NRPM: Standards for Privacy of Individually Identifiable Health Information. a. Importance of public health and need for protected health information.


Public health authorities are responsible for promoting health and quality of life by preventing and controlling disease, injury, and disability. Inherent in the collection of information for public health activities is a balancing of individual versus communal interests. While the individual has an interest in maintaining the privacy of his or her health information, public health authorities have an interest in the overall health and well- being of the entire population of their jurisdictions. To accomplish this, public health authorities engage in a number of activities, including: traditional public health surveillance; investigations and interventions with respect to communicable diseases; registries (such as immunization or cancer registries); programs to combat diseases that involve contacting infected persons and providing treatment; and actions to prevent transmission of serious communicable diseases.

Public health activities also include regulatory investigations and interventions such as pre-market review of medical products, and evaluations of the risk-benefit profile of a drug or medical product before and after approval (relying on critical epidemiological techniques and resources such as HMO claims databases and medical records). Public health agencies use the results of analyses to make important labeling changes and take other actions, such as the removal of non-compliant products from the market.

We considered requiring individual authorization for certain public health disclosures, but rejected this approach because many important public health activities would not be possible if individual authorization were required. In the case of contagious diseases, for example, if individual authorization were required before individually identifiable identifiable information could be provided to public health workers, many other people who may be harboring contagious diseases may be missed by efforts to halt the spread of disease because they failed to provide the appropriate individual authorization. Their failure to authorize could place the general population at risk for contracting an infectious disease. Furthermore, always requiring individual authorization to disclose protected health information to public health authorities would be impractical due to the number of reports and the variety of sources from which they are made. If individuals were permitted to opt out from having their information included in these public health systems, the number of persons with a particular condition would be undercounted. Furthermore, the persons who did authorize the inclusion of their information in the system might not be representative of all persons with the disease or condition.

We also considered limiting certain public health disclosures to de-identified health information. However, identifiable information could be required in order to track trends in a disease over time, and to assess the safety of medical treatments. While de-identified information could be appropriate for many public health activities, there are also many public health activities that require individual identifiers. We decided not to attempt to define specific public health activities for which only de-identified information could be disclosed, in part because public health data collection requirements would be better addressed in public health laws, and in part to reflect the variation in information technologies available to public health authorities. Instead, we rely on the judgment of public health authorities as to what information would be necessary for a public health activity. See discussion in section II.C.2.