0
October 20, 1999, Vol 282, No. 15 >
Health Law and Ethics | October 20, 1999

Legal Issues Concerning Electronic Health Information: Title and subTitle BreakPrivacy, Quality, and Liability

James G. Hodge, Jr, JD, LLM; Lawrence O. Gostin, JD; Peter D. Jacobson, JD, MPH
JAMA. 1999;282(15):1466-1471. doi:10.1001/jama.282.15.1466
Text Size: A A A
Published online
Article
References
Health Law and Ethics Section Editors: Lawrence O. Gostin, JD, the Georgetown/Johns Hopkins University Program in Law and Public Health, Washington, DC, and Baltimore, Md; Helene M. Cole, MD, Contributing Editor, JAMA .

Personally identifiable health information about individuals and general medical information is increasingly available in electronic form in health databases and through online networks. The proliferation of electronic data within the modern health information infrastructure presents significant benefits for medical providers and patients, including enhanced patient autonomy, improved clinical treatment, advances in health research and public health surveillance, and modern security techniques. However, it also presents new legal challenges in 3 interconnected areas: privacy of identifiable health information, reliability and quality of health data, and tort-based liability. Protecting health information privacy (by giving individuals control over health data without severely restricting warranted communal uses) directly improves the quality and reliability of health data (by encouraging individual uses of health services and communal uses of data), which diminishes tort-based liabilities (by reducing instances of medical malpractice or privacy invasions through improvements in the delivery of health care services resulting in part from better quality and reliability of clinical and research data). Following an analysis of the interconnectivity of these 3 areas and discussing existing and proposed health information privacy laws, recommendations for legal reform concerning health information privacy are presented. These include (1) recognizing identifiable health information as highly sensitive, (2) providing privacy safeguards based on fair information practices, (3) empowering patients with information and rights to consent to disclosure (4) limiting disclosures of health data absent consent, (5) incorporating industry-wide security protections, (6) establishing a national data protection authority, and (7) providing a national minimal level of privacy protections.

Computer technology is transforming the ways in which health information is acquired, used, disclosed, and stored in the modern health care system. Fundamental changes in the organization, delivery, and financing of national health care services through managed care and integrated delivery plans require sophisticated health information systems that facilitate information sharing.1 - 2 Increasingly, individual patient medical records are stored in electronic databases by government and private medical providers. Automated technologies may someday enable patient medical records to be recorded longitudinally from birth to death and accessed widely in a national health care information infrastructure.3 E-mail correspondence is increasingly a viable communication link between patients and physicians.4

Public, online networks including MEDLINE, the Internet, and the World Wide Web allow health consumers and physicians to quickly and relatively inexpensively access a wealth of medical information, reports, articles, and research about conditions,5 treatments,6 and providers.7 Expanding communications technology has transformed the practice of telemedicine from its origins of transmitting clinical advice over the telegraph.8 - 9

Many advantages exist to the systemic collection and use of electronic health data. Better data allow consumers to make more informed decisions about health plans, providers, diagnoses, products, and treatments. Clinical care is improved through faster and more accurate diagnoses,10 increased checks on medical procedures,11 prevention of adverse drug events,12 instantaneous research of medical conditions, and the dissemination of expert medical information to areas traditionally underserved. Medical research on the causes of disease and injuries and health services research concerning the quality and cost-effectiveness of health care services are improved through increased access to (and more accurate) information. Public health surveillance of morbidity and mortality across populations is facilitated.13 - 14 Electronic security tools including personal access codes, encryption programs,15 and audit trails16 can more efficiently monitor health care fraud and abuse3 and protect data from unauthorized use and disclosures.

Along with these benefits, however, come significant legal challenges. The computerization of health data challenges traditional legal protections of patients and providers concerning the use and disclosure of health information in 3 key areas: (1) privacy of individually identifiable health information, (2) quality and reliability of information, and (3) tort-based liability. In this article we examine these 3 areas precisely because of a definable relationship we observe among them. We assert that protecting health information privacy (by providing individuals some control concerning their health data without severely restricting warranted use of the data) directly improves the quality and reliability of health data (by encouraging individuals to fully use health services and allowing communal uses of the data for societal goods), which diminishes tort-based liabilities (by reducing the opportunities for medical malpractice or invasions of individual privacy, improving the quality and reliability of health research data, and ultimately improving the quality of clinical care and medical products in the marketplace).

To illustrate this hypothesis, we discuss select applications of computer-based technologies in the medical setting, including e-mail and telemedicine, in the context of a brief review of existing and proposed health information privacy laws at the federal and state levels. We further analyze the interconnectivity of individual privacy with the quality and reliability of health data as well as the legal and regulatory structures designed to protect individual consumers and practitioners in the health care marketplace. We conclude with several recommendations for legal reform, focusing on protecting the privacy and quality of health data.

Principal among the legal challenges presented by the computerization of health data information is how to protect individual privacy interests in personally identifiable health information. Health data about individuals are among the most sensitive types of personal information.17 Protecting the confidentiality of personally identifiable health data is critical. Insufficient protections can lead to unauthorized use and disclosures of data,18 subjecting individuals to possible embarrassment, social stigma, and discrimination.19 Modern computer applications in the health care system threaten individual privacy despite offering significant benefits to patients and practitioners. Computerized databases of personally identifiable information may be accessed, changed, viewed, copied, used, disclosed, or deleted more easily and by more people (authorized and unauthorized) than paper-based records. With little more than basic information about a person, detailed medical profiles of individuals can be quickly assembled by private or commercial actors20 - 21 through online networks, Internet chat boards, and retrieval services.22 Additional issues of privacy and technology are illustrated below in 2 prominent examples: e-mail as a means of patient-physician communication and the practice of telemedicine.

