Securing patient information must become a higher priority

VCU Medical Center is visited by thousands of Virginia residents every year. In order to give doctors and nurses the information necessary to treat them, patients allow their private health information to be recorded and stored. However, in the high-paced hospital environment, many patients don’t consider where their information goes following their discharge.  

Incidents at hospitals and medical clinics throughout the country indicate that you should have a valid concern about the safety of your medical records and right to privacy. Your private health information is protected under the Health Insurance Portability and Accountability Act, commonly known as HIPAA. Enacted in 1996, this law mandates the use of administrative, technical and physical safeguards to protect your privacy. It also allows patients to request a copy of their medical records and make complaints to the federal government if they believe their privacy was violated.

An ongoing investigation by ProPublica finds that breaches in confidentiality and privacy are common throughout the healthcare industry. Privacy violations have been documented by multiple patients, including veterans’ hospitals, large academic medical centers, primary care clinics and university counseling offices. In 2011, UCLA Health System was fined almost a million dollars for unlawfully releasing the health information of Britney Spears, Maria Shriver and dozens of other celebrities.

The issue also receives attention when hackers attack the computer networks of health-related businesses or agencies. In December 2013, Excellus Blue Cross and Blue Shield, a New York-based health insurance company, was subject to an intensive cyberattack. The records of ten million customers were accessed, but the company only discovered the data breach on August of last year.

Unfortunately, many Americans each day find themselves as victims of improper sharing of medical information. The federal government received 17,779 complaints of violating patient privacy in 2014 alone, and this number steadily increases each year. In most cases these incidents are relatively small and restricted, but they still pose a significant threat and are entirely preventable. On occasions when HIPAA violations are investigated by the Office of Civil Rights, the culprits receive written warnings and mandatory trainings that are far less strict than the fines and criminal charges recommended by federal law.

As someone whose own personal health information was inappropriately shared with another patient with a similar name, I am not surprised to hear that violations of patient privacy have caused a loss of faith in our country’s healthcare system. Instead of addressing privacy complaints in a serious manner, medical professionals and health organizations avoid accountability of the situations.

As a nation, we must make a priority of protecting a patient’s right to privacy and maintaining strict confidentiality. The process of reporting complaints and concerns regarding HIPAA violations must be simplified and made more clear; the enforcement of federal law must be uniform.

Justin Joseph, Contributing Columnist