Privacy in psychiatric treatment: threats and responses.

OBJECTIVE

The author provides an overview of the current status of privacy in psychiatric treatment, with particular attention to the effects of new federal regulations authorized by the Health Insurance Portability and Accountability Act (HIPAA).

METHOD

The author reviews the ethical and legal underpinnings for medical privacy, including the empirical data supporting its importance; discusses those portions of the new federal regulations most relevant to psychiatric practice; and suggests steps that psychiatrists can take to maintain their patients' privacy in the new environment.

RESULTS

Medical ethics and law, in keeping with patients' preferences, traditionally have provided strong protection for the information that patients communicate while receiving medical care. In general, release of information has required patients' explicit consent. However, limitations of the consent model and technological innovations that permit the aggregation of computerized medical information have led to pressure for greater access to these data. Although the new federal regulations offer patients some additional protections (including security for psychotherapy notes), they also mark a retreat from reliance on patient consent and open up records to previously unauthorized uses, among them law enforcement investigations and marketing and fundraising by health care organizations. However, states retain the power to provide higher levels of protection.

CONCLUSIONS

The new regulatory environment is less friendly to medical privacy but still leaves a great deal of discretion in physicians' hands. A commitment to protecting privacy as an ethical norm can be advanced by psychiatrists' requesting patients' consent even when it is not required, by ensuring that patients are aware of the limits on confidentiality, and by avoiding unnecessary breaches of privacy in the course of providing psychiatric care.