There's a great quote by the french sociologist David Emile Durkheim about mores (another word for morality) and laws. Before I present this quote for your consideration, I'll give you the crash course intro; David Emile Durkheim was one of the founding fathers of the science of modern sociology as we know it. Durkheim was born in France on April 15, 1858 I highly recommend that you read up on him because thinkers of great thoughts are fascinating people, alive or dead.
Durkheim spent his life analyzing how societies can successfully maintain their integrity and coherence in an evolving world and one of his most important quotes is;
"When mores are sufficient, laws are unnecessary; when mores are insufficient, laws are unenforceable."
It goes without saying that this quote is super old. These words were said before Penicillin was discovered, before traffic lights were invented, before women had the right to vote in the US. I'm not going to beat a dead horse, you get it. But this quote, this noble idea that closely ties applied ethics and morality to laws, is as relevant as it ever was.
My mission as a patient privacy advocate, and the body of work on this website is dedicated to the ongoing discussion of the off-shoring of medical records. To briefly summarize the issue for those of you new to the conversation; electronic medical records are documents stored in a digital format that house very sensitive personal and demographic information about healthcare consumers in The united states. Some business entities choose to engage a foreign workforce to perform healthcare back office functions due to decreased regulation and cost savings. If you're interested in learning more about this business practice click here.
What I'd like to do is take Durkheim's quote apart and use it to illustrate a point that seems to be lost on corporate culture in The United States - especially as it applies to corporate and healthcare entities who are taking great liberties with the privacy of US patient populations.
"When mores are sufficient, laws are unnecessary...."
What this means is that a legal framework is redundant in the presence of morality. I believe that most people alive and walking on the earth today are moral. We're all flawed and self-serving to a degree, I mean, we are human after all. But, I have the optimistic world-view that most of us, regardless of what country we live in or what we do for a living, want to behave in a way that honors the common good.
However, The united states and our legislators aren't ignorant about people who who wish to harm us by compromising the integrity of our data. So while we hope that people with access to confidential information act with morality, we also acknowledge that some people are without morals, that there are bad actors out there who would love to sell the social security number of a child (which can absolutely be found in an electronic medical record) for personal gain. So, our collective realization and our response to this as a nation manifested in 1996 when HIPAA reshaped the landscape of the healthcare industry. Regulations were put in place, we established a legal structure that holds the workforce accountable for their actions. So, just in case someone's mores were insufficient, there was the possibility of jail time and hefty fines on the books.
But what about the decision to send patient data, or grant full access credentials to a foreign workforce?
Is it an act of morality to strip the patient of a layer of privacy protection that can only be offered by a US based workforce who is fully, individually accountable to HIPAA?
Is it an act of morality to have certain patient populations more vulnerable than others, solely because someone in a position of power decided it was worth paying a (supposedly) lower bill rate offered by corporations who are leveraging foreign labor?
"...when mores are insufficient; laws are unenforceable."
The last three words of this quote really drive my point home. Morality is lost when corporations and healthcare providers make the choice to over-expose their patient populations with the knowledge that there are no laws in these foreign countries which offer a reassuring level of protection. There are no laws to protect those who have the most to lose in this business arrangement because the patient is not protected. The legislation that we rely on in the United States ceases to exist for the person on the other side of the globe who is handling this sensitive data.
Ignoring that inconvenient fact is exactly what I would describe as having "insufficient mores" and, in the words of someone who died over 100 years ago, it makes our laws unenforceable.
For more information about the off-shoring of medical records please click here. And if you'd like to write a letter to your legislators to let them know you're concerned about this business practice click here.