Privacy Issues in Archives Access

Anne Gilliland, MA, MLISUniversity of North Carolina—Chapel Hill

And

Judith A. Wiener, MA, MLISThe Ohio State University

Introduction

Our background

How we got interested

The questions we were asked

What methods or policies can librarians and archivists put into place that balance both the interests of scholars and families that desire access to historical mental health records and maintain privacy as

required by either federal or state laws?

Widely-Available Digitization

Controlled environment of reading room vs. open access of the open web

Risk lessened in reading room environment even if protected information is made available by error.

Digitize But Restrict Access

Preservationally-sound optionSaves staff time of scanning on demand

Controlled access that allows for greater sharing off-site

Records not as accessible as they would be on the open Internet

Privacy Boards

Another option to longer process of IRB

Allows institution to set up appropriate membership to fit needs of varied interested parties (patients, families, scholars)

Creates wait for materials and may be deterrent to access by some

Selective Redaction

Required when dealing with PHI and a covered entity under HIPAA or other legislation. 18 Protected Health Information (PHI) fields.

May be an option that is elected, even if not required by law.

Need not redact originals

Redaction and Digitization

Proactive redaction can be very time and cost intensive.

Can make digitized materials useless, depending on level of protected information available.

Access is the key in the need for redaction.

Careful Selection of Materials

Analyze reason for digitization-preservation or access or both?

Analyze typical researcher needs. What information is most likely needed and wanted on a widely-accessible basis.

Look for the win-win. What can we make as openly available as possible without a lot of access control or redaction needed annual reports instead of individual cases. published reports with PHI already removed

Have these examples increased the financial or staffing costs to libraries that maintain such archival records?

Redaction

• Up front or proactive redaction may be expensive & time-consuming

• By request redaction less costly and time-consuming but response time can be slow.

• Technology may soon be available to help redact standardized data

Many historical records will still need to be redacted by hand

Redaction for digitization can make records almost useless.

Open Access Online

Higher risk option.

Consumes staff time with selection and up-front privacy sensitivity audits.

May be an option for some record types but not recommended for entire collections with significant privacy concerns.

Need to create policy and proceedure for redaction requests.

Closed Access System

Lower risk, in general, because access is internal and controlled.

Allows for less-costly mass digitization solution.

Need to invest in security solutions.

Ongoing costs need to be considered Maintenance, trouble shooting, migration of

files, quality control.

Closed Access Systems

Process and logistics for collection access need to be addressed.

Encumbers staff time for very hands-on requests.

Privacy Board can be costly, dependent on location of members, time needed to meet, meeting frequency.

Cost vs. Risk

• Risk is high for unselective open access system. Liability is far greater than initial costs of time or systems.

• Financial penalties in legislation

Risk in reputation, lives, public opinion

But embargoing records incurs other costs Risk is high to the historical record,

heritage, decedents.

How have scholars and families responded to these methods and policies instituted to both increase access

yet maintain privacy of these records?

Families and Patients

Securing permission after the fact—Digital Library of Georgia

Genealogists’ keen interest

Family members—what happened to them?

Access Anxiety—the historian’s perspective

What is Consent? What is Anonymity?

The Lacks Family

Patients Like Me and other sites

Rare Diseases and unusual situations

What examples exist of how such a balance has been developed and maintained in other states? Identify the

states

The Ceiling and the Floor

Most restrictive law will usually control. For example, in a HIPAA situation, HIPAA

preempts unless state law is more restrictive. State laws—choice of law problems and

conflicts Privacy laws not written with the historian or

archivist in mind but rather toward contemporary identity theft

Four Approaches to Health Information

The Cigarette Papers—handled through takedown notices

Johns Hopkins (all considered covered entity—IRB/Privacy Board)

Columbia—75 year rule (not a covered entity)

University of Minnesota—use stringent HIPAA rules even for non-covered entity

Ohio State University Medical Heritage Center

Privacy Board in development

Selective digitization

Description of patient records series only on-line

North Carolina Supreme Court Briefs Digitization

• Digitization of briefs submitted in NC Supreme Court cases from the late 19th century through 2000

• Project funded and work plan in development• Will be online and exposed to Google• Will use software for redacting SSNs and driver’s license

numbers• Open public records law in NC is very broad, but briefs

have been obscure• Are we a publisher when we put them online and does

our liability change?• More recent judicial opinions are often written more

circumspectly

State Approaches: Mental Hospital Records Indiana State Archives mental hospital

records

Lincoln Hospital Records—Duke University

Illinois mental hospital records at State Archives

Athens Asylum records at Ohio University

Are there examples where there have been violations that compromised privacy rights; and how have they been handled?

Redaction and Breaches

Cigarette Papers

Tentative plans in North Carolina

An Industry example—Epic

Wall of Shame—Breaches affecting 500 or more individuals

Data Breaches

On the rise

State breach notification law

Most suits within the academic/research community are settled or controversies never reach the point of litigation

Re-identification

Experts differ on the extent and scope of this problem

The William Weld example

May not be able to completely control

Conclusion