Category Archives: Law & Medical Records

Duty of confidentiality

Posted on by
Reply

During a High Court proceeding in Kuala Lumpur, Malaysia the presiding Judicial Commissioner proclaimed that the bedrock of society’s belief would be shattered.if the medical profession do not uphold a patient’s information safe from unauthorised disclosure. This was reported on 31 October 2013 in the local English daily newspaper, The Star.

In his judgement he called upon medical professionals and hospitals to take the duty of confidentiality very seriously since they had a duty to ensure patients’ medical information were safeguarded and not disseminated in any unauthorised manner.

In passing sentence, the court then ordered a director of the Medical Centre and two others to pay RM400,000 to a community leader for revealing his psychiatric medical records. The plaintiff claimed that the documents were circulated to the residents of his community to humiliate him and which implied he was a lunatic, of unsound mind and unfit to hold positions in the NGOs. He sued for costs and other relief deemed fit by the court for negligence and failure on the part of the Medical Centre to safeguard his personal documents, and the defendants for exemplary and punitive damages – to me it is clear that the defendants’ wilful acts were malicious and wanton.

Nevertheless, I  find It is not clear from the daily’s article how the medical records landed in the hands of the two defendants who had distributed documents containing the personal particulars and medical records of the plaintiff’s treatment to other residents of the community as well as when they started to tell the residents that the documents showed that the plaintiff was a lunatic.

The moral of the story is to quote from Hillary Clinton, “In almost every profession – whether it’s law or journalism, finance or medicine or academia or running a small business – people rely on confidential communications to do their jobs. We count on the space of trust that confidentiality provides. When someone breaches that trust, we are all worse off for it.”

References:

  1. Nation, The Star Online, ‘Four pay price for revealing medical records’, viewed 31 October 2013 <http://www.thestar.com.my/News/Nation/2013/10/31/Four-pay-price-for-revealing-records-Community-leaders-medical-documents-were-distributed-to-residen.aspx>

Personal Data Protection Act 2010 – Introductory Post

Posted on by
Reply

PDPATo continue to create value for readers of this web-blog, I shall be offering through a series of posts on the Malaysia Act 709 Personal Data Protection Act 2010 (PDPA). The Act was passed by the Parliament on May 2010 and gazetted into law in June 2010.

Malaysia is not the only country with a new act of  law on privacy of data, so do take a look at the list from http://www.informationshield.com/intprivacylaws.html (this link will open in a new tab of your current browser window) which contains a number of international privacy related laws by country and region.

So much has been written already on PDPA ever since 2010, and readers can easily surf the Internet to know about this Act. So it is pointless for me to repeat topics to create awareness about this Act, for example the 7 Principles according to the PDPA requirements, and offenses and liabilities of PDPA. In fact you can scrutinise a copy of this Act which is available from “The Download List” at http://mrpalsmy.com/resources-2/the-download-list/ (this link will lead you to the act on the page “The Download List” in a new tab of your current browser window).

My concern is to examine PDPA through this series of posts, both the direct and indirect impact to healthcare in general and Health Information Management (HIM) / Medical Records (MR) practices specifically.

My plan is bring you what I understand and give my interpretation as I see it from the requirements of PDPA, right from the start of the Act 709 documentation, section by section. As I dissect the Act 709, I hope to bring you examples of both the direct and indirect impact(s),  gaps in data processing and protection from within and outside this Act, perhaps  make an attempt to identify a hospital’s  organisational maturity plan for PDPA, and of example techniques for acceptable use of personal data against the PDPA which are amongst some areas of concern I have given thought to, and which I hope to cover in due course.

I believe that Health Information Management (HIM) / Medical Records (MR) practitioners are already aware for the need to ensure proper governance of data and information even before PDPA was an act of law in Malaysia. While I already know, and I am sure you also already know too that the PDPA is aimed at regulating the processing of the personal data of an individual who is involved in commercial transactions, I still think it is wiser to be informed about PDPA although HIM / MR  practitioners have been and are still required and regulated by professional ethics, guidelines, regulations and best practices of their organisation (hospital) to provide protection to the individual’s personal data and thereby protect the interest of the individual concerned.

I shall be as non-technical in preparing the posts (as after all I am not a solicitor) and I hope to cater to the local HIM / MR management and executives who are dealing with day to-day personal healthcare related data processing. At the end of the series of the posts, I hope you and me will have a better understanding of what is PDPA, why it is important, where it fits into the hospital as an organisation and how to take the necessary steps to address it.

