In 2013, in southern Mozambique, foreign NGO workers searched for a man whom the local health facility reported as diagnosed with HIV. The workers aimed to verify that the health facility did indeed diagnose and treat him. When they could not find him, they asked the village chief for help. Together with an ever-growing crowd of onlookers, the chief led them to the man’s home. After hesitating and denying, he eventually admitted, in front of the crowd, that he had tested positive and received treatment. With his status made public, he now risked facing stigma, discrimination, and social marginalization. The incident undermined both his health and his ability to live a dignified life.
Similar privacy violations were documented in Burkina Faso in 2016, where community workers asked partners, in the presence of each other, to disclose what individual health services they had obtained.
Why was there such a disregard for the privacy and dignity of these citizens?
As it turns out, unbeknownst to these Mozambican and Burkinabé patients, their local health centers were participating in performance-based financing (PBF) programs financed by foreign assistance agencies. Implemented in more than 35 countries, PBF programs offer health workers financial bonuses for delivering priority health interventions. To ensure that providers do not cheat the system, PBF programs often send verifiers to visit patients’ homes to confirm that they have received specific health services. These verifiers are frequently community members (the World Bank callously notes in its “Performance-Based Financing Toolkit” that even “a local soccer club” can play this role), and this practice, known as “patient tracing,” is common among PBF programs. In World Bank-funded PBF programs alone, 19 out of the 25 PBF programs implement patient tracing. Yet the World Bank’s toolkit never mentions patient privacy or confidentiality. In patient tracing, patients’ rights and dignity are secondary to donor objectives.
Patient tracing within PBF programs is just one example of a bigger problem: Privacy violations are pervasive in global health. Some researchers and policymakers have raised privacy concerns about tuberculosis (TB), human immunodeficiency virus (HIV), family planning, post-abortion care, and disease surveillance programs. A study conducted by the Asia-Pacific Network of People Living with HIV/AIDS found that 34 percent of people living with HIV in India, Indonesia, Philippines, and Thailand reported that health workers breached confidentiality. In many programs, sensitive information about people’s sexual and reproductive health, disease status, and other intimate health details are often collected to improve health system effectiveness and efficiency. Usually, households have no way to opt out, nor any control over how heath care programs use, store, and disseminate this data. At the same time, most programs do not have systems to enforce health workers’ non-disclosure of private information.
In societies with strong stigma around certain health topics—especially sexual and reproductive health—the disclosure of confidential patient information can destroy lives. In contexts where HIV is highly stigmatized, people living with HIV are 2.4 times more likely to delay seeking care until they are seriously ill. In addition to stigma’s harmful effects on people’s health, it can limit individuals’ economic opportunities, cause them to be socially marginalized, and erode their psychological wellbeing.
Western countries, including the United States, Australia, New Zealand, and Canada—as well as many European countries—have enacted strong regulations to protect patient privacy. Citizens of low- and middle-income countries (LMICs), however, are often left exposed, as many governments do not have the capacity or resources to enact protections of their own. Even when policies do exist—such as in Mozambique’s Charter on Patients’ Rights and Obligations, which guarantees patient information confidentiality—enforcement mechanisms are weak, allowing foreign-funded health programs to operate with impunity.
Consequently, global health practitioners use their own judgement when handling patient privacy in LMICs. For some, obtaining patients’ informed consent is enough—even though patient-provider power imbalances and limited service options often leave patients with little agency to say no. Others argue that because local cultural and societal norms differ from Western ones, privacy isn’t relevant. This argument ignores the fact that Western normative values are intrinsic to development programs—including those that address gender equality, where and how women should deliver their babies, democracy, and governance practices. Put another way, some practitioners seem to choose whatever arguments will justify their medicalized—rather than human-centered—approach.
To be clear: We know that the global health community is not operating out of malicious intent, or actively trying to widen equity gaps between patients in the West and patients in LMICs. Rather, the privacy violations they promote result from their sense of urgency to improve public health.
Still, despite good intentions, the very notion that the global health community has the supreme power to judge what constitutes the appropriate balance between patient privacy and public health is an affront to LMICs’ sovereignty and their citizens’ dignity. Beyond that, it speaks to the colonialist mindset’s strong grasp on the architecture of foreign assistance.
With $36.4 billion of development health assistance flowing annually, it is long overdue for the global health community to protect beneficiaries’ fundamental right to privacy. We recommend the following:
- Enacting global regulations: At the global level, we urge the World Health Organization (WHO) to facilitate the development of a universal patient bill of rights. Beyond that, the WHO should build on its efforts to promote ethical practices in TB and HIV programs, and issue comprehensive program guidelines that protect patient privacy. Countries with large foreign assistance programs and multi-lateral agencies such as the World Bank, Gavi, and the Global Fund should be the first to champion this initiative.
- Self-regulating: Until global measures are in place, bi-lateral funding agencies should commit to following the same privacy laws and protections that exist in their own countries within global health programs they fund in LMICs.
- Ensuring compliance: Resolutions and commitments are not enough—foreign assistance agencies must ensure compliance with privacy protections. To that end, agencies should develop self-regulatory systems, as they commonly do for internal corruption or sexual abuse, to address privacy violations. This means implementing mandatory patient privacy trainings for program managers, conducting internal and external program reviews, and enforcing penalties when violations are discovered. Additionally, externally financed programs in LMICs should include earmarks to support the design and implementation of country privacy laws and regulations.
- Empowering citizens: Civil society in many LMICs is ripe and ready to advocate for patient privacy. Some civil society organizations, such as Namati, are already promoting patient rights through legal advocacy at the patient level. Many more, as we found in our analysis of more than 200 participatory governance activities across Africa, have the platforms, but not the awareness or funding to leverage those platforms for patient rights. Funders should invest in advancing civil society’s role in holding foreign assistance agencies accountable for adhering to privacy protections.
With the global push to achieve universal health coverage, global health must move beyond its paternalistic and medicalized approach. It must embrace a holistic view that prioritizes the dignity of all people, regardless of where they live.