Confidentiality of Electronic Health Data: Methods for Protecting Personally Identifiable Information. Health

07/03/1996

American College of Healthcare Executives. Ethical policy statement. Medical records confidentiality. Healthc Exec 1994 May-Jun;9(3):43.

American Medical Association, Council on Ethical and Judicial Affairs. Current opinions of the Council on Ethical and Judicial Affairs. Chicago: The Association; 1992. Section 7.00, Opinions on physician records; p. 32-3.

American Medical Association, Council on Ethical and Judicial Affairs. Current opinions of the Council on Ethical and Judicial Affairs. Chicago: The Association; 1992. Sections 5.05-5.09, Confidentiality; p. 25-8.

Anderson RJ. Security in clinical information systems [monograph online]. Cambridge (UK): University of Cambridge Computer Laboratory; 1996 Jan 12. Available from: World Wide Web, http://www.cl.cam.ac.uk/users/rja14/policy11/policy11.html. Prepared for the British Medical Association.

Barber B, Jensen OA, Lamberts H, Roger-France F, De Schouwer P, Z"llner H. The six safety first principles of health information systems: A programme of implementation: part 1 safety and security. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 296-301. (Studies in health technology and informatics; vol. 1).

Barber B, Treacher A, Louwerse CP, editors. Towards security in medical telematics: legal and technical aspects. Washington: IOS Press; 1996. 252 p. (Studies in technology and informatics; vol. 27).

Bengtsson S, Solheim BG. Enforcement of data protection, privacy and security in medical informatics. In: Lun KC, Degoulet P, Piemme TE, Rienhoff O, editors. MEDINFO 92. Proceedings of the 7th World Congress on Medical Informatics; 1992 Sep 6-10; Geneva, Switzerland. Vol. 2. Amsterdam: North-Holland; 1992. p. 1561- 5.

Blair JS. Overview of standards related to the emerging health care information infrastructure. Schaumburg (IL): The Computer-based Patient Record Institute; 1995 Jan. Reprinted by the Computer-based Patient Record Institute with permission of CRC Press.

Brandt MD. Issue: disclosure of health information. A position statement. Chicago: American Health Information Management Association; 1993 Dec. 2 p.

Brandt MD. Issue: disclosure of health information relating to alcohol and drug abuse. A position statement. Chicago: American Health Information Management Association; 1993 Dec. 1 p.

Brandt MD. Issue: facsimile transmission of health information. A position statement. Chicago: American Health Information Management Association; 1994 May. 3 p.

Brandt MD. Issue: managing health information relating to infection with the human immunodeficiency virus (HIV). A position statement. Chicago: American Health Information Management Association; 1994 Feb. 2 p.

Brandt MD. Issue: patient cards. A position statement. Chicago: American Health Information Management Association; 1993 Nov. 2 p.

Brandt MD. Issue: protecting patient information after a closure. A position statement. Chicago: American Health Information Management Association; 1994 Apr. 4 p.

Brandt MD. Issue: physician signatures on attestations. A position statement. Chicago: American Health Information Management Association; 1993 Nov. 1 p.

Brandt MD. Issue: redisclosure of health information. A position statement. Chicago: American Health Information Management Association; 1993 Dec. 1 p.

Brandt MD. Issue: retention of health information. A position statement. Chicago: American Health Information Management Association; 1994 Mar. 2 p.

Brandt MD. Maintenance, disclosure, and redisclosure of health information. Chicago: American Health Information Mangement Association; 1993. 23 p.

Canadian Medical Association. The medical record: confidentiality, access and disclosure. [CMA policy summary]. Can Med Assoc J 1992 Dec 15;147(12):1860A-1860B. (Eng, Fre).

Christensen JP, Villasante J. Data protection and confidentiality in health care informatics. In: Noothoven van Goor J, Christensen JP, editors. Advances in medical informatics: results of the AIM Exploratory Action. Washington: IOS Press; 1992. p. 387-92. (Studies in health technology and informatics; vol. 2).

Computer-based Patient Record Institute (CPRI). Guidelines for establishing information security policies at organizations using computer-based patient record systems. Schaumburg (IL): The Institute; 1995. Prepared by the CPRI Work Group on Confidentiality, Privacy, and Security, 1995 Feb.

Computer-based Patient Record Institute (CPRI). Position paper: access to patient data. Schaumburg (IL): The Institute; 1994 Apr 15.

Computer-based Patient Record Institute (CPRI). Position paper: authentication in a computer-based patient record. Schaumburg (IL): The Institute; 1993 Aug 11.

Conference of Medical Royal Colleges and Their Faculties in the United Kingdom. Interim guidelines on confidentiality and medical audit. BMJ 1991 Dec 14;303(6816):1525.

