Public concern about the privacy of health data is a critical issue -- especially in an era of computerized medical records and Internet communications -- and state public health officials strongly support a nationally uniform framework that would protect the privacy of individuals while permitting critical analytic uses of health data. Without such a framework, some state governments may protect privacy through policies that prevent data linkage, hampering the development of logically integrated public health information systems. In states without sufficient or clear laws regarding privacy, health care providers and consumers may be reluctant to provide identifiable information for state-wide databases.
Since about 50 percent of the U.S. population lives near a state border, the development of reasonably comprehensive state public health information systems often requires exchange of data across one or more states. Variations in state protections of health data may preclude data sharing across state lines or involve unacceptable risks to the privacy of data that are transmitted. At the very least, the absence of nationally uniform policies to protect the privacy of individually-identifiable health information requires time-consuming, state-by-state negotiations in order to reach agreements that permit integration of data, as well as efforts to reassure the public that their data will receive reasonable protection. The absence of generally accepted "best practices" for preserving the privacy and security of health data in automated, networked systems or for linking and anonymizing health data in secure environments complicates these processes.