E-mail correspondence among patients and physicians, both solicited and unsolicited,23 has increased dramatically in recent years.24 E-mail can be an effective communication tool25 that (1) circulates information efficiently, (2) enables thoughtful exchanges of medical information, (3) allows authorized receivers to save messages electronically or in paper form, and (4) can be linked to educational Web sites and other media.26 - 27

Yet, e-mail use also poses privacy and security concerns. Unsecured e-mail can be intercepted by others in route. Anyone with access to a physician's e-mail account can access, alter, and respond to e-mail with the illusion of authority. Technical complications may prevent the transmittal of important e-mail information. These and other considerations have led organizations like the American Medical Informatics Association to develop guidelines for the use of patient-physician e-mail that reflect privacy values including (1) obtaining patient informed consent before using e-mail for direct correspondence, (2) explaining and using security mechanisms, (3) prohibiting the forwarding of patient e-mail without express authorization, (4) informing patients about those having access to their messages and whether their messages will become part of their medical records, (5) responding to messages responsibly, and (6) avoiding references to third parties.24

Physician-patient e-mail is one electronic tool used in telemedicine. Telemedicine uses communications technology to deliver health care information and services between medical providers and patients separated by geographic boundaries.28 Telemedicine improves clinical care to traditionally underserved populations (such as patients in rural areas), broadens access to specialty care and advanced technology, and facilitates clinical encounters and educational activities between physicians and patients.29 It also increases opportunities for invasions of privacy by dispersing health data through interceptable telecommunications, thus magnifying the risks of breaching patient-physician confidentiality.28 As with e-mail transmissions, similar recommendations for privacy and security protections through cryptography or message authentication have been proposed concerning telemedical practices.30

Adequate legal protection of personally identifiable health data is necessary to facilitate the transmission of electronic data through e-mail, telemedicine, and other applications. Existing legal safeguards in the United States, however, are inadequate. Privacy protection is fragmented and inconsistent with major gaps in coverage.17 There is no comprehensive, national legislative, or regulatory standard concerning how privacy interests in identifiable health information are protected, secured, or verified. Rather, a patchwork of federal and state laws and judicial theories prescribe narrow privacy protections for selected types of individual health information or information held by certain entities.
Existing Federal Privacy Law

Informational privacy is protected by the Constitution and federal legislation, although such protections are limited.31 - 32 Constitutional protections of health information privacy are restricted to governmental activities, and thus do not extend to the private sector where vast health information is exchanged.33 Even where applicable, constitutional safeguards are nominal. Courts allow states wide latitude in protecting the public health34 and view government purposes of clinical care, quality assurance, cost-containment, or research underlying data collection, use, or disclosure as substantial, if not compelling. As long as the government is attentive to privacy and security concerns, it is likely to prevail under the deferential constitutional approach adopted by the judiciary.35

Federal statutes and regulations provide limited contextual protection of health information privacy. The Privacy Act of 1974,36 which regulates the transmission of government-held health data,3 and the Freedom of Information Act,37 which excludes certain medical files from its disclosure requirements,3 only protect federal government records, not private-sector health data. Federal agencies retain substantial administrative discretion to disclose data without individual consent. Courts can require disclosures in the interests of justice. The Americans With Disabilities Act requires employers to maintain separate files for health questionnaires and medical examinations of applicants and employees.38 Provisions of the Public Health Service Act require federally assisted facilities to protect drug and alcohol treatment records39 and allow for the execution of certificates of confidentiality to protect research data.3 ,40 Medicare Conditions of Participation require participating hospitals to ensure the confidentiality of patient records.41 Regulations concerning human subject research42 address record confidentiality to a limited degree.3

State Privacy Law

State safeguards of health information privacy are often incomplete or inadequate.13 While some states (eg, Maine, Montana, Washington, California, Maryland, Rhode Island) have passed or are considering comprehensive health information statutes, most state privacy statutes are restricted to government-held data. These piecemeal statutes may (1) be silent about the degree of privacy protection afforded or allow access to so many groups as to provide no meaningful protections; (2) fail to address secondary uses of information (ie, disclosure of data by others for purposes beyond those used to justify the original collection); (3) grant data holders broad and unreviewable discretion to disclose data; (4) fail to protect health data from public disclosure through subpoena or court order; and (5) have weak or nonexistent penalties for unauthorized disclosures, even by government health officials.

In contrast, some states enact "super-confidentiality" statutes for certain diseases (eg, human immunodeficiency virus and/or acquired immunodeficiency syndrome or mental illness) or certain kinds of health data (eg, genetic test results).43 - 44 Making exceptions of certain conditions to the exclusion of others without clear physiological, epidemiological, psychological, or social differences is unjust and administratively problematic. Health data cannot always be neatly separated in an electronic health record as these statutes suggest. Furthermore, such laws may significantly impede justifiable transfers of data across state lines.
Proposed Federal Privacy Law

Comprehensive federal health information legislation (or administrative regulations) pursuant to the Health Insurance Portability and Accountability Act45 (HIPAA) may soon provide greater legal protections. Although this law required Congress to enact comprehensive legislation to protect electronic health data by August 21, 1999, Congress has failed to do so. As a result, regulations developed by the Department of Health and Human Services will take effect on February 21, 2000 (assuming HIPAA is not amended).46 (Given the 6-month delay before regulations of the Department of Health and Human Services take effect, Congress essentially has until February 2000 to legislatively respond to HIPAA's prior mandate).

