The AMA was founded in part to establish the first national code of medical ethics. Today the Code is widely recognized as authoritative ethics guidance for physicians through its Principles of Medical Ethics interpreted in Opinions of AMA’s Council on Ethical and Judicial Affairs that address the evolving challenges of contemporary practice.
Information gathered and recorded in association with the care of a patient is confidential, regardless of the form in which it is collected or stored.
When there is reason to believe that patients’ confidentiality has been compromised by a breach of the EMR, physicians have a responsibility to follow ethically appropriate procedures for disclosure. The degree to which an individual physician has an ethical responsibility to address inappropriate disclosure depends in part on his or her awareness of the breach, relationship to the patient(s) affected, administrative authority with respect to the records, and authority to act on behalf of the practice or institution.
In handling patient data, individual physicians should balance supporting and respecting patient privacy with upholding their ethical obligations to the betterment of public health. The use of data for the benefit of public health should be treated as a form of public good in which the standards and values of health care should follow the data and be upheld and maintained. Those with access to datasets have a duty to uphold the ethical values of health care in which the data were produced.
