Health Care

Health Privacy Principles for Protecting Victims of Domestic Violence

Date: October, 2000
Produced by: Futures Without Violence, formerly Family Violence Prevention Fund
Authored by: (in alphabetical order)

Janlori Goldman, JD
Director
Health Privacy Project
Georgetown University

Rodney M. Hudson, MA, JD
Teaching and Advocacy Fellow
Federal Legislation Clinic
Georgetown University Law Center

Zoe Hudson
Senior Policy Analyst
Health Privacy Project
Georgetown University

Peter Sawires, MA
Coordinator
National Health Resource Center on Domestic Violence
Futures Without Violence, formerly Family Violence Prevention Fund

A Santa Cruz, CA, woman was repeatedly turned down for health insurance following review of medical records that detailed beatings by her husband.ⁱ

Donna, a client at a domestic violence agency in Gilroy, was injured by her partner. She went to the hospital but was afraid to go inside because she was aware of the mandatory reporting law. She spent the night in her car in the hospital parking lot and did not receive necessary medical treatment for the injuries she sustained.ⁱⁱ

Since women often interact with the health care system for routine or emergency care before they turn to law enforcement or other domestic violence services,ⁱⁱⁱ health care professionals are in the unique position to identify abuse and intervene early on. The health care system in the United States increasingly works with domestic violence advocates and service providers to respond to victims of domestic violence through screening, assessment, documentation, intervention, and referral.

Advocates have long emphasized the importance of detailed documentation of abuse in medical records and the importance of maintaining the confidentiality of all the records of battered women. Documentation provides vital evidence for victims who seek future legal recourse including custody disputes, stay-away/restraining orders, or other civil or criminal proceedings.

Proper documentation also improves quality of care by drawing connections between violence and other health issues. If providers do not document abuse they may not recognize its role in other health conditions, and may be less able to intervene to improve the health status of victims and their children.

In addition to injuries sustained during violent episodes, physical and psychological abuse are linked to a number of adverse physical health effects including arthritis, chronic neck or back pain, migraine and other frequent headaches, stammering, problems seeing, sexually transmitted infections, chronic pelvic pain, stomach ulcers, spastic colon, and frequent indigestion, diarrhea, or constipation.^iv Abuse is also directly related to adverse mental health effects. Twenty-nine percent of all women who attempt suicide were battered,^v 37% of battered women have symptoms of depression,^vi 46% have symptoms of anxiety disorder,^vii and 45% experience post-traumatic stress disorder.^viii

Not only does domestic violence affect the life of the victim through physical injury and psychological stress, research has consistently shown that children who witness domestic violence are more likely to exhibit behavioral and physical health problems as they mature.^ix Additionally, domestic violence often coexists with direct child abuse. Fifty percent of men who frequently assault their wives also assault their children.^x

However, as the health care system identifies and supports victims of domestic violence in a more systematic fashion, patients may become vulnerable to further abuse and unwelcome exposure through the inappropriate disclosure of their health information. For example, perpetrators who discover that a victim has sought care for injuries and disclosed the abuse may retaliate with further violence. Employers, insurers, law enforcement agencies, and even members of a victim's community who discover abuse in health records may discriminate against a victim or alert the perpetrator.

To ensure that the benefits of health care intervention are achieved, these privacy concerns must be adequately addressed. Who has access to medical records? What laws exist to protect the privacy of medical records? What are the consequences of disclosures not anticipated or controlled by patients?

Contrary to popular belief, the information people share with their health care providers has never remained absolutely confidential. Health information is shared to process claims, for public health purposes, for quality review and oversight, research, to investigate fraud and abuse, to secure advice or a second opinion, to inform family members of a patient's condition, or to evaluate the care delivered by a provider. Currently, information may be given without a patient's specific consent to family members, employers, researchers, law enforcement officials, or data processors. (See attached diagram illustrating the flow of health information.)

All policy, protocol, and practice surrounding the use and disclosure of health information regarding victims of domestic violence should respect patient autonomy and confidentiality and serve to improve the safety and health status of victims of domestic violence.

This paper describes this fundamental principle and related issues in more detail and offers advocates, providers, and policy makers specific privacy principles to help maximize the privacy of sensitive health information for victims of domestic violence.

