Privacy Issues and Medical Practice (Ross Boswell)

Privacy Issues and Medical Practice (Ross Boswell)

Ross Boswell
At the Privacy Issues Forum, Wellington, 30 March 2006
It is a basic tenet of medical practice that information provided to a doctor by a patient must be held in confidence. The applicable item in the New Zealand Medical Association (NZMA) Code of Ethics is:
Protect the patient's private information throughout his/her lifetime and following death, unless there are overriding public interest considerations at stake, or a patient's own safety requires a breach of confidentiality.

Because clinical practice is essentially a collegial endeavour, and because a great deal of medical learning is case-based, this requirement has usually been interpreted as a requirement to keep the information safe within the medical community, rather than safe with one particular doctor. My understanding of the tradition of confidentiality maintained by the legal profession is that, perhaps because of the adversarial basis of legal practice, the legal code is stricter. Legal confidentiality seems require information to be restricted to a particular practitioner rather than within legal community as a whole. The advent of the office of Privacy Commissioner, based on a legal understanding of confidentiality, seems to have brought this difference to the fore. I find I am sometimes surprised by the restrictions proposed and imposed by the legally-trained privacy officers with whom I work in a District Health Board (DHB) environment.

One clear example of this is the medical expectation that an “interesting” case, perhaps an Xray and the brief medical details accompanying it, can and perhaps should be shared informally with other practitioners if there are lessons to be learned from it. The viewpoint taken by privacy officers seems to be that this is equivalent to gossip, and should be discouraged if not prohibited.

The differences are less marked in situations where the sharing of information is for the patient's direct benefit. Under the privacy code, a medical practitioner has not only a right but a duty to share information about a patient with another practitioner providing treatment to that patient. One clear example of this is the sharing of laboratory test results. A patient commonly has tests requested by and reported to a single practitioner. If the results of those tests were available, knowledge of them might prevent another practitioner treating that patient from incurring the delay, inconvenience and cost of repeating the tests.

Since almost all laboratory tests in New Zealand are publicly funded, DHBs which pay for them have an interest in making the results available to prevent expenditure from unnecessary repeat testing. The three Auckland metropolitan DHBs are at present implementing a proposal to have results of all of the tests that they fund, both hospital and community-based, contributed to a computer repository which will be available to accredited hospital clinicians, and in the near future to accredited GPs.

This project has uncovered some interesting privacy issues. It is not possible to predict what test information a patient may consider confidential: for example, while HIV is generally regarded as confidential and cholesterol non-confidential, an HIV test required for an insurance policy may be regarded by a patient as non-confidential, but he may wish to keep his blood cholesterol private to ensure that his wife continues to provide decadent desserts.

The risks of suppressing information may not be apparent to the patient: for example, the fact of attendance at a practitioner (say, at a sexual health clinic) may be regarded by the patient as confidential information to be kept private from his or her GP and other clinicians. If the results of tests from that clinic visit are visible in the repository, then the fact of the visit is disclosed. If they are not visible, then important clues to a subsequent illness may be obscured.

The proposal for the Auckland repository is that all test results will be contributed to the repository, but that patients will be advised of an 0800 phone number they can call to have results from a particular date, or range of dates, suppressed. Their doctors will advise them of this possibility, but also advise them of the potential compromise to best care if they choose to exercise it.

As a final example of a controversial issue of medical privacy, I will briefly describe the debate surrounding the Cervical Screening Amendment Bill of 2004. New Zealand operates a cervical screening register, and women can opt off that register. The Amendment Bill proposed that, in order to ensure that the screening programme can be audited effectively, the medical records of all women diagnosed with cervical cancer must be made available to the audit team. This would hold even for women who had opted off the register. Since cervical cancer is a complication of infection with human papilloma virus, a sexually-transmitted disease, the information required to be provided might include intensely private information such as age at first sexual intercourse, numbers of partners, previous sexually-transmitted infections, pregnancies and terminations of pregnancy.

In commenting on this Bill, the NZMA drew a distinction between public hospital records and private practitioner records. Our view was that it might be argued that public hospital treatment is a public good for which, in return, some compromise in privacy might reasonably be expected. In contrast, private treatment is strictly private, and disclosure of its records for a public screening programme should require explicit patient consent which might, in some cases, be withheld.

In the event, the provisions enacted require practitioners to provide all records on demand, without reference to the patients whose private information they hold, and with draconian penalties (fines of up to $10,000 per day) for failure to comply.

Ross Boswell
Chairman, NZMA

from: http://www.privacy.org.nz/privacy-issues-and-medical-practice-ross-boswell/