Medical records privacy is an area of privacy which pertains to medical records. Many nations have specific laws about the privacy of medical records which dictate when these records can be shared and used, and how. These laws can get extremely complicated, and people with specific privacy concerns would be well advised to talk to a lawyer or a health care professional about their areas of concern to make sure that they are addressed.
Medical records contain a great deal of personal information. Some people may be uncomfortable with having such information shared because they prefer to keep their medical condition private, while others may be concerned about issues such as discrimination on the basis of medical issues. In recognition of the fact that people prefer privacy, governments have enacted a number of laws covering medical records privacy.
Most privacy laws dictate that information in medical records cannot be distributed without the consent of the patient. However, the issue is not this simple. Patients may not always be able to control the extent of their consent, as seen when someone signs a blanket waiver without realizing that the waiver allows full access to medical records, and as seen when doctor's offices pass on medical records by request from other doctors. Privacy breaches can also occur when records are subpoenaed for legal cases.
One way to control medical records privacy is to be very careful about signing any forms pertaining to insurance or medical records. For example, an insurer may ask for a signed waiver so that it can verify medical information before approving a policy. A consumer could rewrite the waiver or ask for time to examine it carefully rather than simply signing it. Likewise, a patient could enter a written request into a medical file which indicates that information about a particular condition should not be released without explicit consent from the patient.
People may also want to be aware that information can be shared in surprising ways. For example, pharmacies upload data about their clients to central databases. This information is used to maintain information about how many refills someone has, to identify situations in which people are attempting to abuse the system, and so forth. Someone who patronizes a pharmacy in a network should know that information about prescriptions and information disclosed to the pharmacist is stored in a central database and shared with other stores. Likewise, people who participate in preventative screenings such as blood tests offered at a drugstore may be surprised to know that information about attendees of such events is sold to direct marketing companies.
Patients concerned about medical records privacy may want to specifically ask how their records will and can be used. If they are concerned about violations of medical records privacy, they can ask about options to control access.