Information gathered and recorded in association with the care of a patient is confidential, regardless of the form in which it is collected or stored.
Physicians who collect or store patient information electronically, whether on stand-alone systems in their own practice or through contracts with service providers, must:
- Choose a system that conforms to acceptable industry practices and standards with respect to:
- Restriction of data entry and access to authorized personnel
- Capacity to routinely monitor/audit access to records
- Measures to ensure data security and integrity
- Policies and practices to address record retrieval, data sharing, third-party access and release of information, and disposition of records (when outdated or on termination of the service relationship) in keeping with ethics guidance
- Describe how the confidentiality and integrity of information is protected if the patient requests.
- Release patient information only in keeping with ethics guidance for confidentiality.
AMA Principles of Medical Ethics: V
Visit the Ethics main page to access additional Opinions, the Principles of Medical Ethics and more information about the Code of Medical Ethics.