TABLE 2.1 Existing Federal and State Protections for Health Information

Mechanism

Purpose

Limitations

FEDERAL PROTECTIONS Privacy Act of 1974

 

 

 

Requires federal agencies to publicly disclose the existence of government record systems; allows individuals the right to access information about themselves and to copy, correct, or amend records kept by the government; limits the purposes for which the federal government can collect or disclose information without consent.

Applies only to record-keeping systems operated by federal agencies or their contractors.

Freedom of Information Act of 1966

Allows individuals open access to federal agency records, except for those with specific exemptions.

Does not specifically address disclosure of information held by federal agencies.

Americans with Disabilities Act

Prevents public and private organizations from discriminating against individuals because of a disability.

Applies only to those conditions specifically defined as disabilities, not to all health information.

United States Code, Sections 290dd-3 and 290ee-30

Establish special rules of confidentiality for records of patients who seek treatment for drug or alcohol abuse at federally funded facilities.

Limited in scope to information about drug and alcohol abuse; apply only to federally funded facilities.

Medicare Conditions of Participation

Requires hospitals to have a procedure for ensuring the confidentiality of patient records and allows information to be released only to authorized individuals.

Does not address security mechanisms or evaluate practices.

Constitutional law

Interpreted as protecting the privacy of information about individuals.

Lower courts have not strongly enforced this interpretation.



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement