We are moving rapidly towards a world of de facto comprehensive cradle-to-coffin electronic medical records. Though welcome in many respects, this shift has a crucial drawback: it comes with grave risks to patients’ privacy. Discussions of medical privacy to date have tended to focus on the potential for misuse of medical records or the risk that records will be used outside of the medical context. But patients also have deep interests in controlling medical information within the healthcare context. In the past, patients were able to control the narrative of their medical histories or seek care without fully disclosing the contents of their records simply by going to new providers. Going forward, unless protections are put in place, this sort of functional privacy safeguard will become obsolete.
This Article explores what will be lost if that comes to pass. It provides a rich account of the benefits of “privacy from doctors” and explores the promise and perils of all-encompassing, easily shared health records. Protecting this form of privacy promotes intrinsic values, such as respect for patients’ autonomy and dignity, and has the potential to positively affect outcomes and the doctor-patient relationship. As regulations regarding information-blocking practices and interoperable platforms go into effect, we should avoid throwing out the baby with the bathwater. To that end, the paper sets forth some practical avenues to protect the benefits of privacy from doctors. It closes with broader reflections on what our policy approach to patients’ personal information says about the direction of our medical system more broadly.