privacy issues in archives access

Privacy Issues in Archives Access

Anne Gilliland, MA, MLISUniversity of North Carolina—Chapel Hill

And

Judith A. Wiener, MA, MLISThe Ohio State University

Introduction

Our background How we got interested The questions we were asked

What methods or policies can librarians and archivists put into place that balance both the interests of scholars and families that desire access to

historical mental health records and maintain privacy as required by either federal or state laws?

Widely-Available Digitization

Controlled environment of reading room vs. open access of the open web

Risk lessened in reading room environment even if protected information is made available by error.

Digitize But Restrict Access

Preservationally-sound optionSaves staff time of scanning on demand

Controlled access that allows for greater sharing off-site

Records not as accessible as they would be on the open Internet

Privacy Boards Another option to longer process

of IRB Allows institution to set up

appropriate membership to fit needs of varied interested parties (patients, families, scholars)

Creates wait for materials and may be deterrent to access by some

Selective RedactionRequired when dealing with PHI and a covered entity under HIPAA or other legislation. 18 Protected Health Information (PHI) fields.

May be an option that is elected, even if not required by law.

Need not redact originals

Redaction and Digitization

Proactive redaction can be very time and cost intensive.

Can make digitized materials useless, depending on level of protected information available.

Access is the key in the need for redaction.

Careful Selection of Materials

Analyze reason for digitization-preservation or access or both?

Analyze typical researcher needs. What information is most likely needed and wanted on a widely-accessible basis.

Look for the win-win. What can we make as openly available as possible without a lot of access control or redaction needed annual reports instead of individual cases. published reports with PHI already removed

Have these examples increased the financial or staffing costs to libraries that maintain such archival records?

Redaction• Up front or proactive redaction may be

expensive & time-consuming• By request redaction less costly and time-

consuming but response time can be slow. • Technology may soon be available to help

redact standardized data Many historical records will still need to be

redacted by hand Redaction for digitization can make records

almost useless.

Open Access Online

Higher risk option. Consumes staff time with selection and up-

front privacy sensitivity audits. May be an option for some record types but

not recommended for entire collections with significant privacy concerns.

Need to create policy and proceedure for redaction requests.

Closed Access System

Lower risk, in general, because access is internal and controlled.

Allows for less-costly mass digitization solution.

Need to invest in security solutions. Ongoing costs need to be considered

Maintenance, trouble shooting, migration of files, quality control.

Closed Access Systems

Process and logistics for collection access need to be addressed.

Encumbers staff time for very hands-on requests.

Privacy Board can be costly, dependent on location of members, time needed to meet, meeting frequency.

Cost vs. Risk• Risk is high for unselective open

access system. Liability is far greater than initial costs of time or systems.

• Financial penalties in legislation Risk in reputation, lives, public opinion But embargoing records incurs other

costs Risk is high to the historical record,

heritage, decedents.

How have scholars and families responded to these methods and policies instituted to both increase access yet

maintain privacy of these records?

Families and Patients

Securing permission after the fact—Digital Library of Georgia

Genealogists’ keen interest Family members—what happened to them? Access Anxiety—the historian’s perspective

What is Consent? What is Anonymity?

The Lacks Family Patients Like Me and other sites Rare Diseases and unusual situations

What examples exist of how such a balance has been developed and maintained in other states? Identify the

states

The Ceiling and the Floor

Most restrictive law will usually control. For example, in a HIPAA situation, HIPAA

preempts unless state law is more restrictive. State laws—choice of law problems and

conflicts Privacy laws not written with the historian or

archivist in mind but rather toward contemporary identity theft

Four Approaches to Health Information

The Cigarette Papers—handled through takedown notices

Johns Hopkins (all considered covered entity—IRB/Privacy Board)

Columbia—75 year rule (not a covered entity)

University of Minnesota—use stringent HIPAA rules even for non-covered entity

Ohio State University Medical Heritage Center

Privacy Board in development

Selective digitizationDescription of patient records series only on-line

North Carolina Supreme Court Briefs Digitization

• Digitization of briefs submitted in NC Supreme Court cases from the late 19th century through 2000

• Project funded and work plan in development• Will be online and exposed to Google• Will use software for redacting SSNs and driver’s license

numbers• Open public records law in NC is very broad, but briefs

have been obscure• Are we a publisher when we put them online and does our

liability change?• More recent judicial opinions are often written more

circumspectly

State Approaches: Mental Hospital Records Indiana State Archives mental hospital

records Lincoln Hospital Records—Duke University Illinois mental hospital records at State

Archives Athens Asylum records at Ohio University

Are there examples where there have been violations that compromised privacy rights; and how have they been handled?

Redaction and Breaches

Cigarette Papers Tentative plans in North Carolina An Industry example—Epic Wall of Shame—Breaches affecting 500 or

more individuals

Data Breaches On the rise State breach notification law Most suits within the academic/research

community are settled or controversies never reach the point of litigation

Re-identification Experts differ on the extent and scope of

this problem The William Weld example May not be able to completely control

Conclusion