MEDICAL RECORDS ON-LINE: WHAT HAPPENED TO PRIVACY? A LEGAL ANALYSIS

Marcia J. Weiss, J.D.*

{1}The computerization of health information and medical records, including sensitive personal information that potentially reveals intimate details of one's life, habits, or genetic predisposition, is a mixed blessing. While offering a means of streamlining and improving the health care delivery system through speed and immense storage capacity, computerized medical information also presents new challenges as it impacts our right of privacy and expectation of confidentiality, creating serious ethical and legal issues. Non-uniform, patchwork statutory guidelines among the states have led to uncertainty and confusion surrounding disclosure, accessibility, and storage of medical data.

{2}This paper examines the legal ramifications surrounding issues of confidentiality and privacy in three areas: traditional concerns, changed perceptions, and new questions. It also addresses the grave consequences and troubling implications for social and public policy produced by misuse and unauthorized disclosure in tandem with unprotected, unsupervised, and universal access to readily available medical information.

{3}Do you know that your video viewing habits are more private and receive more legal protection than your medical records? Are you aware that the intimate details contained in your medical records are easily accessible to vast numbers of people without your consent? Do you realize that unauthorized disclosures may even extend to direct marketers compiling lists about people with specific medical conditions?

{4}The rapid advances in computer and telecommunications technology have taken individual records and papers from the private sector into the public domain. The individual no longer has the right to exercise control over even the most private details of her life, in derogation of her right to control the free flow of truthful information in a democratic society. The sharing of information by all government agencies may actually be undermining the constitutional theory of checks and balances.¹ Nonetheless, the ongoing quest for greater efficiency, together with easy accessibility, has resulted in a proliferation of personal data banks and a gradual decline in personal autonomy.

{5}The doctrine of confidentiality in medicine was promulgated to encourage free and open communication between patient and physician, assist in diagnosis and treatment, and reassure the patient that information disclosed to the physician within the confines of the physician-patient relationship would remain secret. The Hippocratic Oath first enunciated the duty of confidentiality as follows: "whatsoever things I see or hear concerning the life of man, in any attendance on the sick or even apart therefrom which ought not to be noised abroad, I will keep silent thereon, counting such things to be sacred secrets."²

{6}It reemerged in the American Medical Association's principles of Medical Ethics:

A physician may not reveal the confidences entrusted to him in the course of medical attendance, or the deficiencies he may observe in the character of patients, unless he is required to do so by law or unless it becomes necessary in order to protect the welfare of the individual or the community.³
 

{7}Thus the need to maintain confidentiality is recognized as an ethical obligation inherent in the physician-patient relationship. In legal terms, it may be considered one aspect of the patient's right of privacy.

{8}Although not explicitly mentioned in the Constitution, the right of privacy has been articulated by Supreme Court Justice Brandeis in Olmstead v. United States as an individual's "right to be let alone."⁴ Poorly defined, the constitutional right of privacy comprises freedom from government surveillance and intrusion into private affairs (based on the Fourth Amendment), avoiding disclosures of personal matters, and protecting personal autonomy in decision-making in matters such as marriage, procreation, contraception, child rearing, and education (based on the Due Process Clause of the Fourteenth Amendment).⁵ Disregard for a patient's right of privacy is legally actionable, particularly when patients are unable to protect themselves adequately because of unconsciousness or immobility. Health care facilities and professionals may become liable for an invasion of privacy if, for example, they divulge information from a patient's medical record to improper sources or if they commit unwarranted intrusions into a patient's personal affairs. Privacy is not absolute, however, and circumstances surrounding disclosure may be considered by the courts in sustaining an invasion of privacy action.⁶ Despite opportunities to do so, the Supreme Court has not explicitly extended the right of privacy to encompass the physician-patient relationship. In Whalen v. Roe,⁷ the Court unanimously upheld a New York statute which required physicians and pharmacists to report the names and addresses of users of certain narcotics to a central state registry as a reasonable exercise of state police power because of the state's legitimate goal of controlling illegal drug distribution. Special security measures within the system such as restricting file access and prohibiting patient identity, protected the confidentiality of the individuals involved. The Court added:

We are not unaware of the threat to privacy implicit in the accumulation of vast amounts of personal information in computerized data banks or other massive government files . . . . The right to collect and use such data for public purposes is typically accompanied by a concomitant statutory or regulatory duty to avoid unwarranted disclosures . . . . We therefore need not, and do not, decide any question which might be presented by the unwarranted disclosure of accumulated private data-whether intentional or unintentional-or by a system that did not contain comparable security provisions.⁸
 

