Thursday, August 1, 2013

Confidentiality and Laboratory Error



Reporting information to the WRONG person is an error that really annoys me.  Over my working years I have been involved in more than 60,000 wrong communications situations.  I see every one of these as a potential confidentiality breach.  To me it is a BIG DEAL,

I accept that Errors happen, and that many, indeed most are slips or simple mistakes, and that the preponderance of these slips are of little consequence.  Slips and simple mistakes are to a large extent, human foibles that cannot be eliminated but can be reduced, especially by having an active quality management system that includes elements of audit and risk assessment.  

I also acknowledge that I may be overly sensitive but being a recipient of errant reports puts me in the middle of a patient confidentiality breach which is beyond my control, and at the same time, puts a huge onus on me to fix someone else’s mistake.  It costs me time, effort, energy and money.  

Misdirected information,  in my opinion cannot be included within  the classification of slips and mistakes because the intrusion into confidentiality raises the consequences significantly.

Personally I thought I that I had finally solved my long-term problem because I I previously informed all key offices and organizations that I would not take any responsibility for misdirected information, and then changed my address when my programs were moved to a new location.  But I was wrong.  

I have three stories from the last little while, that stand out from the all the others.  They indicate how pervasive casualness of patient information has become in our culture.

First story.   I received a letter from a lawyer’s office requesting information on a patient.  This is not an unusual request, but became complicated because I was aware of the patient in question; not because I had a professional relationship with the person, but a social one.  I contacted the lawyer’s office by telephone giving them my name, their file number, the date of the letter and explained that they had unfortunately sent their letter to the wrong person.  I chose to not mention the additional complication of compromised identification.   What transpired was that the lawyer’s office somehow saw this was my fault and that I had an obligation to inform them in writing and return the misdirected letter back to their office.  Being polite was a bit of a challenge, but for some reason, I actually complied.  Stunningly, six weeks later, I got a “letter of second notice” from the same lawyer demanding my file information on the same patient.       

Second story.  I recently was in the hospital and was referred to a clinic for follow-up.   The day following discharge I received a telephone call from the clinic to set up my appointment.  Having set an agreed upon time, I said, that was great.  Please send me an email confirmation, to which I was informed that they do not send emails confirmations because of concerns about confidentiality breaks.  Good for them; clearly they have thought their way through some of the confidentiality issues.  OK, just send me a notice to my home address, which they could do.  The problem was that they had a wrong address.  Not only was it a wrong address, it was one that my wife recognized because it was the home address of a friend with whom I share a common first name with her husband.  “I think you are talking to the wrong Michael” I said.  “Which Michael do you think you are talking to?”  I inquired, and confirmed the mixup.  Unbeknownst to me, the husband had a similar problem and was referred to the same clinic.  Someone entering the data had integrated our two files.

Third story.  In today’s mail I received a letter from an insurance company marked “Personal and Confidential” send to my address, but not intended for me.    
So here is my point.  Where I live, attention and focus on confidentiality seems to get lip service at best.  Confidentiality breaches happen all the time and they never go away, and they are pervasive through all parts of our collective society.
I can account for some (many or even most) as the result of slips and distractions.  I suspect that many result from overworked people putting out volumes and volumes of communications.  

When some organizations try to fix the problem (like prohibiting email confirmations) often their solutions fai.  They don’t solve the problems; if anything they make situations worse.  

The tragedy is that misdirected information can be avoided with even really simple quality improvement solutions, like double checking before sending out confidential material and when there is a breach, receiving and recording notification of error and implementing remedial action.   If you can prevent and fix them all, then at least you can fix some today, and aim to prevent some others  tomorrow.

But the first step, it seems to me, is to first, to give a damn.

PS:
As an addendum, out Quality Conference is attracting attention from Canada, the US, the middle East and India.  We are pleased with the rate of registrations.  Those thinking about attending should consider registering soon. 

1 comment:

Comments, thoughts...