with two of the largest health care companies in the U.S. The settlement requires the companies to substantially reform their methods of marketing prescription drugs. Under the terms of the settlement, consumers must be advised about the extent to which confidential information in their files will remain confidential, including the fact that medical histories and prescription drug usage could be made available to consumers' employers.

    International Views Regarding Medical Privacy  Federal Privacy Legislation in Australia.  This site provides a list of links and summaries for public and private sector privacy laws in Australia. While these do not specifically address medical records, the laws give some insight into the direction of Australian views with regard to privacy generally.

    European Commission, Press Release: Council Definitively Adopts Directive on Protection of Personal Data, July 25, 1995.  This press release summarizes the European Union's 1995 privacy directive.

    Gesundheitsdatenshutz.  Gesundheit is German for health, daten is data, and schutz is protection. Generally, the site notes that German-speaking countries (Austria, Germany, Switzerland) have not yet addressed such issues in any systematic way, but have begun to show concern for the protection of medical privacy. The German and Swiss Data Protection Registrars (one each for the federal states and one for Germany as a whole) have "issued several cautionary statements about smart cards in the health care field which are being tested in Germany with approval of the physicians' chamber."

    The Doctrine of Confidentiality, Irish Medical Journal, June/July 1997.  This article discusses current Irish judicial opinions with respect to medical records confidentiality. Generally, it explains, "[t]he doctor's duty of confidentiality as regards the patient's medical records, is also governed, ethically by the Irish Medical Council's Guide to Ethical Conduct and Behavior and Fitness to Practice, and legally by the Common Law Doctrine of Confidentiality." It also explores the impact of electronic data on individuals' privacy and the security of medical records.


    Berkman Center for Internet & Society