Norman M. Bradburn,
Tiffany & Margaret Blake Distinguished Service Professor Emeritus
Patient confidentiality and medical privacy have been
of growing concern to individuals and lawmakers alike. Inadequate
federal guidelines and a patchwork of confusing state and local
rules regarding privacy protection for individually identifiable patient
information have only contributed to the general frustration and distress
that this issue causes for many people.
In the Harris School Working Paper "Medical
Privacy and Research" University of Chicago Professor Norman
M. Bradburn discusses the issue of medical information privacy as it
affects research practices. Bradburn argues that information obtained
either in the ordinary course of providing medical care or in research
projects to which individuals have given their informed consent does
not require further consent to be given, so long as the medical data
is "de-identified" and not associated with the individual's
identity. Patients do continue to retain control over any information
that is individually identifiable, and this control may be revoked
only where permission has been granted by the patient or in cases of
public health endangerment.
Key Arguments
According to Bradburn, individuals seeking medical
treatment temporarily surrender their right to privacy to their physician.
In exchange, patients receive treatment and are given to understand that
any medical professionals involved in their care will treat as confidential
any information obtained during or produced by the treatment. This confidentiality
is extended to others who may be consulted, such as medical personnel
and specialists, as well as to persons or insurers who partially or wholly
pay for the treatment.
Bradburn distinguishes between the kind of medical
data that usually viewed as an individual's confidential information
and that information which is "de-identified," i.e., data that
is parsed from a patient's identity and pooled with similar data for
purposes of medical research or policy analysis. Bradburn argues that
confidentiality issues regarding patient-linked information (e.g., John
Doe's blood pressure) are wholly separate from those regarding data linked
to measurements or characteristics about patients in general (e.g., the
blood pressure of a 65-69 year old male). Once information has been converted
to general medical data, Bradburn attests that there should be no question
of control of the data's use because it no longer describes an individual's
health, but instead conveys information about abstract health patterns.
Control over information that is specifically identifiable
to a patient's identity is not absolute, according to Bradburn. He points
out that in cases where public welfare needs take precedence over the
privacy requests of an individual, those requests may be denied. Examples
of cases in which individual privacy rights are routinely discounted
include situations in which the spread of infectious disease constitutes
a public health emergency, such as current AIDS epidemics around the
globe. In cases of public health risk, researchers' need for data that
can determine patterns and causes of disease may override the ordinarily
irrevocable rights to medical privacy.
That medical records are increasingly kept in electronic
form raises new questions about the control of medical information. When
records exist in a form that can easily be shared with others, legitimate
fear concerning loss of privacy arises. Bradburn's paper argues that
this fear is not properly an issue of privacy, but involves the viability
of social norms that govern the doctor/patient relationship and the use
of medical information that is obtained within that relationship. When
medical information is used for research purposes, the information is
transformed into data elements and is no longer about individuals. However,
Bradburn believes that the fear that data may be used to cause harm for
the individual is well grounded and legitimate and, if not addressed,
may create undue pressures for legislation that could have negative consequences
for medical practice and health research.
In addition to discussing the nature of medical privacy
fears, Bradburn's paper also deals with a number of strategies to protect
medical information from unwanted breaches of privacy. Common practices
used to maintain information confidentiality include the use of written
confidentiality agreements, physical restrictions to sensitive file areas,
and the verification of an individual's identity and authority to obtain
information. When files are in electronic form, there are two general
strategies employed to protect files from unauthorized use. One set of
techniques alters the information, making it more difficult to link the
data with the identity of any individual provider. Directly altering
values of measurements, such as categorizing people by income or race,
or altering values of measurements on a random or statistical basis are
ways of de-identifying medical information. A second method of protection
relies on restricting access to unaltered data to select individuals
using it under special conditions, who are also subject to sanctions
if there is violation of the confidentiality obligation.
The challenge for medical professionals, researchers,
and policy makers is to find the balance between protecting medical information
from disclosure that might harm the individual while facilitating improvement
of the quality of medical care and of medical research. Bradburn cautions
that "in a world of rapidly changing information technology, this
task is not an easy one or one that can be successfully accomplished
without adequate funding and sustained attention."
Background
With electronic medical records being stored in increasingly
accessible formats, public concern has grown that this
information might be used to the detriment of an individual's
employability or insurability. In 1996, the U.S. Congress
passed the Health Insurance Portability and Accountability
Act (HIPAA), which gave Congress three years to pass health
privacy legislation. When Congress was unable to enact
law, provisions in HIPAA mandated that the Secretary of
Health and Human Services circulate final regulations.
In December 2000 President Clinton and HHS Secretary Donna
Shalala released the Standards for Privacy of Individually
Identifiable Health Information rule, establishing federal
protections on the use and disclosure of personal health
information.
Publication of the Clinton regulations
was greeted with a barrage of responses from legislators,
journalists, and the public. Access to medical records
by law enforcement officials was one of the most contentious
issues. Shortly after taking office, President George W.
Bush issued a ninety-day stay on the Clinton Administration's
HIPAA medical privacy rules. The U.S. Congress, still unable
to agree on legislation, deferred the issue to the HHS
Secretary once more. On April 14, 2001 President Bush directed
Secretary Tommy Thompson to allow the patient privacy rule,
putting into effect the HIPAA regulations presented by
Clinton the previous December.
On June 29 the U.S. Senate passed a landmark patient's
rights bill, making sweeping changes to the President's
earlier restrictions on patient's rights and dramatically
upsetting the medical insurance lobby. The bill faces passage
by the House, and the President has threatened to a possible
veto. Democrats and Republicans, journalists, public interest
groups, medical insurers, and others will continue to debate
the issue of medical privacy well into the future, as they
discuss legislation ramifications for individuals (medical
treatment, insurability and employment) and for the public
(public health policies and national and international
research guidelines).
This paper was prepared for the conference "Regulation
of Managed Care Organizations and Its Impact on the Physician-Patient
Relationship," held at the University of Chicago Law School,
December 8-9, 2000. A revised version is scheduled to be published
in the Journal of Legal Studies in early 2002.
Download a copy of
this study.
Research Summaries are designed to help
broaden the dissemination of current policy-relevant
research. These Summaries are funded by the Irving B.
Harris Graduate School of Public Policy Studies at the
University of Chicago.
For more information, contact Jamie Rosman at HarrisSchool@uchicago.edu or
(773) 702.2287.
