can a patient sue a dr. who has violated the patient /dr confidentiality law?
A physician is required by law to uphold patient confidentiality to the utmost degree as is outlined by HIPAA ( Health Insurance Portability and Accountability Act). When you first started being treated, you would have signed a document that states that the office will respect your PHI ( protected health information) and disclosure the information only for purposes of treatment and payment ( for example, if you went into the hospital, the hospital to obtain your records from the prescibrer in order to help treat you).
If the office released your information to anyone besides a person that was treating you or trying to bill your insurance ( such as your work, spouse, etc), then this is absolutely a violation of your HIPAA rights. This law is mandated by the federal government and violation of this can result in fines against their license and if the intent was malcicious, they can be banned from practice and jailed. If it was an accidental disclosure, there are still fines that will be applied.
I assume that you are inquiring about a regulated, licensed healthcare practitioner such as a physician, psychologist or nurse. Although privacy rules associated with laws such as HIPAA (Health Information Portability and Accountability Act) and FERPA (Family Educational Rights and Privacy Act) generally ensure and assure clients of protection of personal health information, there are limits and exceptions. Healthcare professionals work in both medical facilities as well as academic institutions and medical/health information can be preserved in both types of institutions. In addition to the limits and exceptions, there are significant differences in the standards promoted by HIPAA and FERPA and depending on the case or situation, the laws leave some provisions open to interpretation or legal definition. This can contribute to a significant lack of clarity for clients.
Your age and consenting capacity may be important too in determining the amount of information that can be disclosed, under what specific conditions and to whom. To make matters more complicated HIPAA allows medical facilities such as hospitals to provide visitors and callers general medical status of patients and their location unless otherwise specifically forbidden by the patient. There can be several exceptions and limits to confidentiality such as: a situation where a minor is at clear and imminent risk of harm or needs protection, the client is at risk of self-harm or suicide or of harming someone else – i.e., the duty to warn and to protect the vulnerable can potentially over-ride confidentiality rules, in spite of dr-patient privilege.
Generally, patients have access to their own records unless access is deemed by the clinician to be potentially harmful to the patient. It is always a good idea to discuss with your healthcare practitioner, the reasons and circumstances surrounding his or her decision to disclose private information and how much was actually disclosed. It is also a good idea to speak to a lawyer experienced with privacy rules in specific institutions where the healthcare professional practices – hospital, private practice, community walk-in clinic, college, high school. Should you wish to follow up on any specific case with regards to this issue in greater detail, do not hesitate to contact me. I am not a lawyer by I have expertise in ethical and practice standards. Hope this helps.