Health Privacy

About health privacy, World Privacy Forum key health privacy resources

The World Privacy Forum is extremely active in health privacy, with a long and successful track record of work in this area. We have done groundbreaking work in the area of medical identity theft, as well as substantive analysis and education on critical privacy aspects of health data such as medical research, genomics, and many other issues. 

Some of our most frequently accessed health privacy resources include:

* A Patient’s Guide to HIPAA

* Medical Identity Theft Page (resources, reports, more)

* Health privacy tagged materials 

* HIPAA tagged materials 

* Electronic Health Records tagged materials 

* Common Rule and Human Subject Research Protection tagged materials

* Genetic privacy tagged materials 

We have many more publications and resources. For a full list of topics and publications, see our key issues page.

See below for health privacy news and content by date.

World Privacy Forum files public comments regarding oversight of genetic testing; warns about the privacy risks related to unregulated commercial genetic tests and the need to prevent phantom genetic tests from becoming a new business model for fraudsters

Genetic privacy | SACGHS — The World Privacy Forum filed extensive comments with the Secretary’s Advisory Committee on Genetics, Health and Society (SACGHS) regarding its draft report on genetic testing oversight, U.S. System of Oversight of Genetic Testing: A Response to the Charge of the Secretary of HHS. The World Privacy Forum requested SACGHS pay more attention in its final report to the privacy consequences of unregulated genetic testing that occurs outside the health care sector. The WPF comments note that current and proposed remedies for the misuse of genetic information tend to focus on the use of the information within the health care treatment, payment, and insurance systems. What is crucially important is to analyze how to protect genetic information in the realm of commercial collection, maintenance, use and disclosures. Another area the comments discuss is the potential for new forms of fraudulent activity related to genetic testing (Phantom genetic testing, that is, genetic tests marketed to consumers that are not even real or viable genetic tests.) The World Privacy Forum specifically recommended that the National Committee on Vital and Health Statistics be tasked with looking at this matter, that an independent pre-market assessment mechanism is created for genetic tests offered outside the clinical setting, and that privacy be expressly discussed in the overarching recommendations in the final report.

World Privacy Forum appointed to California Security and Privacy Advisory Board

Announcement | CalPSAB — WPF executive director Pam Dixon has been appointed by California Secretary of Health and Human Services Kim Belshe to the California Security and Privacy Advisory Board. Dixon will serve as interim co-chair of the board, which is tasked with addressing health information exchange (HIE) privacy and security efforts in California. The board’s meetings will be open to the public.

Briefing Paper – Responses to Medical Identity Theft: Eight best practices for helping victims of medical identity theft

Version 1: October 16, 2007   The World Privacy Forum, as part of its ongoing in-depth research into medical identity theft issues and responses, has outlined 8 best-practice responses to the crime by the health care sector. These best practices are based on interviews with victims, providers, and other stakeholders. These 8 best practices are

World Privacy Forum gives keynote speech to AHIMA on medical identity theft; outlines 8-point best-practice responses to the crime

Medical identity theft | AHIMA — Executive director Pam Dixon spoke to thousands of AHIMA delegates in Philadelphia sharing the latest information on medical identity theft and outlining 8 best practice responses to the crime for the health care sector. Dixon specifically asked for the creation of national guidelines for helping medical identity theft victims, the ability for victims to set red flag alerts in their health care files, that providers train and have dedicated personnel to help medical identity theft victims, “john and jane doe” file extractions, a focus on addressing insider access to patient information, risk assessments specifically for medical identity theft, and educational efforts. The information in the speech was based on the latest World Privacy Forum research in the area of medical identity theft.

World Privacy Forum outlines 8 best practice responses to medical identity theft for the healthcare sector

Medical identity theft | Best practice responses — The World Privacy Forum has outlined 8 best practice responses to medical identity theft for the health care sector. The best practice responses are based on research the Forum is conducting for its second report on medical identity theft, and is a work in progress. The 8 best practice responses were presented to AHIMA delegates October 9; the Forum is soliciting and accepting feedback on the 8 best practices.