Privacy Law

Beamed Defibrillator Info Is So Private that Patients Can't Access It


Image from Shutterstock.

Some patients are clamoring for information from the medical devices they use, but the medical privacy law designed to protect them isn’t helping.

The Health Insurance Portability and Accountability Act, passed in 1996, gives patients the right to information held by doctors and hospitals, while restricting use of data from prescribed medical devices, the Wall Street Journal reports. But what are the rights of a patient with an implanted heart defibrillator that sends data to its maker, which then sends a summary report to a doctor? And just how private is medical information covered by a smartphone app used to monitor your sleep, for example, or incidents of incontinence?

The newspaper illustrates with the plight of Amanda Hubbard of Big Sandy, Tenn., who wears a defibrillator implant made by Medtronic. The device collects information about her heart-rhythm changes, which are downloaded to a wireless monitor in Hubbard’s home and sent to Medtronic. Hubbard’s doctor can then log into a Medtronic website to see the report.

When Hubbard asked Medtronic to see the information, she was informed she would have to see her doctor, the story says. Medtronic says it would have to design a new device if it wanted to give patients usable data, and it would need approval from the Food and Drug Administration. Other defibrillator makers also refer patients to their doctors.

Hubbard’s insurance had expired in 2011, and she wasn’t seeing her physician for checkups. She decided to schedule the appointment and learned the electrode attached to her heart had become dislodged. “If I had been able to follow my own reports, I would not have walked around for an entire year with a potentially dangerous problem,” she told the Wall Street Journal.

We welcome your comments, but please adhere to our comment policy and the ABA Code of Conduct.

Commenting is not available in this channel entry.