I learned about the lack of health privacy when I hung out my shingle as a psychiatrist. Patients asked if I could keep their records private if they paid for care themselves. They had lost jobs or reputations because what they said in the doctor’s office didn’t always stay in the doctor’s office. That was 35 years ago, in the age of paper. In today’s digital world the problem has only grown worse.
A patient’s sensitive information should not be shared without his consent. But this is not the case now, as the country moves toward a system of electronic medical records.
In 2002, under President George W. Bush, the right of a patient to control his most sensitive personal data—from prescriptions to DNA—was eliminated by federal regulators implementing the Health Insurance Portability and Accountability Act. Those privacy notices you sign in doctors’ offices do not actually give you any control over your personal data; they merely describe how the data will be used and disclosed.