Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSTE Annual Conference 2007 Legal Forces in Public Health Surveillance James G. Hodge, Jr., J.D., LL.M. Associate Professor, Johns Hopkins Bloomberg School.

Published byUrsula Heath Modified over 8 years ago

Similar presentations

Presentation on theme: "CSTE Annual Conference 2007 Legal Forces in Public Health Surveillance James G. Hodge, Jr., J.D., LL.M. Associate Professor, Johns Hopkins Bloomberg School."— Presentation transcript:

1 CSTE Annual Conference 2007 Legal Forces in Public Health Surveillance James G. Hodge, Jr., J.D., LL.M. Associate Professor, Johns Hopkins Bloomberg School of Public Health Executive Director, Center for Law & Public Health Core Faculty, Berman Institute of Bioethics

2 Key Themes Assess select key legal underpinnings of public health surveillance Understand the legal authority and limitations of government and its private sector partners to collect identifiable health data for public health surveillance Explore legal arguments concerning current developments affecting the practice of public health surveillance

3 Key Topics Public Health Surveillance and National Security National Reportable Conditions Act Pandemic and All-Hazards Preparedness Act Distinguishing Public Health Practice and Research CSTE National Guidance, 2004 Forthcoming Interpretations by OHRP in 2007 Accessing Identifiable Health Data in Education Records for Public Health Purposes Family Educational Rights and Privacy Act “7 FERPA Fixes” to facilitate access to school-based health information for public health purposes

4 Public Health Surveillance and National Security Traditional Legal Authority to Conduct Public Health Surveillance in the United States State Sovereign Power Reserved via the Tenth Amendment over “all the objects, which, in the ordinary course of affairs, concern the lives, liberties and properties of the people; and the internal order, improvement, and prosperity of the State.” James Madison, The Federalist Papers, No. 45 Police Powers – provide states broad jurisdiction to regulate matters affecting the health, safety, and general welfare of the public. Jacobson v. Massachusetts, 1905 Public Health Surveillance in the United States is Predominately Based on these Broad Powers of State (and Local) Governments

5 Public Health Surveillance and National Security Federal Powers to Collect Identifiable Health Data for Public Health Purposes National Security Powers Interstate Commerce Powers Tax and Spend Powers Federal Public Health Surveillance Efforts Cancer registries HIV/AIDS surveillance Alzheimer’s disease incidence databases CDC “BioSense” Program What if federal authorities sought to conduct broad public health surveillance directly?

6 National Reportable Conditions Act (NRCA) Introduced on September 14, 2006 via S. B. 3898 and H.R. 6086 Purpose - “[t]o amend the Homeland Security Act to provide for the health of Americans by creating a national electronic public health reporting system.” Authorize DHS in consultation with DHHS, EPA, and DOA, and an expert Commission, to certify a list of reportable conditions Require various persons/entities to electronically report conditions directly to DHS Ultimately, these bills died at the end of the 2006 session.

7 Pandemic and All-Hazards Preparedness Act (PAHPA) Enacted on December 19, 2006 to improve the organization, direction, and utility of preparedness efforts To enhance surveillance and rapid response, PAHPA requires DHHS to establish a national electronic network to collect and analyze public health data from governmental and private sector entities By generating standardized data formats for existing state and local surveillance systems, DHHS seeks to maximize the compatibility and usefulness of real-time information to assess situational awareness capabilities.

8 Pandemic and All-Hazards Preparedness Act (PAHPA) Government needs to acquire, use, and disclose accurate, meaningful health data to detect or respond to public health emergencies. PAHPA affords federal officials significant discretion to accumulate and share personal health information without adequate privacy safeguards. PAHPA does not substantively address privacy concerns. The HIPAA Privacy Rule excludes public health data collections from its protections. Other privacy laws provide a patchwork of protections for national public health data.

9 Public Health Surveillance and National Security State and Local Federal

10 Distinguishing Public Health Practice and Research Public Health Practice vs. Research: A Report for Public Health Practitioners Including Case Studies and Guidance for Making Distinctions Completed May 2004 Sponsored by CSTE

11 Principal Objectives To assess legal and ethical environments underlying public health practice and human subject research To clarify existing definitions of public health practice and research To provide meaningful cases on practice and research To make distinctions between public health practice and research through foundational and enhanced guidance

12 Principle Justifications Key differences in the legal support for public health practice and research Misclassification of activities leads to multiple complications Varying standards for the disclosure of identifiable health data pursuant to the HIPAA Privacy Rule Widespread variation in existing models and methods for making distinctions

13 Similarities Public health practice and research may entail the collection and use of identifiable health information They are conducted so as to protect individuals, but may also involve actual or potential risks to participants They may be justified as laudable, communal activities that further the public good

14 In Reality.... Public health practice is not human subjects research They differ in: methodology objectives legal support ethical framework design

15 Public Health Practice The collection and analysis of identifiable health data by a public health authority for the purpose of protecting the health of a particular community, where the benefits and risks are primarily designed to accrue to the participating community.

16 Public Health Research The systematic collection and analysis of identifiable health data by a public health authority for the purpose of generating knowledge that will primarily benefit those beyond the participating community who bear the risks of participation

17 Legal Frameworks Public Health Practice – grounded in constitutionally-approved authority of government to protect the public’s health, safety, and general welfare Public Health Research – grounded in the principles of the federal Common Rule that focus on protecting individuals while pursuing knowledge through research

18 Guiding Principles Essential Features - (e.g. foundations) of Public Health Practice and Research Rejected Criteria – Performance, Publication, Urgency, Funding, Data Collection Methods Enhanced Guidelines - Legal Authority, Specific Intent, Responsibility, Participant Benefits, Experimentation, Subject Selection Checklist

19 New Developments In June 2006, the federal Office for Human Research Protections (OHRP) distributed a draft document, “Guidance on Research” to DHHS agencies for internal comment Focuses on recommendations for making distinctions between research and non-research activities OHRP seeks to finalize its draft Guidance this summer, submit it to DHHS’ Assistant Secretary for Health, and seek public comment

20 Forthcoming OHRP Guidance - What To Expect Part of the Guidance is likely to focus on the distinction between public health surveillance and research Initial reactions from CDC are that OHRP’s initial interpretations are narrower than many public health agencies. In essence, OHRP may be inclined to view some public health surveillance activities as research, and not public health practice Additional areas of concern may include: “Dual designations” Secondary uses of surveillance data Outbreak investigations

21 Plan for Action CSTE has communicated initial concerns (and its Report) to OHRP officials and Dr. John Agwunobi, DHHS’ Assistant Secretary for Health Continuing to monitor the status of the draft Guidance on Research Upon its release, CSTE is planning to review, assess, and respond via the public commentary process and other routes These issues will also be addressed before the IOM Committee on Health Research and Privacy of Health Information in early October

22 FERPA and Access to School-based Health Information Educational records include student health and medical information that public health authorities seek to access for a variety of public health purposes FERPA allows disclosure of identifiable information in educational records to authorized representatives without written consent concerning: The medical treatment of students; or Emergency circumstances to protect health/safety of student/others Otherwise, FERPA prevents disclosure of identifiable data to unauthorized representatives (including public health authorities) without written consent from the student (or parental consent)

23 Only authorized representatives (e.g., federal, state, and local departments of education or others under “direct control” of these entities) may access identifiable data in educational records Congressional statements and supporting ED interpretations suggest that public health authorities are not under the direct control of education authorities, and thus not part of the class that may be entitled to review records For years, ED and CDC executed memoranda of understanding (MOUs) to support limited access to identifiable data (e.g., immunization records) for public health purposes When these voluntary MOUs came to an end, so did considerable public health access to education records Access to Educational Records via FERPA

24 Seven FERPA Fixes 1. Congress Amends FERPA 2. DHHS Amends the HIPAA Privacy Rule 3. States Expand Class of Authorized Representatives 4. ED Interprets Treatment and Emergency Exceptions Broadly 5. States Separate Health Information From Educational Records 6. ED Reinstates Memoranda of Understanding 7. Public Health Authorities Seek Judicial Intervention

25 Four “Faux” Fixes 1. Exchange Non-identifiable Data 2. Obtain Student or Parental Consent for Disclosures 3. Seek Advance Student or Parental Consent for Disclosures 4. Avoid FERPA by Rejecting Federal Education Funds

