We are a commune of inquiring, skeptical, politically centrist, capitalist, anglophile, traditionalist New England Yankee humans, humanoids, and animals with many interests beyond and above politics. Each of us has had a high-school education (or GED), but all had ADD so didn't pay attention very well, especially the dogs. Each one of us does "try my best to be just like I am," and none of us enjoys working for others, including for Maggie, from whom we receive neither a nickel nor a dime. Freedom from nags, cranks, government, do-gooders, control-freaks and idiots is all that we ask for.
If I told patients that their records would be electronically accessible, I doubt anyone would speak openly with me. For that same reason, I keep very minimal paper records. My field of medicine is a little different, however.
I think the ideal approach is for the patient to retain the paper records and bring them to the doctor at the time of an appointment, leaving no paper or electronic records with the doc.
I like to give the following form to docs when they give me the HIPAA form:
A STATEMENT OF MY RIGHT TO MEDICAL PRIVACY
PLEASE PLACE COPIES IN MY MEDICAL AND BILLING RECORDS
I assert my right of consent as codified in common law, the laws of this state, and in the traditional ethical principles governing medical privacy embodied in the American Medical Association's Code of Medical Ethics, I do not agree to any disclosures of any part of my medical records or my family’s medical records without my specific consent, with the exception of release to my insurance company for payment and/or treatment and/or to my Primary Care Physician.
Date: September 29, 20xx
Please indicate below whether you agree or refuse to obtain my express consent before disclosing my health information or my family’s health information. __ I agree to disclose your health information only with your express consent. __ I do not agree to obtain your express consent before disclosing your health information.
My medical group keeps all my records on electronic file. I assume it is run via the internet, since their main office is miles away and I go to a satellite near my home. They use a 'cloud', which is the internet, more or less.
I'm not very concerned about a breach of confidentiality, though it is an issue.
A year ago, I was having some difficulties, and paid a visit. The doctor reviewed my records, did some tests, punched a few codes into the computer, and said "hmmm, interesting."
I asked what the issue was. Seems their new system was making recommendations on diagnosis and was suggesting that I be prescribed some drugs. Pretty substantial ones, too. He laughed and pushed the monitor to the side, made his diagnosis and no prescription was necessary. Over time, he must have been right, since my situation ceased to be an issue.
His comment at my follow up was simple. He says that computers attempt to do things which they really aren't qualified for, and while he can appreciate the design of the technology for trying to make a diagnosis, he fears the day when doctors will simply rely on the computer to make the diagnosis for them, ignoring the fact that most patients forget to tell key parts of their story, mistake important information as irrelevant, and trivial data as meaningful. As he said something to the effect "you gain quite a bit of insight simply by talking to the patient and asking a few questions a computer can't ask, and I've seen younger doctors starting to rely on the computers to think for them. It's going to be part of my role to train them to think if this is what we're moving toward."
One thing that bugs me about HIPAA (which originally was to be for Portability and Accountability and has grown into a real monster) is that I'm "allowed" to have copies of all my records -- except any psych records. They don't have to let me have those. They don't even need to tell me the HAVE any.
I think I'm getting paranoid, but I'll never know because I'm not allowed to look at that part of my record.
My healthcare provider is the HMO Kaiser Permanente. They have invested a huge fortune to computerize their patient medical records and to integrate them with their billing system (apparently as much as $1 billion, so I once read, although that figure is truly hard to believe). I'm not sure how much good that move has done. I find it puzzling, for instance, that each time I go for an appointment with my doctor, his nurse asks me a bunch of questions, she types my response into the computer, subsequently the doctor enters the examination room only to ask the same questions, and then HE types my answers into the computer. Hello? Is this a test? Am I being graded on my replies? One day I may give them contradictory answers just to see whether they catch me playing tricks on them. I sometimes wonder whether this interrogation method is designed for my benefit, that is, good medical practice, or for their protection against potential law suits for malpractice---not that it would occur to me to sue my doctor since I know medicine is a damned hard business for even the most conscientious and talented physician.
In any case, Kaiser was a big supporter of HIPAA and Obamacare. Because they had already invested heavily in computerization, they knew it would be easy for them to meet the compliance requirements of the law, at least as far as portability of medical records goes. As for privacy, that's something I remain concerned about. I've already told my doctor that if the HMO shares my personal records with the government, even if the law requires it, I'll be looking elsewhere for healthcare. For an old guy, I'm in extremely good health. Plus, I wouldn't mind taking a week's vacation in Costa Rica every year in order to get a medical checkup or treatment from a physician there. Okay, maybe that's an idle threat, impractical for sure, but I think it's wise to protect the confidentiality of my medical records, even if there's nothing in them that could prove embarrassing to me.
Dennis C, I sort of like your form. But no way am I going to keep all those records and carry them around. Not least because I can't always remember where I left my glasses.
And while I think it would be nice if Hospital B could get my file[s] from Hospital A more quickly than six weeks, no I do not want Hospitals M and W, every insurance sales person on the planet, or the Department Of Motor Vehicles to be able to get access. Which would happen, don't kid yourself. When I started programming computers way back in the 1960s, the payroll system had to assign an employee number: the SocSec number was so emphatically not to be used as an identifying number (albeit the records had to include it) that even the IRS had to get an annual waiver from SSAdministration. Little by little, that changed until almost everything (not just financial records) not only includes the number but uses it to ID you.