Independent Perspective News

When Dr. Stephen C. Albrecht of Olympia, Wash., called a hospital in Tacoma recently to inquire about one of his patients, an 18-year-old treated for an infectious disease, he had trouble getting information.

Under a new policy at the Hebrew Home of Greater Washington, a 558-bed nursing home in Rockville, Md., callers can get information about patients only if they have a password or "verification code."

And Dr. Matthew J. Messina, a dentist in Fairview Park, Ohio, near Cleveland, said he had changed the schedule posted each day in his treatment room, so patients would be identified only by their first names.

New federal rules to protect the privacy of medical records take effect on April 14 and the changes have touched off a quiet revolution in the health care industry. Doctors, hospitals, drugstores and other health care providers must limit the disclosure of information about patients.

From big teaching hospitals in New York to tiny clinics in west Texas, much of the industry is preoccupied with the new standards, which will be noticeable to anyone who visits a doctor or a dentist. Providers must now give a written "notice of privacy practices" to every patient, and the notice must be posted in a prominent place in every office, clinic and hospital.

The notices tell patients how their medical information may be used and advise them of their rights, including the right to inspect and copy their records and request corrections. Patients can get copies of doctors' notes, X-rays and laboratory results, as well as data collected on them by their insurance companies.

Rarely have federal rules had such pervasive effects on the health care industry. "It's a new era," said Dr. Spencer Foreman, president of Montefiore Medical Center in the Bronx. The rules affect not only health care providers but also their "business associates," including answering services and the people who transcribe the notes dictated by doctors after examining patients.

A whole industry of consultants is advising health care providers on how to comply. They sell training manuals, software, security devices and other technology to prevent the improper disclosure of health care information. They highlight the need for their services by noting that violation of the rules is punishable by civil and criminal penalties, including a $250,000 fine and 10 years in prison for the most serious offenses.

"The compliance seminars that I've attended are frightening and at times overwhelming," said Dr. Michael J. Marcello, a family doctor in Mathews, La. "The rules are vast and full of nuances."

But Joy L. Pritts, a privacy expert at Georgetown University, said the federal standards would be "a major beneficial change for consumers in the many states that don't have statutes telling patients how they can get their own medical records." Federal officials say the new rules should not interfere with the flow of information needed to treat patients and pay claims. But doctors and hospitals, uncertain about what the rules allow, have become much more cautious about sharing or disclosing information.

Dr. Albrecht was surprised when even he had difficulty getting information about his 18-year-old patient.

"The emergency room physician at the hospital in Tacoma would not discuss his care, the X-ray results or the lab studies for my patient, for fear of violating the federal rules," Dr. Albrecht said. "I don't know who was right legally, but I do know that the rules are creating a lot of confusion."

Researchers, journalists and clergy members say hospitals are refusing to provide certain types of information that has been routinely available for many years.

Alicia Mitchell, a spokeswoman for the American Hospital Association, said, "The rules clearly mean that less information will be available to news media and the public." Scientists are racing to get permission from patients who were unaware that their health information was being routinely used for research without their consent.

Next page >