Part One: Understanding Health Information Use and Disclosure

I. Documenting domestic violence in medical records

Domestic violence advocates, health care providers, and criminal justice personnel agree that proper documentation of domestic violence in medical records is essential for the following reasons:

Continuity of care: As people return for future care, change providers, see specialists, or seek emergency care, the medical record helps ensure that the patient receives appropriate and continuous care, and that each provider understands the role that abuse plays in the presenting medical condition.

Evidence: The medical record can serve as compelling evidence in legal proceedings including criminal prosecution, child custody, and other civil matters.

Justification for funding and public policies: Complete and accurate data will help advocacy efforts to increase funding for shelters and other services and encourage local, state, and federal agencies to adopt effective public policies.

Reimbursement: Reimbursement for medical services is often tied to coding. Victims of domestic violence may need services beyond the treatment of physical injuries including risk assessment, counseling, and other services. Proper coding and documentation can facilitate reimbursement for much needed additional services.

Risk management: A provider or institution may be held accountable for failure to diagnose and record instances of abuse, or for not delivering necessary care. Proper documentation protects providers against liability.

Justification for services: Insurance companies, the Medicaid system, and HMO's are primarily data driven. It is necessary to document the need in order to justify enhanced services and the allocation of resources.

While documenting domestic violence is crucial for these reasons, improper disclosure of health information can pose serious safety, discrimination and emotional risks to the patient.

II. The Risk of Disclosure

Many disclosures of personal health information are necessary for the effective delivery of and payment for health care. But who has access to this information? When should patients be able to limit the disclosure of their health information, even to providers and insurers? As sensitive health information changes hands, consumers may lose control over who has access, when, and for what purposes.

More troubling, there is no comprehensive federal law that protects the privacy of medical records. Instead, a loose collection of ethical guidelines, licensing requirements and state laws dictates who gets access under what conditions. For people with sensitive or stigmatizing conditions, this often-uneven protection can result in discrimination, unwelcome exposure, or threats to physical safety. A comprehensive federal law can provide a much-needed baseline of protections. Providers, advocates, administrators, and state policy makers also need to implement privacy safeguards that go beyond the federal standard in order to respond to the specific needs of their practices, communities, institutions, and states.

Recent national surveys document that rising fears about the lack of privacy protections for health information are leading people to withdraw from full participation in the health care system. One out of every six people engage in some form of privacy-protective behavior to shield themselves from unwanted disclosures- people withhold information from or lie to their providers, pay out-of-pocket or avoid submitting a claim, doctor-hop in an attempt to keep their records separate, and, in the most serious cases, avoid care altogether.^xi

For victims of domestic violence, the need for privacy is particularly acute. While battered women share concerns with other health care consumers around discrimination and privacy issues, real safety concerns make the disclosure of health information a significant risk. Information in the wrong hands can be used to further victimize a woman and may make her less likely to access health care services in the future.

While all consumers have some concern about the disclosure of their health information, victims of domestic violence have some specific privacy concerns.

Spousal Access

If an abusive spouse discovers that his victim has disclosed violence to a provider it can pose serious safety threats to her. Not understanding the consequences of such disclosure, many institutions may directly or indirectly provide sensitive medical and health information to immediate family members. For example, the perpetrator may access documentation of domestic violence in a child's medical record if he is a parent or legal guardian.^xii Records may also include current contact information (such as a phone and address) which may be obtained by a spouse whose partner has fled. In addition, bills or explanations of benefits may be mailed to a shared home alerting a perpetrator of care received for domestic violence injuries.

Employers

Because many employers provide health care coverage -- and sometimes health care -- to employees and their families, employers are often privy to personal health information. Many consumers worry that employers can use health information to discriminate against them in hiring, firing, and promotion decisions. While some laws (such as the Americans with Disabilities Act) prevent employers from using health information in certain ways, there are few laws restricting employers access to health information in the first place. Employee claims of disability-based discrimination or unlawful medical inquiries continue to arise and both disabled and non-disabled employees pursue their claims at great cost and effort. Ultimately, privacy must be the first line of defense against employers that discriminate based on sensitive medical information. Since battered women may miss more days of work due to abuse, and since there is still significant social stigma placed on victims of domestic violence, an employer might deny promotion or other workplace opportunities.

Law Enforcement

Law enforcement officials may obtain health information in three circumstances. First, many states require health care providers to report instances of domestic abuse to law enforcement or other government bodies. States have different rules regarding mandatory reporting and there is a great deal of disagreement about how effective these laws are in promoting patient safety and documenting abuse. Several studies, including a 1998 report by The National Research Council and the Institute of Medicine,^xiii have questioned whether mandatory reporting requirements limit the ability to care appropriately for victims by reducing patient willingness to disclose violence or by decreasing safety through unnecessary or inappropriate intervention. Many laws do not allow patients to object and may not require providers to inform patients of these reporting practices prior to screening for abuse. As such, victims may not be able to plan for their safety before a report is made.

Second, law enforcement officials regularly audit and investigate health care providers and insurers. In these fraud and abuse investigations, law enforcement officials obtain patient information -- including claims information and medical records. Most often, individual patients are never aware that their information has been obtained by law enforcement. Here, the danger is that information obtained for the fraud and abuse investigation against a provider, instead may be used against the patient.^xiv

Finally, law enforcement officials may obtain health information in criminal investigations against an individual. Some states require law enforcement to present a warrant or court order before they can obtain medical records. Other states allow much more liberal access. Patients may or may not be informed about the disclosure to law enforcement.

Insurers and Related Organizations

Insurance companies collect and share a great deal of personal health information for many purposes. A few routine activities raise particularly important privacy concerns.

Billing communications: Insurers, primary care providers, and specialists may bill a patient separately. Insurers may also send a patient an explanation of benefits that could include domestic violence information, even where there is not a claim to be paid. As a result, it may be hard for a patient to control where bills and other information are mailed.

Contact information: Some women receive insurance through their partner's insurance and may choose to retain that coverage even when they leave the relationship. The partner, as the policyholder, however, may be able to use new contact information held by the insurance company to locate her.

Disease management programs: Disease management is loosely defined as a systemic, population based approach to identify persons at risk, intervene with specific programs of care, and measure outcomes. These programs take many forms, but all involve additional communication by providers and health plans with the patient, either at home or at work. Patients may be enrolled in programs without their knowledge or consent after being diagnosed with certain conditions. The program may be conducted in partnership with another company, such as a pharmaceutical company. This could lead to a letter or even phone call to a victim of domestic violence that might alert the abuser to care received.

Many insurers also share information with the Medical Information Bureau (MIB). MIB is a membership organization of more than 600 insurance companies. When an individual applies for insurance, he or she may unknowingly authorize the insurance company to check with MIB to verify that the information provided is accurate. MIB does not have a file on everyone. MIB reports are compiled on those with serious medical conditions or factors that might affect longevity. If MIB has a file on an individual, that person has the right to see and correct the file.^xv

This kind of data-sharing is particularly troubling for victims of domestic abuse because a woman may be turned down for insurance, or charged higher rates, when an insurance company learns that she has a history of abuse. Additionally, organizations, including credit and banking institutions, may use insurance information regarding abuse or other conditions to restrict or deny important services to battered women.

Community

Patients may be concerned about the availability of information in their medical record to other individuals. An employee at a hospital, for example, may be concerned about other employees having access to their medical record. Likewise, patients in small communities may have more concerns about their ability to receive confidential care since health care personnel handling records may know the patient and perpetrator. For a victim of domestic violence, this can lead to stigma or discrimination in the community, and can also alert the perpetrator that the victim has sought needed care.

III. Privacy Protections in State and Federal Law

The Health Insurance Portability and Accountability Act

There is some good news: the 1996 Health Insurance Portability and Accountability Act (HIPAA) set deadlines for the implementation of federal health privacy rules. HIPAA required the Secretary of the Department of Health and Human Services (DHHS)to issue regulations if Congress failed to enact comprehensive health privacy legislation by August 21, 1999.

Congress failed to act by the deadline. In fact, despite the introduction of more than a dozen proposals, health privacy legislation has not even emerged from one Congressional committee. As required under HIPAA, the Secretary of DHHS released draft regulations. The public comment period ended in February 2000; final regulations are expected fall 2000.

While the regulation will provide a new baseline of protections, there are some significant shortcomings. The proposed rules, for example, only cover health plans, health clearinghouses, and health care providers who transmit claims in electronic form. Therefore, a large segment of those who hold health information will likely remain beyond the scope of the regulations.

Nevertheless, the regulations include a number of areas that are particularly important for victims of domestic violence and their families. Many domestic violence agencies and advocates submitted comments requesting that these areas be strengthened to protect battered women. It remains to be seen how the final regulations will address these key issues.

Directory Information. Under what circumstances can a hospital or health care institution tell family members, press, or the public about a patient and his or her health status?

Disclosure to Next of Kin. What information, including information in a medical record, can be shared with family members? Can a parent or guardian see their child's full medical record? Can an individual access their spouses' insurance information?

Insurance communications. Can a patient prevent a provider or insurance company from sending information, such as an explanation of benefits to the home?

Again, the final regulation is due to be finalized by the end of the year. While this new rule is critical to improving health privacy protections, it is only an interim measure. Congress has the authority to pass a comprehensive federal law at any time to supplement and strengthen the regulations. There is also some concern that even as DHHS moves forward with regulations, Congress may act to limit or override them.

Protections in State Law

The federal regulations, when finalized, will provide a "floor" of protections. Stronger state laws will remain in effect, and states will be free to enact privacy protections that are stronger than the federal regulation. Right now, however, very few states have comprehensive laws.^xvi What does this mean for consumers?

First, the same health information may be afforded more or less protection depending on who is holding the information. For the most part, states have different laws for different entities that possess health information. This makes some sense: a school, hospital, and insurance company all have different information needs. But this approach may leave people vulnerable as information moves between entities. A state, for example, may protect the information held by a hospital, but not protect the same information when an insurance company holds it.

Second, certain types of health information may be treated differently. Nearly every state has laws that specify privacy protections for specific medical information such as HIV/AIDS, genetic information, and communicable diseases. Many of these laws were passed to encourage people to seek testing and treatment without fear of exposure.

In some cases, however, the privacy protections were enacted hand-in-hand with mandatory reporting requirements. A doctor, for example, may be legally obligated to report domestic violence, a positive test for HIV, a birth defect, or a patient with tuberculosis to public health officials or law enforcement. The result is that while many state privacy laws require that information remain confidential, reporting laws require that information be disclosed without the knowledge or consent of the patient.

Finally, state laws have not kept pace with the changing health care delivery system and new demands for health information. As information changes hands, it is increasingly unclear as to who has responsibility for maintaining the confidentiality of the information. Many state laws do not apply to new users of health information such as data clearinghouses, HMO's, benefit managers, and drug companies. The new federal regulations will only fill in a piece of this gap.

Part Two: Privacy Principles for Maximizing Safety and Maintaining Quality Health Care for Domestic Violence Victims

A victim of domestic violence, concerned for her safety, may be discouraged from seeking health care services because she fears that her health information will not remain confidential. As discussed in Part One, health care practice and policy, in many areas, has also fallen short of implementing privacy protections that adequately address the health care, safety, and discrimination concerns of domestic violence victims.

Given the consequences of inappropriate disclosures, it is crucial that everyone interested in improving the safety and health status of battered women get involved to ensure adequate privacy protections at every level -- from institutional policies to federal laws.

The following guiding principle and specific principles are designed to improve and build upon existing confidentiality safeguards to ensure that domestic violence victims are not placed at an increased risk of retaliatory violence, discrimination, harassment, denial of insurance benefits, and other harm. Advocates, providers, administrators, oversight agencies, and policy makers can use these principles to improve health care delivery through health care practice, institution, and system reforms, as well as Federal and State legislation.

Guiding Principle:

Adopting and implementing effective legislative, institutional, clinical practice guidelines, and protocols at every level of the health care system is a necessary step to adequately address the privacy concerns of domestic violence victims. Federal legislation is crucial to establish comprehensive baseline protections for the use and disclosure of sensitive health information. State and local statutes are also necessary to respond to the specific needs of different communities.

Even when federal and state protections are in place, legislation alone cannot ensure that a victim's privacy is protected. Advocates, policy makers, providers, and health care administrators must work together to develop policies and protocols for different health care entities. Community clinics, for example, handle health information very differently from large HMO's, so internal privacy policies need to be tailored accordingly. Likewise, technological capacity will also differ between health care facilities. While numeric or alpha coding (a code assigned to a sensitive medical record that de-links a patient's name from sensitive information) may be a practical solution in a large computer based hospital, it may not work in a very small rural clinic. Regardless, policies and protocols should respect a victim's autonomy to make health care decisions that increase her safety and health status. Policies and protocols that have adequate privacy protections will encourage victims to discuss domestic violence with their health care providers.

