Unit 4 Informed Consent and Confidentiality Structure: 4.1 Introduction Objectives 4.2 Informed Consent 4.3 Professional Secrecy 4.4 Confidentiality in India Exceptions 4.5 Electronic Medical Records 4.6 HIPAA 4.7 Summary 4.8 Terminal Questions 4.9 Answers
4.1 Introduction In the previous unit you were introduced to medical ethics. You read about the various medical ethics documents. You also got to read the Code of Medical Ethics in India. Doctors are bound to inform their patients the course of treatment and the risks involved, even before they render a crucial medical care. In the same way, Doctors are bound to keep secret all information acquired from a patient during the course of the treatment. It is the moral and ethical duty of a doctor to maintain confidentiality about all patient details. Breach in confidentiality is a serious issue and hospitals or individual doctors can be sued for abandonment of this code of privacy. Therefore, it is important for a healthcare administrator to understand the various facets involved in the maintenance of confidentiality of patient details. Learning Objectives: After you read this unit, you will be able to: Explain about informed consent State the importance of confidentiality between medical personnel and patients. Distinguish the situations wherein privileged communication is permissible Describe the implications of breaching confidentiality Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 56 4.2 Informed Consent Informed consent is a process of communication between a patient and physician that results in the patient's authorization or agreement to undergo a specific medical intervention. It is based on the principle of patient autonomy and is the cornerstone of ethics in patient care and clinical trials. A patient has a legal and an ethical right to make a decision on what happens to his or her body. Informed consent empowers patients to be actively involved in making decisions concerning their own medical care; the doctor, thereby, guides the patient in making a rational decision. If a treatment regimen / procedure is performed without informed consent, it can be considered as battery and assault. The essential points that need to be communicated to the patient while obtaining informed consent are as follows: Diagnosis / differential diagnosis The nature of the chosen treatment and its risks and benefits Alternative treatment options available Risks and benefits of not receiving or undergoing a treatment or procedure. The procedure for informed consent should include a session wherein the patient is given the opportunity to clarify his doubts and get a better understanding of the treatment or procedure, so that he or she can make an informed decision and give consent accordingly. For consent to be valid the patient must be considered competent and the consent should not be obtained under coercion. One must take added care if the patient is under undue stress during illness, anxiety and depression or is incoherent. If the patient is deemed incompetent to give his/ her informed consent, it should be obtained from a legal guardian. At this juncture, one may contemplate whether a doctor can perform a procedure in the absence of consent in the best interests of the patient. In medical emergencies, the victim maybe unconscious or severely injured and unable to give consent; at his time, if the hospital personnel may also be unable to trace a guardian to give consent. In such situations, consent is not implied but often, to save a patients life, consent has to be presumed.
Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 57 Landmark Cases Sidway v. Board of Governors of the Royal Bethlehem Hospital (1985) The patient underwent surgery for chronic backache but this resulted in damage to the spinal cord which led to paralysis. She then sued the hospital for not giving her prior information about the risk of paralysis as a consequence of the surgery. In this case, the court ruled in favor of the surgeon as the risk of paralysis was less than one per cent and a credible group of peers and contemporaries stated that the consent obtained by the supposedly negligent surgeon was sufficient. Dr Thomas v Smt. Elisa, AIR 1987 In this case, the patient had perforation of the appendix which led to severe peritonitis that was left unoperated by the doctor as the patient was not in a condition to give consent and there was no legal guardian / relative available. The court ruled that it is the doctors ethical and legal duty to treat the patient to best of his ability. From the above cases it is evident that patient education is a key factor in progressing towards making informed consent a mandatory norm. Increased public awareness should be targeted through the dissemination of educational leaflets and audio-visual material to the patient population. Another crucial factor is documentation of all relevant events. Good documentation can be produced as written evidence in a legal proceeding to demonstrate that consent was actually taken. In this regard, it is important to ensure that the hospital has a well-designed and carefully structured format for informed consent forms. These forms should include details that can actually be understood by a layperson and not just involve legal terminology and official language. Communication between the hospital personnel and patients and their attendants must be clear at all times. This is dual purpose in that it keeps the patient well informed and also reduces the apprehension formed in the mind of treating doctors and other hospital staff.
