Published online by Cambridge University Press: 01 January 2021
Even though health care provider reporting of diseases to public health authorities is common, often there is under-reporting by providers, including for notifiable diseases; frequently, under-reporting occurs by wide margins. Two causal factors for this under-reporting by providers have been that: (1) disclosing data may violate their patients’ privacy, and (2) disclosed data may be used to evaluate their performance. A reluctance to disclose information due to privacy concerns exists despite the U.S. Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule permitting disclosures of personal health information (PHI) for public health purposes without patient authorization. On the other hand, such patient privacy concerns are somewhat justified: there have been documented breaches of patient information from public health data custodians.
A common way to address this privacy issue is to de-identify patient data before it is disclosed to public health.