Health Data in the Information Age

Health Data in the Information Age

Use, Disclosure, and Privacy

  • Author: Lohr, Kathleen N.; Donaldson, Molla S.
  • Publisher: National Academies Press
  • ISBN: 9780309076678
  • eISBN Pdf: 9780309538213
  • Place of publication:  United States
  • Year of digital publication: 1994
  • Month: January
  • Pages: 272
  • Language: English

Regional health care databases are being established around the country with the goal of providing timely and useful information to policymakers, physicians, and patients. But their emergence is raising important and sometimes controversial questions about the collection, quality, and appropriate use of health care data.

Based on experience with databases now in operation and in development, Health Data in the Information Age provides a clear set of guidelines and principles for exploiting the potential benefits of aggregated health data—without jeopardizing confidentiality.

A panel of experts identifies characteristics of emerging health database organizations (HDOs). The committee explores how HDOs can maintain the quality of their data, what policies and practices they should adopt, how they can prepare for linkages with computer-based patient records, and how diverse groups from researchers to health care administrators might use aggregated data.

Health Data in the Information Age offers frank analysis and guidelines that will be invaluable to anyone interested in the operation of health care databases.

  • Health Data in the Information Age
  • Copyright
  • Preface
  • Acknowledgments
  • Contents
  • Summary
    • THE PROBLEM
    • INSTITUTE OF MEDICINE STUDY
    • USES AND USERS OF INFORMATION IN HDOS
      • Databases
        • Key Attributes of Databases
        • Other Characteristics of Databases
      • Ensuring the Quality of Data
    • PUBLIC DISCLOSURE OF DATA ON HEALTH CARE PROVIDERS AND PRACTITIONERS
      • Key Factors in Public Disclosure
        • Analyses and Disclosure of Results
        • Describing Analytic Methods
        • Minimizing Potential Harms
        • Releasing Data
    • STRENGTHENING QUALITY ASSURANCE AND QUALITY IMPROVEMENT PROGRAMS THROUGH DATA FEEDBACK
    • CONFIDENTIALITY AND PRIVACY OF PERSONAL DATA
      • Privacy and Privacy Rights
        • Privacy Rights
        • Confidentiality
      • Security
      • A National Identification System or Dossier
      • Personal Identifiers and the Social Security Number
        • An "Ideal" Identifier
      • Relevance to HDOs of Existing Laws on Confidentiality and Privacy
      • Recommendations Regarding Protection of Patient and Person-identifiable Data
      • Preemptive Legislation
      • Data Protection Units
      • Release of Person-Identified Data
        • Policies Relating to Access and Disclosure
      • Universal Person-Identifiers
    • THE FUTURE
  • 1 Introduction
    • ADVANCING THE PROSPECTS FOR COMPREHENSIVE HEALTH DATABASES AND NETWORKS
      • The Problem
      • The Opportunity
    • HEALTH DATABASE ORGANIZATIONS
    • THE INSTITUTE OF MEDICINE STUDY
      • The Study Committee and Its Charge
      • Questions Confronting the Study Committee
    • STUDY ACTIVITIES
    • ORGANIZATION OF THE REPORT
    • COMMENT
  • 2 Health Databases and Health Database Organizations: Uses, Benefits, and Concerns
    • DEFINITIONS
      • Database
        • Key Attributes of Databases
        • Other Characteristics of Databases
      • Data Network
      • Health Database Organization
        • The Concept of HDOs
        • HDOs Under Development
    • THE BENEFITS OF HEALTH DATABASES
      • Broad-based Benefits
      • Differential Benefits as a Function of Users and Uses
    • USERS OF INFORMATION IN HDOS
    • USES OF DATABASES
      • Assessing Access to Care and Use of Services
      • Assessing Costs and Identifying Opportunities for Savings
      • Evaluating Quality and Outcomes of Care
        • Hospital-specific Mortality Rate Studies
        • Effectiveness and Outcomes Research
        • Quality Assurance and Quality Improvement Programs
      • Planning and Monitoring Patient Care
      • Enhancing Administrative Efficiency
      • Operating Managed Care Programs
      • Strategic Planning and Selective Contracting
        • Strategic Planning
        • Selective Contracting
        • Other Business-related Uses
      • Tracking Injury and Illness, Preventive Care, and Health Behaviors
      • Promoting Regional and Community Health Planning, Education, and Outreach
        • Health Planning and Education
        • Community Outreach
      • Other Uses for HDO Databases
        • Comment
    • ENSURING THE QUALITY OF DATA
    • SUMMARY
  • 3 Public Disclosure of Data on Health Care Providers and Practitioners
    • PREVIOUS STUDIES
    • IMPORTANT PRINCIPLES OF PUBLIC DISCLOSURE
    • IMPORTANT ELEMENTS OF PUBLIC DISCLOSURE
      • Topics for HDO Analysis and Disclosure
        • Who Is Identified
        • Vulnerability to Harm
        • Methodological and Technical Issues
        • How Information Is Publicly Disclosed
    • COMMITTEE FINDINGS AND CONCLUSIONS
    • RECOMMENDATIONS
      • Advocacy of Analyses and Public Disclosure of Results
        • Minimizing Potential Harms
      • Advocacy of Data Release
        • Promoting Wide Applications of Health-related Data