All efforts to provide greater protections should involve the input of battered women and domestic violence advocates.

Specific Principles:

1. DE-IDENTIFIED INFORMATION: Personal identifiers should be removed, to the fullest extent possible, before information is used or disclosed

Information that does not identify an individual patient is less likely to jeopardize the confidentiality or safety of the victim. As such, information that could be used to identify an individual -- such as name, address, telephone number, and social security number -- should be removed wherever possible. Government and private data collection efforts should endeavor to use de-identified or anonymous information. To encourage the use of anonymous information, less stringent rules and regulations regarding use and disclosure should apply.

It should be noted, however, that it might be difficult to determine when health information is anonymous, or not. Depending on the context, the same information could be anonymous, or could identify a patient. In a small data set, for example, a birth date might reveal a person's identity. That same information, however, in a large data set may not be revealing. Individual organizations will have to determine if there is a risk of identification and protect the data accordingly.

2. SAFEGUARDS: Health care organizations should implement security safeguards to prevent unauthorized access to health information

Appropriate safeguards should be in place to protect health information from unauthorized access. Minimum safeguards include:

Limit access to personally identifiable health information on a need-to-know basis. For example, employees of health care institutions should only have access to medical record information necessary to perform their job duties. Staff access to information regarding abuse can create risks for victims, particularly when a victim lives in a smaller community or is employed by a health care institution. Likewise, any disclosure of health information to employers should be limited to employees who work within the health care component of a business such as an office manager or personnel managing health benefits.

Remove personal identifiers. (See Principle #1: De-identified Information.) to the fullest extent possible and practical

Limit disclosures to the minimum necessary. All disclosures of personally identifiable information should be limited to the information necessary to fulfill the purpose of the disclosure. Limiting the disclosure of health information can significantly reduce the possibility that information will fall into the wrong hands. For example, the entire medical record should not be released to process a claim. Only the information that is necessary to secure payment should be disclosed.

Maintain audit trails. Health care organizations should maintain a record of disclosures of information that identifies an individual. These audit trails can be used to identify individuals who have accessed health information without authorization.

As organizations adopt more sophisticated technologies, they should aim to build in the appropriate level of privacy protections. More technologically advanced organizations, for example, should consider whether they are able to provide patients with a greater degree of anonymity through the use of pseudonyms, identification numbers, or segregation of information.

3. PATIENT ACCESS: An individual should have the right to access, correct, amend, and supplement her or his own health information

Individuals should be permitted to access and copy their own health information, including an audit trail of disclosures. Individuals should also be permitted to correct and amend inaccurate information and supplement information that may be incomplete. Information about domestic violence may be used properly, but inaccurate or incomplete information can result in retaliatory violence, discrimination, harassment, difficulty in legal proceedings, or embarrassment. As such, the holder of inaccurate information should be required to provide a correction to all of those entities that have received incorrect or incomplete information.

4. NOTICE: Individuals should receive notice of how health information is used and disclosed

By clearly and simply stating information practices, health care providers and institutions will help domestic violence victims better evaluate safety and discrimination concerns. For example, a victim could choose not to voluntarily disclose sensitive information about violence if she feels that the policy does not provide adequate protections and could jeopardize her safety.

At a minimum, victims should be provided with a notice of information practices prior to initial enrollment in a health plan and/or the first time she sees a new provider. Notice should also be provided whenever policies change. The notice should be appropriate to the population served, taking into consideration reading levels and languages of the population served. Whenever possible, providers should remind patients about how their health information will be used and disclosed prior to screening for domestic violence.

A victim has an important safety interest in knowing whether and to whom health information is released. Where information is disclosed without patient authorization -- such as in the case of mandatory reporting -- a victim should be notified of the disclosure. The notification should be provided as far in advance of the disclosure as possible. In particular, because victims of domestic violence are sometimes subject to retaliatory violence, the victim needs to be notified of any law enforcement activity regarding the victim or the perpetrator, or disclosure to the perpetrator. By informing the victim of the disclosure, the health care entity or provider will better enable the victim to take any necessary safety precautions. Whenever possible victims should also be notified when such requests are made, even if they are not fulfilled.

