HIPAA privacy rule and public health; guidance from CDC and the U.S. Department of Health and Human Services
Advanced Search
Select up to three search categories and corresponding keywords using the fields to the right. Refer to the Help section for more detailed instructions.

Search our Collections & Repository

All these words:

For very narrow results

This exact word or phrase:

When looking for a specific result

Any of these words:

Best used for discovery & interchangable words

None of these words:

Recommended to be used in conjunction with other fields



Publication Date Range:


Document Data


Document Type:






Clear All

Query Builder

Query box

Clear All

For additional assistance using the Custom Query please check out our Help Page


HIPAA privacy rule and public health; guidance from CDC and the U.S. Department of Health and Human Services

Filetype[PDF-240.03 KB]


  • Description:
    New national health information privacy standards have been issued by the U.S. Department of Health and Human Services (DHHS), pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The new regulations provide protection for the privacy of certain individually identifiable health data, referred to as protected health information (PHI). Balancing the protection of individual health information with the need to protect public health, the Privacy Rule expressly permits disclosures without individual authorization to public health authorities authorized by law to collect or receive the information for the purpose of preventing or controlling disease, injury or disability including but not limited to public health surveillance, investigation, and intervention. Public health practice often requires the acquisition, use, and exchange of PHI to perform public health activities (e.g., public health surveillance, program evaluation, terrorism preparedness, outbreak investigations, direct health services, and public health research). Such information enables public health authorities to implement mandated activities (e.g., identifying, monitoring, and responding to death, disease, and disability among populations) and accomplish public health objectives. Public health authorities have a long history of respecting the confidentiality of PHI, and the majority of states as well as the federal government have laws that govern the use of, and serve to protect, identifiable information collected by public health authorities. The purpose of this report is to help public health agencies and others understand and interpret their responsibilities under the Privacy Rule.
  • Content Notes:
    May 2, 2003.

    This report was prepared by Salvatore Lucido, M.P.A., and Denise Koo, M.D., Office of the Associate Director for Science, Epidemiology Program Office, CDC, in collaboration with James G. Hodge, Jr., J.D., Center for Law and the Public’s Health, Georgetown and Johns Hopkins Universities, Baltimore, Maryland.

    Includes bibliographical references (p. 12).

  • Pubmed ID:
  • Document Type:
  • Genre:
  • Place as Subject:
  • Main Document Checksum:
  • File Type:

Supporting Files

  • No Additional Files

More +

You May Also Like

Checkout today's featured content at stacks.cdc.gov