Vanderbilt Law Review

Article Title

Protecting Health Information Privacy: the Case for Self-Regulation of Electronically Held Medical Records


Advances in technology have given new life to debates concerning privacy.' Specifically, issues surrounding increased access to personal medical records have recently garnered attention. On one side of the debate, healthcare providers and insurers support expanded access to medical records for treatment, research, and insurance claims purposes. At the same time, however, many patients legitimately expect their medical records to remain private. The advent of Internet access to patient records and electronic medical insurance claims submissions has heightened patients' concerns that computerized medical records will offer less protection and more potential for unauthorized disclosure than paper files in locked cabinets. This has prompted commentators to argue that, as medical information becomes increasingly accessible via means out side a patient's control, the need for privacy protection grows even stronger. Though threats to privacy exist in all media of information, electronically stored information lies particularly vulnerable to abuse and thus requires heightened protection.