{9}The physician-patient privilege is a statutory creation; state statutory provisions recognizing the privilege and protecting confidential communications have been enacted in all but a few jurisdictions.⁹ The privilege is not uniform nor is it absolute.¹⁰ Generally, the privilege prevents the physician from testifying about the diagnosis, care, or treatment rendered to the patient unless the patient consents. The statutory purpose of the privilege has served a twofold goal: preventing a physician from testifying orally at a judicial or quasi-judicial proceeding about information obtained in the course of treatment, and also preventing disclosure of the patient's treatment records kept by the physician or by the hospital without the patient's consent.¹¹ The privilege belongs to the patient and must be exercised or waived by the patient.

{10}The issue of confidentiality is not easily resolved, however, because competing interests may arise and exceptions to the privilege abound. In litigation where the patient's medical condition is placed at issue, or in situations involving the relevance of certain medical information, including wrongful death cases, personal injury actions, malpractice cases, suits to collect on health or life insurance contracts, and worker's compensation claims, the privilege is presumed to be waived to the extent necessary to permit the physician or other medical personnel to testify about the facts at issue.¹² The records may then serve as demonstrative evidence.

{11}Patients have brought legal actions against physicians who disclosed confidential medical data in derogation of their fiduciary responsibility as well as their statutory duty to maintain confidentiality, yet no two states have adopted the same standards of confidentiality or the same procedural safeguards. Availability of information depends upon the type of information, its accessibility, and where it is being disseminated.¹³ The patient's disease or health care plan may also be determinative.¹⁴ Additionally, liability can arise from inaccurate, incomplete, missing, or altered records. Cases have also raised the issue of wrongful disclosure of HIV status.¹⁵ The widespread failure of many health care providers to respect the sensitivity of HIV-related medical information has led a majority of states to enact laws providing heightened confidentiality protection to HIV-infected patients.¹⁶

{12}Disclosure of otherwise confidential information may be made where public policy or the private interest of the patient requires. The ethics of the availability of information may also be impacted by the use to which it is being put.¹⁷ For example, critical medical research in such areas as cancer or genetics could not occur without access to medical records.

{13}In child custody disputes or instances where intrusion into the private affairs of the patient seems justified (neglect or involuntary hospitalization), courts will balance the "patient's interest in continued privacy against the state's interest in obtaining all information required to reach a decision."¹⁸ The confidential information obtained within the course of professional relationships and contained in medical records, may be forced to yield to competing interests: medical, legal, or social.¹⁹ Public policy considerations may override the confidential nature of medical records or privileged communications.

{14}The leading case dealing with disclosure of confidential information obtained in the course of the patient-psychotherapist relationship and the duty to warn is Tarasoff v. Regents of the University of California.²⁰ In that case, the California Supreme Court held that a psychologist could be liable for not warning a murder victim that one of the psychologist's patients expressed an intent to kill her. The Court weighed the confidentiality interests against the public interest in safety from violent assault, and concluded that "the public policy favoring protection of the confidential character of patient-psychotherapist communications must yield to the extent to which disclosure is essential to avert dangers to others."²¹

{15}This same duty to warn may impact HIV cases. This dilemma is especially perplexing in light of the uncertainty surrounding AIDS and HIV confidentiality: who must be warned and under what circumstances is a warning appropriate or required?²² Third-party warnings by physicians may be endorsed as an alternative to contact tracing, allowing the physician to weigh potential restrictions on the patient by revealing a confidence against the risk to the third party.²³ A related issue in the research setting is whether or not to inform patients if research reveals critical information.²⁴ If, for example, a group of patients whose identities are blocked have a particular genetic defect or mutation, the ethical question arises whether to breach confidentiality and inform these at-risk patients.²⁵

{16}While all states agree that some records should remain confidential, wide divergence exists in statutory reporting requirements and state standards. Disclosures are generally of two types. Permissible disclosures may be made to persons and agencies having a legitimate interest in the information contained in the record (e.g., insurance companies; attorneys; government agencies; law enforcement agencies investigating criminal actions such as Medicare fraud, or crimes where the patient is the victim; and news media in the case of a celebrity).²⁶ Mandatory disclosures contain certain data relating to vital statistics (birth and death certificates); infections or contagious diseases (cholera, plague, yellow fever, malaria, leprosy, smallpox, meningitis, rabies, polio, tuberculosis, and venereal disease); occupational illnesses or injuries; certain congenital defects; violent injuries, especially from gunshots and knife wounds; injuries from child abuse; and in some states, incidents of elder abuse.²⁷

