In the era of the Internet and instant global communication, it can sometimes be unsettling to discover what people know about you. There’s an uneasy feeling when you meet someone for the first time, only to learn that they’ve already Googled your name, viewed your Facebook page or read your blog.
Much of what we divulge about ourselves, we control. You might not post pictures from that wild party on Facebook if you don’t want your parents to ever find out. Other times, though, we have less control – like if your friend posts those pictures anyway, or if your former blogs about the gory details of your breakup.
But what if the information is much more sensitive? What if we were talking about medical records? Would you want people to know whether you’d been diagnosed with a sexually transmitted disease, had an abortion or suffered from mental illness?
Recent surveys have found that one out of six people chose to go to different doctors, withhold information or don’t seek treatment because they were concerned about their records being disclosed to others without their knowledge.
The security and privacy of our medical records is something we’ve come to expect, and for good reason. When people avoid treatment because they’re worried about medical privacy, they put their health – and possibly the health of others – at risk. That’s why medical privacy is so important.
Fortunately, not only do physicians, psychiatrists and medical staff hold themselves to high personal and professional codes of conduct, but legal protections exist. HIPAA, a federal law passed in 1996, requires that medical service providers obtain your explicit permission in order to release information about you – whether it’s to another doctor, to an employer or school or even to your family.
Unfortunately, there’s a loophole in the law. While it applies to most medical records, HIPAA’s protections don’t apply to medical records of students held by colleges or universities. Ironically, though, if you have a non-student husband or wife who’s treated at the campus medical center, their records are fully protected.
But before you start avoiding Hartshorn, you should know that they choose to apply the same rigorous standards as the rest of the medical profession. Here at CSU, at least, the health service or the counseling center isn’t going to release your records to your parents or your professors.
More and more, though, universities are keen to pry into medical records. The Coloradoan last week ran an article describing CSU’s efforts to avoid the possibility of an incident like the shooting at Virginia Tech happening here – improving communication about possible threats and assisting students with mental health issues. It might be tempting, in those cases, for a university’s health center to share your medical records with administrators, faculty or the student conduct office.
CSU doesn’t do that, but the non-medical staff involved in this process admit that it’s not because of federal law or even CSU policy that they keep records strictly confidential; it’s because of their own personal ethical standards.
While there’s nothing outward going on at CSU now, we shouldn’t wait for a problem in order to close this loophole in the law.
CSU should set an institution-wide policy that your medical records are confidential and won’t even be exchanged between different departments or employees without your consent.
State and federal lawmakers should also act to close the HIPAA loophole for students whose institutions aren’t as scrupulous as ours. Failing to do so jeopardizes not only students’ privacy, but also their health.
Seth Anthony is a Chemistry Ph.D. student. His column appears Thursdays in the Collegian. Letters and feedback can be sent to email@example.com.