The privacy of electronic health records is protected under the Health Insurance Portability and Accountability Act (HIPAA) of 1996. One right granted to patients under HIPAA is the right to require permission to release of personal health records. This provision makes it illegal for health care providers to disclose electronic medical records without prior written consent. However, that does not mean leaks and HIPAA violations do not happen for some high-profile figures.
Recently, there have been several personal health record scandals (and HIPAA violations) involving celebrities who have had their medical records leaked to the public. Victims of this unauthorized release of medical records include Michael Jackson, Whitney Houston, Britney Spears, Farrah Fawcett and former California First Lady Maria Shriver.
Medical records contain a lot of personal health information and in today’s gossip obsessed culture, this release of medical information can be a treasure trove for tabloids. However, breaches of HIPAA do not only involve leaks to the press. Anyone accessing medical records and looking over medical files without authorization are committing HIPAA violations.
Breaches to Electronic Health Records
A 2008 state report found that over 120 employees of the UCLA medical Center in Los Angeles had viewed the electronic health records of celebrities without authorization between 2004 and 2006. The crackdown during that time led to numerous warnings, employment terminations, and hefty fines. In 2011, the UCLA Health System agreed to pay $865,500 as part of a settlement with federal regulators after two celebrity patients alleged hospital employees broke the law and reviewed their medical records without authorization.
In 2009, Kaiser Permanente’s Bellflower hospital was fined $437,500 for breaches to the personal health records of Nadya Suleman, a mother of octuplets.
Everyone in the medical field is required to have to be informed of HIPAA privacy requirements, and many companies have additional rules in place to protect patient privacy. However, the temptation of learning about a celebrity’s personal health record is in many cases too hard to resist. Non-celebrities can feel more assured of medical record confidentiality.
Electronic Health Records Might Actually Help Celebrities (and you)
“Medical privacy is a fundamental right,” Kathleen Billingsley of the California department of Public Health told the Los Angeles Times. “Every Californian treated at a hospital should not have to worry about who is viewing their medical information.”
Proponents of electronic medical records and electronic health records (EMR/EHR) technology say that electronic patient records could help prevent leaks.
With a paper personal health record, almost anyone can look at a record without leaving a trace. Electronic medical record systems can control access to personal health records by limiting user authorization. They also have the potential to provide an audit trail of all users who have accessed a specific personal health record. This transparency, proponents say, would provide a significant deterrent to leaks and decrease the change of HIPAA violations.
As always, patients should talk with their doctors to learn the specific patient privacy measures at their practice.
Under HIPAA, unauthorized disclosure of patient medical information is illegal.
The personal health records of public figures are sometimes accessed without authorization due to the ease of sneaking a peek at paper medical records. Moving to EMR will help protect everyone, including celebrities.
Widespread implementation of EMR/EHRs could provide privacy benefits by tracking all access to medical records.
It is important patients talk with their doctor to know what security measures in place to protect their personal health records.