Health Privacy

About health privacy, World Privacy Forum key health privacy resources

The World Privacy Forum is extremely active in health privacy, with a long and successful track record of work in this area. We have done groundbreaking work in the area of medical identity theft, as well as substantive analysis and education on critical privacy aspects of health data such as medical research, genomics, and many other issues. 

Some of our most frequently accessed health privacy resources include:

* A Patient’s Guide to HIPAA

* Medical Identity Theft Page (resources, reports, more)

* Health privacy tagged materials 

* HIPAA tagged materials 

* Electronic Health Records tagged materials 

* Common Rule and Human Subject Research Protection tagged materials

* Genetic privacy tagged materials 

We have many more publications and resources. For a full list of topics and publications, see our key issues page.

See below for health privacy news and content by date.

WPF Statement on COVID-19 and Changes in HIPAA Practices

In response to the COVID-19 (coronavirus) pandemic, the U.S. Department of Health and Human Services announced some changes in HIPAA practices. This statement from WPF includes the following information:  
-What are the changes to HIPAA during the COVID-19 emergency? 
-What are the privacy concerns? 
-WPF recommendations to ensure patient privacy is protected  

WPF urges National Institutes of Health to expand privacy guidance for researchers

WPF is urging the National Institutes of Health to do more to properly advise the research community and to protect data subjects in its draft guidance on data management and sharing. WPF is asking for changes to the NIH guidance because in the US, much health research data in the hands of researchers is not subject to the privacy or security rules in HIPAA.

WPF to testify before NCVHS on emerging privacy concerns in health privacy — Beyond Digitization: Artificial Intelligence, APIs, and health privacy

WPF Executive Director Pam Dixon will testify before the full committee of the National Committee on Vital and Health Statistics (NCVHS) regarding emerging privacy concerns in the healthcare environment, including the role of artificial intelligence, patient authorizations, and automated access to patient health information.  The NCVHS is the statutory [42 U.S.C. 242k(k)] public advisory body

HHS takes first-ever enforcement action under HIPAA’s right of access to health records

The Office of Civil Rights in the US Department of Health and Human Services has taken its first enforcement action under the HIPAA right of patient access to health records. HHS announced that it fined a health care provider $85,000 for failing to provide health care records to a patient upon written request, stating in