The Department of Health and Human Services has previously sent Congress recommendations for legislation to protect health information,47 which set forth the following 5 key principles: (1) boundaries: health care information should be disclosed for health purposes only, with limited exceptions; (2) security: health information should not be distributed without patient authorization absent a clear basis and those who receive such information must safeguard it; (3) consumer control: persons are entitled to access and amend their health records and to be informed of the purposes for which it is used or disclosed; (4) accountability: those who improperly handle health information should be criminally punished and subject to civil recourse; and (5) public responsibility: individual privacy interests must not override national priorities of public health, medical research, preventing health care fraud, and law enforcement in general.46

Congress has recently debated 3 HIPAA health information privacy bills,48 - 50 as well as a banking privacy bill that includes health information privacy provisions relating to insurance companies.51 The latter legislation would automatically be repealed upon enactment of a HIPAA bill.52 Each of the HIPAA bills follows a predictable pattern that seeks to protect personally identifiable health-related information (ie, protected health information) by guaranteeing individual rights of access, copying, amendment, and knowledge of disclosures. Broad prohibitions on uses and disclosures are set forth only to be diluted by disclosure exceptions for which individual consent may not be required. These include disclosures (1) to a patient's next of kin, (2) to health oversight agencies, (3) for public health purposes, (4) to identify a deceased individual, (5) in cases of medical emergencies, (6) for health research, (7) pursuant to a civil or criminal subpoena, and (8) to facilitate electronic payment transactions. They also include the controversial allowance for disclosures to law enforcement agencies. At least 1 bill allows such disclosures provided ". . . the law enforcement official complies with the Fourth Amendment to the Constitution."53 The Fourth Amendment upholds privacy to a degree by protecting individuals from unreasonable searches by government, absent probable cause. The other bills merely spell out the constitutional requirements, conditioning such disclosures on the showing of a subpoena, warrant, or court order, or the existence of a separate federal or state law authorizing the disclosure.54 - 55

Federal preemption of state and local law is another highly controversial aspect of potential Congressional action.56 Broad federal preemption would override all existing and future state privacy laws. Floor preemption would provide a basic level of national uniformity without preempting all state privacy laws.57 Only state laws that provide less protection than federal privacy standards would be preempted. State laws that are more protective would survive.

The quality and reliability of personal medical information are related to protecting the privacy of personally identifiable data in 3 ways. First, fair information practices, including the right to access and amend medical records, may lead to better quality data by allowing individuals and encouraging data holders to amend erroneous information.35 Second, privacy assurances between physicians and patients enhances the trusting relationship between patients and physicians, thus contributing to the free exchange of health information. Patients who lack trust in their providers may fail to disclose their medical conditions, provide false information to protect their confidentiality, or simply avoid care altogether.58 Such distortions lower the quality and reliability of national health data. Finally, national standards for data protection may encourage greater sharing of data. When physicians and others rely on accepted principles governing disclosures of health information, responsible circulation of health data should follow.

Quality and reliability issues also arise from the proliferation of consumer-oriented medical information available through technological media sources.59 Government, academic institutions, medical product/drug manufacturers and retailers, health insurers, private practitioners, and consumers post medical information on user-friendly Web pages that are accessed by millions of Americans.60 The quality of such medical information, particularly for answering clinical questions,61 is highly suspect.62 Health data, especially commercial data, are not adequately monitored for quality.63 Neither the Federal Trade Commission, which regulates false or deceptive commercial information,64 - 65 nor the Federal Food and Drug Administration, which regulates medical information about drugs and medical products,66 can aggressively monitor the quality of all commercial health data over the Internet. Government attempts to stifle nondefamatory information over the Internet may violate free speech protections,67 although regulations protecting consumer health and safety may be upheld. Without adequate government oversight, effective self-regulation of the quality of medical information is needed.68

Privacy and quality issues concerning the computerization of health data pervade tort-based liability. Unwarranted disclosures of personal medical information by physicians or their agents have traditionally resulted in tortious or contractual claims of invasion of privacy,69 breach of confidentiality,70 or implied statutory violations under state law.71 - 72 Disclosures of information through computer media like e-mail or across the Internet would result in potential liability, although assessing responsibility can be problematic. Tracing electronic disclosures to a responsible party is difficult without adequate security trails, especially once the private information is published on the Web or other mass media.

While few cases have discussed the duty of physicians to use medical information available on the Internet or through online services like MEDLINE,73 - 74 it is conceivable that a physician may be liable for failing to enhance his/her knowledge or skills by accessing easily obtained medical information or using software that provides clinical reminders.75 - 76 Assuming the procedural issue of jurisdiction over a telemedical procedure can be determined,77 is a physician liable for malpractice for transmitting or receiving an inaccurate telemedical opinion? Several substantive issues arise: (1) when has a physician-patient relationship arisen in a telemedicine encounter?78 Telemedicine practitioners may be viewed similarly to on-call specialists where the patient-physician relationship is often implied79 and liability attaches if the specialist is negligent80 ; (2) how should errors of omission (failure by the treating physician to use telemedicine when needed) and errors of commission (failure to use the technology properly) be resolved? and (3) who is responsible for the reliability of the technology itself?

Health-related computer technology requires a weighing of competing interests toward devising effective policies to protect the public. Technological improvements genuinely threaten the privacy of personally identifiable health data. As a result, the quality and reliability of personal health information, as well as medical information generally, are suspect. Traditional tort-based theories of liability, as applied to uses of computer technology, may leave health consumers and practitioners improperly protected. Conversely, innovative computerized systems and databases have greatly contributed to improvements in health care, public health, and medical science. The privacy, quality, and reliability of medical information can actually be enhanced through such systems. Physician negligence can be averted through computerized oversight systems.

