If you thought the healthcare sector was generally good at protecting your private health records, you’d be right. They’re especially good at protecting your medical records from yourself.
Patient confidentiality, record-keeping and access to information seem to constitute a classic curate’s egg in the healthcare sector – partly good and party bad.
On the surface, then, it’s apposite to welcome hospital group Netcare’s commitment to implement fully digitised patient and clinical records which patients can access directly.
Netcare says its plan to digitise its front-end services is intended to lessen the administrative burden on nursing staff and give them more time to care for patients. This would be welcomed intuitively by patients who sometimes endure repeated “checking-in” procedures from different nursing staff in quick succession as they move from one procedure room to another.
The hospital group says the system will allow patients to have electronic medical records.
But one wonders where and under what conditions exactly Netcare’s nursing and administrative staff will interact with patients to obtain personal information. Because if you want to get an idea of how not to protect patients very private, very intimate, personal information, go into any hospital, clinic or doctor’s consulting rooms today.
And the next question is: How easy will it be for patients to extract their own medical history from the Netcare server?
Businesses – especially healthcare providers – often insist that the information they hold about you cannot be disclosed to you because they are committed to POPI, the Protection of Personal Information Act.
POPI is a good law (as most of our laws, in theory at least, are good laws). But POPI (again, like most laws), can be badly mis-used. If POPI is meant to protect an individual’s rights, why is it used so often by big corporations to avoid fulfilling their obligation to give their client information which they’re holding about the client and to which the client is entitled?
For example, pathology laboratories often will insist they may not release reports directly to you and may only deal with the doctors who have referred patients to them. This is absolute nonsense and there is no legal basis for it. You’ll encounter the same nonsense when in hospital and wanting to check your own medical charts.
One nationwide laboratory, PATHCARE, refused to send my blood results to me via email and insisted that I personally collect results from their depot. Only the intervention of chief executive John Douglass unlocked the intransigence of staff.
The protocols the pathology laboratories apply on blood test results may be reasonable in instances where a test result indicates a life-threatening disease or condition which, ideally, should be communicated by your healthcare professional who can immediately counsel you about treatment options. But, there is no legal prohibition on having access to your own medical information, even if you’ve not been professionally trained to interpret your results.
Don’t let the service providers disavow your right to access your own medical information.