Minimizing Disclosure Risk in HHS Open Data Initiatives. A. Key Legislation


Several key pieces of federal legislation govern the types of personal information that government and other organizations, such as health providers and educational institutions, can disclose about individual citizens or consumers. Most privacy laws focus on an individual’s rights over the privacy of personal information—including ability to access and correct information—and the circumstances under which an organization may disclose information, with or without consent from the individual. This summary provides an overview of the acts that created the foundation for U.S. privacy law as it relates to data held by the federal government. We discuss the Privacy Act of 1974, the Computer Matching and Privacy Protection Act of 1988, the Health Insurance Portability and Accountability Act (HIPAA) of 1996, the Confidential Information Protection and Statistical Efficiency Act (CIPSEA) of 2002, and the Health Information Technology for Economic and Clinical Health Act (HITECH Act) of 2009.

View full report


"rpt_Disclosure.pdf" (pdf, 1.01Mb)

Note: Documents in PDF format require the Adobe Acrobat Reader®. If you experience problems with PDF documents, please download the latest version of the Reader®