I often read about concerns regarding security and confidentiality of electronic health records, but not as much about paper records. The Happy Hospitalist wrote about how he often receives misdirected faxes about lab results on his home fax machine:
Have you ever asked yourself the question: “Who has access to my medical records?” It’s supposed to be secure. Your medical records are supposed to be protected. For many people, they don’t want anyone knowing they have genital warts or that they were treated for depression five years ago.
You see, my home fax number is very similar to a laboratory fax number in my city. And because of that, ever week I’m getting faxes from hospitals and doctors’ office with lab results. I used to call them back to let them know, but so often I’d get put on hold or have to navigate through twenty phone options that I just said forget it. Now when I get these faxes I chuck them. If I feel like taking the time to shred them I may. Otherwise they go straight into the garbage.
Except for the fax I got last week regarding Mary Smith and her condyloma results. I figured the OB GYN doctor would want to know that I, a total stranger was calling him to tell him that the fax on his patient Mary, the one with the genital wart, never made it to the laboratory. …
This doctor’s office should be feared into never making that mistake again. … Thanks to this doctor’s office, I now have proof that Mary has warts and that total strangers like myself have access to your medical records. The next time you call someone in anger and say “I never got your fax”, it’s probably because I did.
Not only is this an unintended breach of HIPAA regulations by the faxer, it is certainly very underreported. And the patient whose data was breached will almost always never know about the breach.
One of the important characteristics that Speak Flower encourages in a Flower-enabled world is the notion that a patient will be able to see every time their data is accessed, who accessed it, and why. This will go far in increasing trust of such a system.