5. PATIENT AUTHORIZATION: Identifiable health information should not be disclosed without patient authorization

Personally identifiable health information should not be used or disclosed without patient authorization. A single consolidated authorization may be obtained for the use and disclosure of health information for "core" health care services, namely, treatment and payment. Authorization for all other uses and disclosures should be specific and voluntary.

Written authorization provides an initial moment for a domestic violence victim to raise questions about privacy protections and can bolster the patient's trust in the health care system. Under current law, a patient may be required to sign a single, consolidated authorization for disclosures directly related to treatment and payment. If the patient refuses to sign the authorization, he or she may be refused care. While health plans and providers may require a patient to sign an authorization for core health care services, the patient should have the opportunity to ask if the authorization can be modified to accommodate specific confidentiality concerns.

Patients should have the right to restrict the use and disclosure of health information beyond those core services (treatment and payment). For example, patients should provide specific authorization before disclosure for marketing purposes. In such cases, patients should be permitted to refuse to sign the authorization and still receive health care services and reimbursement for services to which they are entitled.

Directory Information and Next-of-Kin:

When a patient is admitted into a health care facility, directory information -- which includes the name, location, and condition of the patient -- may be available to the general public. This is problematic for victims of domestic violence because a perpetrator could easily use this information to locate a victim. Individuals who are capable of opting out or limiting the amount of information to be included in the directory should be given the opportunity to do so upon admittance.

If a provider reasonably believes that an incapacitated or unconscious victim's injuries could be the result of domestic violence the health care entity should not disclose the location of the individual through directory information even though the patient has not formally opted out. Health care providers should be given discretion to make these decisions. (See Principle #6: Provider Discretion.)

Access to information beyond what is provided in directory information -- such as access to medical records by next-of-kin -- should be granted only with the explicit consent of the patient. Providers should verify who is requesting information as next of kin.

Minors:

Information regarding treatment about a minor who lawfully obtains health care without the involvement of a parent should remain confidential and not be shared without the minor's authorization. Under current law and practice, parents generally consent to care on behalf of their children and have access to their medical records. However, where the minor can lawfully consent to treatment without the involvement of a parent, information about abuse and other health services should remain confidential and should not be shared with parents without the minor's consent.

The latest research suggests that teen dating violence occurs at alarming rates.^xvii ^xviii ^xix Without strong privacy protections, teens may be reticent to access treatment or to disclose abuse to a provider. Minors who are able to consent to treatment should also determine how and when to inform parents about abuse. Even well intentioned parents may take actions that could endanger the minor.

6. PROVIDER DISCRETION: Health care professionals should have broad discretion to withhold information from third parties when disclosure could harm the patient who is the subject of the information

Even where an individual has authorized the release of information, a provider may determine that extra precautions are necessary to safeguard the patient's confidentiality and safety. Therefore, health care professionals treating victims of domestic violence should have broad discretion to withhold information from third parties if they reasonably believe that disclosure may harm the patient -- either physically or emotionally. For example, a patient may have signed an earlier authorization to allow information to be shared with other providers. However, the primary care provider may choose not to disclose information about the abuse to other providers.

7. ALTERNATE ADDRESS: A victim should be permitted to provide alternative contact information for billing and other communications

A victim should be able to request that bills, explanations of benefits, routine calls and other health care communications be sent to an alternate address. Some victims may be fearful of being located by their abuser. A provider or insurer could inadvertently reveal a victim's whereabouts in billing communications. Alternately, a victim may still reside with her perpetrator, but not want him to know that she has sought care, or that she has disclosed abuse to a health care provider. In both these instances, it is critical to allow the victim to identify an alternate billing and contact address. Notifying patients that they have this right should be part of the standard notification. (See Principle #4: Notice.)

Whenever possible, providers should relay the alternate contact information to other third parties, including other providers treating the patient. For example, in pro-fee billing, a provider may bill a patient separately, but receive the patient's contact address from a primary provider or a health plan. In such circumstances, the provider or health plan disclosing the address should only disclose the alternate billing address.

