Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
So Much for Medical Privacy
Old 07-01-2014, 10:10 AM   #1
Thinks s/he gets paid by the post
Koolau's Avatar
 
Join Date: Jul 2008
Location: Leeward Oahu
Posts: 3,244
So Much for Medical Privacy

Just got back from the Doc's office. Each time one visits this particular clinic, the staff "extracts" all the same info (medical insurance cards, phone, address, blah, blah, and etc.) I had been two weeks ago and went through the same "inquisition" with the exact same staff for the exact same doctor. But that's not what I want to talk about. Following the 15 minutes of wasted time (theirs and mine) I was given a 3 page form which contained all of my info, including meds and significant past procedures and conditions. I was supposed to review it and then keep or destroy at my will if it was all correct. Since I had just reviewed the same info 2 weeks prior, I asked the staff to shred it. Apparently, they did not. As I was waiting for my appointment, an old buddy from my previous w*rk came in just after I did. He went through the same process and was then handed the form to review. We sat and talked for perhaps 15 minutes when I accidentally glanced at his 3 page form. Unfortunately, it was not his - it was mine. I mentioned it to him and he went back to the staff who eventually found his form in the regular trash. I assume that's where mine went upon its return.

At another doctor I see on a regular basis, they have a fairly similar procedure of inquisition followed by a review form. BUT on their form, the SS number is listed. I once asked why and they said it was needed for billing. I asked if the doctor or his staff actually had to input my SS each time or didn't their computer have that number already (since it is capable of printing it out correctly each time.)? They shrugged. I noticed shortly thereafter that the forms, which are given to the doctor's nurse or other assistant upon being called back to the office ALL end up in an (for want of a better term) "in-out" box. The office area is often unattended and I considered simply confiscating the few dozen forms from the "box" - just to see if it got their attention. I'm sure that would have been illegal though it would be easy to avoid detection. I did NOT ever do it (though I could have at the time of any doctor visit.)

At another clinic I used to visit, the procedure included a photo copy of DL and all insurance cards (including Medicare.) Once again, the resulting copies were placed in a similar "box" where pretty much ANYONE - not just other clients - could have access. No security of any kind was in place other than having staff behind the counter most (not all) of the time.

I have pushed back on all of these situations to one extent or another - going so far as to sit down with one of the clinic's administrators - that time about the SSN being prominently displayed on every form. I have been totally rebuffed and pretty much told (in a nice way) "If you don't like it, go someplace else." Currently, I black out my SSN on that one form mentioned above. No problem after doing this for several years now - sure enough, I DO actually get billed - EVERY time. Go figure.

I bring all this up because, clearly, none of these places takes medical privacy seriously. The 3 clinics are spread across the country, so this is not "isolated" apparently. Perhaps more importantly, with the info contained on these forms, ID theft would be child's play for anyone with the nerve to steal a hand full of forms occasionally. SSN, DOB, Address, Age, Full Name, Insurance info, etc. are all available on the forms in one convenient "ID-Theft" package. I mentioned this to one clinic and still got "the shrug". I am seriously considering making a "big deal" out of the most recent event in which my info was handed to someone else. I think I would have a case, but don't know if it would be worth the effort nor whether it would actually change behavior - even at THAT clinic.

Curious if others have "stories" to tell or advice on how such routine privacy breaches should be handled. I'm certain that YMMV.
__________________

__________________
Ko'olau's Law -

Anything which can be used can be misused. Anything which can be misused will be.
Koolau is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 07-01-2014, 10:17 AM   #2
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,879
It is kind of shocking. A few years ago I had to drop off a form for a judges signature. There was a drop box outside his office which was accessible to anyone that walked off the street. That box was full of the most intimate documents one could imagine, all in a pile for any one to read, copy or even just take.
__________________

__________________
Yes, I have achieved work / life balance.
travelover is offline   Reply With Quote
Old 07-01-2014, 10:48 AM   #3
Recycles dryer sheets
 
Join Date: Feb 2012
Posts: 436
Nowhere as egregious as your experiences, a few years ago I received a call from company X wanting my SSN as my dental office was outsourcing their billing. They stated my company's HR dept would not give them the info so they were calling me for it...huh...did they think I was stupid. Told them to pound sand.