{17}The current trend toward affirming individual autonomy or self-determination by permitting patients access to their records and limiting the power of institutions to invade the lives of individuals without due process conflicts with the traditional view of health care providers that they alone are in the best position to decide what patients should or should not know about their medical condition. They contend that allowing patients access undermines good health care and may ultimately harm the patient if the record contains material from which the patient should be shielded (fatal prognoses or diagnoses of malignant diseases).

{18}Most state statutes permit access to medical records by the patient or his or her representative for a legitimate reason, which may include copying, inspecting, and examining the information, but the parameters of permissible activities are normally circumscribed by statute.²⁸ Many states deny patients access to psychiatric records.²⁹ The Federal Comprehensive Alcoholism Prevention, Treatment, and Rehabilitation Act and the Drug Abuse Office and Treatment Act protect the records of persons receiving treatment for alcohol or drug abuse in federally assisted treatment centers.³⁰ Absent statutory authority, the decision concerning access by patient, agent, or other party, is an administrative or judicial one.³¹ Often information is limited to certain specific items. Names, addresses, and other information unrelated to the matter at issue must be removed.³²

{19}A medical record is the property of the hospital or health care provider subject to the patient's limited interest in the information contained in it. The Patient's Bill of Rights, adopted by the American Hospital Association, provides:

The patient has the right to expect that all communications and records pertaining to his/her care will be treated as confidential by the hospital, except in cases such as suspected abuse and public health hazards when reporting is permitted or required by law. The patient has the right to expect that the hospital will emphasize the confidentiality of this information when it releases it to any other parties entitled to review information in these records.³³
 

{20}The accreditation standards of the Joint Commission on Accreditation of Healthcare Organizations (JCAHO) also require that medical records be "confidential, secure, current, authenticated, legible and complete."³⁴ The American Health Information Management Association (AHIMA) has adopted a position statement specifically addressing the confidentiality of computer-based records: "AHIMA believes that confidentiality does not have to be compromised with the advent of the computer-based patient record. Safeguards for data security, privacy, and confidentiality must be in place to protect against unauthorized access to patient health information."³⁵ It has been pointed out, however, that in a teaching hospital, more than sixty individuals can be expected to access a patient's record during the average in-patient stay.³⁶ Third-party payors, managed care organizations, self-insured employers, and supporting organizations have access to all or portions of a patient's record.³⁷

{21}The legal duties to preserve confidentiality and prevent unauthorized access to patient records are the same with respect to both paper and computer-based records. The latter, however, pose special challenges, and a failure to keep records confidential and free from unauthorized access can have more serious consequences than paper records.³⁸

{22}The computer's capacity for collecting and storing vast quantities of information can result in unauthorized access and disclosure of extensive information about large numbers of patients in case of a breach of the system's security. Threats to confidentiality and security of computer-based patient records include inaccuracies in data entries; retention of the record long after its usefulness has disappeared; computer sabotage and viruses; use of fax (facsimile) machines to transmit information from one location to another; unauthorized access through shared passwords, access codes, key cards, and other user identifiers.³⁹

{23}Widespread use of the fax machine presents new challenges because of the chance of misdirected transmissions.⁴⁰ Encryption of sensitive information is one possible solution, provided that the recipient can decrypt the information. Other recommendations by AHIMA, for example, include using the fax machine to transmit patient health information only when the original document or mailed photocopies will not suffice; using a cover sheet emphasizing the confidential nature of information; alerting the recipient of the transmission and verifying its receipt.⁴¹ Furthermore, when receiving orders or medical record information from the outside, caller ID should be used to verify the telephone number from which the fax originated, and authentication should be required.⁴² Internal threats to the integrity of records can stem from anything such as a bored employee looking up a co-worker's record, or a care giver unintentionally deleting information from a patient's computer-based record.⁴³ External threats are posed by hackers, viruses, and vendors who install disabling software.⁴⁴ Data destruction is another key issue often overlooked as a risk. Actual and back up files must be fully destroyed in order to ensure and maintain patient confidentiality.⁴⁵

