Confidentiality of Hospital Records

Nancy Weatherhead

Chapter 6: The Basics of the Inpatient Care Record

Confidentiality of Hospital Records

Privacy Requirements for Personal Health Information

Personal health information (PHI) is strictly controlled through provincial and/or territorial legislation. In Ontario, this is the Personal Health Information Protection Act (PHIPA). PHIPA establishes a set of rules regarding the collection, use and disclosure of PHI, along with patients’ rights in many areas, including consent, access, complaints and notification of breaches (Information and Privacy Commissioner of Ontario, 2015).

In the hospital, the responsibility for ensuring compliance with PHIPA requirements and setting standards for the collection, use, disclosure, storage, retention and destruction of records is typically delegated to the Privacy Office and HIM department. Hospitals often implement numerous policies and safeguards to ensure that they are compliant with privacy requirements, such as:

mandatory staff training regarding privacy and confidentiality,
mandatory confidentiality agreements for all employees, volunteers and students,
secure logins to all clinical information systems,
structural barriers or secured storage areas for patient records,
secured shredder boxes for disposal of patient-related documentation,
routine electronic chart audits, and
reminders regarding privacy and confidentiality in the form of screen wraps, login reminders, and posters.

access TO personal Health Information

Only these individuals within the patient’s circle of care should be accessing a patient’s PHI. The circle of care for a patient admitted to the hospital includes anyone involved directly in their care within the hospital and other outside organizations providing care to the patient. Anyone outside of the circle of care should not access a patient’s e-Chart or p-Chart to view PHI, regardless of relationship or good intent. To discourage unlawful access of PHI, audits are performed routinely by hospital IT departments and by the clinical information system itself to ensure that there is no unauthorized use. Individuals found to have inappropriately accessed PHI may face suspension, termination, fines, or legal repercussions (Information and Privacy Commissioner of Ontario, 2015).

The Patient’s Right to Privacy—LockBoxing

Patients have the ability to withdraw or withhold consent for the use or disclosure of their PHI for health care purposes, which is referred to as lockboxing. This may take on various forms, including:

not collecting, using or disclosing a specific item of information contained in the patient’s medical record (i.e. a particular diagnosis),
not collecting, using or disclosing the contents of the patient’s entire medical record or specific hospital encounter,
not disclosing the patient’s personal health information to a particular group of health care providers (i.e. physicians, nurses or social workers), and
not enabling a particular health care provider to use the patient’s PHI (Royal Victoria Hospital, 2021).

Patients wishing to lockbox their PHI must submit a formal request to the hospital’s privacy office. Once received, the hospital has seven days to enable a lockbox in a way that most closely resembles the patient’s request. This may include electronically locking PHI in the EMR and/or applying a lockbox to paper records by securing records in the HIM department (Royal Victoria Hospital, 2021). When viewing a patient’s record where lockboxing has occurred, health care providers receive a notification that some information has been withheld.

Close-up of a sturdy gray metallic rectangular safety deposit box that is several inches long, half as wide but only a few inches high; the box opens at a hinge on the lid that is a few inches from the far edge. A metal handle is on the front side, with a round gold lock on the box. — When some PHI is separated out from a patient’s record to ensure an additional level of privacy, it is like putting the information into a lockbox–the information is still there, but only accessible by a person who has the key to the box.

Lockboxing is not without risks, including:

healthcare providers may not have access to the information they need in order to treat and care for patients in a timely manner,
duplicate tests, procedures and/or health history questions may be required if information is locked and unavailable to healthcare providers,
more difficulty in sharing information in an emergency, and
increased risk for errors in assessments, treatments or medications if health care providers do not have enough information or the correct information about patients (Royal Victoria Hospital, 2021).

Lockboxes may be overridden in the following circumstances:

with the patient’s express consent, or the consent of their power of attorney (POA) if they are incapable, or
in the event the information is required to reduce the risk of serious harm to the patient or others (Royal Victoria Hospital, 2021).

Example: Lockboxing

Franko is a patient at City Hospital— he has asked for all of his PHI to be lockboxed from his ex-spouse, Martin, who works at City Hospital as a Respiratory Therapist.

Phillipa is an RN employed at City Hospital — she has asked for her outpatient therapeutic abortion encounter record to be lockboxed from all City Hospital nursing and allied staff.

Jai is a surgeon at City Hospital — he has asked for his diagnosis of depression to be lockboxed from his health care record.

References

Information and Privacy Commissioner of Ontario. (2015, September). Frequently asked questions Personal Health Information Protection Act. Office of the Information and Privacy Commissioner of Ontario.

Royal Victoria Hospital. (2021, September). Lockbox fact sheet.

Attributions

“GTA IV safety deposit box” by Rowena Blair on flicker, Creative Commons – Attribution-Noncommerical-Noderivs 2.0 Generic.

License

Icon for the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License