At my next dental appt. the receptionist commented on my refusal to provide the info and seemed surprised at my refusal to do so...told her I don't provide confidential info over the phone to people I don't know. As I was sitting in the waiting area, others overheard this exchange and there were a few chuckles/knowing nods.

Banks are just as bad. Due to mail theft in my area I always have new checks delivered to the bank for pickup. My bank no longer does this because the mailman delivers the mail to an unsecure area where anyone can walk by and grab stuff. I suggested they could easily solve this and all I got was a shrug.
__________________
TrvlBug is online now   Reply With Quote
Old 07-01-2014, 11:13 AM   #4
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Jul 2006
Posts: 11,017
Koolau, this casual attitude to patient privacy is simply unacceptable. If I were you I would complain to the Hawaii Medical Board.
__________________
Meadbh is offline   Reply With Quote
Old 07-01-2014, 11:23 AM   #5
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Apr 2013
Posts: 5,569
When I w*rked I had to take HIPPA training every year. These are serious failures to follow the law. When your information was accidentally given to another patient, the facility was required to report it. I would ask to talk with their HIPPA compliance director to express your concerns. Otherwise, report it yourself to the state board, and find a new facility.

Glad the third time this post didn't cause the application to crash. Recovery doesn't appear to work unless your in full screen mode.

Sent from my SAMSUNG-SGH-I337 using Early Retirement Forum mobile app
__________________
MRG is online now   Reply With Quote
Old 07-01-2014, 11:27 AM   #6
Thinks s/he gets paid by the post
Koolau's Avatar
 
Join Date: Jul 2008
Location: Leeward Oahu
Posts: 3,244
I suppose sooner or later the types of privacy breaches we've experienced will "blow up" big time. Sort of like back in the day when medicine bottles and packages (like Tylenol) were not secure (i theorized that possibility long before cyanide was substituted for acetaminophen.) If a huge theft (or number of thefts) is ever traced back to these "shrugged off" practices, then people will get serious about the issue. Until then, as long as ID thieves don't get greedy, there are dozens of small breaches they can exploit which may never be traced back to the culprit. But if I (an "honest" person) can think of this stuff, one would think the low life - er, professional ID thief - could figure a way to steal just enough to make a comfortable living without raising too many eyebrows (or, more importantly, leaving an obvious trail to where info was stolen.)

All of this ignores the "medical' part of the privacy issue. Who wants anyone else to know if you have toe fungus or were ever treated for one of "those" diseases, or had implants or hair transplants, or substance addiction, etc. etc. It's just difficult for me to understand how those in the medical field can be so blaze' about such things. YMMV
__________________
Ko'olau's Law -

Anything which can be used can be misused. Anything which can be misused will be.
Koolau is offline   Reply With Quote
Old 07-01-2014, 11:35 AM   #7
Thinks s/he gets paid by the post
Koolau's Avatar
 
Join Date: Jul 2008
Location: Leeward Oahu
Posts: 3,244
Quote:
Originally Posted by Meadbh View Post
Koolau, this casual attitude to patient privacy is simply unacceptable. If I were you I would complain to the Hawaii Medical Board.
Actually, the most recent breach was back on the mainland. I typically spend a couple of months in this location and get some of my medical screening, etc. done at that time. But, the SSN issue did happen to be in Hawaii. I researched it very thoroughly at the time. I found out that I can legally withhold my SSN from almost anyone (banks, gummint agencies not included). So, I don't have to give a clinic my SSN. BUT, they don't have to treat me if I don't. (If the gaters don't getcha, the skeeters will.)
__________________
Ko'olau's Law -

Anything which can be used can be misused. Anything which can be misused will be.
Koolau is offline   Reply With Quote
Old 07-01-2014, 11:38 AM   #8
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: May 2004
Posts: 11,615
The medical privacy issues will be getting worse, not better. In the old days everything was on paper, then we went to electronic recordkeeping that was primarily "in office" to new federal requirements for easy sharing between medical providers. Obviously, all this "freeing up" of medical information can have positive aspects, but medical privacy and data security are not among them.
__________________
"Freedom begins when you tell Mrs. Grundy to go fly a kite." - R. Heinlein
samclem is online now   Reply With Quote
Old 07-01-2014, 11:56 AM   #9
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Apr 2013
Posts: 5,569
HIPPA regulates Protected Health Information, among other stuff. It includes the 18 items protected for healthcare. Some are more for id theft. Name, SSN......

http://en.m.wikipedia.org/wiki/Prote...th_information
__________________
MRG is online now   Reply With Quote
Old 07-01-2014, 12:05 PM   #10
Thinks s/he gets paid by the post
Koolau's Avatar
 
Join Date: Jul 2008
Location: Leeward Oahu
Posts: 3,244
Quote:
Originally Posted by samclem View Post
The medical privacy issues will be getting worse, not better. In the old days everything was on paper, then we went to electronic recordkeeping that was primarily "in office" to new federal requirements for easy sharing between medical providers. Obviously, all this "freeing up" of medical information can have positive aspects, but medical privacy and data security are not among them.
How true. At my appointment today, the young lady (mid 40's, heh, heh) giving me the test showed me how to access my OWN data using their (or "some" - I forget) web site. I was not reassured to think that it would be so readily available on line, considering what I had just gone through at the admissions desk. She was so nice I never mentioned my concerns (what could she do?). Still, it's difficult to believe that we as a society have allowed this to happen (in the name of better health care.) So, let me get this straight: The clinic has all of my data out there on a web site, but it still takes 15 minutes at EACH visit just to gather the same info again. What is wrong with this picture? Reminds me of when they told us (all those years ago) about the coming "paperless" record keeping. I never generated so much paper in all my life as when my computer (ca. 1990) crashed. From then on, I made hard copies of EVERYTHING and stuffed them into my desk at w*rk. Saved my bacon more times than I care to recall. Now we're "improving" our medical care by placing everyone's files in a place where any hacker (or gummint agency - can you spell n. s. a. or i. r. s.? - will have access to it.) Yes, yes, I know. I'm a dinosaur. Still, it took a half trillion ton rock from space to kill my "ancestors" off. They must have had something going for them - even if it was only a healthy dose of skepticism and some very think skin. YMMV
__________________
Ko'olau's Law -

Anything which can be used can be misused. Anything which can be misused will be.
Koolau is offline   Reply With Quote
Old 07-01-2014, 01:02 PM   #11
Thinks s/he gets paid by the post
Live And Learn's Avatar
 
Join Date: Feb 2012
Location: Tampa Bay Area
Posts: 1,689
Ko'olau's Law -

Anything which can be used can be misused. Anything which can be misused will be.

~~~~~~~~~~~~~

Is that signature line new or are you psychic ?
__________________
"For the time being no discipline brings joy, but seems grievous and painful; but afterwards it yields a peaceable fruit of righteousness to those who have been trained by it." ~
Hebrews 12:11

ER'd in June 2015 at age 52. Initial WR 3%. 50/40/10 (Equity/Bond/Short Term) AA.
Live And Learn is offline   Reply With Quote
Old 07-01-2014, 02:04 PM   #12
Moderator Emeritus
aja8888's Avatar
 
Join Date: Apr 2011
Location: The Woodlands, TX
Posts: 7,156
Koolau: I have often dealt with the SS number thing and the thought has crossed my mind as to just making up some random set of numbers and put that down on their form. Kind of like a "Meh" event. (not saying you should do this though)
__________________
aja8888 is offline   Reply With Quote
Old 07-01-2014, 02:07 PM   #13
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
haha's Avatar
 
Join Date: Apr 2003
Location: Hooverville
Posts: 22,384
Quote:
Originally Posted by Koolau View Post
Just got back from the Doc's office. Each time one visits this particular clinic, the staff "extracts" all the same info (medical insurance cards, phone, address, blah, blah, and etc.) I had been two weeks ago and went through the same "inquisition" with the exact same staff for the exact same doctor. But that's not what I want to talk about. Following the 15 minutes of wasted time (theirs and mine) I was given a 3 page form which contained all of my info, including meds and significant past procedures and conditions. I was supposed to review it and then keep or destroy at my will if it was all correct. Since I had just reviewed the same info 2 weeks prior, I asked the staff to shred it. Apparently, they did not. As I was waiting for my appointment, an old buddy from my previous w*rk came in just after I did. He went through the same process and was then handed the form to review. We sat and talked for perhaps 15 minutes when I accidentally glanced at his 3 page form. Unfortunately, it was not his - it was mine. I mentioned it to him and he went back to the staff who eventually found his form in the regular trash. I assume that's where mine went upon its return.

At another doctor I see on a regular basis, they have a fairly similar procedure of inquisition followed by a review form. BUT on their form, the SS number is listed. I once asked why and they said it was needed for billing. I asked if the doctor or his staff actually had to input my SS each time or didn't their computer have that number already (since it is capable of printing it out correctly each time.)? They shrugged. I noticed shortly thereafter that the forms, which are given to the doctor's nurse or other assistant upon being called back to the office ALL end up in an (for want of a better term) "in-out" box. The office area is often unattended and I considered simply confiscating the few dozen forms from the "box" - just to see if it got their attention. I'm sure that would have been illegal though it would be easy to avoid detection. I did NOT ever do it (though I could have at the time of any doctor visit.)

At another clinic I used to visit, the procedure included a photo copy of DL and all insurance cards (including Medicare.) Once again, the resulting copies were placed in a similar "box" where pretty much ANYONE - not just other clients - could have access. No security of any kind was in place other than having staff behind the counter most (not all) of the time.

I have pushed back on all of these situations to one extent or another - going so far as to sit down with one of the clinic's administrators - that time about the SSN being prominently displayed on every form. I have been totally rebuffed and pretty much told (in a nice way) "If you don't like it, go someplace else." Currently, I black out my SSN on that one form mentioned above. No problem after doing this for several years now - sure enough, I DO actually get billed - EVERY time. Go figure.

I bring all this up because, clearly, none of these places takes medical privacy seriously. The 3 clinics are spread across the country, so this is not "isolated" apparently. Perhaps more importantly, with the info contained on these forms, ID theft would be child's play for anyone with the nerve to steal a hand full of forms occasionally. SSN, DOB, Address, Age, Full Name, Insurance info, etc. are all available on the forms in one convenient "ID-Theft" package. I mentioned this to one clinic and still got "the shrug". I am seriously considering making a "big deal" out of the most recent event in which my info was handed to someone else. I think I would have a case, but don't know if it would be worth the effort nor whether it would actually change behavior - even at THAT clinic.

Curious if others have "stories" to tell or advice on how such routine privacy breaches should be handled. I'm certain that YMMV.
Medical practices do pretty much whatever they please. The docs have the whip hand.

Ha
__________________
"As a general rule, the more dangerous or inappropriate a conversation, the more interesting it is."-Scott Adams
haha is online now   Reply With Quote
Old 07-01-2014, 02:14 PM   #14
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Jul 2006
Posts: 11,017
Quote:
Originally Posted by haha View Post
Medical practices do pretty much whatever they please. The docs have the whip hand.

Ha
Ha, I don't know where you got that idea, but I assure you that physicians are bound by the law of the land and by the rules of their professional associations, and may be held to account if they do not follow them.
__________________
Meadbh is offline   Reply With Quote
Old 07-01-2014, 02:20 PM   #15
Moderator Emeritus
Bestwifeever's Avatar
 
Join Date: Sep 2007
Posts: 16,373
DH recently had surgery and he finally, he thinks, got the list of medications pared down to the active ones vs. every medication he has ever been prescribed by our drs. I do think electronic records are a great idea for sharing information by medical personnel, but leaving printouts of them where anyone can see/take them, not so great. Our drs' offices had signs up for a while that the electronic records are much safer from theft than than the paper records, which I thought was interesting.
__________________
“Would you like an adventure now, or would you like to have your tea first?” J.M. Barrie, Peter Pan
Bestwifeever is offline   Reply With Quote
Old 07-01-2014, 02:26 PM   #16
Thinks s/he gets paid by the post
imoldernu's Avatar
 
Join Date: Jul 2012
Location: Peru
Posts: 4,616
Big Brother is watching... Big Sister, Big Neighbor, Big Bank, Big FA, Big WalMart, Big Amazon, Big Google, Big Facebook (especially in current news) Big Crooks...

I gave up... my life's an open book. the only salvation is the gold coins buried in a coffee can in my back yard.

Lends new meaning to the word "Security"....

"Depends"
__________________
imoldernu is offline   Reply With Quote
Old 07-01-2014, 03:19 PM   #17
Thinks s/he gets paid by the post
Live And Learn's Avatar
 
Join Date: Feb 2012
Location: Tampa Bay Area
Posts: 1,689
I only include the last 4 digits of my SSN when it is asked for. I don't ever remember being questioned on it.
__________________
"For the time being no discipline brings joy, but seems grievous and painful; but afterwards it yields a peaceable fruit of righteousness to those who have been trained by it." ~
Hebrews 12:11

ER'd in June 2015 at age 52. Initial WR 3%. 50/40/10 (Equity/Bond/Short Term) AA.
Live And Learn is offline   Reply With Quote
Old 07-01-2014, 05:48 PM   #18
Recycles dryer sheets
 
Join Date: Aug 2011
Location: Atlanta
Posts: 420
about 15 yrs ago we were suppose to put our ssn's on our time sheet and leave them out for anyone who wanted to see them. (the in box for the sec)
one day my boss asked me why my ssn changed every pay period so since then I started using the same fake ssn. (this time sheet had nothing to do with payroll, they used it as an identification number)
I have never given my SSN to a Doctor or Dentist always leave it blank. But one time I ended up in the ER and I used the fake on then. the only reason they want it is to collect. Since I payed my bills they will never need my SSN
and if someone sees my personal info. in the trash bag they will get the fake one.

the sad part about your post is the fact that they do not care about your
privacy and this will have no effect on their life but it can financially ruin
yours.
__________________
SJ1_ is offline   Reply With Quote
Old 07-01-2014, 06:03 PM   #19
Recycles dryer sheets
Derslickmeister's Avatar
 
Join Date: Feb 2014
Posts: 249
Unfortunately, this is the new normal. It's not just medical privacy, it's privacy period. You can kiss it good bye. The casual attitude you mention has permeated into pretty much all areas of life...
__________________
Derslickmeister is offline   Reply With Quote
Old 07-01-2014, 06:12 PM   #20
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
haha's Avatar
 
Join Date: Apr 2003
Location: Hooverville
Posts: 22,384
Quote:
Originally Posted by Meadbh View Post
Ha, I don't know where you got that idea, but I assure you that physicians are bound by the law of the land and by the rules of their professional associations, and may be held to account if they do not follow them.
cLeve+haP67
Then how did OP have the experience he had? I think that the Doc's responsibilities extend to training, supervising, and firing his staff members if they can't do it right. Throwing patient histories into the trash is not doing it right.

The rules of professional associations seem largely created to stem competition. How come if I go into a restaurant I see prices on the menu? My shoe repair guy or dry cleaners post prices. Getting prices out of a doctor or dentist without burning some time and often some money can be impossible.

I know you are a good doctor, and I am not talking about you. But I just had some expensive surgery and I had no idea what it was going to cost until I got my bill yesterday- 4 months after the operation, and 10 months after my first appointment with them. IMO, dentists are worse. They guard their fees as hard as we guarded the Manhattan Project.

Ha
__________________

__________________
"As a general rule, the more dangerous or inappropriate a conversation, the more interesting it is."-Scott Adams
haha is online now   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Privacy of medical information LOL! Health and Early Retirement 2 05-09-2011 02:22 PM
Medical Travel Caution - Superbug a 'consequence' of medical travel bruce1 Health and Early Retirement 16 08-19-2010 07:37 PM
Google Streetviews raises privacy issues cute fuzzy bunny Other topics 0 06-01-2007 09:05 AM
Privacy Rights vs Security samclem Other topics 11 03-14-2007 09:15 AM

 

 
All times are GMT -6. The time now is 08:57 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.