{24}The right of privacy has assumed new meaning in the computer age due to the highly sophisticated technology that has permeated society. An individual's privacy and the public's interest and right to know must be balanced against the protections of freedom of speech and press along with security of government's informational needs.⁴⁶ In United States v. Westinghouse Electric Corporation,⁴⁷ the Third Circuit Court of Appeals described five factors to be balanced in determining the scope of the constitutional right to informational privacy: (1) the type of health record and information it contains; (2) the potential for harm from any unauthorized disclosure; (3) the injury from disclosure to the relationship in which the record was generated; (4) the adequacy of safeguards to prevent non-consensual disclosure; and (5) the degree of need for access.⁴⁸

{25}In "Protecting Privacy in Computerized Medical Information," the Office of Technology Assessment concluded that existing laws do not provide consistent or comprehensive protection for medical information and inadequately guide the health care industry concerning obligations to protect the privacy of medical information in a computerized environment.⁴⁹ Because information will regularly cross state lines, it will be subject to inconsistent legal standards.⁵⁰

{26}Since the 1970s, a number of states have adopted constitutional amendments designed to protect a variety of privacy interests, including limitations on access to personal information. Although most of the provisions only protect against intrusions by governmental agencies, some courts have also applied their guarantees to private parties.⁵¹ The main source of protection for informational privacy is contained in legislation and the common law. The Federal Privacy Act of 1974,⁵² the only major federal law governing the release of personal records held by the government, provides a framework for protection of patient data, particularly that in federal and certain state medical computer systems. It is designed to give citizens control over the collection and use of information by the federal government. Enacted to stop deliberate misuse of computerized data and to prohibit disclosure of records maintained on individuals by federal agencies and government contractors, the Act contains no general statutory guidelines protecting private information. The Privacy Act binds both hospitals which are run by the federal government and medical records in systems operated pursuant to a government contract.⁵³ The Freedom of Information Act (FOIA)⁵⁴ exempts from disclosure "personnel and medical files and similar files"⁵⁵ (such as "rap" sheets) in possession of the government where disclosure "would constitute a clearly unwarranted invasion of personal privacy."⁵⁶

{27}The Uniform Health Care Information Act (UHCIA)⁵⁷ addresses issues of confidentiality, disclosure of health care and medical information, and other issues contained in this paper. Only Montana and Washington, however, have adopted the Act.⁵⁸ California has adopted its own statute governing the release of individually identifiable patient information by providers.⁵⁹

{28}In addition to ease of access, sharing of contents, and electronic storage, genetic testing⁶⁰ poses even more dilemmas and threats to privacy of medical data. Genetic testing creates serious implications for insurance and employment. For example, an individual who has undergone genetic testing which reveals a predisposition to a hereditary or familial metabolic disease, cancer, Alzheimer's, or Parkinson's, runs the risk of having insurance coverage canceled. It may also be necessary for that person to remain at a current job so that insurance will not be dropped.⁶¹ Tests for genetic conditions may involve not only the person being tested, but other family members and their children.

{29}Moreover, even test results that are "inconclusive" or "negative" are not absolute, and "positive" results from testing indicate a predisposition or increased risk that may never materialize.⁶² Potential consequences regarding employment or employability, however, cannot be ignored. In a new study of the privacy practices of three hundred Fortune 500 companies by David Linowes, former chair of the President's Commission on Privatization and the U.S. Privacy Protection Commission, "35% of employers said they use personal medical information as a basis for hiring, promotion, and firing decisions."⁶³ In 1989, Linowes reported that 50% of the 275 Fortune 500 companies sampled used medical records about personnel in making employment-related decisions.⁶⁴

{30}It is apparent that the use of medical records in ways that may inhibit individual freedoms demands various responses, including judicial scrutiny for possible constitutional violations. Adoption of uniform standards to protect the confidentiality of medical information while also providing patients access to their records would allay fears of patients and health care providers concerning unauthorized disclosure and misuse of sensitive data. These measures, however, have yet to be implemented.

{31}Due to the gravity of the problem, the Department of Health and Human Services has issued guidelines attempting to balance privacy concerns with the need to further the public interest as Congress sets out to write the first federal guidelines for health privacy.⁶⁵ Congress is expected to push the issue over the next year and has given itself until 1999 to write a federal law. If it does not do so, the administration can write its own regulations. Until the recommendations and tradeoffs are resolved, however, an unsatisfactory patchwork of state regulations will continue to govern use of medical records, while simultaneously compromising rights of privacy and autonomy.
 

