A patient's family helps him out of bed despite directions to the contrary by staff members. The patient falls and is injured.
Excessive silver nitrate is put into the eyes of a newborn, impairing vision.

The mother of the child complains about the care that has been given to her child and informs a staff member that she is going to talk to her lawyer about what has happened.

When a member of the staff becomes aware of an incident, he has a responsibility to make the hospital command aware of the situation. The mechanism for doing this is the incident report system. Incident reports are designed to promptly document all circumstances surrounding an event, to alert the commanding officer, quality assurance coordinator, and other involved administrators and clinicians of a potential liability situation, and, in a broader sense, to establish an information base on which to monitor and evaluate the number and types of incidents that take place in the facility.

Because incident reports, by their very nature, contain a great deal of information that would be of interest to persons filing claims or lawsuits against the Navy for alleged substandard medical care, and because the law recognizes the need for hospitals to have a reliable means of discovering and correcting problems, most states have enacted laws that make incident reports confidential. In other words, a person cannot obtain a copy of an incident report to help in their legal action against the hospital.

However, incident reports can lose their "protected" status if they are misused or mishandled. It is important, therefore, to treat these reports like other confidential documents. You must strictly limit the number of copies made and the distribution of the reports. Do not include the report in the patient's treatment record. The report should be limited to the facts and must not contain conclusions. Finally, the report should be addressed and forwarded directly to the quality assurance coordinator of the hospital. Further guidance concerning the Risk Manage- ment Program, the program that governs incident reports, can be found in BUMEDINST 6010.21.

RELEASE OF MEDICAL INFORMATION
Two federal statutes, the Privacy Act and the Freedom of Information Act (FOIA) combine to establish the criteria for collecting, maintaining, and releasing medical treatment records.

Freedom of Information Act
The Freedom of Information Act governs the disclosure of documents compiled and maintained by government agencies. A written request for Department of the Navy records that explicitly or implicitly refers to FOIA must be responded to in accordance with the provisions of the Act. The Department of the Navy will make available to any person all documents, not otherwise exempt, provided the requester reasonably describes the records sought and promises to pay for reasonable search and photocopy costs. Each naval activity is responsible for developing procedures for ensuring the prompt handling, retrieval, and review of requested records. The official having responsibility for the records has 10 working days to respond to the requester.

A naval record will be withheld only when it is exempt from disclosure under FOIA. One basis for exempting a record from disclosure applies to personnel, medical, and similar files, the release of which would constitute a clearly unwarranted invasion of personal privacy. This concern over clearly style="mso-spacerun: yes"> unwarranted privacy intrusion is reflected in the provisions of the Privacy Act.

Privacy Act
The public's concern over the inner workings and functioning of the government was the reason for the creation of the FOIA. However, it became obvious that a balance had to be made between the public's right to know and other significant rights and interests. One of these competing interests was the protection of an individual's personal right to privacy. In response to this need, the Privacy Act of 1974 was enacted. The stated purpose of the Privacy Act is to establish safeguards concerning the right to privacy by regulating the collection, maintenance, use, and dissemination of personal information by federal agencies.

The Privacy Act requires federal agencies to

permit an individual to know what records pertaining to him are collected, maintained, used, or disseminated by the agency;
permit an individual to prevent records pertaining to him and obtained by the agency for a particular purpose from being used or made available for another purpose without the individual's consent;

permit an individual to gain access to information pertaining to him in federal agency records, have a copy made for all or any portion thereof, and correct or amend such records;

collect, maintain, use, or disseminate any record of identifiable personal information in a manner that ensures such action is for a necessary and useful purpose, that the information is current and accurate, and that adequate safeguards are provided to prevent misuse of such information;

permit exemptions from the requirements of the Privacy Act only in those cases where there is specific statutory authority to do so; and
be subject to civil suits for any damages that occur as a result of willful or intentional violation of any individual's rights under the Privacy Act.

In addition, any officer or employee of an agency who willfully violates certain provisions of the Privacy Act is subject to criminal prosecution and fines.

Under the Privacy Act's provisions concerning disclosure of information, there are several circumstances under which naval treatment records and their contents can be disclosed. Included are disclosures to employees of the Department of the Navy who have a need to know the information. Also included are disclosures to a person under compelling circumstances affecting health or safety, pursuant to a court order, and to another government agency for civil or criminal law enforcement activities. Circumstances under which the release of medical information is appropriate are discussed in chapter 12, Health Records, and in the section of this chapter concerning law enforcement personnel.