26 FERPA Fix #1: Congress Amends FERPA Through the introduction of a federal bill, Congress could amend FERPA to: Recognize governmental public health authorities (as broadly defined in the HIPAA Privacy Rule) as “authorized representatives;” or Create a new exception that allows public health authorities to access identifiable health data for public health purposes (as presently allowed via the HIPAA Privacy Rule)

27 FERPA Fix #1: Congress Amends FERPA Consistent with federal legislation to prevent injuries or deaths and secure the public’s health Mental Health Security for America’s Families in Education Act, H.R. 220 (2007) Allows disclosure to parents or guardians where student poses significant risk of harm to self or others Allows disclosure to others upon consultation and written certification by a mental health professional

28 FERPA Fix #2: DHHS Amends the HIPAA Privacy Rule Presuming it has underlying authority via HIPAA, DHHS may amend the HIPAA Privacy Rule to delete the FERPA exception The effect of this amendment would be to preempt the existing FERPA prohibition against disclosure to public health authorities The HIPAA Privacy Rule would require adherence of education authorities providing covered functions (like health services to students) The HIPAA Privacy Rule allows disclosures without written authorization to public health authorities

29 FERPA Fix #3: States Expand Class of Authorized Representatives FERPA and corresponding regulations do not: Expressly exclude state or local public health authorities from being considered “authorized representatives;” or Predicate designation as an authorized representative on having unlimited access to PHI Designation of state or local public health authorities as authorized representatives is possible provided they: uphold the security of identifiable data; for purposes solely related to an educational program 35 C.F.R. § 99.35

30 FERPA Fix #3: States Expand Class of Authorized Representatives Hawaii S.B. 2056 (2004) Designated the legislative auditor as an authorized representative of the Departments of Education and Health Bill was ultimately vetoed by the Governor for non-compliance with FERPA, citing information provided by ED stating that: the auditor had to be an executive branch auditor or an outside auditor controlled by the educational agency Linda Lingle Governor, Hawaii Statement of Objections (July 14, 2004)

31 FERPA Fix #4: ED Interprets Treatment and Emergency Exceptions Broadly Narrow reading of “treatment” exception negates the value of public health surveillance and interventions Public health surveillance is vital to individual and communal health status Tracking immunizations is an important component to protecting health on population and individual bases In 1993, clusters of deaths among otherwise healthy residents in the Southwest led to the identification of a new strain of Hanta virus During pandemic flu, timely sharing of data is essential for implementation of non-pharmaceutical interventions (e.g. school closure) prior to a state of emergency declaration

32 FERPA Fix #4: Interpret Treatment and Emergency Exceptions Broadly ED interprets the “emergency” exception as requiring a “specific situation [that] presents imminent danger or threat…or requires an immediate need for information.…” Emergencies, however, may stem from cumulative impact of regional or local clusters In 2002, ED supports school’s disclosure of information relating to 6 deaths due to unknown causes over a 5-month period to the health department. ED letter to University of New Mexico, November 29, 2004

33 FERPA Fix #5: States Separate Health Information From Educational Records New Jersey Immunization Information System Statewide registry serves as the single repository of immunization records (N.J.S.A. 26:4-134) Access limited to schools, health care providers, colleges, public agencies, among other determined by the Commissioner of Health and Senior Services Immunization records maintained by schools shall be separated from other medical records for purposes of an immunization record audit (N.J. Admin. Code tit. 8 § 57-4.7(a))

34 FERPA Fix #6: ED Reinstates Memoranda of Understanding Examples of MOUs Between ED and CDC allowed CDC and its partners to access educational records in 5 GA counties for the Metropolitan Atlanta Developmental Disabilities Surveillance Project (expired December 2005) Between the University of Pennsylvania and CDC allowed CDC to obtain records of students identified as developmentally disabled for an autism prevalence study (ED determines MOU was in violation of FERPA in letter dated February 25, 2004) Reinstating these MOUs is a matter of interpretation, not statutory law

35 FERPA Fix #7: Public Health Authorities Seek Judicial Intervention Public health authorities could bring a judicial cause of action challenging interpretation and implementation of FERPA as an affront to constitutional principles of federalism Legal Issue: Whether the application, interpretation, or enforcement of FERPA to exclude state educational authorities, including their employed medical personnel, from complying with state public health reporting requirements unconstitutionally infringes with state police powers in violation of principles of federalism Though a viable claim, chances for success are uncertain, specifically because Congress relies on its Spending power to seek compliance with FERPA