When a patient is being treated by multiple providers who are not part of the same network, the primary care provider should help to educate patients about how billing will be handled, and when and how other providers or third parties may contact the patient.

8. WARRANTS AND COURT ORDERS: Health information should not be disclosed to law enforcement personnel without a warrant or court order and only relevant information should be disclosed in civil proceedings

Victims may be reluctant to report violence if they know that the police could access information shared with a provider. To ensure that there is independent review of law enforcement access to medical records, information should not be disclosed to law enforcement without a warrant or court order.

Private litigants may seek a court order to compel the other party to disclose health information including information regarding abuse. Disclosures for court and administrative proceedings should be limited to issues relevant to the proceeding, and individuals should be given an opportunity to object to the disclosure. Court orders should identify specific information to be disclosed, specify to whom the information may be disclosed and state that the information cannot be used for other purposes.

If information is requested by a private litigant without a court order, such as in discovery, the holder of information should only disclose the information that is directly responsive to the request.

In all circumstances, individuals whose information has been requested should have reasonable notice of the request and reasonable opportunity to object to the disclosure on the basis that the individual's privacy interest outweighs the interest of the person seeking the information. A notice requirement would allow a victim to take the necessary precautions to make sure sensitive information does not reach the perpetrator. Or, in cases where disclosure must occur, proper notice would provide time for the victim to provide for her own safety.

9. MANDATORY REPORTING: Mandatory reporting and other laws specifically related to domestic violence should be examined and amended as necessary to address privacy

Many state mandatory reporting and child abuse laws may not adequately address the confidentiality concerns of domestic violence victims. Advocates, policy makers, and criminal justice personnel should closely examine their state statutes and current practices to determine if mandatory reporting laws may jeopardize patient safety or reduce the likelihood of patients seeking care. At a minimum, providers should discuss reporting and confidentiality concerns before information is collected so that individuals are aware of what information may be disclosed to authorities.

10.CHAIN OF TRUST: Privacy Protections Should Follow the Data

Health information will be used and shared for a variety of purposes. Data holders have an ethical responsibility to maintain public trust by treating health information in a confidential manner and should be held accountable for the ways in which they use, maintain, and disclose personally-identifiable health information. Health information that identifies individuals should be subject to consistent requirements, regardless of the entity holding the data.

Recipients of health information should be bound by the protections and limitations attached to the data at the initial point of collection by existing or subsequent authorizations. In effect, the protections attached to the data at its source flow with it unless there is another authorization with varying protections. Responsibility for adhering to these obligations is based on a chain-of-trust-model, which requires that agents, contractors, and receiving entities without their own authorization "step into the shoes" of the disclosing entities.

11. PENALTIES: Strong and effective remedies for violations of privacy protections should be established

Improper use and disclosure of sensitive health information may result in further abuse, harassment, discrimination, termination of employment, denial of insurance benefits and other harm. To be truly effective, health privacy policies must be supported by a set of comprehensive and strong remedies for violation of the policies.

Health care organizations should establish appropriate employee training, sanctions, and disciplinary measures for employees and contractors who violate confidentiality policies. Strict civil penalties and criminal sanctions should be imposed for violations of state and federal privacy laws.

In addition, individuals whose information is improperly used or disclosed should be permitted to seek legal recourse to recover economic damages such as lost wages, non-economic damages such as emotional distress, and punitive damages for knowing and willful violations.

Conclusion

While the health care system clearly offers a unique and critical opportunity for responding to domestic violence, the widespread use and disclosure of health information can put victims at risk. Efforts to improve the health care system's response to victims of domestic violence need to address the unique safety and privacy needs of victims of domestic violence. Advocates, state and federal policy makers, administrators, providers, and survivors must work together to protect patient privacy while still promoting domestic violence identification, documentation and response.

