Rapid proliferation of information and communication technologies have forced healthcare consumers to redefine, reevaluate and readdress their privacy expectations and needs. It has been empirically established that there exists today an inversely proportional relationship between personal control over one's medical data and the patient's privacy protective behavior, which adversely affects the abilities of the patient's healthcare provider to research and treat health conditions. A survey by the California Health Care Foundation found that one out of every six individuals engages in some form of privacy-protective behavior to shield themselves from the misuse of their health information (including lying to their doctors, providing inaccurate information, doctor-hopping to avoid a consolidated medical record, paying out of pocket for care that is covered by insurance, and avoiding care altogether). Individuals who fear that their sensitive medical data will be distributed and/or misused thus withhold participation or actually interfere with the effectiveness of their healthcare.
In 1996, the United States Congress effectively acknowledged the legitimacy of the increasing privacy concerns regarding health records in the integrated digital world when in passed the Health Information Portability and Accountability Act. Last November, the Clinton Administration submitted a proposal to Congress that further dealt with the growing concern regarding the nation's weak or nonexistent federal regulation of access to hardcopy and digitally stored health data. Since its submission, the document has created notable controversy on two accounts: the first was its failure to propose meaningful restriction with regards to law enforcement agencies access to medical data; the second, Congresses' inability to meet its August deadline for passing a comprehensive health privacy legislation.
Two primary barriers to improving medical care exist in the United States: the incomplete, disintegrated nature of medical data collection, management and storage; and the lack of enforceable privacy standards with regards to access, distribution and use of private medical data. While meaningful integration - which presupposes facilitated access and use - would greatly improve the efficiency of both the healthcare and the criminal justice systems, it must be viewed and evaluated in the light of the direct affect on privacy and personal control that such consolidation entails. Healthcare consumers, along with care providers, privacy advocates, and legislators, will continue to conceptually and practically balance the fundamental right of privacy against need for security and efficiency.
Peter Swire, the Chief Privacy Counselor of the US Office of Management and Budget, expressed optimism regarding the government's and the industry's ability to "build privacy into [information] structures". Mr. Swire outlined the US legislative history of bills, proposals and initiatives that addressed medical privacy, noting that Congress has made substantial progress in the 1999-2000 period. Mr. Swire's data indicated US healthcare consumers' serious engagement and concern with regards to their health privacy: 60,000 comments, dozens of which consisting of a hundred or more pages, were submitted in response to the 1996 HIPAA (Health Insurance Portability Act), which required Congress to address health privacy issues. Arguments in favor of strict regulation of healthcare information include economic, rights-based, and those founded on public concern. "Records save lives", Mr. Swire concluded, "We want [consolidated medical information] but with better privacy".
Angela Choy, a Field Director for the Georgetown Health Privacy Project, rejected the validity of the commonly perceived conflict between consumers' privacy and practitioners' effective access to medical data. Ms. Choy argued that greater privacy leads to improved healthcare research and service; alternatively, lack of privacy causes healthcare consumers to interfere with and impede the quality of their healthcare. Fear of disclosure (hence, fear of stigmatization, loss of employment, loss of insurance, etc.) may ultimately lead to avoidance of medical aid altogether. Protection of privacy thus signifies protection of public health.
Greg Miller, Chief Internet Strategist of MedicaLogic.com, described a theoretical variety of health risks, inefficiencies and instances of malpractice that result from unavailability of consolidated medical data. MedicaLogic.com, through integration and centralization of patients' health records and workflow re-engineering, creates digital health portfolios that seek to reduce errors and omissions, thus enhancing healthcare quality while reducing costs. Mr. Miller acknowledged the issues of security, privacy and reliability as the primary concerns of MedicaLogic.com.
Rebecca Daugherty, representing Reporters Committee for the Freedom of the Press, argued that health privacy regulations should not cut off access to reporters to truthful, non-stigmatizing information; privacy regulation should not penalize whistleblowers and cripple reporters. Ms. Daugherty claimed the existence of strong public interest with regards to health and healthcare issues; "The public must know", she stated, "if an airplane pilot has had an alcoholism problem". In response to Ms. Daugherty, audience member and Information and Privacy Commissioner of Ontario Ann Cavourkian expressed concern regarding backdoor disclosure of healthcare records and unscrupulous reporting, which serve public curiosity. On the whole, the panel appeared to acknowledge the legitimacy of healthcare consumers' increasing privacy concerns and agree that even those interests of the press that represent legitimate public interest must be balanced against consumers' right to privacy.