Privacy and Health Research


[Click here to download a zipped WordPerfect 5.1 version of this report]

Privacy and Health Research

A Report to the U.S. Secretary of Health and Human Services

May 1997

HHS Logo


William W. Lowrance, Ph.D.
Consultant in Health Policy
18A, Quai du Seujet
CH-1201 Geneva
+41 22 738-4243 telephone
+41 22 738-4288 telefax
Division of Data Policy
Office of Program Systems
Office of the Assistant Secretary for Planning and Evaluation
U.S. Department of Health and Human Services
200 Independence Avenue, SW
Washington, DC 20201



Executive Summary

1. Coupled Societal Goods: Privacy and Research

  • Current legislative attention
  • Heightened public concern
  • Privacy, confidentiality, security
  • Privacy and confidentiality in health care
  • Privacy and confidentiality in health research
  • Potential harms from wrongful disclosure
  • Some ancillary privacy-rights claims
  • Weighing privacy against research need

2. Health Data and Data Holders

  • "Data" vocabulary
  • The universe of health data
  • Especially-sensitive data
  • The diversity of data holders
  • Databases useful for research
  • The international flow of data

3. Data from Research, Research on Data

  • Research to advance basic biomedical science
  • Research to know patterns of health, disease, and disability
  • Research to reduce public-health threats
  • Research to understand utilization of health care
  • Research to evaluate and improve practices
  • Research to make effective innovations
  • Research to analyze economic factors
  • Research to appraise markets

4. Identifiability, Consent, and Protections

  • Identifiable---key-coded---anonymized
  • Anonymized data
  • Reasons for retaining identifiability
  • Managing key-coded data
  • U.S. subjects-protection policy
  • Data-subject consent
  • Institutional Review Board supervision

5. New Laws in Europe

  • The European Union Data Privacy Directive
  • Legal revisions in some European countries
  • New Council of Europe Recommendation on Protection of Medical Data
  • Dialogue between the U.S. and Europe

6. The U.S. Legal Context

  • Standard protections
  • Certificates of Confidentiality
  • The Federal Privacy Act
  • Federal agencies' statutes
  • State laws and activities
  • The new insurance law
  • Proposed new medical privacy laws

7. Major Current Issue Clusters

  • Secondary use of data, and data linking
  • Research on private-sector health data
  • Cybersecurity
  • Genetic privacy

8. Principles

Appendix: The Author, and ASPE


Comments/suggestions about the HHS Data Council web pages should be directed to the Data Council Web Master.

"" Return to the Data Council home page .

Last updated 7/23/97.