Patients have rights of privacy and access to their records, but neither federal nor state law explicitly extends property rights to patients. For instance, patients do not have the right to sole possession or to the destruction of their original records.
Privacy law (which grows out of tort law) may appear to give patients property-like control, but privacy rights enable patients only to block access, not to sell the information, and privacy governs only clinicians and payers, not anyone else who might possess the information.
Ownership of paper records was never much in doubt.
Clinicians, as owners of the paper records they maintain, can give or sell medical records to other clinicians for treatment purposes and block access by anyone except the patient.
Insurers own the tangible vessels in which they store patients’ medical information.
Patients have rights of privacy and access to their records.
In the emerging era of electronic health informatics, few other medicolegal questions are more critical, more contested, or more poorly understood. The ARRA of 2009 allocates up to an estimated $20 billion to implement clinical information systems, and it aims for the use of electronic health information “for each person in the United States by 2014.” It fails, though, to resolve who owns this massive increase in electronic information. This legal uncertainty presents a major obstacle to integrating and using information about a single patient from various clinicians and hospitals.
Deception and Breach of Fiduciary Duty
Other Common Law Actions—Fraud and Deceit
Prohibiting Genetic Discrimination
Contracting for Greater Protection and Participation
Outlaw Genetic Discrimination
Prohibit Nonresearch Use
Enhance Data Security
Punitive Damages and Penalties