36 Bonus FERPA Fix #8: If You Can’t Beat Them, Join Them Designate specific public health surveillance requirements that state and local education authorities must provide Clarify that education authorities are also public health authorities for limited purposes This could resolve both FERPA and HIPAA issues

37 Conclusions For each of the key themes discussed: Public Health Surveillance and National Security Distinguishing Public Health Practice and Research Accessing Identifiable Health Data in School-based Records for Public Health Purposes there are legal challenges and potential barriers that can impact the ability of public health officials to conduct surveillance to protect communal health Assessing these legal challenges helps to understand the changing environment through which public health activities are conducted Innovative legal solutions to these potential impediments are essential to ensure the continuation of traditional and new surveillance practices Thank you!

Download ppt "CSTE Annual Conference 2007 Legal Forces in Public Health Surveillance James G. Hodge, Jr., J.D., LL.M. Associate Professor, Johns Hopkins Bloomberg School."

Similar presentations

University Research Ethics Committee Workshop on procedure and data protection issues 30th May 2008.

University Research Ethics Committee Workshop on procedure and data protection issues 30th May 2008.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.

HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
NCVHS: Privacy and Confidentiality Leslie P. Francis, Ph.D., J.D. Distinguished Professor of Law and Philosophy Alfred C. Emery Professor of Law University.

NCVHS: Privacy and Confidentiality Leslie P. Francis, Ph.D., J.D. Distinguished Professor of Law and Philosophy Alfred C. Emery Professor of Law University.
The Institutional Review Board. What is an IRB? An IRB is committee set up by an institution to review, approve, and regulate research conducted under.

The Institutional Review Board. What is an IRB? An IRB is committee set up by an institution to review, approve, and regulate research conducted under.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
Service Provider Title VI Training Civil Rights Act of 1964 Presented By: Tennessee Department of Intellectual and Developmental Disabilities.

Service Provider Title VI Training Civil Rights Act of 1964 Presented By: Tennessee Department of Intellectual and Developmental Disabilities.
Christa-Marie Singleton, MD, MPH Associate Director for Science

Christa-Marie Singleton, MD, MPH Associate Director for Science
Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.

Beth DeLair, JD, RN DeLair Consulting, LLC. Discussion Topics Background Existing WI Requirements State Efforts to Change Law Senate Bill 487 Changes.
Successful Solutions Professional Development LLC A Basic Approach to Child Safety Chapter 4 Mandated Reporting Law.

Successful Solutions Professional Development LLC A Basic Approach to Child Safety Chapter 4 Mandated Reporting Law.
Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.

Conversation on the Chemical Facility Anti-Terrorism Standards (CFATS) and Critical Infrastructure Protection Chemical-Terrorism Vulnerability Information.
Session 6 Integrated Emergency Management. Objectives of the Session Students will be able to 6.1 Define the principle of integration. 6.2Discuss the.

Session 6 Integrated Emergency Management. Objectives of the Session Students will be able to 6.1 Define the principle of integration. 6.2Discuss the.
FERPA and IRB: Implications for Testing Centers Judith W. Grant, Ph.D.,CIP NCTA Conference San Antonio, Texas August 6, 2009.

FERPA and IRB: Implications for Testing Centers Judith W. Grant, Ph.D.,CIP NCTA Conference San Antonio, Texas August 6, 2009.
2/16/2010 The Family Educational Records and Privacy Act.

2/16/2010 The Family Educational Records and Privacy Act.
CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.

CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.
Principles of Public Health- The Mission, Core Functions and Ten Essential Services Virginia M. Dato MD MPH.

Principles of Public Health- The Mission, Core Functions and Ten Essential Services Virginia M. Dato MD MPH.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
FERPA The Family Educational Rights and Privacy Act (FERPA) also known as the Buckley Amendment, passed by Congress in 1974, grants four specific rights.

FERPA The Family Educational Rights and Privacy Act (FERPA) also known as the Buckley Amendment, passed by Congress in 1974, grants four specific rights.
Module 3 Develop the Plan Planning for Emergencies – For Small Business –

Module 3 Develop the Plan Planning for Emergencies – For Small Business –

Similar presentations

Ads by Google