Confidentiality

In Spring 2017, the Missouri Department of Health and Senior Services (MODHSS) launched the Missouri Public Health Information Management System (MOPHIMS) web-based health data platform. Missouri has supported a similar data system since the 1990s, allowing the public, local public health departments, and other stakeholders access to community level birth, death, and hospitalization data (among other datasets). The MOPHIMS system is composed of two separate pieces. Community Data Profiles are topic-, disease-, or demographic-specific reports that contain 15-10 indicators relevant to the report. Because these static reports are developed in-house a multilayered suppression rule is not required. The second piece of MOPHIMS, the Data MICAs, or Missouri Information for Community Assessent, can be used to create customized datasets that slice and dice up to a dozen demographic and system-specific variables to answer complex research questions. The MOPHIMS interface features, among other things, a new and innovative method for addressing confidentiality concerns through the suppression of health data. This pioneering approach integrates multi-level logic that uses inner and outer cell analytics, the use of exempt and conditionally exempt variables, and multiple levels of user access. Moving beyond a simple model of suppressing any values below a certain threshold, MOPHIMS takes a bold step in providing users exceptionally granular data while still protecting citizen privacy.

Objective: By the end of this session, users will be able to describe the innovative and multilayered suppression rules that are applied to Missouri's homegrown health data web query system. They will also be able to use the lessons learned and user feedback described in the session to facilitate discussions surrounding the application of suppression to their specific data systems.

For syndromic and related public health surveillance systems to be effective, state and local health departments and the Centers for Disease Control and Prevention (CDC) need access to a variety of types of health data. Since the development and implementation of syndromic surveillance systems in recent years, health departments have gained varied levels of access to personal health information for inclusion in these systems. A variety of federal, state, and local laws enable, restrict, and otherwise infl uence the sharing of health information between health care providers and public health agencies for surveillance, as well as research, purposes. Some health care providers have expressed reluctance or refused to provide identifi able data for syndromic surveillance to health departments (1), citing state privacy laws or the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule (2). Although the HIPAA Privacy Rule permits health care providers to disclose protected health information without patients’ consent to public health agencies for authorized purposes, it does not supersede state laws that provide greater protection of individual privacy (2,3). The use of individuals’ health information for syndromic surveillance poses challenging questions regarding the interpretation and future development of ethical and legal standards for public health practice and research. While the practice of syndromic surveillance extends the longstanding tradition of public health surveillance as an essential element of public health practice (4), it raises in a new light equally longstanding questions about governments’ authority to collect and use health information (5). As the practice of syndromic surveillance evolves, it is in the national interest to clarify the conditions under which health information can be shared, the ways that privacy and confi dentiality can be protected, and the ways that local, state, and federal public health agencies can legally, ethically, and effectively exercise their respective responsibilities to detect, monitor, and respond to public health threats.

 

For syndromic and related surveillance systems to be effective public health tools, state and local health departments and CDC need access to a variety of types of health data.  However, since the development and implementation of syndromic surveillance systems began in recent years, experience in gaining access to personal health data has been mixed.  Although some have argued that the HIPAA Privacy Rule permits data owners to disclose protected health information to public health authorities, covered entities have cited HIPAA in refusing to provide data to researchers and health departments.  In addition to HIPAA, a variety of federal, state, and local public health laws enable, restrict, and otherwise influence the ability to share data for public health surveillance purposes.  Concerns about protecting proprietary data also influence data sharing for public health purposes.  It is in the national interest to clarify the conditions under which data can be shared, balancing privacy and confidentiality with the ability of public health agencies at all levels of jurisdiction to access information needed to protect the public from disease.  As the practice of syndromic surveillance evolves, it is equally important to assure that data are collected and used ethically as well as legally. The methods and uses of syndromic surveillance pose challenging questions regarding the interpretation and future development of ethical and legal standards for public health practice and research. The discussion will not be confined to the legal and ethical issues surrounding the release of data but will also address these issues as they concern the subsequent transmission, storage, replication, and display of health data by local, state, and federal public health users, including how the information is used for both early event detection and situational awareness functions. 

Objective

The International Society for Disease Surveillance will convene a group of experts to: (1) share experience with privacy, confidentiality, and other legal and ethical issues in syndromic surveillance; (2) clarify the research, practice, legal, and ethical issues that enable and restrict data sharing; and (3) identify approaches to overcoming barriers in a way that protects privacy and confidentiality while maximizing the usefulness of syndromic and related surveillance systems.