Posted by: notdeaddinosaur | May 12, 2010

The Myth of Privacy

I have a patient by the name of Wayne Anderson. He is 37 years old, with hypertension that is well controlled and diabetes that is not, though it would be if he would just lay off the chocolate chip cookies. He’s been married to Emily for five years; they have two cats but no children. Wayne came to see me the other day because he had oral sex with a woman he met on a business trip, and he was worried about having contracted a sexually transmitted infection.

Now I have a question for anyone reading this: Do you care? You have no idea who Wayne is. You’ve never met him and you never will. You wouldn’t know him if you passed him on the street. Do you really give a shit if some schmuck cheats on his wife?

The dirty little truth here is that no one cares. His wife would, of course, and frankly, she’s the only person he doesn’t want to find out. The only reason it should bother him if anyone else were in on it would be if there was a chance they might tell Emily. I could take out an ad in the New York Times announcing it, and since neither he nor anyone he knows reads the New York Times, nothing much would happen to him.

Privacy is a funny thing. Why on earth do people walk around talking on cell phones at the top of their lungs divulging all kinds of things that would clearly fall into the category of “protected health information” if they told their doctor. When you stop to think about it, we are far more concerned about our PHI being revealed to people we know, rather than to strangers. Still, there’s this pervasive paranoia about privacy that centers on trying to protect our personal information from being discovered by strangers. Strangers don’t really give a shit. When we have shameful secrets, it’s our family, friends, and neighbors whose disdain we fear.

Ever talk to a patient on a cell phone? I have. Guess what: cell phones use radio signals that are easily intercepted. Same goes for cordless phones. If someone really wanted to listen in, the only “safe” conversation is from one landline to another. Even those can be tapped with ease. So why don’t we walk around hyperventilating about breaching patient confidentiality with every phone call?

Two reasons:

  1. No one cares enough to make the effort to listen in, and
  2. Anyone who cares to make enough of an effort cannot be stopped, even if we tried.

This is also the reason why email communication with patients is, as a practical matter, perfectly safe. This is true despite the rantings of the HIPAA attorneys who make their living trying to scare us by going on and on about all the heinous consequences of breaching confidentiality. HIPAA is a disaster, legislation to solve a problem that didn’t exist, that created layers and layers of lucrative bureaucracy for lawyers and government flunkies. Sure, anyone who wants to can access any email they want, but there’s so damn much of it, and the vast majority of patient communications are frankly so damn boring, that the danger is basically just theoretical. I mean, theoretically, you could be hit by a meteor any time you set foot outside. I’m still going for a walk after dinner, though.

The best way to optimize privacy is to take commonsense precautions: don’t talk on your cell phone in public, and don’t tell people things you don’t want other people to know. Beyond that, we should all quit worrying about it so much.

This is not to say that I don’t take privacy seriously. From the day I opened my practice, I have never used a sign-in sheet. I never felt the last patient of the day had any business knowing who else was in the office earlier, especially since they’re likely to be friends or neighbors. (If they want to introduce themselves, of course, they’re welcome to.) I have scrupulously trained my staff not to use patients’ names when other patients are present. I go to great lengths, often very subtly, to safeguard my patients’ confidentiality. Certainly there are strangers who take prurient interest in patients who happen to be public figures, such that hospital employees who access records inappropriately deserve consequences. But Wayne Anderson is no George Clooney. And the FSM’s honest truth is that no one cares about the exploits and peccadilloes of the average Joe Blow.

Speaking of Wayne, by the way, don’t worry about him. It so happens that he isn’t really a patient, just a character in one of my novels.



  1. The main entitiy I suspect we all want to keep our medical info from is our insurance companies that will use this information against us in any way they can. And they have all the access they want.
    HIPPA should be abolished, but I doubt that will happen.

  2. In general I agree that concerns about privacy of health records are misplaced and/or overblown. However I want to point out that phones and email are two very different forms of communication: while you have to go out of your way to record a phone conversation, it is virtually impossible to not record an email conversation. So the default for email makes it possible to, say, subpoena your email 5 years later, whereas the default for phone conversations does not. Otherwise, though, I’m totally with you — common-sense precautions like no sign-in sheet are far more effective (and less of a hinderance!) than HIPAA.

  3. A nit to pick that most people probably don’t care about either: it’s HIPAA, not HIPPA.

  4. Mostly, I agree. No one cares if I take whatever.

    But what about the kid who survived the plane crash and now has his closeup plastered all over news sites? (I realize he’s not in the US, and thus not covered by US laws.) In principle, should his privacy be respected?

    I’d guess there are also employers and official types who’d look poorly on certain people if they knew the people were taking birth control (as a single woman, I’ve gotten shit for that from a nurse), anti-depressants, or HIV meds.

  5. As a medical transcriptionist, I am well aware of HIPAA and the PITA it can certainly be. People are told their medical records are now “safe” and “private.” What they aren’t told is that quite a bit of dictation is sent overseas to be transcribed, India and the Philippines being at the top of the list. Once those records are offshore, HIPAA no longer applies! It’s been a huge joke and a huger PITA for MTs. Some MTs have actually LOST THEIR JOBS because they have had a doctor dictate “please send a copy to Dr. Smith, the critical care doctor,” and send to the Dr. Smith they find as a critical care doctor, only to find out later there were 5 Dr. Smith’s in critical care and they sent it to the wrong one – HIPAA violation and immediate termination. How sending a copy of a report to the wrong PHYSICIAN is a violation is beyond me, as this physician is also held to HIPAA compliance, but that’s the way it goes!

  6. One of our hospital elevators here has a notice on the wall – This is not the place to discuss patients –
    I rest my case. It drives me insane to hear staff discussing patients in public. Nobody may give a rats toenail BUT it happens all the time.

  7. Are you kidding me?!

    No one cares what you divulge?

    Everyone talks about their medical problems in public?

    Try telling that to the guy who lost his job due to HIV (it wasn’t the stated reason, but it clearly was the real reason). Or the girl whose request for a pregnancy test was leaked to her mother by the medical transcriptionist.

    Or in my own experience, losing my job when it was revealed that my hospitalization was a psychiatric one. Again, that wasn’t the stated reason, but a co-worker told me that it was the subject of conversation in the meeting.

  8. Most frustrating of all is when patients cannot have access to a copy of their OWN medical record or labs because of HIPAA.

    Almost delayed a family member’s surgery when they couldn’t get a hand-carry copy of their pre-op labs. Q**st said, “give us the fax number and we will send to the surgeon”…then of course failed to do so…

    Seems we often forget about the “accessibility” part of the law.

  9. Lurker, MD: This happened to me once. I was told I could sit in the office and look at my records or they would fax them to another doctor, but I was not allowed to have copies myself due to HIPAA. Pre-op labs, too. I ended up in the surgeon’s office with his receptionist have to call and get the copies my doctor’s office had failed to fax over!

  10. It’s the privacy of my medical record, not my diagnoses or prescriptions, that I am concerned about. Why? Because my medical record contains my full name, address, date of birth, health insurance number, and (for reasons that are abundantly unclear to me) my Social Security number–a jackpot for identity thieves, all in one convenient package.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s


%d bloggers like this: