Registries for Evaluating Patient Outcomes User's Guide
Registries For Evaluating Patient Outcomes User's Guide
Beyond the Patient—Protection of Registry Data from Litigation and other Confidentiality Concerns For Providers, Manufacturers, and health Plans
Jane Hyatt Thorpe, JD
Protection of Registry Data
- Growing use of registries:
- Support health information collection, access, research, quality measurement and improvement initiatives, safety initiatives, etc.
- Public (federal and state) and private payors, professional associations, public health.
- Content may include private/confidential and/or proprietary information.
- Considerable attention to protecting privacy and confidentiality of individually identifiable health information about patients (e.g., HIPAA).
- Less attention to privacy/confidentiality concerns of sources or other subjects of registries—providers, manufacturers, and health plans.
Sources of Protection
- Federal Laws and Regulations:
- AHRQ Confidentiality Statute.
- Patient Safety and Quality Improvement Act of 2005.
- Quality Improvement Organization Statute and Regulations.
- HHS Certificate of Confidentiality.
- HIPAA Privacy Rule.
- Privacy Act of 1974.
- Freedom of Information Act.
- Federal Trade Secrets Act.
- Federal Rules of Evidence and Civil Procedure.
- Patient Protection and Affordable Care Act.
Sources of Protection, cont'd
- State Laws and Regulations:
- Safe Harbor Laws.
- Peer Review Laws.
Lots of Sources, But Very Narrow
- No consistent or comprehensive protection.
- Available protections apply to very narrow set of activities.
- "Chilling effect" on registry development.
- Federal legislation? A delicate balance:
- What type of data should be protected?
- What types of registry activities should be protected?
- What types of legal actions may require release of registry data?