The American Medical Association (AMA) adopted guidelines for any breach of patients’ electronic medical records and passed policies recognizing breast cancer in men and the dangers of hormone use in anti-aging procedures on June 15 at their annual meeting held from June 13 to 17 in Chicago.
To protect patients’ privacy and security, the AMA adopted four guiding principles for physicians to follow if a patient’s electronic medical record is breached. According to these guidelines, if a record is breached, a physician should make sure the patient is properly informed of the breach; follow the ethically appropriate procedures for disclosure; ensure that the interests of the patient are placed above those of the physician, institution and medical practice; and, if possible, give the patient information to enable him or her to diminish adverse consequences.
Source: Modern Medicine
people have a right to medical privacy…thank you for this information.
***********************
flying ambulance
Are there any statistics as to how many providers have actually breached the privacy policy. If so, what are the actual fines or is it just a “slap on the wrist”
Great question!
There are no real statistics because there has been no mandatory disclosure or notification. When HITECH goes into effect, there will be mandatory reporting to the government of many — but not all — security breaches.
For the breaches that we do know about, there is usually not even a slap on the wrist, even though there are mechanisms even in existing laws to take stronger action. I can think of two fines imposed over security breaches involving computerized medical records, but those are the exception, not the rule.
Note that the AMA is presenting guidelines. Guidelines do not have the force of law.