Patients, doctors, and the secrets they share
A young woman stands at the receptionist’s desk at an outpatient blood lab and updates her registration information. There’s a glass partition, so the receptionist asks the patient to speak up. Within a few moments the form is complete and everyone in the crowded waiting room knows the woman’s name, address, phone number, insurance company, primary care doctor, and diagnosis. Then the receptionist slides a paper under the glass for the woman to sign. It’s a HIPAA form that the federal government, in accordance with the Health Insurance Portability and Accountability Act, requires medical providers to give patients informing them of their right to privacy.
Scenes like this one that I witnessed a few years ago are, fortunately, becoming more rare as hospitals and medical offices integrate protection of patients’ privacy (and compliance with HIPAA regulations) into their daily routines. Many hospitals now post reminders about patient confidentiality in elevators, boards listing patient room assignments hang facing the nursing station rather than the public halls, and every login to a patient’s electronic medical chart is recorded and screened.
No one would argue that measures such as these don’t represent an improvement in patient care. For someone like me, who remembers a time when hospitals placed colored warning signs on the doors of inpatients infected by HIV and hepatitis, HIPAA has been part of a trend toward less paternalistic and more respectful treatment of patients as human beings who have a right to privacy, even — especially — when they are very ill.
Still, in practice the issue of medical privacy is more complicated than it might seem, and always has been. The Hippocratic oath, written in the 5th century BC and still taken by graduating medical students, prohibits the revealing of patients’ secrets by physicians. But the Hippocratic oath also contains an injunction against having sexual relations with the household slaves of one’s patients, so we don’t take the oath literally. Rather, we reinterpret it to suit the needs of the times.
The Privacy Rule of HIPAA, enacted in 2003, is only the most recent of the many and varied ways clinicians over the centuries have tried to maintain what they perceived as doctor-patient confidentiality. As late as the 1970s, doctors often kept a cancer diagnosis a secret from the patient him- or herself. In the movie “Love Story,’’ Ryan O’Neal knew Ali MacGraw was dying before she did.
Today, doctor-patient privilege is no less subjective than it’s ever been. Though HIPAA unequivocally prohibits medical caregivers from sharing a patient’s medical information (with insurance companies or among physicians, for example) without his or her permission, there are still gray areas. Sometimes clinicians find themselves with conflicting obligations: on the one hand, to keep patients’ confidences, but on the other hand, to provide the best medical care possible that might involve the betrayal of a confidence.
Primary-care providers often find ourselves faced with this dilemma. One of the most valuable (and, incidentally, one of the most gratifying) things we do is to care for several members of the same family. Knowing a patient’s spouse, parent, or children enhances our understanding of that patient as a person, and that can only improve the care we provide.
But family members frequently express concern for one another to their doctors, and may reveal secrets in the process. How should a doctor react when a family member offers information, without a patient’s permission?
Consider three scenarios from my practice:
1) At her routine annual visit, an elderly woman says that she is worried about her middle-age daughter’s obesity. She wonders whether the daughter has scheduled her own physical and asks how I intend to help her lose weight.
2) A middle-age woman calls to report that her elderly mother, who seemed fine at her recent checkup and denied any need for help keeping track of her medications, sometimes forgets to take her pills or takes too many.
3) A man being treated for a sexually transmitted disease admits that he’s been having an affair about which he does not intend to tell his wife. He would like for his wife to be tested for STDs, however.
The first scenario is fairly easy. The mother’s worry about her daughter’s weight is her problem. I can address this anxiety without bringing the daughter into the conversation. If and when I see the daughter I can address her weight, if she is receptive.
The second scenario is tougher. By law, doctor-patient confidentiality may be broken if the welfare of a minor (under 18) or an older person (over 65) is at stake, even if that person doesn’t desire help. It would be legal to arrange, with the daughter, for the mother’s safety at home to be assessed even if the mother saw no need for it. Similarly, in most jurisdictions a physician can report concerns about an older person’s driving abilities to a department of motor vehicles without their permission.
But just because it’s legal doesn’t make it good medicine. My first choice would be to maintain the integrity of my relationship with the patient by meeting with her to discuss the daughter’s concerns and allowing her the opportunity to respond to them.
Similarly, the law allows me, even requires me, to report the unfaithful husband’s sexually transmitted disease to his wife. Patient-doctor confidentiality can and must be broken when a patient’s health problem endangers another person or the community. So, for example, physicians share information about patients who are homicidal or have certain contagious diseases.
But, again, it’s always preferable to put the patient in the driver’s seat. I urged the husband to come clean with his wife. It was probably better for their relationship and definitely better for ours.
Dr. Suzanne Koven is a primary care internist at Massachusetts General Hospital. She writes a monthly column about the uncertainties, dilemmas, and stories that patients and doctors share in practice. She can be reached at email@example.com.