Well, that was quick. I had no sooner posted an interesting Canadian case involving pharmacy records than the court seemingly ended the matter. The Canadian Press reported:
A group of Ontario pharmacists has lost its bid for an injunction barring Zellers from selling their patients’ records.
However, a judge says Zellers owns the records and is entitled to sell them.
The judge also says the national retailer has agreed to honour patient-file transfer requests and no harm will flow to the eight pharmacists involved in the claim.
Zellers is closing its 144 pharmacies as part of its sale to U.S.-based Target.
The pharmacists are suing Zellers over sale of their records to Loblaws and Metro Ontario Pharmacies.
They are worried about patient confidentiality being compromised, but the judge says that’s not going to happen.
So I guess we can conclude that the records are not the pharmacists’ records even if they owned the pharmacy franchise in a Zeller store.
I’m not sure what it means that Zeller has agreed to honor patient-file transfer requests. What happens if the request is made after the sale/transfer to Loblaws and Metro? Will they then destroy their copies of the records? It would be nice to know a bit more about how patient privacy will be protected during this sale.
The court’s ruling, though, is consistent with what would happen in the U.S. Under HIPAA, a chain can sell its pharmacy records as part of its assets to another chain and as long as both seller and buyer are covered entities, there would be no problem. Some of us might wish it wasn’t that way, but it does seem to be what the Privacy Rule permits.
This did not surprise me one bit. A health care provider must put the patient first. That means continuity of care must be present and the pharmacists that were trying to stop the sale were not thinking about this crucial matter. If they blocked the sale, then the continuity of care would be violated and would go against the patient’s best interests. It is also part of regulations that pharmacy records must be kept on site for a minimum of 2 years (7 years for CRA because they are also business records). But with electronic patient records being implemented, the minimum of 10 years must be retained and kept.
In terms of privacy, a Health Provider is an information custodian and as such must ensure the privacy of the patient. Safeguards must be in place to ensure there is no breach in privacy. As long as that is in place, then they have not violated any rules. Circle of care is important to note as it allows communication and sharing of information between health care providers to look after the best interests of the patient. The circle of care includes all health care providers (doctors, nurses, pharmacists, etc) and (including) the patient. As long as it remains within this circle, no breach is made. This prevents any health care provider to disclose information outside to other third parties (including insurance companies).
You raise some wonderful points. Being a cynical New Yorker, I had wondered whether the issue was not continuity of care or privacy at all, but rather who would benefit from the sale of the records – Zeller’s or the franchise owners? Because I never had a chance to read the complaint or any court filings, it wasn’t clear to me what the pharmacists would have done with the records had they prevailed. Do you know?
The sale of course will most likely go to Zellers Corporation and not to the pharmacists. As far as I know, the pharmacists do not own the pharmacies they operate. However, they are most likely designated managers (pharmacists who are responsible for overseeing and running all aspects of the pharmacy department). I honestly don’t know what the pharmacists would have done if they succeeded. They obviously did not think things through in regards to the other legal matters that would occur if the sale was stopped. Which is why I think the judge ruled against the injunction.