4.3 Professional Secrecy A doctor-patient relationship is termed Fiduciary as it is built on a foundation of trust between the doctor and the patient. However, this is not Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 58 an absolute duty and there are certain exceptional cases wherein a doctor is required to reveal patient information in the larger interests of society. Medical records are essential documents in providing and financing health care and ensuring its proper delivery. These records are very relevant to patients employers, public health agencies, medical researchers, educational institutions and for legal purposes. Insurance agencies utilize patient data for claims payment - review, underwriting and coverage decisions. Employers of afflicted patients use health data to reduce their health care compensation costs, as well as to identify employees who may be costly in the future. Health care providers use the data for research, to collect reimbursement, coordinate diagnosis and treatment, conduct quality assurance and monitor other providers. Professional secrecy is an implied term of contract between the doctor and his patient. The doctor is obliged to keep secret; all that he comes to know concerning the patient in the course of his professional work. Its disclosure would be a failure of trust and confidence. The patient can sue the doctor for damages if the disclosure is voluntary, has resulted in harm to the patient and is not in the interest of the public. The following points may be noted: Even in reporting a case in any medical journal, care should be taken those patients identity is not revealed from the case notes or photographs. In the examination of the dead body certain facts may be found, the disclosure of which may affect the reputation of the deceased or cause of mental suffering to his relatives, and as such, the doctor should maintain secrecy. Self Assessment Questions: 1. ___________________ is a process of communication between a patient and physician that results in the patients authorization or agreement to undergo a specific medical intervention. 2. State true or false: A patient has a legal and ethical right to make decision on what happens to his or her body. 3. What are the elements that need to be communicated to the patient while obtaining informed consent? 4. Explain any one landmark case on informed consent. 5. A doctor-patient relationship is termed __________________. Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 59 4.4 Confidentiality in India The law in India on confidentiality rests largely on case of Dr X vs. Hospital Z. This case involved illegal disclosure of HIV status by a hospital to the betrothed of a HIV positive man. A doctor is not at liberty to disclose to anyone, the information regarding his patient, gathered during the course of treatment. However, in the above case, the Supreme Court ruled that such disclosure was permissible in situations where there is an immediate risk or future health risk to others. The Court held that a person suffering from communicable disease is morally and legally obliged to reveal the nature of his health status to the woman he intends to marry. The Supreme Court held that the confidentiality in this case as it involves a higher public interest or duty. Confidentiality is a right that is granted to the patient and is essential to that the patients consent is obtained before any pertinent information is revealed. 4.4.1 Exceptions All medical professionals are sworn to secrecy and obliged to maintain confidentiality according to the Hippocratic Oath. Therefore irrespective of geographical distinctions, it is the duty of the doctor to guard his patients details as a secret. However, there are certain cases where the duty to confidentiality may be breached. They are as follows: With consent of the patient: A doctor is at liberty to disclose a patients details to a third party if the patient permits him to do so. However, this poses a difficulty in cases of minors, patients who are mentally incompetent and the deceased. In these situations it becomes a bigger dilemma for a doctor to decide if it is appropriate to divulge patient information as it is not possible to take consent from the above types of patients. Infectious disease: if the patient suffering from an infectious disease he should be persuaded to leave the job until he becomes non-infectious. If the patient refuses to accept the advice, the doctor can inform the employer about the illness of the patient. Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 60 Employees and Servants: if the patient is suffering from epilepsy, high blood pressure, alcoholism, night blindness or drug addiction, then, the doctor may inform the employer. Venereal diseases: if a patient is suffering from syphilis and is about to marry, then, the doctor can disclose the syphilitic condition of the patient to the women concerned. Suspected crime: Information should immediately be given by the doctor to the nearest Magistrate or police officer of such commission or intension (S 39, CrP.C). If a doctor treats a person suffering from gunshot or stab wounds he must inform the police. Legal duty: A doctor may divulge a patients information if he is bound by law to do so. This is applicable if the doctor has been summoned to court as an expert witness. Refusal to do so may result in the doctor being charged with contempt of court. A doctor is also legally expected to disclose a patients information if the case is that of an infectious disease or runs the risk of becoming an epidemic. Notifiable Diseases: In some instances, a doctor is obliged to breach his duty to confidentiality in the larger interest of the public. This is true if a patient is suffering from a communicable disease and poses a serious threat to society. Initially, the doctor should try convincing the patient to voluntarily divulge the information about his condition. If the patient does not comply, the doctor has a responsibility to inform and thereby prepare the community. Educational purposes: A doctor may describe a patients condition and disease for the purpose of teaching students or to aid in conducting medical research. For educational purposes it would suffice to discuss the details of the disease and symptomatology of the patient without having to divulge the identity of the patient. It is also accepted if a doctor similarly shares patient details with his colleagues, nursing staff or other personnel connected with treatment of the patient. In the Patients interest: If the doctor deems that it is for a justifiable cause, he may disclose patient details to the patients family members. It is not assumed for granted that spouses have the right to know this information, neither are parents automatically privy to an adult childs confidential medical details. Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 61 However, even in the above-mentioned exceptions, a doctor should disclose only that information which is relevant and not all the details regarding the patient i.e. The doctor is required to disclose patient information only on a need to know basis. In India, the laws regarding confidentiality are yet to be enforced stringently. This is a matter which needs to be attended to urgently in the light of emergent issues such as HIV and the need for confidentiality.
