Viewpoint Paper: A Model for Expanded Public Health Reporting in the Context of HIPAA

The advent of electronic medical records and health information exchange raise the possibility of expanding public health reporting to detect a broad range of clinical conditions and of monitoring the health of the public on a broad scale. Expanding public health reporting may require patient anonymity, matching records, re-identifying cases, and recording patient characteristics for localization. The privacy regulations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) provide several mechanisms for public health surveillance, including using laws and regulations, public health activities, de-identification, research waivers, and limited data sets, and in addition, surveillance may be distributed with aggregate reporting. The appropriateness of these approaches varies with the definition of what data may be included, the requirements of the minimum necessary standard, the accounting of disclosures, and the feasibility of the approach.

[1]  Clay Shirky,et al.  A tale of three cities--where RHIOS meet the NHIN. , 2006, Journal of healthcare information management : JHIM.

[2]  Bradley Malin,et al.  A Secure Protocol to Distribute Unlinkable Health Data , 2005, AMIA.

[3]  Latanya Sweeney,et al.  Guaranteeing anonymity when sharing medical data, the Datafly System , 1997, AMIA.

[4]  William B. Lober,et al.  Review Paper: Implementing Syndromic Surveillance: A Practical Guide Informed by the Early Experience , 2003, J. Am. Medical Informatics Assoc..

[5]  Roger D. Vaughan,et al.  Reducing childhood asthma through community-based service delivery--New York City, 2001-2004. , 2005, MMWR. Morbidity and mortality weekly report.

[6]  Ronald L. Rivest,et al.  Introduction to Algorithms, Second Edition , 2001 .

[7]  CA Cassa,et al.  A Novel, Context-Sensitive Approach to Anonymizing Spatial Surveillance Data: Impact on Outbreak Detection , 2006 .

[8]  Andrew F. Nelson,et al.  Syndromic surveillance using minimum transfer of identifiable data: The example of the national bioterrorism syndromic surveillance demonstration program , 2003, Journal of Urban Health.

[9]  J. Cleveland,et al.  Guidelines for infection control in dental health-care settings--2003. , 2003, MMWR. Recommendations and reports : Morbidity and mortality weekly report. Recommendations and reports.

[10]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[11]  Colleen A Bradley,et al.  BioSense: implementation of a National Early Event Detection and Situational Awareness System. , 2005, MMWR supplements.

[12]  Elisa S. Weiss,et al.  Broadening participation in community problem solving: A multidisciplinary model to support collaborative practice and research , 2003, Journal of Urban Health.

[13]  G. Kuperman,et al.  Approaches to patient health information exchange and their impact on emergency medicine. , 2006, Annals of emergency medicine.

[14]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[15]  Wilfredo Lopez New York City and state legal authorities related to syndromic surveillance , 2006, Journal of Urban Health.

[16]  C. Redhead Public Health Security and Bioterrorism Preparedness and Response Act (P.L. 107-188): Provisions and Changes to Preexisting Law [Updated August 21, 2002] , 2002 .

[17]  S. Thacker,et al.  HIPAA privacy rule and public health. Guidance from CDC and the U.S. Department of Health and Human Services. , 2003, MMWR supplements.

[18]  Lawrence O. Gostin,et al.  Health Information: Reconciling Personal Privacy with the Public Good of Human Health , 2004, Health Care Analysis.

[19]  Denise Koo,et al.  Statutory basis for public health reporting beyond specific diseases , 2003, Journal of Urban Health.

[20]  S. Thacker HIPAA Privacy Rule and Public Health , 2003 .

[21]  R. Steinbrook Facing the diabetes epidemic--mandatory reporting of glycosylated hemoglobin values in New York City. , 2006, The New England journal of medicine.

[22]  F. Mostashari,et al.  Benefits and barriers to electronic laboratory results reporting for notifiable diseases: the New York City Department of Health and Mental Hygiene experience. , 2007, American journal of public health.

[23]  L Sweeney,et al.  Weaving Technology and Policy Together to Maintain Confidentiality , 1997, Journal of Law, Medicine & Ethics.

[24]  J. Marc Overhage,et al.  Application of Information Technology: A Context-sensitive Approach to Anonymizing Spatial Surveillance Data: Impact on Outbreak Detection , 2006, J. Am. Medical Informatics Assoc..

[25]  Kenneth D Mandl,et al.  Privacy protection versus cluster detection in spatial epidemiology. , 2006, American journal of public health.