Legal and Professional Obligations which Promotes or Hinder the Disclosure of Patient Health Information.
In many countries it has been the general rule that patient health records must be disclosed under valid laid down rules such as the health professional codes of standards and ethics. In this paper , the author is going to discuss legal and professional obligations which promotes or hinder the disclosure of patient health information.
Before proceeding to the contents of the paper the author will first define health records or health information. According to the Wikipedia, “The terms medical record, health record, and medical chart are used interchangeable to describe the systematic documentation of a single patient’s medical history and care …” The free online dictionary defines medical record as “A Chronological written account of a patient’s examination and treatment that includes the patient’s examination and treatment that includes the patient’s medical history and complaints, the physician’s physical findings, the results of diagnostic tests and procedures, and medications and therapeutic procedures” On the hand health information refers to any health related record, paper, electronic or whatever form used to document diagnosis or any health related patient information.
In Zimbabwe we have different pieces of laws which set the legal and professional obligations which limit , prohibit or set conditions in respect of the management, use and disclosure of health information. Laws such as the Access to information Act, do not address health records in particular but refers to all public records hence health records are included. The National Archives Act sets the period under which public records can be accessed by the public. The disclosure period includes also health records. The Copyright and Neighboring Rights Act is another Zimbabwean law which can limit the disclosure of health information. Patient case files are considered a copyright of the patient and the health practitioner attending a patient. Patient files therefore can not be accessed by researchers without the consent of the patient and the health practitioner who wrote the case notes. The Copyright Act protects or restricts the publication of any copyrighted material in whatever form. If anyone discloses what is in the patient’ case file without the consent of the patient and the doctor attending the patient, that parson will liable to litigation for copyright infringement.
Health professional’s organizations had their codes of standards in Zimbabwe. Those codes of standards had something to do with patient privacy and confidentiality of the patient’s records. The consumer council of Zimbabwe’s online found patient charter clearly emphasizes that “save for the requirements of the law, all information concerning a patient’s illness or personal circumstances will be kept in confidence and used only for purposes of their treatment”. The Consumer Council patient charter goes on to say, “A patient has the right to privacy during consultation, examination and treatment.”Although the Consumer Council Patient Charter is not yet law, it is being respected by Health professions as general ethics rules which can hinder the disclosure of health information.
In South Africa they had the Occupational Health and Safety Amendment Act, No 181 of 1993.This Act on section 36 clearly says “No person shall disclose any information concerning the affairs[health] of any other person obtained by him in carrying out his functions in terms of this act” The act goes on to explain the circumstances under which health information can be disclosed. It says information can be disclosed only in to the extent to which it may be necessary for the proper administration of a provision of the Occupational Health and Safety Amendment Act ,for the purpose of all administration of all justice, or at the request of a health and safety representative or a health and safety committee entitled thereto.
In the UK according to the DH/Digital Information Policy there is a number of legislation which controls the disclosure not only of health records but other records to members of the public.The administration law, The Common Law Duty of Confidentiality, The abortion Regulation 1991,The Access to Health Records Act 1990 and The Access to Medical Report Act 1988.
The administration law says staff must be trained in the legal framework covering the disclosure of confidential patient information. They should also be provided with procedures for obtaining explicit consent and guidance on where to seek advice if they are unsure when they should disclose information[ibid] The general position under the common law duty of confidentiality is that,if information is given in circumstances where it is expected that a duty of confidence applies, that information cannot normally be disclosed without the data subject’s consent[ibid].
Under the common law duty of confidentiality all patient information, whether held on paper, computer, visually or audio recorded, or held in the memory of the professional, must not normally be disclosed without the consent of the patient. However, the common law duty of confidentiality says there are certain circumstances where a court orders the release of patient health information, the hospital must try by all means to reverse such orders wherever possible to prevent litigations by patients.
The Uk Access to Medical Report Act 1988’s aim is to allow individuals to allow individuals to see medical reports written about them, for employment or insurance purposes, by a doctor patient capacity. This right can be exercised either before or after the report is sent.
In America, they had what they call the Privacy Rule.The Privacy Rule protects all “Individually identifiable health information” held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary. Under the protected Health Information anything which relates to the individual’s past, present or future physical or mental health or condition, the provision of health care to the individual and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual is not allowed to be disclosed to anyone without the consent of that person.
However, the US Privacy Rule had a lot of weakness or loopholes on the issue of disclosure of the health information. It says a covered entity is permitted, but not required, to use and disclose protected health information, without the consent or authorization of the patient for the following persons: to the individual patient, health care operations, permitted use and disclosure, public interest, limited data set for the purpose of research, public health or health care operations. Although the American Privacy Rule goes a mile in protecting the disclosure of health information the above weakness can be used by health practitioners in disclosing patient health information without their approval.
The author of this paper had pointed out that professional standards and certain laws really control the disclosure of health information. Most of the cited pieces of legislation protects the disclosure of patient records without their consent. The author had also cited certain pieces of legislation which are weak and which can be exploited and interpreted wrongly in order evade seeking the patient’s consent before disclosing health records.
DH/Digital Information Policy,2007,NHS Information Governance-Guidance on Legal and Professional Obligations,Department of Health,United Kingdom
Consumer Council Of Zimbabwe,2006,Patient Charter,Hrare Zimbabwe
RSA,1993,Occupational Health and Safety Amendment Act,No 181 of 1993 RSA,
Chiwanza and Tsvuura,2011,"Management of Hospital Records and Health Information Systems,ZOU,Harare,Zimbabwe
Etiwel Mutero holds a Bsc Honours Degree in Records and Archives Management from the Zimbabwe Open University.Do you want assistance in writing your college or university assignment? You can contact Etiwel Mutero on 00264817871070 or firstname.lastname@example.org