Business Standard

Sreelatha Menon: Patient information can't be revealed

Image

Sreelatha Menon New Delhi
Apart from its problems with the police, Apollo Hospital may also have breached professional conduct rules by disclosing Rahul Mahajan's reports to the media.
 
Rahul Mahajan may choose not to sue the doctors at Apollo Hospital who had a televised press conference to reveal the reports of his urine and blood samples since the reports tended to clear him of the charges of drug overdose. But the doctors are in clear breach of the rules of patient-confidentiality laid down by the Medical Council of India. It doesn't help that there was a turnaround the next day with the report of Dr Lals Path Lab giving a different story. The doctors are now in danger of facing whatever action the Medical Council deems fit under the eighth chapter of the regulations.
 
A good example of how such laws operate, internationally, is the death of PLO chief Yasser Arafat. Despite all the theories of an Israeli conspiracy to kill him by poisoning, the world media as well as the Palestinian authorities had to live with the fact that his medical records could be handed over only to his wife Suha Arafat as the French take their medical privacy laws seriously.
 
The Medical Council of India (Professional conduct, Etiquette and Ethics) Regulations, 2002 deal with this issue in India, though the mention of confidentiality is very brief. Penalties also follow violations, at least on paper.
 
The regulations say "confidential information entrusted by patients to a physician should never be revealed unless their revelation is required by the laws of the State". So, the revelations need to be to the police rather than to journalists.
 
The regulations make concessions for cases of communicable diseases and say that a doctor may inform "to protect a healthy person against a communicable disease to which he is about to be exposed". This, though, is criticised by lawyers who say the clause is a total violation of a man's privacy by making a third party share information on him. Clause 7.14 of the Regulations that deals with this says "The registered medical practitioner shall not disclose the secrets of a patient that have been learnt in the exercise of his/her profession except i) in a court of law under orders of the presiding judge; ii) in circumstances where there is a serious and identified risk to a specific person and or community; and iii) notifiable diseases. In case of communicable/notifiable diseases, concerned public health authorities should be informed immediately."
 
Delhi Medical Council President A K Agarwal interprets the code to mean that a hospital or a doctor can divulge the details of a patient's condition only with the consent of the patient or that of his relatives. But even if such permission has not been taken, the Council can act only if there is a complaint. Chapter 8 that deals with this, leaves the administration of the penalty to the Council. It says "If the medical practitioner is found to be guilty of committing professional misconduct, the appropriate Medical Council may award such punishment as deemed necessary or may direct the removal altogether or for a specified period, from the register of the name of the delinquent registered practitioner."
 
American medical privacy law, in comparison, is a more robust one and empowers patients much more than the Medical Council of India's modest code of conduct that few patients or even doctors seem to be aware of. In fact, the American law came into force in 2003, a year later than the Indian regulation.
 
The Health Insurance Portability and Accountability Act (HIPAA) guaranteed for the first time that medical information be protected by a single national standard rather than several state laws.
 
The law gave the job of enforcement to Department of Health and Human Services' Office of Civil Rights, including the authority to impose fines of $100 for each civil violation, up to a maximum of $25,000. The Department of Health and Human Services can also refer possible criminal violations to the Justice Department, which could seek penalties of up to $250,000 in fines and 10 years in jail. What patients choose to do by way of civil suits is an additional hazard.
 
So far, according to a recent article in The Washington Post, 19,420 grievances have been lodged. The most common allegations have been that personal medical details were wrongly revealed, information was poorly protected, more details were disclosed than necessary, proper authorisation was not obtained or patients were frustrated getting their own records. The government has "closed" more than 73 per cent of the cases saying there was no violation, according to the Post. Action on the remaining cases is still open.
 
The importance of the provision available with the Medical Council of India to enforce ethical conduct by doctors becomes all the more significant in the new field of genetic research and testing, and has serious implications given the stigma attached to diseases like HIV/AIDS. A patient, whether suffering from depression or a disease like HIV, puts his entire faith in the doctor. When the doctor decides to leak out information without the permission of the patient, he is violating not just the law or a code but a bond of trust.
 
With no stringent action specified under the law for leaking out medical information and, more dangerously, with little awareness of the provisions for redressing grievances, violations are likely to happen without anyone paying for it. What makes matters worse is that the victims of such violations, especially in the case of subjects of research, are more likely to be the poor or ignorant.

 
 

Disclaimer: These are personal views of the writer. They do not necessarily reflect the opinion of www.business-standard.com or the Business Standard newspaper

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Jun 10 2006 | 12:00 AM IST

Explore News