4.5 Electronic Medical Records Nowadays, medical data is collected, stored, analyzed and distributed and put to diverse uses. Computerized medical information must be stringently protected in order to maintain patient privacy at all times. Every hospital must specify in its policy as to how this data may be used and to whom such information can be released. In the performance of clinical research, electronic records can be used to source non-identifiable patient data for epidemiologic studies. Password security is generally the system applied for user authentication, but standard password access controls do not prevent insider threats and are not helpful when authentication has been compromised. Electronically maintained records offer very convenient and widespread access to patients details and this can be misused if not maintained securely by trustworthy personnel. One must keep in mind that this is also applicable to paper records. The latter, however, do not facilitate accurate audit trail of who has seen the record and what portions of the record were accessed. Paper records can be easily tampered with, but an electronic document signed with an encrypted digital signature cannot be changed as easily. Electronic records can be viewed by multiple users across various locations simultaneously, however, paper based records can only be seen in one place at a time, whereas the same information in electronic format can be available to multiple users simultaneously. With the rapid integration of technology with healthcare, telemedicine is gaining prominence. Telemedicine provides a gateway for patients at remote locations to access advanced clinical care standard. This is based on advanced systems of communication that are used to transmit patient details and other healthcare information in between patients and medical Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 62 care providers who are at great distances from each other. As patient information has to go through various channels of communication before reaching the doctor, it is made privy to many eyes and hence, there is a risk of invasion of privacy.
4.6 Health Insurance Portability and Accountability Act (HIPAA) The Health Insurance Portability and Accountability Act (HIPAA) of 1996 brings about significant changes in the legal and regulatory environments governing the provision of health benefits, the delivery and payment of healthcare services, and the security and confidentiality of health information. The federal Health Insurance Portability and Accountability Act (HIPAA) sets a national standard for privacy of health information from April 14, 2003. HIPAA aspires to standards for the privacy of the health information of all individuals. The Hippocratic Oath, Declaration of Geneva and International Code of Medical Ethics strive to ensure that the highest standards of patient confidentiality are maintained. However, HIPAA is a step higher than these documents and it stringently safeguards patients from inappropriate exposure of their medical records. It prevents exploitation of individual medical records but it is yet to lay restrictions on provision of these records freely to public health authorities for research and community practice of medicine. There are two major aspects covered under this Act: Provisions for health insurance reform Requirements for administrative simplification The following guidelines have to be followed if one desires to achieve HIPAA compliance: Educate patients of their rights to privacy Inform patients on how their health information is used Implement policies that support the uniform standards set forth by the government Train all personnel about the new policies and procedures Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 63 The main requirements that need to be complied with under HIPAA are as follows: 1. Standardization of electronic patient health, administrative and financial data 2. Unique health identifiers for individuals, employers, health plans and health care providers 3. Security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present or future. It applies only to medical records maintained by health care institutions wherein the records are maintained and transmitted in electronic form. The Act states that all healthcare providers must provide their patients with a copy of the Privacy Rule, which governs how an individuals personal health information may be used for treatment, payment, or other health care operations. Self Assessment Questions 6. What is the disadvantage of using e-medical records? 7. Dr. X v/s Hospital Z is based on ____________ infection. 8. Venereal diseases are an exception to the rule of confidentiality. State whether True or False. 9. Is it unethical for a doctor to divulge relevant patient details in a court of law? 10. What is the full form of HIPAA?
4.7 Summary It is essential to inform patients about the care that would be rendered to them. This helps them to be an active participant in making healthcare decisions. Confidentiality is one of the most primary rights of patients. Medical information and patient details are sensitive in nature and need to be scrupulously protected. Healthcare personnel need to be up-to-date on the principles of confidentiality. However, there are certain situations where it is permissible to reveal patient information but discretely. With the advent of electronic medical records and telemedicine, there is a need for meticulously monitoring and specific regulations. Therefore, there are constant revisions in the existing regulations and guidelines and newer ones Legal Aspects in Healthcare Administration Unit 4 Sikkim Manipal University Page No. 64 are being framed specifically to ensure confidentiality in all aspects of healthcare. Glossary: Health insurance: This is an insurance that pays for healthcare bills. Electronic patient record: Computerized patient record. Notifiable diseases: Reportable disease condition
4.8 Terminal Questions 1. What is professional secrecy? 2. Discuss the case of Dr. X v/s Hospital Z. 3. What are the exceptions to the rule of confidentiality? 4. Write a note on Electronic Medical Records. 5. What is the relevance of HIPAA in confidentiality? 6. Explain Informed consent.