Privacy, confidentiality, and security in information systems of state health agencies

Dale G. O'Brien, William A. Yasnoff

Research output: Contribution to journalArticlepeer-review

26 Scopus citations


Objectives: To assess the employment and status of privacy, confidentiality, security and fair information practices in electronic information systems of U.S. state health agencies. Methods: A survey instrument was developed and administered to key contacts within the state health agencies of each of the 50 U.S. states, Puerto Rico and the District of Columbia. Results: About a third of U.S. state health agencies have no written policies in place regarding privacy and confidentiality in electronic information systems. The doctrines of fair information practice often seemed to be ignored. One quarter of the agencies reported at least one security breach during the past two years, and 16% experienced a privacy and confidentiality related transgression. Most of the breaches were committed by personnel from within the agencies. Conclusions: These results raise questions about the integrity of existing privacy, confidentiality and security measures in the information systems of U.S. state health agencies. Recommendations include the development and vigorous enforcement of written privacy and confidentiality policies, increased personnel training, and expanded implementation of security measures such as encryption and system firewalls. A discussion of the current status of U.S. privacy, confidentiality and security issues is offered.

Original languageEnglish (US)
Pages (from-to)351-358
Number of pages8
JournalAmerican Journal of Preventive Medicine
Issue number4
StatePublished - May 1999
Externally publishedYes

ASJC Scopus subject areas

  • Medicine(all)
  • Public Health, Environmental and Occupational Health


Dive into the research topics of 'Privacy, confidentiality, and security in information systems of state health agencies'. Together they form a unique fingerprint.

Cite this