and institutions. In addition, the Americans with Disabilities Act (ADA) was intended to safeguard certain kinds of employee medical information and protect employees with disabilities from discrimination, but the scope and interpretation of the law are not yet clearly defined. Although the law restricts employer access to information from preemployment physical examinations and certain other sources, it is silent about employer access to the much greater volume and sensitivity of information that is generated from employee health insurance programs.8 Another IOM committee has recommended that the protections of the ADA be extended to this latter information (IOM, 1993b).

Private organizations may also establish policies to protect the privacy of personal medical information. The JCAHO, for example, includes privacy protections in its accreditation standards for health care institutions. The American Medical Association has set forth ethical standards that may "take on the force of law when they are expressly incorporated, or implied in, physician licensure laws" (AMA, 1995, p.3).


Centuries ago, the Hippocratic Oath required that physicians keep silent what they learn about people, "counting such things to be as sacred secrets" (cited in IOM, 1994b, p. 148). The expectation of such secrecy has become increasingly fragile as physicians' control over information has diminished and as more and more individuals have claimed access to personal medical information for people with whom they have no personal connection and for whom they lack professional responsibility. Contemporary threats to informational privacy arise from several interrelated developments, including the computer-based patient record, the creation of large databases, new


As employers have seen their costs for employee health benefits escalate over the last two decades, they have developed a variety of utilization review and cost management tools that depend on access to detailed medical information about employees. Some employers rely on third parties to collect and analyze this information, but others are much more actively involved in processing or reviewing employee medical information (IOM, 1993b). They have also been active in the creation of regional databases that aggregate individual medical information from many sources (IOM, 1994b).

The National Academies of Sciences, Engineering, and Medicine
500 Fifth St. N.W. | Washington, D.C. 20001

Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement