Standards for Privacy of Individually Identifiable Health Information. Final Privacy Rule Preamble.. Notes

12/28/2000

2. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, p. 298-299.

3. Health Privacy Working Group, "Best Principles for Health Privacy," Health Privacy Project, Institute for Health Care Research and Policy, Georgetown University, July 1999.

4. National Committee on Quality Assurance and the Joint Commission on Accreditation of Healthcare Organizations, "Protecting Personal Health Information: A Framework for Meeting the Challenges in a Managed Care Environment,"1998, p. 25.

5. ASTM, "Standard Guide for Confidentiality, Privacy, Access and Data Security, Principles for Health Information Including Computer-Based Patient Records," E 1869-97, § 11.1.1.

6. Definition of Disease Management, October 1999, from web site of Disease Management Association of America (http://www.dmaa.org/definition.html) accessed May 21, 2000.

Other references used for our analysis include:

Mary C. Gurnee, et al, Constructing Disease Management Programs, Managed Care, June 1997, accessed at http://managedcaremag.com, 5/19/2000

Peter Wehrwein, Disease Management Gains a Degree of Respectability, Managed Care, August 1997, accessed at http://www.managedcaremag.com, 5/18/00

John M. Harris, Jr., Disease management: New Wine in Old Bottles, 124 Annals of Internal Medicine 838 (1996)

Robert S. Epstein and Louis M. Sherwood, From Outcomes research to disease management: A Guide for the Perplexed, 124 Annals of Internal Medicine 832 (1996)

Anne Mason et al, Disease management, the Pharmaceutical Industry and the NHS, Office of Health Economics (United Kingdom), accessed at http://www.ohe.org, 5/19/2000

Thomas Bodenheimer, Disease Management -- Promises and Pitfalls, 340 New Eng. J. Med, April 15, 1999, accessed at http://www.nejm.org, 4/20/99

Bernard Lo and Ann Alpers, Uses and Abuses of Prescription Drug information in pharmacy benefits Management Programs, 283 JAMA 801 (2000)

Robert F. DeBusk, Correspondence, Disease Management, and Regina E. Herzlinger, Correspondence, Disease Management, 341 New Eng. J. Med, Sept 2, 1999, accessed 9/2/99

Letter, John A. Gans, American Pharmaceutical Association, to Health Care Financing Administration, Reference HCFA-3002-P, April 12, 1999, accessed at http://www.aphanet.org, 1/18/2000

Ronald M. Davis, et al, Editorial, Advances in Managing Chronic Disease, 320 BMJ 525 (2000), accessed at http://www.bmj.com, 2/25/00

Thomas Bodenheimer, Education and Debate, disease management in the American Market, 320 BMJ 563 (2000), accessed at http://www.bmj.com, 2/25/2000

David J. Hunter, Disease management: Has it a future?, 320 BMJ 530 (2000), accessed http://www.bmj.com 2/25/2000

Trisha Greenhalgh, Commercial partnerships in chronic disease management: proceeding with caution, 320 BMJ 566 (2000).

Edmund X. DeJesus, Disease management in a Warehouse, Healthcare Informatics, September 1999, accessed at http://www.healthcare-informatics.com, 5/19/00

Regulation, 42 CFR 422.112, Medicare+Choice Program, subpart C, Benefits and Beneficiary Protections, sec. 422.112, Access to Services

Arnold Chen, Best Practices in Coordinated Care, Submitted by Mathematica Policy Research, Inc., to Health Care Financing Administration, March 22, 2000.

7. Confidentiality in Adolescent Health Care, a joint policy statement of the American Academy of Pediatrics; the American Academy of Family Physicians; the American College of Obstetricians and Gynecologists; NAACOG-The Organization for Obstetric, Gynecologic, and Neonatal Nurses; and the National Medical Association.

8. J. Merz, P. Sankar, S.S. Yoo, "Hospital Consent for Disclosure of Medical Records," Journal of Law, Medicine & Ethics, 26 (1998): 241-248.

9. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, p. 306.

10. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, pp. 215-217.

11. Health Privacy Working Group, "Best Principles for Health Privacy," Health Privacy Project, Institute for Health Care Research and Policy, Georgetown University, July 1999, p. 19.

12. AMA Council on Ethical and Judicial Affairs, "Opinion E-5.05: Confidentiality," Issued December 1983, Updated June 1994.

13. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, p. 196-197.

14. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, p. 315

15. ASTM, "Standard Guide for Confidentiality, Privacy, Access and Data Security, Principles for Health Information Including Computer-Based Patient Records," E 1869-97, § 12.1.4.

16. Confidentiality and Data Access Committee, Federal Committee on Statistical Methodology, Office of Management and Budget.

17. Sweeney, L. Guaranteeing Anonymity when Sharing Medical Data, the Datafly System. Masys, D., Ed. Proceedings, American Medical Informatics Association, Nashville, TN: Hanley & Belfus, Inc., 1997:51-55.

18. The U.S. Census Bureau's Recommendations Concerning the Census 2000 Public Use Microdata Sample (PUMS) Files [http://www.ipums.org/~census2000/2000pums_bureau.pdf], Population Division, U.S. Census Bureau, November 3, 2000.

19. Figures derived from U.S. Census data on 1990 Decennial Census of Population and Housing, Summary Tape File 3B (STF3B). These data are available to the public (for a fee) at http://www.census.gov/mp/www/rom/msrom6af.html.

20. Statistical Policy Working Paper 22 - Report on Statistical Disclosure Limitation Methodology (http://www.fcsm.gov/working-papers/wp22.html) (prepared by the Subcommittee on Disclosure Limitation Methodology, Federal Committee on Statistical Methodology, Office of Management and Budget).

21. The Geographic Component of Disclosure Risk for Microdata. Brian Greenberg and Laura Voshell. Bureau of the Census Statistical Research Division Report: Census/SRD/RR-90-13, October, 1990.

22. A Simulation Study of the Identifiability of Survey Respondents when their Community of Residence is Known. John Horm, National Center for Health Statistics, 2000.

23. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, p. 313.

24. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, p. 192.

25. Health Privacy Working Group, "Best Principles for Health Privacy," Health Privacy Project, Institute for Health Care Research and Policy, Georgetown University, July 1999, p. 19.

26. National Committee on Quality Assurance, "Surveyor Guidelines for the Accreditation of MCOs,"effective July 1, 2000 - June 30, 2001, p. 324.

27. ASTM, "Standard Guide for Confidentiality, Privacy, Access and Data Security, Principles for Health Information Including Computer-Based Patient Records," E 1869-97, § 9.2.

28. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, p. 300-303.

29. Health Privacy Working Group, "Best Principles for Health Privacy," Health Privacy Project, Institute for Health Care Research and Policy, Georgetown University, July 1999.

30. National Committee on Quality Assurance and the Joint Commission on Accreditation of Healthcare Organizations, "Protecting Personal Health Information: A Framework for Meeting the Challenges in a Managed Care Environment,"1998, p. 25.

31. ASTM, "Standard Guide for Confidentiality, Privacy, Access and Data Security, Principles for Health Information Including Computer-Based Patient Records," E 1869-97, § 11.1.1.

32. Privacy Protection Study Commission, "Personal Privacy in an Information Society," July 1977, p. 306-307.