[Skip to Content]
Access to paid content on this site is currently suspended due to excessive activity being detected from your IP address 54.211.207.116. Please contact the publisher to request reinstatement.
[Skip to Content Landing]
Commentary
July 1, 2009

Ethical Collection, Storage, and Use of Public Health DataA Proposal for a National Privacy Protection

Author Affiliations

Author Affiliations: Centers for Disease Control and Prevention, Atlanta, Georgia (Dr Lee); and O’Neill Institute for National and Global Health Law, Georgetown University, Washington, DC (Mr Gostin).

JAMA. 2009;302(1):82-84. doi:10.1001/jama.2009.958

Public health agencies at all levels—local, state, and federal—collect, store, and use personal health and behavior data to meet their legal obligation to identify and control health threats or evaluate and improve public health programs or services. The foundation for this collection of health data is public trust, which requires maintaining the privacy and security of sensitive information. Despite its critical importance, there is no national standard for safeguarding data held by public health agencies. Instead, privacy safeguards are fragmented across 50 states, creating uncertain and inconsistent privacy protection.1 During the 1990s, model laws were created to ensure uniform and strong privacy safeguards,2 but countrywide adoption has proved difficult. The US Congress is currently debating privacy standards for electronic medical records,3 but these reforms do not include public health records because they are effectively exempt from the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule.4 It is now time to consider a national strategy for protecting public health data.

First Page Preview View Large
First page PDF preview
First page PDF preview
×