Protecting Patient Privacy: Strategies for Regulating Electronic Health Records Exchange

The report offers policymakers 10 recommendations to protect patient privacy as New York state develops a centralized system for sharing electronic medical records. Those recommendations include:Require that the electronic systems employed by HIEs have the capability to sort and segregate medical information in order to comply with guaranteed privacy protections of New York and federal law. Presently, they do not.Offer patients the right to opt-out of the system altogether. Currently, people's records can be uploaded to the system without their consent.Require that patient consent forms offer clear information-sharing options. The forms should give patients three options: to opt-in and allow providers access to their electronic medical records, to opt-out except in the event of a medical emergency, or to opt-out altogether.Prohibit and sanction the misuse of medical information. New York must protect patients from potential bad actors--that small minority of providers who may abuse information out of fear, prejudice or malice.Prohibit the health information-sharing networks from selling data. The State Legislature should pass legislation prohibiting the networks from selling patients' private health information

Privacy In The Smart Grid: An Information Flow Analysis

Project Final Report prepared for CIEE and California Energy Commissio

An Examination of Privacy Policies of US Government Senate Websites.

US Government websites are rapidly increasing the services they offer, but users express concerns about their personal privacy protection. To earn user's trust, these sites must show that personal data is protected, and the sites contain explicit privacy policies. This research studied privacy policy protection of 50 US Senate sites and found that few had comprehensive elements of privacy policies and a general lack of protection of personal data that could be obtain from the website. The study reviewed which specific privacy elements are most often mishandled, as well as suggestions for improving an overall online privacy practice

Internet Privacy and Self-Regulation: Lessons from the Porn Wars

The availability and adequacy of technical remedies ought to play a crucial role in evaluating the propriety of state action with regard to both the inhibition of Internet pornography and the promotion of Internet privacy. Legislation that would have restricted Internet speech considered indecent or harmful to minors has already faced and failed that test. Several prominent organizations dedicated to preserving civil liberties argued successfully that self-help technologies offered less-restrictive means of achieving the purported ends of such legislation, rendering it unconstitutional. Surprisingly, those same organizations have of late joined the call for subjecting another kind of speech--speech by commercial entities about Internet users--to political regulation. With regard to privacy no less than pornography, however, self-help offers Internet users a less-restrictive means of preventing the alleged harms of free speech than does state action. Indeed, a review of privacy-protecting technologies shows them to work even more effectively than the filtering and blocking software used to combat online smut. Digital self-help in defense of Internet privacy makes regulation by state authorities not only constitutionally suspect but, from the more general point of view of policy, functionally inferior

Privacy and Health Information Technology

The increased use of health information technology (health IT) is a common element of nearly every health reform proposal because it has the potential to decrease costs, improve health outcomes, coordinate care, and improve public health. However, it raises concerns about security and privacy of medical information. This paper examines some of the “gaps” in privacy protections that arise out of the current federal health privacy standard, the Health Insurance Portability and Accountability (HIPAA) Privacy Rule, the main federal law which governs the use and disclosure of health information. Additionally, it puts forth a range of possible solutions, accompanied by arguments for and against each. The solutions provide some options for strengthening the current legal framework of privacy protections in order to build public trust in health IT and facilitate its use for health reform. The American Recovery and Reinvestment Act (ARRA) enacted in February 2009 includes a number of changes to HIPAA and its regulations, and those changes are clearly noted among the list of solutions (and ARRA is indicated in the Executive Summary and paper where the Act has a relevant provision)

Legal Solutions in Health Reform: Privacy and Health Information Technology

Identifies gaps in the federal health privacy standard and proposes options for strengthening the legal framework for privacy protections in order to build public trust in health information technology. Presents arguments for and against each option

Libraries, Electronic Resources, and Privacy: The Case for Positive Intellectual Freedom

Public and research libraries have long provided resources in electronic formats, and the tension between providing electronic resources and patron privacy is widely recognized. But assessing trade-offs between privacy and access to electronic resources remains difficult. One reason is a conceptual problem regarding intellectual freedom. Traditionally, the LIS literature has plausibly understood privacy as a facet of intellectual freedom. However, while certain types of electronic resource use may diminish patron privacy, thereby diminishing intellectual freedom, the opportunities created by such resources also appear liberty-enhancing. Adjudicating between privacy loss and enhanced opportunities on intellectual freedom grounds must therefore provide an account of intellectual freedom capable of addressing both privacy and opportunity. I will argue that intellectual freedom is a form of positive freedom, where a person’s freedom is a function of the quality of her agency. Using this view as the lodestar, I articulate several principles for assessing adoption of electronic resources and privacy protections