Threats to the Confidentiality of Medical Records—No Place to Hide

If privacy is not an extinct phenomenon, it certainly is an endangered one. Entrepreneurs—often using questionable tactics—offer access to private data about persons famous and obscure.¹ More insidiously, "electronic busybodies" gather endless information about us all, as we check out at supermarkets, make purchases with credit cards, and browse Web sites where every click of a mouse reveals something about our peculiarities and preferences.^2,3 There is, increasingly, no place to hide. Although the contraction of privacy in other spheres may be cause for concern, in medicine the problem is particularly difficult. Demands for access to medical information are put forward in the name of cost savings, quality improvement, public health, advances in research, and other laudable goals.⁴ Managed care companies insist on reviewing medical charts to determine if care should be authorized; accrediting bodies want to ascertain that clinicians' notes are detailed and complete; government agencies seek identifiable information for planning purposes and to prevent fraud⁵; and law enforcement agencies see in medical records a means to identify and convict wrongdoers. Most of the time, access to these records is sought without patients' knowledge or (in more than a formalistic way) consent.