Conference of Medical Royal Colleges and Their Faculties in the United Kingdom, Audit Working Group. Access to medical records for the purposes of medical audit. [Statement]. BMJ 1993 Apr 3;306(6882):896-7.

Council on Competitiveness. Highway to health: transforming U.S. health care in the information age. Washington: The Council; 1996 Mar. Chapter 4, Integration of health information systems; p. 40-60.

Data confidentiality--could this policy work for you? QRC Advis 1993 May;9(7):7-8.

De Schouwer P, Barber B, Jensen OA, Lamberts H, Roger-France F, Z"llner H. The six safety first principles of health information systems: A programme of implementation: Part 2 the environment, convenience and legal issues. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 302-07. (Studies in health technology and informatics; vol. 1).

Feasibility of ensuring confidentiality and security of computer-based patient records. Council on Scientific Affairs, American Medical Association. Arch Fam Med 1993 May;2(5):556-60.

Feste L. Issue: confidentiality of the computer-based patient record. A position statement. Chicago: American Health Information Management Association; 1992 Jul. 2 p.

Feste LK. Issue: patient access to personal health information. A position statement. Chicago: American Health Information Management Association; 1992 Mar. 2 p.

Guideline No. 4. Security of data held in computer systems. Institute of Health Record Information and Management. IHRIM 1995 Feb;36(1 Suppl):1-2.

Health care information: collection and privacy [microfiche]: Hearing Before the Senate Comm. on Governmental Affairs, 103rd Cong., 2d Sess. (May 6, 1994). Washington: U.S. Government Printing Office; 1995. 125 p. Available from: US GPO, Washington; Y 4.G 74/9:S.HRG. 103-100.

Joint Commission on Accreditation of Healthcare Organizations. 1996 accreditation manual for hospitals. Vol.1, Standards. Chicago: The Commission; 1996. Section 2, Management of information; p. 171-90.

Mayo Clinic Foundation, Information Security Subcommittee. Data security policies and standards. Unpublished internal document dated September 1994.

Metzger JB, Stevens JM, Schwartz JE, Nelson R. Implications of the JCAHO information management initiative for information systems. Healthc Inf Manage 1994 Spring;8(2):23-30.

National Healthcare Billing Audit Guidelines, adopted March 13, 1992. AHIMA, AHA, Association of Healthcare Internal Auditors, Blue Cross and Blue Shield Association, HFMA, and HIAA. J AHIMA 1992 Jun;63(6):105-9.

Pitman SC. Standards in the medical transcription service industry. J Am Health Inf Manag Assoc 1992;63(7):75- 7.

Position statement: Confidentiality of the computer-based patient record. American Health Information Management Association. J AHIMA 1992 Sep;63(9):125-6.

Sommerville A. Confidentiality and medical records. In: British Medical Association, Ethics Science and Information Division. Medical ethics today: its practice and philosophy. London: BMJ Publishing Group; 1993. p. 36-68, 339-40.

Tiemann S. The individual, society and the protection of personal data. In: Commission of the European Communities DG XIII/F AIM. Data protection and confidentiality in health informatics: handling health data in Europe in the future. Washington: IOS Press; 1991. p. 62-4. (Studies in health technology and informatics; vol. 1).

United States, Congress, Office of Technology Assessment. Genetic monitoring and screening in the workplace. Washington: U.S. Government Printing Office; 1990 Oct. Report No.: OTA-BA-455. 262 p.

Users and uses of patient records. Report of the Council on Scientific Affairs. Council on Scientific Affairs, American Medical Association. Arch Fam Med 1993 Jun;2(6):678-81.

Wanerus P, Brandt MD. Issue: Managing health information in facility mergers and acquisitions. A position statement. Chicago: American Health Information Management Association; 1994 Apr. 4 p.

Wogan MJ. Issue: HCFA's uniform clinical data set (UCDS). A position statement. Chicago: American Health Information Management Association; 1991 Nov. 2 p.

Work Group on Computerization of Patient Records. Toward a national health information infrastructure: report of the Work Group on Computerization of Patient Records to the Secretary of the U.S. Department of Health and Human Services. [Washington: Department of Health and Human Services (US)]; 1993 Apr.

Workgroup for Electronic Data Interchange (WEDI). The new Workgroup for Electronic Interchange, summary report, April 1995. [place unknown]: The Workgroup; 1995?

Workgroup on Electronic Data Interchange (WEDI). Report, October 1993. [place unknown]: The Workgroup; 1993?

Workgroup for Electronic Data Interchange (WEDI). Report to Secretary of U.S. Department of Health and Human Services, July 1992. [place unknown]: The Workgroup; 1992?