We understand these competing interests and suggest that medical practitioners and consumers increasingly use computer technologies only if sufficient legal protections are met. Given the connection between protecting individual privacy, improving the quality and reliability of health data, and diminishing tort-based liability, legal reform must fundamentally focus on protecting individual privacy. We recommend that Congress fulfill its prior mandate pursuant to HIPAA and pass comprehensive federal legislation to protect the privacy interests of patients in their medical information. Recent legislative proposals on Capitol Hill fall short on needed protections.

Effective legislation must (1) recognize the unique status of identifiable health information. Identifiable health data must be uniformly viewed as highly sensitive information, not merely as a commercial or research commodity. Health information that cannot be identified with an individual (also known as nonidentifiable data) does not invoke strong privacy interests (at least among individuals) and should not be subject to individual privacy protections; (2) provide privacy safeguards based on fair information practices. Fundamental privacy protections must allow individuals the right to review and amend their health data. Secretive data systems should be prohibited. Individual data may be collected and used only for important health purposes; (3) empower patients with information and rights to consent. Patients are entitled to know about and consent to the collection and use of identifiable information, the time length that information will be stored, when it will be expunged, and the degree to which others may have access. Data should be acquired, used, disclosed, and stored consistent with the information provided to, and the consent of, patients without thwarting legitimate, communal uses of such data. Effective criminal and civil actions should follow breaches of privacy; (4) limit the disclosure of health data. Pursuant to the least-intrusive disclosure principle, health data must be disclosed in a form that is narrow in content, least identifiable, minimally sensitive, and to the fewest number of persons as reasonably necessary to achieve the stated purpose; (5) incorporate industrywide security protections. Technical and organizational policies and procedures (eg, encryption, user authentication, access controls, audit trails, and recovery of leaked data) must be improved, employed, and shared throughout the industry1 ; (6) establish a data protection and security board. Though politically difficult, the creation of a federal data protection and security board, similar to European models, may complement the national privacy and security framework. The board could set and monitor privacy and security standards consistent with health care practice and research17 ; and (7) provide a minimal level of national privacy protections. A minimal level of basic coverage for all identifiable health information, regardless of its form, location, user, or holder, should be created without preempting more substantial protections for certain health data.

Protecting health data beyond this standard floor may regretfully lead to new waves of inconsistent privacy protections and contribute to health data exceptionalism. However, the impetus for a national health information privacy law is the existing legal statutory and judicial framework that leaves some data virtually unprotected to the detriment of individual privacy interests. This dilemma can only be corrected through national legislation. Additional federal or state privacy protections are justified to address health information issues that may be truly unique to certain populations or areas.

Thus, while we discourage differing standards of privacy protections for similar health data, we support a national floor of health data protections that covers all health data and can be supplemented where warranted. Provided that consumers trust that the privacy of their health data is maintained through legal protections, we suggest that the quality and reliability of health data will be advanced. Statutorily defined civil remedies for inappropriate disclosures of confidential information will significantly clarify existing causes of action for breach of privacy based in tort. Furthermore, better health care information may potentially limit malpractice liability through better clinical care resulting from improved medical research, enhanced channels of communication, and greater information sharing.
1 +
National Research Council, Committee on Maintaining Privacy and Security in Health Care Applications for the National Information Infrastructure.  For the Record: Protecting Electronic Health Information. Washington, DC: National Academy Press; 1997.
2 +
Gostin LO. Personal privacy in the health care system: employer-sponsored insurance, managed care, and integrated delivery systems.  Kennedy Inst Ethics J.1997;7:361-376.
3 +
Gostin LO. Health information privacy.  Cornell Law Rev.1995;80:451-528.
4 +
Fein EB. For many physicians, e-mail is the high-tech house call.  New York Times.November 20, 1997:A1, A18.
5 +
Fisher M. The doctor is out.  Washington Post Magazine.July 19, 1998:8-12, 21-24.
6 +
Hayes KA, Lehmann CU. The interactive patient: a multimedia interactive educational tool on the World Wide Web.  MD Comput.1996;13:330-334.
7 +
Boodman SG. What can you find out about your doctor.  Washington Post.June 8, 1999:H12.
8 +
Mitka M. Developing countries find telemedicine forges links to more care and research.  JAMA.1998;280:1295-1296.
9 +
Nenov V, Klopp J. Remote analysis of physiological data from neurosurgical ICU patients.  J Am Med Inform Assoc.1996;3:318-327.
10 +
Hunt DL, Haynes RB, Hanna SE, Smith K. Effects of computer-based clinical decision support systems on physician performance and patient outcomes: a systematic review.  JAMA.1998;280:1339-1346.
11 +
Bates DW, Leape LL, Cullen DJ.  et al.  Effect of computerized physician order entry and a team intervention on prevention of serious medication errors.  JAMA.1998;280:1311-1316.
12 +
Raschke RA, Gollihare B, Wunderlich TA.  et al.  A computer alert system to prevent injury from adverse drug events: development and evaluation in a community teaching hospital.  JAMA.1998;280:1317-1320.
13 +
Gostin L, Lazzarini Z, Neslund V, Osterholm M. The public health information infrastructure.  JAMA.1996;275:1921-1927.
14 +
Flahault A, Dias-Ferrao V, Chaberty P, Esteves K, Valleron A-J, Lavanchy D. FluNet as a tool for global monitoring of influenza on the Web.  JAMA.1998;280:1330-1332.
15 +
Corcoran E. Breakthrough possible in battle over encryption technology.  Washington Post.July 12, 1998:A8.
16 +
National Research Council.  Computers at Risk: Safe Computing in the Information Age. Washington, DC: National Academy Press; 1990.
17 +
Gostin L. Health care information and the protection of personal privacy: ethical and legal considerations.  Ann Intern Med.1997;127:683-690.
18 +
Beauchamp TL, Childress JF. Principles of Biomedical Ethics. 4th ed. New York, NY: Oxford University Press; 1994.
19 +
Gostin LO, Hodge JG. The "names debate": the case for national HIV reporting in the United States.  Albany Law Rev.1998;61:679-743.
20 +
Chandrasekaran R. Governments find information pays.  Washington Post.March 9, 1998:A1, A12.
21 +
O'Harrow R. Drug plans keep tabs on patients' medication.  Washington Post.September 27, 1998:A1, A26.
22 +
O'Harrow R. Data firms getting too personal?  Washington Post.March 8, 1998:A1, A18, A19.
23 +
Eysenbach G, Diepgen TL. Responses to unsolicited patient e-mail requests for medical advice on the World Wide Web.  JAMA.1998;280:1333-1335.
24 +
Kane B, Sands DZ. Guidelines for the clinical use of electronic mail with patients.  J Am Med Inform Assoc.1998;5:104-111.
25 +
Neill RA, Mainous A, Clark JR, Hagen MD. The utility of electronic mail as a medium for patient-physician communication.  Arch Fam Med.1994;3:268-271.
26 +
Nelson R, Stewart P. Use of electronic mail as a clinical tool.  J Health Care Inform Manage Soc.1996;8:33-36.
27 +
Borowitz SM, Wyatt JC. The origin, content, and workload of e-mail consultations.  JAMA.1998;280:1321-1324.
28 +
Bashshur RL. On the definition and evaluation of telemedicine.  Telemed J.1995;1:19-30.
29 +
Sanders JH, Bashshur RL. Perspectives: challenges to the implementation of telemedicine.  Telemed J.1995;1:115-123.
30 +
Spielberg AR. On call and online.  JAMA.1998;280:1353-1359.
31 +
Schwartz PM, Reidenberg JE. Data Privacy Law: A Study of United States Data Protection. Charlottesville, Va: Michie Law Publishers; 1996.
32 +
Schwartz PM. The protection of privacy in health care reform.  Vanderbilt Law Rev.1995;48:310-365.
33 +
Not Available.  Whalen v Roe , 429 US 589 (1977).
34 +
Hodge JG. Implementing modern public health goals: an examination of new federalism and public health law.  J Contemp Health Law Policy.1998;14:93-126.
35 +
Gostin LO, Hadley J. Health services research: public benefits, personal privacy, and proprietary interests.  Ann Intern Med.1998;129:833-836.
36 +
Not Available.  Privacy Act of 1974, 5 USC §552(b)(1-3), (6) (1996).
37 +
Not Available.  Freedom of Information Act of 1966, 5 USC §552 (1995).
38 +
Not Available.  Americans With Disabilities Act, 42 USC §12112(d)(3)(B) (1997).
39 +
Not Available.  Public Health Service Act, 42 USC §290(dd)-2 (1997).
40 +
Not Available.  Public Health Service Act, 42 USC §241(d) (1997).
41 +
Not Available.  Not Available  56 Federal Register28003 (1991) (codified at CFR §482.24(b)(3)).
42 +
Not Available.  Federal Policy for the Protection of Human Subjects, 45 CFR §§46.101-46.404 (1996).
43 +
Rothenberg KH. Genetic information and health insurance: state legislative approaches.  J Law Med Ethics.1995;23:312-319.
44 +
Gostin LO. Genetic privacy.  J Law Med Ethics.1995;23:320-330.
45 +
Not Available.  Not Available Pub L No. 104-191, 110 Stat 2033.
46 +
Hodge JG. The intersection of federal health information privacy and state administrative law: the protection of individual health data and workers' compensation.  Adm Law Rev.1999;51:117-144.
47 +
Department of Health and Human Services.  Confidentiality of Individually-Identifiable Health Information. Washington, DC: US Dept of Health and Human Services; 1997.
48 +
Not Available.  Health Information Privacy Act , 106th Cong, 1st Sess (1999) (sponsored by Representatives Gary Condit, Henry Waxman, Edward Markey, et al).
49 +
Not Available.  Medical Information Protection and Research Enhancement Act of 1999 , 106th Cong, 1st Sess (1999) (sponsored by Representatives James Greenwood, Christopher Shays, Charlie Norwood, et al).
50 +
Not Available.  Health Information Confidentiality Act of 1999 , 106th Cong, 1st Sess (1999) (sponsored by Senators James Jeffords and Christopher Dodd).
51 +
Not Available.  Ganske Amendment §351(a-c) , 106th Cong, 1st Sess (1999) (sponsored by Representative Greg Ganske).
52 +
Not Available.  Ganske Amendment §351(c)(2) , 106th Cong, 1st Sess (1999) (sponsored by Representative Greg Ganske).
53 +
Not Available.  Health Information Privacy Act, §305 , 106th Cong, 1st Sess (1999) (sponsored by Representatives Gary Condit, Henry Waxman, Edward Markey, et al).
54 +
Not Available.  Medical Information Protection and Research Enhancement Act of 1999, §210 , 106th Cong, 1st Sess (1999) (sponsored by Representatives James Greenwood, Christopher Shays, Charlie Norwood, et al).
55 +
Not Available.  Health Information Confidentiality Act of 1999, §210 , 106th Cong, 1st Sess (1999) (sponsored by Senators James Jeffords and Christopher Dodd).
56 +
Ashton G. Privacy of records in doubt.  American Medical News.August 10, 1998;41:1, 26-27.
57 +
Not Available.  Health Information Confidentiality Act of 1999, §503 , 106th Cong, 1st Sess (1999) (sponsored by Senators James Jeffords and Christopher Dodd).
58 +
Not Available.  Testimony Before the Subcommittee on Health, House Committee on Ways and Means: Hearing on Patient Confidentiality , March 24, 1998 (Janlori Goldman).
59 +
Silberg WM, Lundberg GD, Musacchio RA. Assessing, controlling, and assuring the quality of medical information on the Internet: caveant lector et viewor—let the reader and viewer beware.  JAMA.1997;277:1244-1245.
60 +
Kaufman M. The Internet: a reliable source?  Washington Post.February 16, 1999:H17.
61 +
Hersh WR, Gorman PN, Sacherek LS. Applicability and quality of information for answering clinical questions on the Web [letter].  JAMA.1998;280:1307-1308.
62 +
Lindberg DAB, Humphreys BL. Medicine and health on the Internet: the good, the bad, and the ugly.  JAMA.1998;280:1303-1304.
63 +
Wyatt J. Measuring quality and impact on the World Wide Web.  BMJ.1997;314:1879-1881.
64 +
Not Available.  Federal Trade Commission Act, 15 USC §45(a) (1997).
65 +
Varney CA. Consumer privacy in the information age: a view from the United States. Presented at: Privacy and American Business National Conference; October 9, 1996; Washington, DC.
66 +
Farrell MJ. Medication malpractice: claims, culprits, and defenses.  Am J Trial Advocate.1992;16:65-107.
67 +
Not Available.  Reno v ACLU , 117 SCt 2329 (1997).
68 +
Not Available.  Federal Trade Commission: Hearings on Internet Privacy Before the Subcommittee on Courts and Intellectual Property of the House Committee on the Judiciary , 105th Cong, 1st Sess, March 26, 1998 (statement of David Medine, Federal Trade Commission).
69 +
Not Available.  United States v Westinghouse , 638 F2d 570 (3d Cir 1980).
70 +
Vickery AB. Breach of confidence: an emerging tort.  Columbia Law Rev.1982;82:1426-1468.
71 +
Not Available.  Biddle v Warren General Hospital , 715 NE2d 518 (Ohio 1999).
72 +
Zelin JE. Annotation, physician's tort liability for unauthorized disclosure of confidential information about patient.  Am Law Rep.1988;48:668.
73 +
Not Available.  Chapel v Allison , 785 P2d 204 (Montana 1990).
74 +
Not Available.  Harbeson v Parke Davis Inc , 746 F2d 517, 521 (9th Cir 1984).
75 +
Kacmar DE. The impact of computerized medical literature databases on medical malpractice litigation: time for another Helling v Carey wake-up call?  Ohio State Law J.1997;58:617-654.
76 +
Ribble-Smith B, Hafner AW. The effect of the information age on physicians' professional liability.  DePaul Law Rev.1986;36:69-94.
77 +
Kaar JF. Legal challenges to the implementation of telehealth within the United States and internationally.  Armed Forces Inst Pathol Leg Med.1998:32-36.
78 +
Furrow BR, Greaney TL, Johnson SH, Jost TS, Schwartz, RL. Health Law. St Paul, Minn: West Publishing Co; 1995.
79 +
Not Available.  Pope v St. John , 862 SW2d 657, 661 (Tex App 1993).
80 +
Institute of Medicine.  Telemedicine: A Guide to Assessing Telecommunications in Health Care. Field MJ, ed. Washington, DC: National Academy Press; 1994.

First Page Preview

First page PDF preview

Figures

Tables

Interactive Graphics

Video

Country-Specific Mortality and Growth Failure in Infancy and Yound Children and Association With Material Stature

Use interactive graphics and maps to view and sort country-specific infant and early dhildhood mortality and growth failure data and their association with maternal

1 +
National Research Council, Committee on Maintaining Privacy and Security in Health Care Applications for the National Information Infrastructure.  For the Record: Protecting Electronic Health Information. Washington, DC: National Academy Press; 1997.
2 +
Gostin LO. Personal privacy in the health care system: employer-sponsored insurance, managed care, and integrated delivery systems.  Kennedy Inst Ethics J.1997;7:361-376.
3 +
Gostin LO. Health information privacy.  Cornell Law Rev.1995;80:451-528.
4 +
Fein EB. For many physicians, e-mail is the high-tech house call.  New York Times.November 20, 1997:A1, A18.
5 +
Fisher M. The doctor is out.  Washington Post Magazine.July 19, 1998:8-12, 21-24.
6 +
Hayes KA, Lehmann CU. The interactive patient: a multimedia interactive educational tool on the World Wide Web.  MD Comput.1996;13:330-334.
7 +
Boodman SG. What can you find out about your doctor.  Washington Post.June 8, 1999:H12.
8 +
Mitka M. Developing countries find telemedicine forges links to more care and research.  JAMA.1998;280:1295-1296.
9 +
Nenov V, Klopp J. Remote analysis of physiological data from neurosurgical ICU patients.  J Am Med Inform Assoc.1996;3:318-327.
10 +
Hunt DL, Haynes RB, Hanna SE, Smith K. Effects of computer-based clinical decision support systems on physician performance and patient outcomes: a systematic review.  JAMA.1998;280:1339-1346.
11 +
Bates DW, Leape LL, Cullen DJ.  et al.  Effect of computerized physician order entry and a team intervention on prevention of serious medication errors.  JAMA.1998;280:1311-1316.
12 +
Raschke RA, Gollihare B, Wunderlich TA.  et al.  A computer alert system to prevent injury from adverse drug events: development and evaluation in a community teaching hospital.  JAMA.1998;280:1317-1320.
13 +
Gostin L, Lazzarini Z, Neslund V, Osterholm M. The public health information infrastructure.  JAMA.1996;275:1921-1927.
14 +
Flahault A, Dias-Ferrao V, Chaberty P, Esteves K, Valleron A-J, Lavanchy D. FluNet as a tool for global monitoring of influenza on the Web.  JAMA.1998;280:1330-1332.
15 +
Corcoran E. Breakthrough possible in battle over encryption technology.  Washington Post.July 12, 1998:A8.
16 +
National Research Council.  Computers at Risk: Safe Computing in the Information Age. Washington, DC: National Academy Press; 1990.
17 +
Gostin L. Health care information and the protection of personal privacy: ethical and legal considerations.  Ann Intern Med.1997;127:683-690.
18 +
Beauchamp TL, Childress JF. Principles of Biomedical Ethics. 4th ed. New York, NY: Oxford University Press; 1994.
19 +
Gostin LO, Hodge JG. The "names debate": the case for national HIV reporting in the United States.  Albany Law Rev.1998;61:679-743.
20 +
Chandrasekaran R. Governments find information pays.  Washington Post.March 9, 1998:A1, A12.
21 +
O'Harrow R. Drug plans keep tabs on patients' medication.  Washington Post.September 27, 1998:A1, A26.
22 +
O'Harrow R. Data firms getting too personal?  Washington Post.March 8, 1998:A1, A18, A19.
23 +
Eysenbach G, Diepgen TL. Responses to unsolicited patient e-mail requests for medical advice on the World Wide Web.  JAMA.1998;280:1333-1335.
24 +
Kane B, Sands DZ. Guidelines for the clinical use of electronic mail with patients.  J Am Med Inform Assoc.1998;5:104-111.
25 +
Neill RA, Mainous A, Clark JR, Hagen MD. The utility of electronic mail as a medium for patient-physician communication.  Arch Fam Med.1994;3:268-271.
26 +
Nelson R, Stewart P. Use of electronic mail as a clinical tool.  J Health Care Inform Manage Soc.1996;8:33-36.
27 +
Borowitz SM, Wyatt JC. The origin, content, and workload of e-mail consultations.  JAMA.1998;280:1321-1324.
28 +
Bashshur RL. On the definition and evaluation of telemedicine.  Telemed J.1995;1:19-30.
29 +
Sanders JH, Bashshur RL. Perspectives: challenges to the implementation of telemedicine.  Telemed J.1995;1:115-123.
30 +
Spielberg AR. On call and online.  JAMA.1998;280:1353-1359.
31 +
Schwartz PM, Reidenberg JE. Data Privacy Law: A Study of United States Data Protection. Charlottesville, Va: Michie Law Publishers; 1996.
32 +
Schwartz PM. The protection of privacy in health care reform.  Vanderbilt Law Rev.1995;48:310-365.
33 +
Not Available.  Whalen v Roe , 429 US 589 (1977).
34 +
Hodge JG. Implementing modern public health goals: an examination of new federalism and public health law.  J Contemp Health Law Policy.1998;14:93-126.
35 +
Gostin LO, Hadley J. Health services research: public benefits, personal privacy, and proprietary interests.  Ann Intern Med.1998;129:833-836.
36 +
Not Available.  Privacy Act of 1974, 5 USC §552(b)(1-3), (6) (1996).
37 +
Not Available.  Freedom of Information Act of 1966, 5 USC §552 (1995).
38 +
Not Available.  Americans With Disabilities Act, 42 USC §12112(d)(3)(B) (1997).
39 +
Not Available.  Public Health Service Act, 42 USC §290(dd)-2 (1997).
40 +
Not Available.  Public Health Service Act, 42 USC §241(d) (1997).
41 +
Not Available.  Not Available  56 Federal Register28003 (1991) (codified at CFR §482.24(b)(3)).
42 +
Not Available.  Federal Policy for the Protection of Human Subjects, 45 CFR §§46.101-46.404 (1996).
43 +
Rothenberg KH. Genetic information and health insurance: state legislative approaches.  J Law Med Ethics.1995;23:312-319.
44 +
Gostin LO. Genetic privacy.  J Law Med Ethics.1995;23:320-330.
45 +
Not Available.  Not Available Pub L No. 104-191, 110 Stat 2033.
46 +
Hodge JG. The intersection of federal health information privacy and state administrative law: the protection of individual health data and workers' compensation.  Adm Law Rev.1999;51:117-144.
47 +
Department of Health and Human Services.  Confidentiality of Individually-Identifiable Health Information. Washington, DC: US Dept of Health and Human Services; 1997.
48 +
Not Available.  Health Information Privacy Act , 106th Cong, 1st Sess (1999) (sponsored by Representatives Gary Condit, Henry Waxman, Edward Markey, et al).
49 +
Not Available.  Medical Information Protection and Research Enhancement Act of 1999 , 106th Cong, 1st Sess (1999) (sponsored by Representatives James Greenwood, Christopher Shays, Charlie Norwood, et al).
50 +
Not Available.  Health Information Confidentiality Act of 1999 , 106th Cong, 1st Sess (1999) (sponsored by Senators James Jeffords and Christopher Dodd).
51 +
Not Available.  Ganske Amendment §351(a-c) , 106th Cong, 1st Sess (1999) (sponsored by Representative Greg Ganske).
52 +
Not Available.  Ganske Amendment §351(c)(2) , 106th Cong, 1st Sess (1999) (sponsored by Representative Greg Ganske).
53 +
Not Available.  Health Information Privacy Act, §305 , 106th Cong, 1st Sess (1999) (sponsored by Representatives Gary Condit, Henry Waxman, Edward Markey, et al).
54 +
Not Available.  Medical Information Protection and Research Enhancement Act of 1999, §210 , 106th Cong, 1st Sess (1999) (sponsored by Representatives James Greenwood, Christopher Shays, Charlie Norwood, et al).
55 +
Not Available.  Health Information Confidentiality Act of 1999, §210 , 106th Cong, 1st Sess (1999) (sponsored by Senators James Jeffords and Christopher Dodd).
56 +
Ashton G. Privacy of records in doubt.  American Medical News.August 10, 1998;41:1, 26-27.
57 +
Not Available.  Health Information Confidentiality Act of 1999, §503 , 106th Cong, 1st Sess (1999) (sponsored by Senators James Jeffords and Christopher Dodd).
58 +
Not Available.  Testimony Before the Subcommittee on Health, House Committee on Ways and Means: Hearing on Patient Confidentiality , March 24, 1998 (Janlori Goldman).
59 +
Silberg WM, Lundberg GD, Musacchio RA. Assessing, controlling, and assuring the quality of medical information on the Internet: caveant lector et viewor—let the reader and viewer beware.  JAMA.1997;277:1244-1245.
60 +
Kaufman M. The Internet: a reliable source?  Washington Post.February 16, 1999:H17.
61 +
Hersh WR, Gorman PN, Sacherek LS. Applicability and quality of information for answering clinical questions on the Web [letter].  JAMA.1998;280:1307-1308.
62 +
Lindberg DAB, Humphreys BL. Medicine and health on the Internet: the good, the bad, and the ugly.  JAMA.1998;280:1303-1304.
63 +
Wyatt J. Measuring quality and impact on the World Wide Web.  BMJ.1997;314:1879-1881.
64 +
Not Available.  Federal Trade Commission Act, 15 USC §45(a) (1997).
65 +
Varney CA. Consumer privacy in the information age: a view from the United States. Presented at: Privacy and American Business National Conference; October 9, 1996; Washington, DC.
66 +
Farrell MJ. Medication malpractice: claims, culprits, and defenses.  Am J Trial Advocate.1992;16:65-107.
67 +
Not Available.  Reno v ACLU , 117 SCt 2329 (1997).
68 +
Not Available.  Federal Trade Commission: Hearings on Internet Privacy Before the Subcommittee on Courts and Intellectual Property of the House Committee on the Judiciary , 105th Cong, 1st Sess, March 26, 1998 (statement of David Medine, Federal Trade Commission).
69 +
Not Available.  United States v Westinghouse , 638 F2d 570 (3d Cir 1980).
70 +
Vickery AB. Breach of confidence: an emerging tort.  Columbia Law Rev.1982;82:1426-1468.
71 +
Not Available.  Biddle v Warren General Hospital , 715 NE2d 518 (Ohio 1999).
72 +
Zelin JE. Annotation, physician's tort liability for unauthorized disclosure of confidential information about patient.  Am Law Rep.1988;48:668.
73 +
Not Available.  Chapel v Allison , 785 P2d 204 (Montana 1990).
74 +
Not Available.  Harbeson v Parke Davis Inc , 746 F2d 517, 521 (9th Cir 1984).
75 +
Kacmar DE. The impact of computerized medical literature databases on medical malpractice litigation: time for another Helling v Carey wake-up call?  Ohio State Law J.1997;58:617-654.
76 +
Ribble-Smith B, Hafner AW. The effect of the information age on physicians' professional liability.  DePaul Law Rev.1986;36:69-94.
77 +
Kaar JF. Legal challenges to the implementation of telehealth within the United States and internationally.  Armed Forces Inst Pathol Leg Med.1998:32-36.
78 +
Furrow BR, Greaney TL, Johnson SH, Jost TS, Schwartz, RL. Health Law. St Paul, Minn: West Publishing Co; 1995.
79 +
Not Available.  Pope v St. John , 862 SW2d 657, 661 (Tex App 1993).
80 +
Institute of Medicine.  Telemedicine: A Guide to Assessing Telecommunications in Health Care. Field MJ, ed. Washington, DC: National Academy Press; 1994.

