Covid 19

The source of privacy protection for health information depends on whether it is a governmental or private entity seeking access. The Constitution applies to governmental access, and the Supreme Court has found that under certain circumstances individuals have a Fifth and Fourteenth Amendment right to health informational privacy, although the analysis balances an individual’s privacy against the government’s interest in obtaining the information.[1] The main federal laws protecting patient privacy are the Health Insurance Portability and Accountability Act of 1996 (HIPAA)[2] and the Health Information Technology for Economic Clinical Health Act (HI-TECH).[3] These statutes protect patient health information (PHI), defined as individually identifiable health information transmitted or maintained by a covered entity or its business associates in any form or medium.[4] Disclosure of PHI that is held by covered entities and their business associates,[5] generally requires patient consent to disclose such information, although there are numerous exceptions.[6] Covered entities include healthcare providers and clearinghouses, and health plans.[7]
[1] United States v. Westinghouse Electric Corp., 638 F.2d 570 (3d Cir. 1980) (indicating that OSHA has a strong public interest in facilitating research and investigations into work safety).
[2] Health Insurance Portability and Accountability Act of 1996, Pub. L. No. 104-191, 110 Stat. 1936.
[3] Health Information Technology for Economic and Clinical Health Act, Pub. L. No. 111-5, 123 Stat. 115 (2011).