Medical Privacy: A Two Thousand-Year Journey

In recent years, much media attention has focused on HIPAA and the protections (or lack thereof, in some cases) that it provides. But what was medical privacy like before HIPAA came into play? Did it even exist?

Yes, it did. It turns out that medical privacy has been around in some shape for over two thousand years, but for the majority of that time, it has existed to protect the physician, not the patient.

Protecting patient privacy used to be more about protecting a doctor from gossip.


Physician, protect thyself

If you read our previous blog on the history of medical records, then you know Hippocrates and his followers are credited with many professional standards. Those standards, as it turns out, include privacy. 

Here’s a quote from the oath, written between the sixth and third centuries BC: “What I may see or hear in the course of the treatment or even outside of the treatment in regard to the life of men, which on no account one must spread abroad, I will keep to myself, holding such things shameful to be spoken about.”

This discretion is partially self-serving, as Hippocrates himself reportedly warned that talking too freely about conditions and treatments (such as they were in that era) could lead to negative gossip. This, in turn, could make the physician look bad—and even undermine the faith patients had in him.

A step toward protecting the patient

As the centuries rolled on and medical knowledge slowly improved, medical privacy expanded to more specifically include the well-being of the patient. Constantine the African, writing in the 11th century, observed the trust that patients put in their physicians, for patients often confide medical secrets that “he would blush to tell his parent.”

While they were thinking more of the patient’s well-being, there was another reason for the lean toward secrecy. The Middle Ages also saw an interesting fusion of roles, as much medical knowledge was obtained and often passed down by religious authorities. In this sense, monk-physicians were also technically holy men, bound by religious law to keep the secrets of their patients.

The impact of incurable disease…On the physician

One area where medical privacy evaded the patient entirely, right up to the modern day, was that of incurable diseases. 

If a patient presented with an illness or condition that would eventually claim their life, the physician would often withhold that information, the reasoning being it would do no good to burden the individual. Instead, they would take that knowledge and share it with the patient’s family and friends.

While we can see the logic in sparing the patient this burden, we can also see where this was another grim protection for doctors against gossip. Thirteenth-century Italian surgeon Guglielmo Salicet emphasized that physicians must “discuss the condition … with the friends or relatives” because “if the patient should die, one could not say that the doctor has caused his death.” 

We see this as a gross invasion of privacy, though it did happen in recent memory. Arguments for and against this practice continue even today, with some physicians choosing to withhold information from a patient if they feel it could have a “harmful effect.” 

The modernization of medical data

Over time, medical privacy has expanded to include the protection of the patient.

Throughout most of human history, there has not been any sort of medical authority providing oversight. Instead, we have had various schools, church orders, or regions that might be known for turning out skilled physicians (or at least doctors who did not kill their patients outright).

Medicine has seen its most incredible advances in the last three centuries, and unsurprisingly, as more and more people were treated by skilled practitioners, more and more questions and, in some cases laws, came up around medical privacy. HIPAA is the most famous modern example of these laws, but even it was created largely as a reaction to changing circumstances—the need to modernize medical records and how we access and protect them. 
Debate will likely continue into the next several decades, but one thing is for sure: HealthLock will be on hand to help you protect your sensitive medical data. By monitoring your medical transactions, we can make sure your data stays right where it belongs: between you and your physician. Learn more here.