BOSTON -- Start with the basic scenario. You are sitting in the doctor's office, dressed in one of those charming johnnies that open ever so attractively at the back.
The doctor has probed various parts of your body and history that are not generally open to public scrutiny. The doctor now knows your age and weight (well, more or less), your blood pressure, your medications, your symptoms past and present, your reproductive history and any drugs that have been prescribed.
For that matter he or she may know what genetic tests you've had and what your HIV status is, whether you've taken Prozac and if that's your original nose.
You have agreed to this, stripped yourself of reticence along with your suit jacket, and answered the questions as part of an implicit exchange. Patient tells all; doctor cures all.
But behind this deal is another assumption: privacy. The doctor won't tell all. The doctor won't repeat your medical condition to your boss or storekeeper any more than he or she would publish snapshots of you having a mammogram.
This is what Dr. Denise Nagel of the National Coalition for Patient Rights calls "Medical Ethics 101." Indeed the Hippocratic oath says, "That whatsoever I shall see or hear of the lives of men, which is not fitting to be spoken . . . I shall keep inviolably secret."
But like so many things in health care, that basic trust is suddenly on shaky ground. As Dr. Nagel says, "They have taken a safe harbor and turned it into a fishbowl."
Over the past half-dozen years, changes in medical care and technological advances have put the intimate details of your life into some databank. The number of people in and out of medicine who may have access to that information has grown so wide that it gives new meaning to the word "private."
Stories abound. The banker on a county health care board who called due the mortgages of people suffering from cancer. The congresswoman whose medical records revealing a bout of depression were leaked before primary day. The drugstore chain that sold your name, address and ailments to a marketing firm.
A blanket permission
Some 35 percent of Fortune 500 companies check medical records before they hire or promote. Yet we sign the blanket permission slip at the doctor's office without a clue of its potential abuses. In fact, while 35 states have enacted some form of law to protect the privacy of patients, there are no federal laws at all.
For many people, the first alarm about un-privacy came this summer with the belated realization that the 1996 medical portability act came with a hitch. The Department of Health and Human Services was instructed to come up with a national system that would give each of us a number, a unique health identifier, for every bit of medical information from womb to tomb.
The number would be an efficient way to pull up an entire medical history at 3 a.m. at the scene of an accident. A way to help track diseases and diseased people with the hope of improving treatment.
But anyone with access to the number -- from your dentist or your pharmaceutical benefits manager -- could know your genetic predisposition for Alzheimer's and the time you took emergency contraception.
The number is now under attack from several directions. But the government is already funding software for a master patient index system that would essentially do the same thing by linking all the medical records. The Republican Patient's Bill of Rights, dormant but not dead, would actually undercut rights by eliminating the privacy provisions of the states.
I know that whenever one person cries for privacy, another is sure to ask: "What do you have to hide?" But privacy and secrecy are not the same thing, especially when it comes to health care.
In the world of HMOs hired by employers, do you want a current or future boss to know your genetic predisposition to breast cancer? What effect would this have on your willingness to tell your doctor about depression or alcohol abuse?
When the debate over managed care resumes, any true patient's bill of rights has to include an enhanced right to privacy. We need the right to limit the information insurers can demand and allow people to opt out of tell-all consent forms. We also need some pretty stringent penalties for people who sell our medical history for marketing without permission. All in all, technology can be made to protect privacy, not invade it.
It may be hard to find a private room in cyberspace. But the free exchange of patient and doctor is still at the heart of health care. Mistrust is bad for your health. And privacy is prescribed.
Ellen Goodman is a syndicated columnist.
Pub Date: 8/14/98