Letters

Submit a Letter
CME Course for:


You need to register in order to view this quiz.


To understand the clinical management of acute heart failure syndromes.
Accreditation Information The American Medical Association is accredited by the Accreditation Council for Continuing Medical Education to provide continuing medical education for physicians.
The AMA designates this journal-based CME activity for a maximum of 1 AMA PRA Category 1 CreditTM per course. Physicians should claim only the credit commensurate with the extent of their participation in the activity.
Physicians who complete the CME course and score at least 80% correct on the quiz are eligible for AMA PRA Category 1 CreditTM.
Note: You must get at least of the answers correct to pass this quiz.
Note: You must get at least of the answers correct to pass this quiz.
You have not filled in all the answers to complete this quiz
The following questions were not answered:
Sorry, you have unsuccessfully completed this CME quiz with a score of
The following questions were not answered correctly:
For CME Course: A Proposed Model for Initial Assessment and Management of Acute Heart Failure Syndromes
Indicate what changes(s) you will implement in your practice, if any, based on this CME course.
To view and print your certificate and access a summary of your CME courses go to My CME.
NOTE:
Citing articles are presented as examples only. In non-demo SCM6 implementation, integration with CrossRef’s “Cited By” API will populate this tab (http://www.crossref.org/citedby.html).
Compression-Only CPR: Pushing the Science Forward
Cone
AAM 2010;304:1493-1495.
All you need to read in the other general journals
BMJ 2010;341:c5893-c1494.
Submit a Response

Some tools below are only available to our subscribers or users with an online account.

Related Content

Customize your page view by dragging & repositioning the boxes below.

Articles Related By Topic
Related Topics
PubMed Articles
How Closely Do Institutional Review Boards Follow the Common Rule?
Acad Med. Published online May 22, 2012.
Addressing Poor Retention of Infants Exposed to HIV: A Quality Improvement Study in Rural Mozambique.
J Acquir Immune Defic Syndr. 2012;60(2):e46-52.
© 2012 American Medical Association. All Rights Reserved.
Powered bySilverchair Information Systems