*Marcia Weiss is a lawyer and Adjunct Professor of Legal Studies at Point Park College. She is a former judicial law clerk in the Court of Common Pleas in the Court of Allegheny County, Pennsylvania and the Pennsylvania Commonwealth Court. Her interests include health care law and ethics and the impact of technology on our legal rights. Earlier versions of this article were presented at the Annual Meeting of the Association of Practical and Professional Ethics in Dallas, Texas in February 1998 and at the Ethics and Technology Conference at Loyola University, Chicago, in June 1997.
 

1. David Burnham, The Rise of the Computer State 29 (1984).
 

2. See generally Wendy Parmet, Public Health Protection and the Privacy of Medical Records, 16 Harv. C.R.-C.L. L. Rev. 265, 267 n.13 (1981). Considered the father of Medicine, Hippocrates was a Greek physician (406?-370?B.C.). The Hippocratic Oath, taken by students receiving a medical degree, sets out a code of ethics for the medical profession.
 

3. American Medical Association, Principles of Medical Ethics § 9 (1957).
 

4. Olmstead v. United States, 277 U.S. 438, 478 (1928) (Brandeis, J., dissenting).
 

5. See, e.g., Griswold v. Connecticut, 381 U.S. 479 (1965); Eisenstadt v. Baird, 405 U.S. 438 (1972); Roe v. Wade, 410 U.S. 113 (1973) (discussing "zones of privacy").
 

6. William H. Roach, Jr., The Aspen Health Law Center, Medical Records and the Law 205-215 (2d ed. 1994).
 

7. Whalen v. Roe, 429 U.S. 589 (1977).
 

8. Id. at 605-06.
 

9. See Daniel W. Shuman, The Origins of Physician-Patient Privilege and Professional Secrets, 39 Sw. L.J. 661, 661 (1985).
 

10. Richard C. Turkington, Medical Record Confidentiality Law, Scientific Research, and Data Collection in the Information Age, 25 J.L. Med. & Ethics 113,113 (1997).
 

11. Wanda Ellen Wakefield, Annotation, Physician-Patient Privilege as Extending to Patient's Medical or Hospital Records, 10 A.L.R. 4th 552, 557 (1981).
 

12. See Turkington, supra note 10, at 114.
 

13. Bruce D. Goldstein, Confidentiality and Dissemination of Personal Information: An Examination of State Laws Governing Data Protection, 41 Emory L.J. 1185, 1185 (1992).
 

14. Rorie Sherman, Health Plan to Have Major Legal Impact, Nat'l L.J., Sept. 20, 1993, at 1, 36.
 

15. In Urbaniak v. Newton, 277 Cal. Rptr. 354 (1991), the plaintiff sued a physician for disclosure of the plaintiff's HIV status. The physician had given the plaintiff a defense medical examination in a worker's compensation case. As plaintiff was leaving the physician's office, he advised a nurse that he was HIV-positive. This information appeared on the physician's report, which identified plaintiff as an AIDS victim and linked his claimed injury to the AIDS virus. Plaintiff sued for violation of his right to privacy. The trial court granted summary judgment in favor of the defendant. The appellate court found that there was no confidential physician-patient relationship in a defense medical examination and no confidential communication between patient and physician sufficient to support liability for invasion of privacy. Because the disclosure was made after the examination and was given to a nurse in order to alert her to safety precautions in handling electrodes contaminated with infected blood, the court found that the communication was for a purpose unrelated to the examination and that a right of privacy did attach. Because the voluntariness of the communication was unrelated to judicial proceedings, the court concluded on balance that privacy concerns were paramount.

See also Estate of Behringer v. Medical Center at Princeton, 592 A.2d 1251 (N.J. Super. Ct. Law Div. 1991), where a New Jersey hospital was liable for failing to protect the confidentiality of a diagnosis of AIDS in a staff physician who had been treated at the facility. The treating physician and laboratory personnel initially preserved the confidentiality of the diagnosis, and placed the test results of the bronchoscopy and blood clot test in the medical chart kept at the nurses' station when physician was an in-patient. No restrictions were placed on access to the record. The patient/physician's condition became widely known in the hospital in a short time and several of his patients refused to seek treatment from him. He sued the hospital, claiming breach of the duty of confidentiality. The New Jersey court held the hospital negligent in failing to take reasonable precautions concerning access to the record, but not liable for the method of charting. According to the court, the issue was accessibility of the chart. The hospital as custodian of the chart must take reasonable measures to ensure confidentiality; Turkington, supra note 10 at 127, n. 30 (citing cases).

