Health Privacy

About health privacy, World Privacy Forum key health privacy resources

The World Privacy Forum is extremely active in health privacy, with a long and successful track record of work in this area. We have done groundbreaking work in the area of medical identity theft, as well as substantive analysis and education on critical privacy aspects of health data such as medical research, genomics, and many other issues.

Some of our most frequently accessed health privacy resources include:

* A Patient’s Guide to HIPAA

* Medical Identity Theft Page (resources, reports, more)

* Health privacy tagged materials

* HIPAA tagged materials

* Electronic Health Records tagged materials

* Common Rule and Human Subject Research Protection tagged materials

* Genetic privacy tagged materials

We have many more publications and resources. For a full list of topics and publications, see our key issues page.

See below for health privacy news and content by date.

Jan 24 2017

Did I just sign a permission slip that lets an in-school dental clinic extract my child’s teeth? Navigating student and school health privacy

A Baltimore mom was surprised and unhappy recently when her son came home from school missing three teeth. The source? A mobile dental clinic at a Baltimore city public school had extracted some of her son’s teeth that day. The mother didn’t realize it, but she had already consented to the dental work through signing a permission slip/release form.

Nov 02 2016

The Fishbone model of biometric template security

At Biometrics 2016 in London, I gave a keynote presentation on the state of biometrics policy and privacy, with suggestions for further work. Several aspects of that presentation have garnered follow-up requests, including requests for more information about my discussion of the “Fishbone Model” of biometric template security, a model I like very much and have

Sep 21 2016

2022 Update: Interactive Medical Data Breach Map

This interactive map displays the location of each medical data breach recorded at the US Department of Health and Human Services from 2009-2016. To get the most from the map, you can view breaches by year, by region, and in a text list.

Jul 05 2016

The New Healthcare Fraud Continuum: Keynote

This coming Thursday, WPF Executive Director Pam Dixon will give a keynote speech on health privacy and security, “The New Healthcare Fraud Continuum.” Based on her latest research in health privacy, this talk will be Dixon’s first talk about the new fraud continuum, what it is, how it operates, what it means to providers and patients,

Apr 04 2016

WPF files comments on US government proposal on confidentiality of drug/alcohol patient records, urges revisions

The World Privacy Forum commented on an important proposal to make changes to the existing rules regarding the confidentiality of alcohol and drug abuse patient records. The proposal is from the Substance Abuse and Mental Health Services Administration (SAMHSA), part of the US Department of Health and Human Services. These proposed rule changes are important, as the current

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.