Information in Healthcare
Medical practitioners have a professional responsibility and legal obligation to protect and preserve patient information. They get bound by patient confidentiality. In light of the privacy legislation and legal complexities for managing patient information, several physicians should carefully assess when or when not to release such information to patients and other interested parties.
In certain parts of the world, physicians, institutions, and clinics are the owners of the information, regardless of the format. They secure and safeguard the patient information contained in the records in trust for the care and benefit of the patient. Each patient then retains a right to access their health information, including information derived from external sources such as consultant analyses and reports.
Table of Contents
When can information get disclosed?
As a general rule, patient information can only get disclosed upon written authorization, which can come from the patient or a substitute decision-maker such as a guardian, acting attorney or trusted aide. A substitute decision-maker has legal authorization to make decisions and approve actions on behalf of the patient. This is the primary aspect of the release of information services. However, such authority gets dispensed or granted by the patient through a legal document. Typical instances are advance directives or power of attorney for personal care, by provincial or territorial legislation or by the courts.
When is information not disclosed to the patient?
Patients have the right to information relating to their medical records and circumstances. In exceptional cases, physicians can refuse to disclose sensitive information to the patient. This happens when the medical practitioner believes there is a significant likelihood that disclosing the information shall adversely affect the patient’s mental, emotional or physical health. In such circumstances, the onus lies on the physicians to justify denying the patient access to crucial information.
Transfer of records
Another instance is when medical information records need to get transferred between physicians. (Typically, a change of doctor.) A copy of such information shall get released directly to the new physician. Alternatively, the patient may request to receive their medical record and consequent sensitive information.
Medical associations recommend that physicians not release the original files. Instead, the information shall get transferred through other means, such as a report summarizing relevant entries in the record. Also, a photocopy or scan of the file can get provided.
Releasing records to lawyers and interested third parties
Yet again, the physicians may release patient information only when requested by the patient or their substitute decision-maker. Note that such authorization also specifies which record the patient shall consent to release and to whom. Once done, a photocopy of the requested information – including clinical notes, investigation and consultation reports and results – should then get provided.
It is prudent to review the information and discuss the contents with the patient, especially if some sensitive information is not directly relevant to the request. If the patient information release request gets authorization via court order, the physician is bound to notify the patient.
Releasing children’s medical records
This is a slightly more complex phenomenon. Physicians often receive requests for children’s medical records from parents, typically when contesting custody issues in court. Before releasing records, the medical practitioner must first consider whether the parent has rights and entitlement to such information. This aspect depends on several parameters, including the age and right to access.
Typically, neither parent has access when physicians determine the child as a “mature minor”. This term determines that the mental and emotional development of the child calls for refusing their personal health information.
In several parts of the globe, the Civil Code typically establishes the age of consent, ranging from 13 to 16 years. And below this, the intervention of the parent, guardian or the court becomes a mandate.
There are also sensitive instances that may call for additional protocols and authorizations. A typical example is potential child abuse. In such scenarios, physicians have a legal duty to report information to the child protection agency. In other circumstances, the reverse is also possible, where the child protection agency requests information from a treating physician.
Irrespective of the circumstances, physicians must ensure that only he required and relevant personal health information gets released.
Important considerations
Although seemingly straightforward, several aspects merit consideration before releasing health records:
- Is the signed release compliant with the requisite regulations?
- Are the records released based on a subpoena? If so, is it signed by a judge?
- Do the records relate to mental health complications?
- Is only the relevant patient information dispensed to the requested party?
- Is the releasor compliant with the deadline for the release of the records?
- If the records are for a minor, are they verified for compliance with state laws?
- Are the charges deemed appropriate for health record copies?
Note that there are three primary areas for the workflow for the release of information. These are:
- Quality controls – include tracking and monitoring the request, checking for accuracy and validation
- Request processing – checks for completeness of the request, authority of the requestor and patient identity
- Request completion – reviews the content, records the request and health information release
Parting Words
Healthcare is a sensitive sector and bound by patient confidentiality. Physicians and medical practitioners must ensure that patient information gets protected and safeguarded. Before releasing any information to requestors or interested parties, the physicians must perform appropriate due diligence and verifications before dispensing such information. And only relevant information should get communicated to external parties. Also, doctors must ensure that consent gets taken from the patient or substitute decision-maker before releasing any information. Lastly, the guardian’s credentials must get appropriated through advanced directives or power of attorney.
