Overview
An understanding of the governmental and legislative context of public health informatics is crucial for any public health employee dealing with health information of individuals, whether as patients, health plan enrollees, or the subjects of collected data. Whether a public health agency is defined by function or by delegated governmental authority, the agency itself and its contractors are subject to state and federal laws defining the privacy rights of patients. The single most important federal law governing the use of information by public health agencies and their contractors is the Health Insurance Portability and Accountability Act of 1996 (HIPAA),1 which applies to or must be taken into account by all healthcare organizations in the United States. The regulations issued by the US Department of Health and Human Services under HIPAA impose comprehensive restrictions on the use and disclosure of individual health information, whether that information appears on a computer device, exists in paper form, or is contained in an oral communication. Federal public health agencies must also comply with and take into account the requirements of the Privacy Act of 1974, which does not apply directly to private organizations but may be applied to agency contractors, vendors, or researchers by agency policies or contractual provisions. Most states have laws controlling the collection and use of information by public health agencies that are equivalent to the federal Privacy Act, which by the same principles apply directly to state agencies and indirectly by policy or contract to private organizations. Many states have also enacted or are considering health information privacy laws applicable to both public and private organizations. While federal Privacy Act requirements are likely to be harmonized with and integrated into HIPAA’s privacy requirements, state law privacy protections that are more stringent than HIPAA will continue to apply. Finally, a public health agency operating a Web site must be aware of privacy issues related to user data it collects and of risk management principles connected to the operation of interactive health communications systems. Emerging consumer protection principles make it necessary to disclose information collection activities, while in some cases federal Food and Drug Administration (FDA) regulations may limit the ways information may be provided to the public.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References and Notes
The actual act is quite lengthy and most of it concerns matters not relevant to this discussion, such as health insurance reforms. The relevant portions of HIPAA are found in the “Administrative Simplification” section, HIPAA Title II Subtitle F. This section does not set out many details, but instead authorizes and directs HHS to issue regulations on a variety of information-processing oriented matters, including privacy and security protections.
Starr P. The Social Transformation of American Medicine New York: Basic Books; 1982.
Privacy Act of 1974, 5 USC §552a.
Protecting the Privacy of Patients’ Health Information; Summary of the Final Regulation [press release]. Washington, DC: Department of Health and Human Services; December 20, 2000.
Standards for Privacy of Individually Identifiable Health Information, 65 Fed. Reg. 82462, 82805, 45 CFR 164.501 (2000).
Standards for Privacy of Individually Identifiable Health Information, 65 Fed. Reg. 82813, 45 CFR 164.512(b)(1) (2000).
Standards for Privacy of Individually Identifiable Health Information, 65 Fed. Reg. 45 CFR 164.512(b)(1)(i) (2000).
Standards for Privacy of Individually Identifiable Health Information, 65 Fed. Reg. 82820 45 CFR 514(h)(ii) (2000).
Eng TR, Gustafson DH. Wired for Health and Weil-Being: The Emergence of Interactive Health Communication Washington, DC: US Department of Health and Human Services, US Government Printing Office; 1999.
USC § 321(h) (1996).
Nguyen FD, Regulation of Medical Expert Systems: A Necessary Evil? Santa Clara Law Review 1994;34:1187.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag New York, Inc.
About this chapter
Cite this chapter
Christiansen, J.R. (2003). The Governmental and Legislative Context of Informatics. In: O’Carroll, P.W., Ripp, L.H., Yasnoff, W.A., Ward, M.E., Martin, E.L. (eds) Public Health Informatics and Information Systems. Health Informatics. Springer, New York, NY. https://doi.org/10.1007/0-387-22745-8_4
Download citation
DOI: https://doi.org/10.1007/0-387-22745-8_4
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4419-3018-7
Online ISBN: 978-0-387-22745-0
eBook Packages: Springer Book Archive