Patient Consent and Confidentiality, Research Paper Example

Introduction

Incidences of identity theft have been on the rise in recent years. Most recently, medical identity theft crimes have risen also. When medical identity theft occurs, a thief uses the victims name and health insurance numbers to visit a doctor, purchase prescriptions, or get other forms of medical care. Electronic Patient Record is an electronic format that has practically replaced the traditional paper-based format. The use of modern technology has caused an increase in medical identity theft. A recent study found that nearly half of all medical identity thefts are the results of employee breaches. One incident occurred when a fired employee had hospital records on his personal laptop. The disgruntled worker leaked information on nearly 550 patient records from that medical facility (Healthcare, 2009). In some cases, medical personnel that have easy access to one’s medial information, uses the information to get prescription drugs to sell for profit or use to aid personal drug addictions. The theft culprits are, more often than not, doctors and medical personnel that understand how the insurance billing system operates Medical identity theft is a fast growing problem that is wreaking havoc on individuals and the healthcare field.

The Article

In one article, a mother of four was surprised by police knocking on her door bearing an arrest warrant. The mother had been the victim of medical identity theft. Someone had given birth to a child that test posted for illicit drugs. The thief was using the unknowing mother’s medical insurance to foot the cost of her own birth. The victim of the medical identity theft faced loosing her own children due to suspected drug and child abuse charges. Because of the lax use of information, the culprit was able to steal the victim’s driver’s licenses and use the victim’s information. Evidently, hospital officials did not compare the picture on the ID with the culprit. After having access to the victim’s license number, health information was assessed using an electronic insurance access program. The victim was able to disprove this, but only after having suffered much mental anguish and the possibility of jail time. (http://www.cbsnews.com/news/medical-identity-theft-can-threaten-health-as-well-as-bank-account).

Development of Privacy and Healthcare Standards

Healthcare organizations and other entities must implement proper security and regulation procedures. One of the greatest challenges that the healthcare field faces today is developing a clear and enforceable privacy policy (Hung, 2005). When this is properly implemented, healthcare benefits are ensured. Communication between healthcare providers has become difficulty due to vocabulary and data exchange standards. Some countries are using safeguards to protect EPRs that monitor electronic records. Most in the healthcare field agree that EPR has made data exchange faster by speeding up diagnosis and reducing the cost of transferring and assessing medical records, but the main concern is client privacy and the risk of breaches that may allow sensitive information being trusted in the wrong hands. There are several ways the health care providers can ensure that clients’ information is protected. First, pre-employment background screenings is imperative. Any person with questionable criminal history should be eliminated from the possible candidates. Next, employees who have left or been fired should have access to patient information should be revoked immediately. Finally, patients must be educated about their rights to view and even request corrections be made to their medical records. Patients need to know how they can get a copy of their records. Most importantly, patients need to know that medical identity theft is a crime and what they should do if they suspect their medical records or insurance information has fallen into the wrong hands. According to recent research, privacy and security issues are the direct result of weak access control.

Legal & Ethical Issues

There are two laws that currently govern the confidentiality of medical records. The Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology Act (HITECH). These laws set the guidelines for health care providers and all of its affiliates in hopes of protecting patients’ confidentiality. Violators of the health laws can face civil fines that range between 100 and 50,000 dollars for each failure to meet privacy standards (Chester, 2003). Any person who knowingly violates these laws can face fines of up to 50,000 and one year in federal prison. Violators who knowing sell others medical information can be fined up to 250, 000 dollars and up to 10 years in federal prison (Chester, 2003). When a patient discovers that a breach of his/her medical information has occurred, it is nearly impossible to correct the error. The patient’s information becomes intertwined with the thief’s and segregating the patient’s information from the culprit is a daunting task. Medical identity theft can ruin one’s credit. Culprits often cause large hospital and specialty procedure bills in the victim’s name. Most importantly, fraudulent insurance claims can max out the victim’s policy limits and leave the victim with little or no coverage in time of an actual medical emergency.

Resolutions

The only way to stop medical identity theft is to improve patient identification methods and enhance data protection methods (Booz, 2009). One way to do this is by data encryption methods. Some researchers are suggesting a finger printing system that would be linked to each person’s insurance id number- often referred to as smart cards. This would ensure that the person receiving the medical service is actually the person that is issued that insurance number. Often patients are only asked to verbally assert their identity and coverage. In the era of technology, many options are available.

Consequences on the Health Field

More than 1.8 million Americans have experienced the effects of medical identity theft (Booz, 2009). The most dangerous aspect of medical identity theft is the fact that it could lead to the death of the victim due to misdiagnosis. One study conducted found that of the persons surveyed, fifteen percent of identity theft victims were misdiagnosed and fourteen percent were prescribed the wrong medicines (Hung, 2005). This creates liabilities for the health care field as wrongful death and malpractice suits could possibly be filed.

Conclusions

Healthcare privacy reform will take time. Achieving levels of identity management that are required for electronic health records will not happen over night.  To ensure that medical identity theft is eradicated, both healthcare officials and patients must work together. Being vigilant is the key.  Medical identity theft differs from personal identity theft because it can lead to the wrongful death of the victim. When the two person’s medical information become intertwined the victim may receive the wrong medicine or even have a procedure performed that is not needed.

References

Booz, A. H.  (2009). Medical identity theft final report. U.S. Department of Health and Human Services.

Chestere, M. ( 2003). Abuse by the nhs: patient consent and confidentiality. Consumer Policy Review, Clinical Medicine, 13(2)

Hacker says he stole confidential medical data on 8 million Virginia residents (2009). Healthcare IT News.

Hung, P.K. (2005). Towards a privacy access control model for e-health services. Faculty of Business and Information Technology. University of Ontario Institute of Technology, Canada.