Public Health Needs and Medical Privacy

  • Privacy Checklist for COVID-19 Testing and Screening [see bottom of page for checklist handout]
  • COVID-19 Exceptions and Flexibility to the HIPAA Privacy Rule 
  • COVID-19 Exception to FERPA Student Privacy Requirements
  • May 5, 2020 HIPAA Guidance:  Masking or obscuring patients’ faces or identifying information before broadcasting a recording of a patient is not sufficient, as a valid HIPAA authorization is still required before giving the media such access.  Reasonable safeguards should be used to protect the privacy of patients whenever the media is granted access to health care facilities.
  • American Medical Association May 2020 Privacy Principles: The AMA intended these principles for entities other than those already considered covered under HIPAA. The principles take into consideration that some data historically not considered “personal” or “directly identifiable” may in fact be personally identifiable (e.g., IP addresses, machine-generated data, indirect identifiers). The Principles provide individuals with rights and protections from discrimination and shift the responsibility for privacy from individuals to data holders, including institutional data holders and their authorized personnel.  Those who access an individual’s data should act as responsible stewards of that information, just as physicians promise to maintain patient confidentiality. The Principles also call for robust enforcement of penalties for violation of rights to help patients develop and maintain trust in digital health tools.