Privacy is a deeply felt but elusive concept. Everyone is sensitive to having his privacy violated. The concepts of "personal matters" and "intimate knowledge" are familiar, as is the notion that individuals live in a "private sphere" over which they are to be granted autonomy. The right to private life was proclaimed in the Universal Declaration
The public are rightly concerned about the erosion of privacy of information about health, for at least the following reasons taken together.
Several important legislative events are focusing attention on the issues.
At issue right now—as health care is rapidly becoming industrialized, collectivized, and computerized—is to what extent society will preserve the cherished tradition of patient–healthcare provider confidentiality with its many implications, and the related relationships of trust with those who perform health research. Also at issue is whet
Versions of an omnibus "Medical Records Confidentiality Act" are being considered by the U.S. Congress, as is a "Genetic Confidentiality and Discrimination Act." Some States are revising their medical-privacy laws covering information on mental health, HIV–AIDS status, or genetics. All of these will have implications for research.
In October 1995 the European Union (E.U.) adopted a "Directive on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of Such Data." By October 1998 all fifteen E.U. Member States must bring their national laws into congruence with the Directive. In February 1997 the Council of Europe adopted a "
Personally identifiable health-research data are exchanged internationally every day, by governments, pharmaceutical firms, and others, and this will inevitably increase. Data on Americans are transferred, and American-based institutions do much transferring. Uniform international standards for protecting privacy, confidentiality, and security urg
The Report identifies many problem areas. The following are four large groups of issues that, while not entirely new, are growing rapidly in scale and complexity, and must urgently be attended to: Secondary uses of data, and data linking Research on private-sector health data Cybersecurity Genetic privacy. Issue cluster: Secondary res
The following principles are recommended for organizations that conduct, sponsor, or regulate health research involving personally identifiable data. They can be transposed into professional guidelines, standard operating principles, regulations, or laws. Criteria and procedures should be established that are specific to the context.
The Federal Common Rule and other laws and regulations require many protections for human subjects of research. The main social instruments are informed consent of the data- subject, and Institutional Review Board (IRB) supervision. Both of these mechanisms have served society well. But both now need to be renewed.
From a privacy-protection perspective, there is a very wide distinction between personally identifiable data and truly anonymized data . But in practice the demarcation between these extremes is not sharp. Attending assiduously to where particular data lie on the spectrum between them, and especially to data that are somewhere in the middle,
Contemporary health research is generating a multitude of benefits for humankind, and the future benefits look at least as promising. As the above heading indicates, health research generates new data by observation and experiment, but also—in part because its questions are of such an "applied," practical nature—it often proceeds by analyzing
New approaches are being taken in providing health care, which is posing new research questions and changing the setting with which much research is conducted. Much more research now is being performed on data from private-sector managed-care organizations, for instance. Also, new approaches are being taken in research, such as elaborate compute
This Report examines how society can best pursue two very important goods simultaneously: Protect individuals' privacy; and at the same time, preserve justified research access to personal health data, to gain health benefits for society.
In September 1996 the U.S. Secretary of Health and Human Services, Dr. Donna E. Shalala, requested this study as background for policy decisions that her Department and American society, along with their counterparts in other countries, urgently must confront. The study was conducted by Dr. William W. Lowrance, an external consultant, who for ad
[Click here to download a zipped WordPerfect 5.1 version of this report] A Report to the U.S. Secretary of Health and Human Services OFFICE OF THE ASSISTANT SECRETARY FOR PLANNING AND EVALUATION
Directive 95/ /EC of the European Parliament and of the Council of the European Union. Chapter II. General Rules on the Lawfulness of the Processing of Personal Data
Article 5 Member States shall, within the limits of the provisions of this Chapter, determine more precisely the conditions under which the processing of personal data is lawful. SECTION 1 PRINCIPLES RELATING TO DATA QUALITY Article 6 1. Member States shall provide that personal data must be: (a) processed fairly and lawfully;
Directive 95/ /EC of the European Parliament and of the Council of the European Union. Chapter I. General Provisions
Article 1 Object of the Directive In accordance with this Directive, Member States shall protect the fundamental rights and freedoms of natural persons, and in particular their right to privacy, with respect to the processing of personal data. Member States shall neither restrict nor prohibit the free flow of personal data between Membe
European Union Restreint ECO 291 CODEC 92 Common Position (EC) No /95 Adopted by the Council on 20 February 1995 With a View to Adopting Directive 94/ /EC of the European Parliament and of the Council on the Protection of Individuals With Regard to the Processing of Personal Data And on the Free Movement of Such Data On the