Privacy Protection in the Dental Office

MeSH Key Words: confidentiality; dental records; informed consent

© J Can Dent Assoc 2001; 67:316-9

Dr Richard Speers has dedicated a great deal of his time to personal data protection. he has served as a  member, and later chair, of CDA’s ethics committee and represented the Association on the Canadian Standards Association’s (CSA) privacy standards implementation committee. In this interview with JCDA editor Dr. John O’Keefe, he discusses patient and dentist privacy, the impact of collecting health information on the dentist –patient relationship, and dentistry’s role in protecting patient privacy.

How did you become interested in the issue of privacy?

– A number of years ago, my physician retired and transferred his patient files to a public health unit. After conversations with public health nurses, it became evident to me that the staff of the public health unit had reviewed the files as a form of entertainment. Though my own file is quite boring, it was more than troubling to learn of the intrusion.

Later, while chairing the practice advisory committee of the Ontario Dental Association (ODA), I encountered a major insurer who thought that the release of information on the dental claim form gave his company the right to enter the dentists’ offices to photocopy patient charts and appointment sheets. Clearly, patient consent did not give unlimited access. Information within the chart (such as the medical history) was highly sensitive and had no bearing on dental benefits coverage.

What are the threats to the privacy of the individual dentist or patient?

– Patients divulge very intimate details to physicians and dentists to enable them to address health complaints. Without a clear limit on the sharing of such information and some degree of privacy, patients will not be forthcoming with important disclosures.

As well, we cannot ignore the dreams of marketing organizations who see health information as a saleable commodity that can be used for targeted marketing. As more personal data are accumulated, third parties are able to develop revealing personal profiles for purposes totally unrelated to the disclosure made in a therapeutic setting.

Europe has much more privacy protection than North America. European constitutional documents have clearly defined an individual’s right to privacy. We have not, although Senator Sheila Finestone has introduced a Senate bill to that end. In Europe, the control for both primary and secondary use of one’s own health information has been awarded to the patient. For example, the Medical Checks Act of the Netherlands allows patient-centred control of information as well as the legal right to determine the contents of the electronic record and the scope of information-sharing among health care workers. This has been defined by the Canadian courts (McInerney vs. McDonald) but ignored by legislators.

As dentists, we have argued that claims profiles and billing patterns of individual dentists are not public information. In a one-industry town, the claims profile of a single insurer may translate to a snapshot of an individual dentist’s income. As a society, we have held that such information is confidential. Also, given the fact dentists have no legal relationship with insurers, it seems absurd that insurers would amass and perhaps publish such information.

How would the loss of privacy affect the doctor–patient relationship?

– The most obvious effect on the doctor –patient relationship would be the unwillingness of the patient to divulge the details we need to deliver safe and effective care. Patients are becoming aware that dentists and physicians are powerless to prevent the re-use of the information given in trust. As it is being designed, the electronic health record will centralize all patient information and the patient will have no control whatsoever over the contents of that record or who reads it.

Dr. Richard Speers is one of the founding members of the International Dental Ethics and Law Society (IDEALS). Board members present at the first meeting of the Society: (sitting) Yvo Vermylen (Belgium, president), (standing, l. to r.) David Frenkel (Israel, assistant-secretary), Richard Speers (Canada), Jos Welie (United States, secretary), Greg Waldron (United Kingdom, treasurer), Sefik Gorkey (Turkey), Karsten Thuen (Denmark).

What is the significance to care providers of Bill C6, Personal Information and Electronic Documents Act?

– At this point, Bill C6¹ has been proclaimed and now applies to all federally regulated areas such as communications and banking. It will not apply to health information until at least 2002. Bill C6 will apply to all areas of commercial interest (including health information) by 2004 unless there is provincial legislation that offers privacy protection similar to, or better than, C6.

Because health is provincially regulated, the provinces are responding to Bill C6 with their own legislation. As I understand it, both Alberta and Saskatchewan have passed health information bills. Ontario has announced that a bill seeking to address the issue will be on the legislative agenda.

Although there is not yet any formal legislative mandate to craft privacy protection measures in the dental office, the public pressure is present and the enactment of legislation is almost guaranteed. It is vital that all levels of the dental profession take this obligation seriously and begin the implementation of privacy policies. It will be incumbent on individual dentists to have a written policy on the collection, protection, sharing and destruction of patient records. There will be a requirement for policies on patient access, and the person in the office responsible for compliance may have to be named. As well, because we are employers, we may be required to develop policies on the personal information we collect on our employees.

One area that seems to be largely ignored is that of information-gathering on individual dentists for the purpose of public protection. In determining fitness to practice (as an example), one regulator claims a right to any or all health information about a dentist being investigated. I believe a case can be made to limit any data collection, preferably with informed consent, to the issue that may have triggered the inquiry. If, for instance, a dentist were being investigated because of a suspicion of visual impairment, request of the entire health file would seem to be an invasion of the dentist’s privacy — the scope of information that might be captured and shared is immense and much would be unrelated to the inquiry.

Legislators across Canada are attempting to develop consistent legislation to ease the burden of compliance and prevent any region from becoming a data haven. It makes sense that CDA should take a leadership role in developing policies and guidelines that our members can implement with a minimum of fuss. Otherwise, the provincial associations will be tasked with doing the same thing over and over.

What do the CDA and other health care groups think about this bill?

– Both the Canadian Medical Association (CMA) and CDA have said that information shared by the patient in exchange for health care remains under the control of the patient. This position is consistent with the Supreme Court of Canada’s decision in the McInerney vs. McDonald case.

Other groups — including health care managers, researchers, employers and law enforcement authorities — that claim a need to know or see a benefit to access to identifiable patient information have cited the need for better data and increased accountability as reasons for claiming access to patient records.

What does the public think about the role of dentistry in this debate?

– Because CDA came on the scene earlier than many other professional groups, the public perception, including that of the Privacy Commissioner of Canada, has been positive. I believe our position was enhanced by CMA’s benchmark privacy code. The CMA Health Information Privacy Code used the CSA Model Code as its framework but acknowledged both modern bioethical standards of patient autonomy and the relevant portions of McInerney vs. McDonald. At this point, I believe CDA is viewed as a patient advocate by the general public.

What is the right balance in information disclosure between dentist and patient?

– Unless we are truly able to protect health information, there is no balance. I would argue that dentists do not need to know the most intimate details (such as psychiatric history or sex life) of a patient’s health history. There are specific questions to which we need answers, and these can be easily secured with a concise and well-posed medical history. We also have a better opportunity to learn about a patient with direct questioning and review than through access to an electronic record that would probably contain volumes of unnecessary information.

I have seen many health questionnaires that request information that is simply not relevant. Many computer software programs have a field for social insurance number, which dental staff dutifully collects. If a patient has agreed to allow an insurer to use the SIN as an identifier, then the collection is justified, but if the patient has no insurance coverage or uses a different identifier, then the collection is improper and poses the risk of data aggregation based on a common identifier. I have repeatedly asked my own software supplier to rework this field to read “insurance identifier,” but as yet to no avail. Interestingly, the draft Ontario bill identifies a legal need for software maintenance groups to develop policies to protect information.

How important is patient autonomy compared to full disclosure?

– The value of patient autonomy or self-determination is one of our most important values as a society. In simple terms, it is the right to determine what is done to oneself. Self-determination may not always be reflected in what we, as dentists, perceive as being in the best interests of patients, but it remains the patients’ right to choose what is done to them or their information.

Given the threat to patient privacy, I remain convinced that the electronic record will be incomplete because of the true threat to the patient from secondary users. Patients will (or do already) withhold information that they do not wish to share. We will not be able to get an accurate summary of the patient’s health. Some administrators believe that the electronic record will be the cornerstone of health histories, but the old-fashioned way of actually taking a history with the patient is more likely to lead to the information we need to serve the patient. After all, we have done that with success for over a hundred years. The question remains, will we respect the patient’s demand to protect that information from becoming part of a centralized electronic record? Will we be able to do that without infringing a legislated mandate to supply information in electronic format? It may well be that to secure payment, we will have to report much more information to third parties.

What can organized dentistry do to protect patient privacy?

– I think dentists should be aware that the profession has developed policies and made presentations that accept the patient’s right to self-determination. Our efforts have not gone unrecognized by consumer advocates and privacy protective organizations. Nonetheless, there are rumblings within the profession of reverting to a more paternalistic ethic, whereby we will do what is “right for the patient” in spite of patient direction, but I believe such an ethic would be shortsighted. Some factions within organized dentistry are reluctant to endorse a policy that would allow patients to determine what information is placed into electronic format. Based on this position, dentists would become the collection agency for the unlimited secondary use of sensitive information and could impair their own ability to properly serve patients. We must remain mindful of who we are actually serving.

What can individual dentists do to help protect patient privacy?

– There are a number of simple policies that can be implemented.

First, read the CSA Model Privacy Code upon which Bill C6 has been based.¹ From a health information standpoint, it is more of an access code than a privacy code — it is up to the collecting agency to define the limits of its collection and its method of obtaining consent. Bill C6 has added a clause that limits commercial data collection to elements that “a reasonable person” would consider appropriate in the circumstances, although there is no clear burden to obtain what the medical profession would term as “informed consent”. Nonetheless, CMA has used this template to develop a world-class privacy code that has been cited by European lawmakers.

Look at your own office. Has your staff been properly alerted to the sensitive nature of information you collect? Is your computer screen visible to passersby in a shopping mall? Can your patients see screens relating to other patients? Does your staff question patients in public areas about their health? Requesting responses to sensitive information in a public area is almost forced disclosure.

Review your medical history questionnaire and see if the questions truly pertain to your needs. Develop policies for your staff to handle such things as a request by an employer or insurer for a patient’s home telephone number. It really comes back to taking a detached and critical look at your own operation and implementing very simple protocols to protect your patients’ interests.

What privacy challenges are on the horizon?

– No matter how much privacy protection is afforded by legislation — which I believe will be very little — we must accept the fact that more people (regulators, law enforcement personnel, researchers, marketers, drug companies) will be looking at patient information and information relating to our own practices, frequency of procedures, income and prescribing habits. One challenge will be securing the information that we need to provide safe care. 

To find out more about ethical issues, Dr. Speers recommends…

•  One of the best starting points is the book Dental Ethics at Chairside, by Dr. David Ozar. He also administers a worthwhile association called PEDNET — Professional Ethics in Dentistry Network — based in Chicago. The American College of Dentists has sponsored 2 ethics summits and reported on these summits in 2 issues. Electronically, Dr. Jos Welie at Creighton University maintains an ethics Web site www.creighton.edu/dentalethics/  that summarizes numerous codes of ethics.