• HDOs could not release any information in personally identifiable form from an HDO database to third parties without a specific authorization, either signed or given electronically by the person in question.
  • HDOs could opt never to release person-identifiable information even with subject consent, or to release information in a customized format that blocked parts of a subject's record, depending upon the user and use for which it was requested.22
  • HDOs could refuse to provide person-identifiable information to third parties that intended or could use the information to make decisions about an individual's access to particular benefits (standard processing of health insurance claims would be an exception to this policy).
  • HDOs could require users to sign "confidentiality agreements." These agreements would obligate users to safeguard information obtained from the HDO and use it only for the purpose for which it was provided. Violations of the agreement would give the HDO (and perhaps record subjects) a claim of either breach of contract or of confidentiality (or both) against the offending user.
  • They would adopt a policy of refusing to comply with voluntary requests for access from law enforcement or regulatory agencies.
  • In legal matters, HDOs could resist compliance with subpoenas or other forms of compulsory process, assert all available privileges, and notify record subjects of an access request so that they could contest production. (The Uniform Act noted earlier takes a similar approach with respect to compulsory process.)

Governance Options as an Approach to Privacy Protections

Issues relating to the structure and governance of an HDO will be critical to both the substance and the appearance of privacy protection and, therefore, to the HDO's political acceptability. In this context, the principal question will be the extent of government involvement in the operation of the HDOs. In the absence of federal preemptive legislation, state legislation might include a number of options. Although the laws in this section are all state oriented, if federal preemptive legislation is enacted, it would set confidentiality standards for HDOs and possibly preempt state statutes.


Even if HDOs chose never to release person-identified or -identifiable data, and notwithstanding that the record subject had authorized release, HDOs would still be obliged to provide the person directly with a copy of his or her record. Nothing would stop that individual from personally delivering a copy of the record to a third-party requestor.

The National Academies of Sciences, Engineering, and Medicine
500 Fifth St. N.W. | Washington, D.C. 20001

Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement