Personal Privacy in an Information Society. Record Keeping in the Medical-Care Relationship


Americans made an estimated one billion, 56 million visits to physicians during 1975, an average of 5.1 visits for each person in the country. Approximately 720 million of these visits occurred in physicians' private offices, while another 136 million took place in the clinics and emergency rooms of hospitals. Inpatient admissions accounted for a large percentage of the remainder.1 In addition, in 1974, more than a million individuals, approximately five percent of the U.S. population aged 65 and over, resided in nursing homes.2 Each of these contacts with a medical-care provider generated a new medical record,3 or added information to an already existing record. Considering that the recommended minimum retention period for a medical record today is 10 to 25 years,4 these numbers seem staggering. Yet, even more staggering is the realization of how many people besides the medical-care providers5 who create a medical record have access to it at the same time that the patient himself is by and large denied access to it.

Indeed, the way in which medical records are created and used has undergone radical change in the last 50 years,6 a change that is both a result and a cause of significant alterations in the character of the medical-care relationship itself. This chapter explores the nature of the transformation and its implications for the protection of personal privacy.

The first section briefly identifies the keepers and users of medical records and medical-record information.7 The second section shows why medical record-keeping practices are making the medical-care relationship progressively more fragile, underscoring the need for better statutory and regulatory protections. The third section contains general and specific recommendations that seek a proper balance among the various interests that come to focus in the medical care relationship today.