News

Despite HIPAA, Health Privacy Fears Persist : Almost 1 in 10 diabetes patients said they engaged in privacy protective behaviors, one survey found.


 

WASHINGTON — Eight of 10 patients reported that they took steps to protect their health care privacy, including asking a physician not to record a health problem, the California Healthcare Foundation announced at a press briefing to release results of its survey.

Patients also reported seeing another doctor to avoid telling their regular physician about a health condition; paying for a test, procedure, or counseling out-of-pocket rather than submitting a claim; and rejecting a test to avoid discovery of the results by others. The survey of 2,100 people was conducted for the foundation by Forrester Research.

Cancer patients were most likely to pay for a service out of pocket rather than submit a claim, followed by those with arthritis, weight problems, diabetes, or depression or anxiety. Of those diagnosed with cancer, 11% said they had engaged in privacy protective behavior while 9% of those diagnosed with the other diseases reported the same.

Such privacy fears could adversely affect health and slow the adoption of electronic health records, according to a panel of health care, information technology, and privacy experts at the briefing. Convincing Americans that their information can be protected in an electronic health record system is key to the systems' survival, argued Sam Karp, chief program officer of California Healthcare Foundation, a nonprofit health care organization in Oakland. “Without better education about their rights, strong privacy safe guards, and vigorous enforcement, the public's support for health IT may be in jeopardy.”

The survey found that 67% of respondents are concerned about privacy of personal health information, including 73% of ethnic minorities and 67% of those who have a chronic disease.

Further, survey results indicated that consumers still are largely unaware of their rights under the Health Insurance Portability and Accountability Act. HIPAA spells out how personal health information may be used by health care providers and insurers and creates civil and criminal penalties for violating the statute.

In this first privacy-related study conducted by the group since HIPAA provisions were implemented in 2003, the foundation found that concerns abut employer use of medical claims information has increased over time. In 2005, 52% of respondents said they were concerned that claims information could be seen by an employer and used to limit job opportunities. Only 36% of respondents had similar concerns in 1999.

Racial and ethnic minorities and those with chronic disease were more concerned about employer misuse of personal health information: 61% of racial and ethnic minorities were concerned, as were 55% of those who have been diagnosed with a disease. Those over 45 years old were more likely to be concerned than those under 45 (51% vs. 48%).

The survey also found that 59% of respondents are willing to share their personal information when it is beneficial to their care or could result in better coordination of medical treatment. A vast majority of respondents were willing to share their information with their doctor (98%) or other doctors involved in their care (92%). Fewer were willing to share it with drug companies (27%) or the government (20%).

Dr. Louis Sullivan, former secretary of Health and Human Services said the survey showed some “very troubling realities” especially relating to minority trust of the health care system. He called for better enforcement of HIPAA-related complaints. “Having the law there is one thing—having confidence that it will be enforced is another,” he said.

But Dr. Sullivan also called on health care providers to calm consumer fears about privacy. Patient privacy protection, he said, should be built into the medical profession's code of conduct and presented to patients that way. “I don't think [privacy fears are] going to be solved by passing more legislation,” he said.

Janlori Goldman, director of the Health Privacy Project, also called for better HIPAA enforcement. It is especially troubling, she said, that people worry about employment-related consequences connected with health care information and that they are not aware of their rights under HIPAA.

Part of the blame lies with the way HIPAA forms found at health care providers' offices are worded, she said. “They are not written with consumers in mind.”

Ms. Goldman said HIPAA needs to be expanded to include employers and that privacy constraints should be built into both electronic health records technology and in disaster preparedness plans.

Recommended Reading

Cost Is One Snag of Voluntary Reporting Program
MDedge Endocrinology
'E-Prescribing' Concept Embraced, but Not Its Cost
MDedge Endocrinology
IT Leaders Set Sights on Personal Health Record
MDedge Endocrinology
Medicare Fee Cut Holds, Awaits Congress' Return
MDedge Endocrinology