        • Requiring Recipients to Protect Data Privacy and Confidentiality
        • Using Valid Analytic Techniques
      • Related Issues
        • Privacy Protections for Person-identifiable Data
        • Constrained Staff Capabilities
        • Obligations to Correct Analyses or Retract Information
    • STRENGTHENING QUALITY ASSURANCE AND QUALITY IMPROVEMENT PROGRAMS
      • Data Feedback
      • Quality Assurance and Quality Improvement
      • Privileging
      • Peer Review Information
      • Public Disclosure and Feedback
    • SUMMARY
    • APPENDIX 3A
      • Actual Numbers, Computed Values, and Risk Adjustment
      • Certainty, Probability, and Correct Inferences
      • The Educational Content of Public Information Dissemination
  • 4 Confidentiality and Privacy of Personal Data
    • HISTORICAL PERSPECTIVES AND GENERAL OBSERVATIONS ON DISCLOSURE OF INFORMATION
    • SOURCES OF CONCERNS ABOUT PRIVACY AND THE CONFIDENTIALITY OF HEALTH RECORDS
      • Health Care Records
      • Electronic Records
    • DEFINITIONS
      • Privacy
        • Informational Privacy
        • Recordkeeping Privacy
      • Privacy Rights
        • Balancing Benefits of HDOs Against Loss of Informational Privacy
        • Federal and State Privacy Protection
      • Confidentiality
        • Confidentiality Obligations in Health Care
        • Disclosure of Health Information
        • Weaknesses of Legal Protection for Confidentiality
      • Security
      • Health-Related Information
    • EXPANDED DEFINITIONS
    • HARM FROM DISCLOSURE AND REDISCLOSURE OF HEALTH RECORD INFORMATION
      • "Common" Disclosures
        • Inadvertent Release
        • ''Routine" Releases or Uses in Accordance with Prevailing Practices
        • Rerelease to Third Parties Without the Subject's Knowledge or Consent (Secondary Use)
      • Covert Acquisition and Use of Data for Illegal or Unethical Purposes
      • Release of Inaccurate Data
    • PRIVACY INTERESTS AND HDOS
      • Foreseen and Unforeseen Circumstances
      • A National Identification System or Dossier
      • Personal Identifiers and the Social Security Number
        • An Ideal Personal Identifier
      • Issues Relating to the SSN
      • SSN Uses for Other Than Medical Payments
        • Shortfalls of the SSN as an Identifier
      • Confidentiality of Research Uses of HDO Databases
    • RELEVANCE OF EXISTING LAWS TO HDOS
      • Laws Governing Insurance Support Organizations
      • Laws Governing Consumer Reporting Agencies
      • HDOs as Governmental Entities: General Confidentiality Protections in Public Law
        • Constitutional Law
        • Legislative Charter
        • Freedom of Information Acts
        • Fair Information Practices
    • OPTIONS FOR PROTECTING PRIVACY AND CONFIDENTIALITY OF HEALTH-RELATED DATA IN HDOS
      • Uniform Legislation
        • Federal Preemptive Legislation
        • Uniform State Legislation
      • Options for Consent and Participation Rights
        • HDO Access to Data
        • Other Consent and Participation Rights
      • Disclosure Options
        • Disclosure-Oriented Options (Weak Options)
        • Confidentiality-Oriented Options (Strong Options)
      • Governance Options as an Approach to Privacy Protections
        • State-Based Systems
        • Private-Sector Systems
        • Mixed Governance Systems
      • Other Administrative Options to Protect Privacy and Confidentiality
    • COMMITTEE RECOMMENDATIONS
      • Overview and General Principles
      • Preemptive Legislation
        • Arguments for Federal Legislation
        • Attaching Privacy Protection to Data
        • Uniform Requirements
        • Specific Elements of Federal Legislation
        • Exemption from Compulsory Reporting and Compulsory Process
      • Data Protection Units
        • Establishing a Data Protection Board
        • Developing Administrative Policies and Procedures
        • Overseeing Data Integrity
      • Release of Person-identified Data
        • Policies Relating to Access and Disclosure
        • Consent
        • Release of Person-identified Data
        • The Standing of Other HDOs
        • The Standing of Persons, Parents, and Legal Representatives
        • The Special Standing of Research
        • Special Patient Care Considerations
        • Prohibition on Access to Person-identifiable Data
        • Implications of Recommendations Denying Access
      • Employer Access
      • Universal Person Identifiers
    • COMMENT
      • The New Privacy
    • SUMMARY
  • References
  • Appendixes
    • A Fact-Finding for the Committee on Regional Health Data Networks
    • PARTICIPANTS AND GUESTS AT COMMITTEE MEETINGS
      • Expert Presentations and Briefings
      • Invited Guests and Observers
      • Institute of Medicine Staff
    • SITE VISITS
      • Memphis, Tennessee: July 26-28, 1992
      • Cleveland, Ohio: August 2-4, 1992
      • Des Moines, Iowa: August 26-28, 1992
      • Seattle, Washington: September 9-11, 1992
      • Rochester and Albany, New York: September 21-23, 1992
        • Albany
        • Rochester
      • Basic Findings of Site Visits
    • B Committee on Regional Health DataNetworks Biographical Sketches
  • Glossary
  • Acronyms
  • Index

Subjects

SUBSCRIBE TO OUR NEWSLETTER

By subscribing, you accept our Privacy Policy