摘要:Protecting public health requires the acquisition, use, and storage of extensive health-related information about individuals. The electronic accumulation and exchange of personal data promises significant public health benefits but also threatens individual privacy; breaches of privacy can lead to individual discrimination in employment, insurance, and government programs. Individuals concerned about privacy invasions may avoid clinical or public health tests, treatments, or research. Although individual privacy protections are critical, comprehensive federal privacy protections do not adequately protect public health data, and existing state privacy laws are inconsistent and fragmented. The Model State Public Health Privacy Act provides strong privacy safeguards for public health data while preserving the ability of state and local public health departments to act for the common good. ASSESSING POPULATIONAL health is a core function of state and local public health departments that requires the acquisition, use, and storage of health-related information about individuals. 1 , 2 National, regional, and statewide governmental public health systems collect vast amounts of public health data regarding communicable (e.g., sexually transmitted diseases [STDs], HIV, tuberculosis), genetic (e.g., newborn metabolic conditions, birth defects), behavioral (e.g., use of drugs, alcohol, and tobacco), and environmental (e.g., pediatric blood lead levels) diseases, conditions, and risks to reduce morbidity and excess mortality. 3 The accumulation and exchange of these personal data within an increasingly automated public health information infrastructure promises significant public health benefits. Well-planned surveillance helps to identify health problems, target interventions, and influence funding decisions. 4 Health information databases facilitate existing and future epidemiologic investigations and research studies. These essential public health functions rely on the quality and reliability of identifiable health information (i.e., any healthrelated information that reveals, or could reveal under certain circumstances, the identity of the individual who is the subject of the information). 5 As increasing amounts of identifiable health data are gathered, stored, and exchanged, 6 personal privacy is threatened. Many Americans distrust government agencies 7 and believe that the collection of personal data without their explicit permission is morally wrong. 8 If public health authorities disclose intimate information, individuals may suffer embarrassment, stigma, and discrimination in employment, insurance, and government programs. 3 , 9 Persons who fear invasions of privacy may avoid clinical tests and treatments, withdraw from research, or provide inaccurate or incomplete health information. 10 Congress has unsuccessfully pursued comprehensive health information privacy legislation, 11 but the Department of Health and Human Services recently issued final regulations pursuant to the Health Insurance Portability and Accountability Act of 1996. 12 However, these federal initiatives do not regulate government collection of state public health information. Since public health is quintessentially a state function, federal privacy rules defer to state public health law under principles of federalism. Although state public health agencies have an excellent track record of safeguarding public health data, extant state laws concerning public health information privacy are inconsistent, fragmented, and inadequate. 2 These laws differ significantly in the degree of privacy protection afforded, give varying rights to access identifiable data, and allow multiple exceptions to disclosure prohibitions outside public health agencies. 2 Some states' laws declare that public health records are private, but they are silent about the degree of protection of privacy. Laws often fail to narrowly define who may have access to such data and to require persons to demonstrate why they need access. Statutes often lack specificity about when disclosures may be made, permissively allow disclosures to persons or for purposes that are inconsistent with those of public health (e.g., disclosure in legal settings through court orders or subpoenas), or fail to address secondary disclosures of information beyond those used to justify the original collection. In some states, disclosure provisions are too strict, interfering with legitimate public health exchanges of identifiable data among in-state and out-of-state public health agencies. Current law and policy often fail to reconcile individual privacy interests with collective public health interests in identifiable health data. Civil libertarians and consumers see informational privacy as a fundamental right and stress the importance of stronger legal safeguards. Public health professionals, on the other hand, strongly assert the need to use data to achieve important public health purposes. To reconcile these 2 divergent approaches, the Georgetown/Johns Hopkins Program on Law and Public Health convened a multidisciplinary team of privacy, public health, and legislative experts to propose a model public health information privacy statute. 13 The Model Act would provide, for the first time, strong and consistent privacy safeguards for public health data, while still preserving the ability of state and local health departments to act for the common good. The Centers for Disease Control and Prevention recommends that states consider adopting the model legislation to “strengthen the current level of protection of public health data.” 14 In this commentary, we explain the Model Act and the principles that underlie its protections.