The Family Violence Prevention Fund is committed to the development and implementation of effective health privacy policies. As part of this commitment, we would like to help health care providers and systems and domestic violence advocates learn about effective methods of protecting patient privacy. The Family Violence Prevention Fund's National Health Resource Center on Domestic Violence would like to include these examples in the resources it provides to those who call the center for assistance. Please send successful strategies, protocols, and statutes to Peter Sawires, former coordinator of the HRC at FVPF. (peter@fvpf.org or 383 Rhode Island Street, Suite 304, San Francisco, CA 94103)

www.FuturesWithoutViolence.org

Federal Legislation Clinic
Georgetown University Law Center
111 F. Street, NW, Room 340
Washington, DC 20001-2095
202-662-9595 / Fax 202-662-9682

www.law.georgetown.edu/clinics/flc

Health Privacy Project
Georgetown University
2233 Wisconsin Avenue, NW, Suite 525
Washington, DC 20007
202-687-0880 / Fax: 202-687-3110

www.healthprivacy.org

References

ⁱ Pennsylvania Coalition Against Domestic Violence and the Women's Law Project, Insurance Discrimination Against Victims of Domestic Violence, 1998.

ⁱⁱ Quoted in Mandatory Reporting of Domestic Violence by Health Care Providers: A Policy Paper by Ariella Hyman for the Family Violence Prevention Fund, November 1997.

ⁱⁱⁱ Holt, V., Kernic, M., Wolf, M., "Rates & Relative Risk of Hospital Admission Among Women in Violent Intimate Partner Relationships," American Journal of Public Health, Vol. 90 (9), 2000.

^iv Coker, A., Smith, P., Bethea, L., King, M., McKeown, R., "Physical Health Consequences of Physical and Psychological Intimate Partner Violence," Archives of Family Medicine, Vol. 9, 2000.

^v Stark, E. and Flitcraft, A., "Killing the Beast Within,: Woman Battering and Female Suicidality," International Journal of Health Sciences, Vol. 25(1), 1995.

^vi Housekamp, B.M. and Foy, D., "The Assessment of Posttraumatic Stress Disorder in Battered Women," Journal of Interpersonal Violence, Vol. 6(3), 1991.

^vii Gelles, R.J. and Harrop, J.W., "Violence, Battering, and Psychological Distress Among Women," Journal of Interpersonal Violence, Vol. 4(1), 1989.

^viii Housekamp and Foy, 1991.

^ix Jaffe, P. and Sudermann, M., "Child Witness of Women Abuse: Research and Community Responses," in Stith, S. and Straus, M., Understanding Partner Violence: Prevalence, Causes, Consequences, and Solutions. Families in Focus Services, Vol. II. Minneapolis, MN: National Council on Family Relations, 1995.

^x Straus, M., Gelles, R., and Smith, C., Physical Violence in American Families: Risk Factors and Adaptations to Violence in 8,145 Families. New Brunswick: Transaction Publishers, 1990.

^xi California HealthCare Foundation, National Survey: Confidentiality of Medical Records, January 1999. The survey is available at http://www.chcf.org.

^xii T. Zink, "Should Children Be in the Room When the Mother is Screened for Partner Violence?" Journal of Family Practice, Vol. 49, February 1, 2000.

^xiii National Research Council and Institute of Medicine, Violence in Families: Assessing Prevention and Treatment Programs. Washington D.C.: National Academy Press, 1998.

^xiv Ben Walker, an employee of the Federal Bureau of Investigation for 32 years, had been seeing a psychiatrist for depression. Walker's psychiatrist was later investigated for alleged billing improprieties. While the psychiatrist was found innocent of any wrongdoing, the investigator removed medical records from the doctor's office, and forwarded information to Walker's employer, the FBI. Subsequently, the FBI placed Walker on administrative leave, even after finding that he was fit for duty. Statement of Wanda Walker before the Committee on Labor and Human Resources, U.S. Senate, October 28, 1997.

^xv MIB can be contacted at www.mib.com or 617-426-3660.

^xvi For a comprehensive summary of state health privacy laws, see The State of Health Privacy: An Uneven Terrain, Joy Pritts, et al, Health Privacy Project, available at www.healthprivacy.org.

^xvii Cohall, A., Cohall, R., Bannister, H., Northridge, M. "Love shouldn't hurt: strategies for health care providers to address adolescent dating violence," Journal of the American Medical Women's Association, Vol. 54, 1999.

^xviii Jackson, S., Cram, F., Seymour, F. "Violence and Sexual Coercion in High School Students' Dating Relationships," Journal of Family Violence, Vol. 15, 2000.

^xix Neufeld, J. McNamara, J., Ertl, M. "Incidence and Prevalence of Dating Partner Abuse and Its Relationship to Dating Practices," Journal of Interpersonal Violence, Vol.14, 1999.