Is your pathologist serious about patient confidentiality?
This article examines the manner in which pathology reports are delivered to South African physicians and raises concerns regarding patient confidentiality patient confidentiality Medical practice A Pt's right to privacy and freedom from public dissemination of information that the Pt regards as being of a personal nature. See HIPAA, Medical privacy. . The importance of an audit between ordered and received pathology tests is explored.
A strong argument is made for secure, encrypted, electronic transmission to replace the sometimes cavalier approach to patient privacy.
Confidentiality of pathology reports has always been important: the advent of HIV HIV (Human Immunodeficiency Virus), either of two closely related retroviruses that invade T-helper lymphocytes and are responsible for AIDS. There are two types of HIV: HIV-1 and HIV-2. HIV-1 is responsible for the vast majority of AIDS in the United States. has merely highlighted an issue that should have been addressed years ago.
Very few practices have an audit process whereby each ordered test is ticked off once returned. Most doctors assume that all ordered tests will be returned and have no way of monitoring missing reports (sometimes found weeks later under the courier's bakkie bakkie
S African a small truck with an enclosed cab and an open goods area at the back [Afrikaans bak container]
noun S. seat). If that test were a positive screening test, done as part of a routine yearly physical, often neither doctor nor patient realises that something is missing--sometimes with catastrophic results.
In such cases, is the ordering doctor or the laboratory liable?
Some years ago, in my own practice I did a screening test for Down's syndrome. The test was not returned and I didn't have any system that would alert me to the fact that I had not seen that particular result. It was positive. The patient returned for her next antenatal an·te·na·tal
before parturition. Called also prenatal, antepartal. visit 4 weeks later. This prompted me to look for the result of her Down's screen. She was now too late to be offered therapeutic termination.
Pathology reports are generally delivered by courier, fax, e-mail and, recently, by an encrypted, secure, auditable electronic system similar to the more familiar on-line banking model.
There are international guidelines concerning these delivery methods. (1)
Generally one should not fax sensitive personal information. If faxing is the only timely method available, the following precautions are required:
* Rules concerning the type of personal information that can be faxed from the laboratory must be documented. The laboratory must check regularly to confirm that employees are following the rules.
* The fax machine must be located in a secure area and access controlled to prevent unauthorised persons viewing faxed information. When faxing sensitive information, the machine must be monitored during the faxing process.
* Phone ahead to confirm the practice fax number before sending personal information. Confirm the recipient's security arrangements for receiving faxes. Ask the intended recipient to call as soon as possible to confirm receipt of the fax.
* Use encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. technology to fax sensitive personal information.
Transporting of reports by courier
It is essential to ensure that the courier company implements the following security safeguards:
* Physical security in offices and vehicles.
* Restricted employee access to personal information. Sealed envelopes.
* Staff must sign confidentiality agreements.
* Ensure that drivers are insured.
* Set driver guidelines and policy to ensure that personal information is kept secure while in the vehicle.
* Ensure that the courier company tracks the shipment and collects the signature of the receiver when the delivery is made.
* The sender should record an itemised description of the documents being transported in case of disagreement about what documents were received, or in case missing documents need to be identified.
Practically, we are all aware that this does not happen, but is it reasonable to keep ignoring the potential to harm our patients when there is a better way?
Unencrypted e-mail is an unacceptable means of communicating confidential patient information (think of a post card). Even encrypted delivery through commercial Internet service providers Internet service provider (ISP)
Company that provides Internet connections and services to individuals and organizations. For a monthly fee, ISPs provide computer users with a connection to their site (see data transmission), as well as a log-in name and password. (ISPs) can be a hit-and-miss affair subject to the vagaries of the anti-spam policies of various ISPs. The poor security of PDF (Portable Document Format) The de facto standard for document publishing from Adobe. On the Web, there are countless brochures, data sheets, white papers and technical manuals in the PDF format. attachments (even encrypted) merely adds to the problems. (2)
These may be sent with the proprietary system of the laboratory or by means of an independent transport hub. The independent hub has certain advantages:
* Data are carried from all laboratories in one system; the practitioner is not tethered Attached to a data or power source by wire or fiber. Contrast with untethered. , in perpetuity Of endless duration; not subject to termination.
The phrase in perpetuity is often used in the grant of an Easement to a utility company.
in perpetuity adj. forever, as in one's right to keep the profits from the land in perpetuity. , to one laboratory.
* Other clinical data (collegial col·le·gi·al
a. Characterized by or having power and authority vested equally among colleagues: "He . . . communication, radiology reports) are carried by the same system.
* The doctor has one number that can be called for help and the staff member answering that call has been trained (and has the tools) to solve the problem quickly.
* There is one interface for practice management and hospital integration.
* All historic clinical data are securely archived in one place and are accessible using a web browser The program that serves as your front end to the Web on the Internet. In order to view a site, you type its address (URL) into the browser's Location field; for example, www.computerlanguage.com, and the home page of that site is downloaded to you. (on-line banking model). A doctor can search by patient and instantly see all laboratory information, all imaging results and all consultations for that patient. This is powerful stuff!
* There is no reliance on commercial ISPs--this system allows audited and confirmed delivery to the end destination.
With the current, worldwide emphasis on patient privacy coupled with the ability of electronic ordering and delivery systems to audit that all ordered tests are returned (and to raise an alert if this does not happen) the 'old way' is increasingly difficult to defend.
(1.) The Office of the Information & Privacy Commissioner for British Columbia British Columbia, province (2001 pop. 3,907,738), 366,255 sq mi (948,600 sq km), including 6,976 sq mi (18,068 sq km) of water surface, W Canada. Geography
(2.) http://www.password-crackers.com/crack/guapdf.html (last accessed).
DARRYL GARTHVINE, MB ChB, FRCSC FRCSC Fellow of the Royal College of Surgeons of Canada Medical Director, Bluebird bluebird, common name for a North American migratory bird of the family Turdidae (thrush family). The eastern bluebird, Sialia sialis, is among the first spring arrivals in the North. It is about 7 in. (17.8 cm) long. , Intel MS (Pty) Ltd, Cape Town Cape Town or Capetown, city (1991 pop. 854,616), legislative capital of South Africa and capital of Western Cape, a port on the Atlantic Ocean. It was the capital of Cape Province before that province's subdivision in 1994.