16. See Michael Isbell, AIDS Treatment, Nat'l L.J., Oct. 11, 1993, at S20 (noting that most states with high HIV incidence have refrained from requiring the reporting to public health authorities of the names of persons testing HIV-positive). See also Turkington, supra note 10, at 119 (noting that many HIV confidentiality statutes provide for civil damages when someone discloses another's HIV status in violation of the statute).
 

17. See Wakefield, supra note 11, at 557.
 

18. Id.
 

19. See, e.g., Beverly Woodward, Medical Records Confidentiality and Data Collection: Current Dilemmas, 25 J.L. Med.& Ethics 88, 94 (1997) ("The practice of medicine has both an intensely personal and private aspect and a social and public aspect. Some appear to wish to merge the first aspect into the second. Others wish to balance the two."); id. at n.56 ("In general, privacy rights should be overridden only to prevent a serious harm, not to promote the general welfare. If the latter is permitted, privacy rights tend to disappear."). See also, Jaffee v. Redmond, 116 S.Ct. 1923 (1996) (most recent U.S. Supreme Court decision involving medical privacy rejected balancing tests, at least with respect to mental health records).
 

20. Tarasoff v. Regents of the University of California, 551 P.2d 334 (Cal. 1976).
 

21. Id. at 442.
 

22. See, e.g., Lawrence O. Gostin, The AIDS Litigation Project, 263 JAMA 1961 (1990); Bernard M. Dickens, Legal Limits of AIDS Confidentiality, 259 JAMA 3449 (1988).
 

23. See, e.g., Troyen A. Brennan, Just Doctoring: Medical Ethics in the Liberal State 172 (1991); Turkington, supra note 10, at 119 (discussing disclosures by physicians pursuant to a duty to warn third parties about the risk of physical harm from a patient are justified as are disclosures to government agencies under mandatory reporting laws). See also Estate of Behringer v. Medical Ctr. at Princeton, 249 N.J. Super. 597, 592 (1991) (noting the justification defense was recognized when one professional shared health information with another to further patient treatment).
 

24. Information Highway Poses Medical Ethics Risks, 12 Med. Ethics Advisor 106, 107 (September 1996).
 

25. Id.
 

26. See Goldstein, supra note 13, at 1193 (noting a dramatic illustration of the wide divergence of state standards by comparing Georgia and Rhode Island. The former regards all hospital records as public, but personal medical and veterinary records are exempt and do not have to be disclosed when doing so would be an invasion of personal privacy. The latter prohibits the release of personal medical records but permits the release without consent of information needed for research and statistical purposes provided it does not identify any patient individually).
 

27. See generally id. at 1195-96.
 

28. See Roach, supra note 6, at 1193.
 

29. Id.
 

30. 42 U.S.C. §§ 1101-1800 (1992); 42 U.S.C. §§4541-4594 (1992); 42 C.F.R. §2.55 (1980). See also Confidentiality of Alcohol and Drug Abuse Patient Records, 42 C.F.R. §2.1 (1996).
 

31. In Morganstern v. Wilson, 133 F.R.D. 139 (D.Nebr. 1990), the physician-plaintiff in an antitrust action sought production of medical records of patients who had surgery performed by defendant physicians. Plaintiff alleged that defendant physicians had refused to refer patients to him and had denied or delayed treatment of patients until another physician was available. The non-party hospital deponent sought a protective order blocking production of the documents requested in connection with the issuance of a subpoena. The court, acknowledging that there is no physician-patient privilege in federal common law, considered the confidentiality concerns raised by the hospital. Discovery was permitted but protective measures were instituted, limiting the information disclosed to certain specific items from the records. Patient names, addresses, and other information unrelated to plaintiff's claim had to be removed.
 

32. Id. See also Goldstein, supra note 13, at 1195-96.
 

33. Adele A. Waller and Deborah K. Fulton, The Electronic Chart: Keeping It Confidential and Secure, 4 J. Health & Hosp. L. 105, 106 (1993) (citing American Hospital Association, A Patient's Bill of Rights 6 (1992)).
 

