Health Privacy

Health Privacy

Health information technology (“health IT”) has tremendous potential to improve health care quality and reduce costs while empowering patients to play a greater role in the management of their own care.  At the same time, however, electronic storage and exchange of personal health information poses risks to privacy.  Unaddressed, privacy concerns can stand in the way of realizing the benefits of health IT, for neither patients nor providers will make full use of a system they do not trust.  

In March 2008, CDT launched a major initiative to address the complex privacy issues associated with the growing use of health IT.  Drawing on CDT’s credibility in technology and policy and our leadership as privacy advocates, our Health Privacy Project is bringing the voice of a pragmatic expert to the health privacy conversation.  CDT’s Health Privacy Project takes on key policy questions, including: the proper role of notice and consent, the right of patients to access their own health records, identification and authentication, secondary uses, and enforcement mechanisms.   It addresses both the traditional exchange of records among health plans and providers, as well as new consumer access services and personal health records.

 
 

Follow the latest CDT news with Press Releases, Events, and where we've been featured around the Internet.

Name Issues Date
Deven McGraw will speak at at the Healthcare Stimulus Exchange National Road Show 2010
Event: Deven McGraw will speak at at the Healthcare Stimulus Exchange National Road Show 2010 on Privacy...
2/10/2010
Deven McGraw will be speaking on "Addressing Privacy Policies in health Information Exchange Initiatives"
Event: Deven McGraw will be speaking on "Addressing Privacy Policies in health Information Exchange...
2/4/2010
Deven McGraw will be speaking on "What are the Concerns of Privacy Advocates and How to Respond"
Event: Deven McGraw will be speaking on "What are the Concerns of Privacy Advocates and How to...
2/3/2010
Sheel Pandya will be speaking at the Internet Data Privacy Colloquium held by the Dialogue on Diversity
Event: Sheel Pandya will be speaking at the Internet Data Privacy Colloquium held by the Dialogue on...
1/27/2010
Deven McGraw will be speaking on Privacy Protections for Patient-Empowered Care
Event: Deven McGraw will be speaking on Privacy Protections for Patient-Empowered Care at a forum...
1/20/2010

Policy Posts deliver in-depth analysis of current issues affecting the Internet. These documents are a leading resource for policy makers, the press, industry representatives, students, and others interested in legal and policy issues affecting the Internet.

Name Issues Date
Stronger Protections for, and Encouraging the Use of, De-Identified (and "Anonymized") Health Data 1) The Importance of De-Identified Health Data 2) De-Identification, Limited Data Set Requirements... De-Identified Data 6/26/2009
Personal Health Records Need a Comprehensive and Consistent Privacy and Security Framework Personal health records (PHRs) - records that are managed, controlled, and shared by individuals... Personal Health Records 6/9/2009
Improvements and Challenges in Health Privacy Law The economic stimulus bill signed by President Obama on February 17 included provisions making... HITECH/ARRA Implementation 3/27/2009
Privacy and Security Principles for Health Information Technology CDT believes there is a need to adopt a comprehensive privacy and security framework for protection... Privacy Framework 6/24/2008
CDT Offers Metrics for Evaluating DRM The Center for Democracy and Technology (CDT) has issued a paper outlining specific questions that... 9/29/2006

Find all our latest testimony, papers, and other reports here.

Name Author Issues Date
CDT Notes Areas of Concern in Comments to HHS on Breach Notification Rules
Comment: CDT's Health Privacy Project, along with The Markle Foundation, submitted comments Oct. 23 that...
Deven McGraw HITECH/ARRA Implementation 10/23/2009
Encouraging the Use of, and Rethinking Protections for De-Identified (and "Anonymized") Health Data
Paper: This paper advocates for stronger standards for de-identification of health data. Patient data...
Deven McGraw De-Identified Data 6/25/2009
CDT Comments to Notice and Draft Description of Health Information Technology Extension Program
Comment: CDT filed comments with the Department of Health and Human Services (HHS) regarding the proper role...
Deven McGraw HITECH/ARRA Implementation 6/11/2009
Testimony of Deven McGraw before the NCVHS
Testimony: Testimony of Deven McGraw, Director, Health Privacy Project Center for Democracy & Technology...
Deven McGraw Personal Health Records 6/9/2009
CDT Joint Comments on FTC Health Data Breach Notification Rulemaking
Comment: CDT, together with the Markle Foundation and others, filed comments with the Federal Trade...
Deven McGraw HITECH/ARRA Implementation 6/1/2009

Featured Blog Posts

  On Tuesday, The Office of the National Coordinator (ONC) for Health IT, within the U.S. Dept. of Health and Human Services (HHS), announced plans to reorganize its office by creating five new offices under ONC, including the Office of the... Continued »
CDT’s Sheel Pandya, Policy Counsel for the Health Privacy Project wrote a guest blog post on American Constitution Society’s blog discussing a comprehensive privacy and security framework as the key to health IT’s success. The... Continued »
Last month, we blogged about how Humana (and maybe some other health plans) sent warnings through letters to its Medicare beneficiaries that they could lose their health care benefits and services due to health care reform legislation pending in... Continued »
On October 1st, the Office of Civil Rights (OCR) within the Department of Health and Human Services (HHS) issued a Proposed Rule with respect to the Genetic Information Nondiscrimination Act (GINA), a federal law passed in May 2008 that protects... Continued »