The Health Insurance Portability and Accountability Act (HIPAA), enforced by the Office for Civil Rights since 1996, establishes national standards for protecting the privacy of individuals' identifiable health records and medical information. These measures distinguish between the primary and secondary purposes of individuals' health records and are especially concerned with protecting patient privacy when health records are utilized for any secondary purpose.
Contents of Health Records
Health records contain individual medical information including personal identifying information, contact information, past treatments, check-up and health test results, chronic illnesses, history of family illnesses, medical allergies, prescribed medications, and relevant lifestyle information.
The primary purpose of the health record refers to the the purposes for which the information was collected to begin with. Such purposes typically include the provision of adequate and appropriate medical care requested by the patient or deemed necessary for the patient based on the record's contents. These records are necessary on this primary level in order to keep track of important clinical information that any future medical professional may find useful in encounters with the same patient.
Secondary purposes of patients' health records refer to any purpose beyond the primary purpose, including consensual or lawful use of the information to investigate unlawful activity, for the prevention or decrease of individual or public health threats or for public health or safety research or statistical analysis. Efforts are also underway in the United States, the United Kingdom and Australia to increase the quality and consistency of medical records for more effective use in regard to public health research efforts. Such research would boost the quality of these countries' medical services and overall public health including areas of genetic impacts, disease risk factors, possible interventions, drug side effects, drug safety surveillance, treatment effectiveness, decreased mortality rates, institutional performance tracking and clinical efficiency.
Health Information Privacy Protection
In 2000, the HIPAA Privacy Rule emerged to specify nationwide standards for the protection of personal health information in general.
In 2003, the HIPAA Security Rule finalized nationwide standards for securing individuals' electronically stored health information, recognizing that electronic storage could increase the vulnerability of such confidential documents.
In 2009, as organizations, researchers and practitioners began to comprehend the value that expanding allowed usage of medical information for research could have for public health and medical advancements, the Patient Safety Rule emerged as well to further ensure the confidentiality of any individually identifiable information associated with medical records used for such research.
- Audiological Society of Australia: NEHTA Privacy Blueprint for the Electronic Health Record (page 15)
- NHS Choices: Health Records, Overview
- Center for Disease Control and Prevention: HIPAA Privacy Rule and Public Health
- Deloitte: Secondary Uses of Electronic Health Record (EHR) Data in Life Sciences (pages 4-5)
- U.S. Department of Health & Human Services: Health Information Privacy, The Security Rule
- U.S. Department of Health & Human Services: Health Information Privacy, The Privacy Rule
- Photo Credit Jupiterimages/Photos.com/Getty Images
Importance of Medical Documentation
Proper and adequate medical documentation is essential for quality of medical care and health care services throughout the industry, from receiving proper...
Primary vs. Secondary Aging
There are two types of aging: primary and secondary. There is not much you can do to avoid primary aging but you...
Primary, Secondary & Tertiary Disease Prevention
Preventative medicine is geared toward preventing existing diseases in people instead of searching for the overall cure. The methods used to prevent...