Laws of Malaysia (LOM) which may affect healthcare in Malaysia

Posted on by
2

Health Information Management (HIM) / Medical Records (MR) practitioners in Malaysia need to be aware of government statutes – especially those which may directly or indirectly affect healthcare in general and HIM / MR management in particular in Malaysia, while they go about discharging the duties.

I have a list below of Malaysian laws which I think may directly or indirectly affect healthcare in Malaysia. This is just a list in alphabetical order, and I suggest Health Information Management (HIM) / Medical Records (MR) practitioners explore any of them to increase their legal awareness to help them understand their legal rights, remedies, responsibilities & obligations.

I am no law expert, and this condensed list (each table of this list will open in a new tab of your current window for a larger view of each table) will not be here on this post if not for the complete list of the Laws of Malaysia (LOM) series available online from Mylawyer.com.my (this link will open in a new tab of your current browser window), Malaysia’s free online legal resource, providing free legal information, articles, and government statutes. To quote Mylawyer.com.my :

“the following …… alphabetical list of laws in the Laws of Malaysia (LOM) series up to Act 655. The LOM series is a compilation and reprint of laws published in volume form pursuant to Section 14A of the Revision of Laws Act 1968 [Act 1]. It is the only official and authoritative publication of the laws of Malaysia. The LOM series incorporates all principal laws of Malaysia enacted after 1969 and pre-1969 laws which have been revised by the Commissioner of Law Revision. There are 40 volumes in the LOM series comprising the Federal Constitution in volume 1 and Acts 1 to 655 from volumes 2 to 40. The LOM series incorporates all amendments up to 1 January 2006 except otherwise indicated in the relevant law.”

Slide1 Slide2

Suggestions are welcome to improve this list.

I have also quoted some of these laws from the list above in previous post of the blog.

References:
MyLawyer.com.my, 2013, viewed 9 February 2013,< http://www.mylawyer.com.my/index.php >

Written Discovery – Introduction

Posted on by
Reply

written-discovery-logThis post is a follow-up to the subject of written discovery I talked about in the post JCI Standard MCI.20.1, ME 1 (Part 1) – risk management, in “The organization has a process to aggregate data in response to identified user needs.” (this link will open in a new tab of your current browser window).

I am writing from common knowledge and experiences and I must confess I am no legal authority but I have used facts in this post based on matters relating to public domain circulars and proceedings I had been part of.

In Malaysia and even in your country it is increasing common when individual healthcare providers and hospitals face a real threat of becoming defendants in malpractice lawsuits.

Some common potential-litigation warning signs of an impending malpractice lawsuit may include instances when (i) the hospital administration receives an executed patient authorisation for release of medical records produced by a lawyer and usually accompanied (if not at a later date) request for copies of medical records/medical report(s), ,films and billing records, (ii) when patient and/or family that is very upset about an unexpected or dramatic outcome sends in a written compliant or even heated verbal exchanges occur in the care area(s) or when the patient and/or family present themselves at the hospital administration, and (iii) when a letter is sent to the press and is published in the newspapers or a press conference is called by the aggrieved parties. Whatever the circumstances maybe, the requests for the production of documents and tangible items already signals that there is reasonable belief that a lawsuit may be filed.

I shall not cover a spoliation action, a type of action not yet a phenomenen in Malaysia when a patient can seek damages not for negligent medical care, but for a breach of the duty to preserve medical evidence from the loss of medical information like key medical records or films,  medical devices or instruments used during the care and treatment, and even the loss of non-medical information such as phone records.

In preventing a spoliation action and in general, I think Health Information Management (HIM) / Medical Records (MR) practitioners should always maintain health information, and communication protocols for preserving health information with effective medical information maintenance policies and procedures through consistent and established policies. Your actions and practices will help control unnecessary hospital litigation losses and increase efficiency when answering inquires from legal, regulatory, or accreditation agencies.

Before I write more on my next post on written discovery, I think some knowledge on some law terms is necessary.

In a civil action like for a medical-malpractice lawsuit, a claimant (“plaintiff”) will state the defendant’s actions, or omissions, which caused the claimant’s loss and files a civil claim (“lawsuit”) against the defendant(s) who usually are individual(s) doctors, hospital(s), and doctor or medical practice group(s).

The claim is to seek recovery for injuries that the plaintiff believes were caused by the defendant’s failure to meet an established professional duty of care.