Stop Facebook from Spying on You...: And Other Ways to Protect Your Online Privacy (2015)
Take Charge of Your Medical Privacy
Imagine calling the hospital where your spouse or your 90-year-old mother just had major surgery and being told that you do not have the right to find out how he/she is doing. This scenario happens frequently these days. That’s because people often assume wrongly that family members always have access to each other’s medical information. Prior to 2004, laws were rather vague on the issue of gaining access to a person’s medical status or records. But with the passage of the federal Health Insurance Portability and Accountability Act (HIPAA), medical privacy is now governed by voluminous and complicated rules. So unless you do your homework, situations like the one described above can happen to you. Key points to consider…
Who should know? Unless you designate in writing the specific family members (including your spouse) or friends you want to have access to your medical information, medical personnel are severely restricted in disclosing anything about you to nonmedical personnel. Only in real emergencies (such as an auto accident) or when a patient is unable to comprehend what is going on around him (due to such conditions as a stroke or a concussion) do doctors or nurses have the discretion to speak to a nondesignated family member or friend. But those are rare instances.
My advice: Make a list of the people you would allow medical personnel to talk to about your medical status. At the top of the list, write “permissible contacts” and include each person’s phone number and address. Give your list to each of your doctors and to the hospital when you are admitted.
What’s in your record? Prior to HIPAA, someone else’s medical test result had been wrongly placed in my medical record. It took me three years to get the doctor to remove it. Even then, he didn’t have a record of whether he had sent the test result that wasn’t mine to an insurance company or another doctor. Under HIPAA, the doctor must give you access to your record and tell you where information has been sent so you can contact the party.
My advice: Every few years, review the medical records that all your doctors and any hospital to which you have been admitted have on file for you. If you find an error, ask the doctor to correct it and to forward corrections to whomever the medical record was sent.
Appoint a personal representative. Under the HIPAA law, a legally designated “personal representative” must be treated as if he were the patient with respect to that patient’s medical information, and he has the authority to make decisions about the patient’s care.
My advice: Regardless of your age, complete the paperwork (ideally, with the help of an attorney) that is necessary, under the laws of the state where you reside, to name a family member or friend as your personal representative. This step can be completed through a medical/health-care power of attorney document (available from attorneys and, in some cases, state departments of health or attorney general offices).
By taking these steps now, you can avoid a lot of confusion later.
Expert Source: Charles B. Inlander, consumer advocate and health-care consultant, Fogelsville, Pennsylvania. He was the founding president of the nonprofit People’s Medical Society, a consumer advocacy organization credited with key improvements in the quality of US health care in the 1980s and 1990s, and is author or coauthor of more than 20 consumer-health books.