PUBLIC HEALTH AGENCIES AT ALL LEVELS—LOCAL, STATE, and federal—collect, store, and use personal health and behavior data to meet their legal obligation to identify and control health threats or evaluate and improve public health programs or services. The foundation for this collection of health data is public trust, which requires maintaining the privacy and security of sensitive information. Despite its critical importance, there is no national standard for safeguarding data held by public health agencies. Instead, privacy safeguards are fragmented across 50 states, creating uncertain and inconsistent privacy protection. During the 1990s, model laws were created to ensure uniform and strong privacy safeguards, but countrywide adoption has proved difficult. The US Congress is currently debating privacy standards for electronic medical records, but these reforms do not include public health records because they are effectively exempt from the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. It is now time to consider a national strategy for protecting public health data.
[1]
Kathleen Franklin,et al.
THE FINAL RULE
,
1995
.
[2]
L. Gostin,et al.
The public health information infrastructure. A national review of the law on health information privacy.
,
1996,
JAMA.
[3]
Privacy and security standards.
,
2000
.
[4]
Richard Y. Wang,et al.
Data Quality
,
2000,
Advances in Database Systems.
[5]
Lawrence O Gostin,et al.
Jacobson v Massachusetts at 100 years: police power and civil liberties in tension.
,
2005,
American journal of public health.
[6]
R. Janssen,et al.
Public Goods, Private Data: HIV and the History, Ethics, and Uses of Identifiable Public Health Information
,
2007,
Public health reports.
[7]
Lawrence O Gostin,et al.
Reforming the HIPAA Privacy Rule: safeguarding privacy and promoting research.
,
2009,
JAMA.