34. Id. at 105 (citing Joint Commission on Accreditation of Healthcare Organizations, Accreditation Manual for Hospitals, MR.3 (1992)).
 

35. Id. at 106 (citing American Health Information Management Association, Position Statement, Confidentiality of the Computer-based Patient Record (1992)).
 

36. Id. at 105.
 

37. Marc D. Hiller and Vivian Beyda, Computers, Medical Records and the Right to Privacy, 6 J. Health Pol'y, Pol. & L. 463 (1981).
 

38. Institute of Medicine, The Computer-Based Patient Record: An Essential Technology for Health Care 170 (1991).
 

39. See generally Roach, supra note 6, at Chapter 6; Waller and Fulton, supra note 33, at 106-108.
 

40. See generally Roach, supra note 6, at Chapter 6; Waller and Fulton, supra note 33, at 106-108
 

41. Id.
 

42. Roach, supra note 6, at 108.
 

43. See Med. Ethics Advisor, supra note 24, at 10.
 

44. See id.
 

45. See id. See also John Markoff, Privacy Issue Haunts Sale of Computer, N.Y. Times, April 12, 1997, at A8 (stating that the sale of old computer equipment poses another hazard, such as in the case of a Nevada woman who recently purchased a used computer that contained the prescription records of 2,000 patients).
 

46. See generally Warren Freedman, The Right of Privacy in the Computer Age (1987).
 

47. United States v. Westinghouse Elec. Corp., 638 F.2d 570 (3rd Cir. 1980).
 

48. Id. at 578.
 

49. See Office of Technology Assessment, OTA-TCT-576, Protecting Privacy in Computerized Medical Information 15 (Washington, DC, Government Printing Office 1993).
 

50. Id.
 

51. See Lawrence O. Gostin et al., Privacy and Security of Personal Information in a New Health Care System, 170 JAMA 2487, 2489.
 

52. 5 U.S.C. § 552a (West 1979 & Supp. 1990).
 

53. See id., at §552a(m).
 

54. 5 U.S.C. § 552b (West 1994).
 

55. 5 U.S.C. §552(b)(6) (West 1994).
 

56. Id.
 

57. Uniform Health Care Information Act § 1-101, 9 U.L.A. 475 (1988 & Supp.I. 1992).
 

58. Mont. Code Ann. § 50-16-501 (1996); Wash. Rev. Code Ann. § 70.02.005 (West 1992).
 

59. Cal. Civ. Code §§ 56.05-.11 (West 1982).
 

60. Joshua Quittner, Invasion of Privacy: Our Right to be Left Alone has Disappeared, Bit by Bit, in Little Brotherly Steps. Still We've Got Something in Return--And It's Not All Bad, Time, Aug. 25, 1997, at 31-32. See also Draft Brochure of the University of Pittsburgh Medical Center, " Hereditary Breast and/or Ovarian Cancer Predisposition."
 

61. See, e.g., Pennsylvania S.B. 1180. Twenty-five states have enacted laws prohibiting insurance companies from requiring genetic testing or disclosing genetic information to a third party without prior written consent. Similar legislation is pending in other states. In order to combat the real threat of discrimination by insurers based on predisposition to disease, the Pennsylvania legislature has sponsored S.B. 1207, requiring confidentiality for the results of genetic testing; The Health Insurance Portability and Accountability Act of 1996, note 64, infra, (guaranteeing that insurers will cover all employees regardless of pre-existing conditions, health status, or genetic background does not, however, prevent insurers from charging higher premiums to groups that include individuals with genetic illnesses.); Christopher Snowbeck, Snooping in Your Genes, Pittsburgh Post-Gazette, Feb. 1, 1998, at A-2.
 

62. See Quittner, supra note 60.
 

63. Ann R. Dowd, Protect Your Privacy: A Money Investigation Reveals the Five Biggest Threats to Your Privacy and How You Can Safeguard Yourself Against the Most Serious Types of Snooping, Money, Aug. 1, 1997, at 104, 107.
 

64. David F. Linowes, Privacy in America. Is Your Private Life in the Public Eye? 42 (1989).
 

65. Health Insurance Portability and Accountability Act of 1996, Pub. L. No. 104-191, (110 Stat. 1936) (1996).