Education > Privacy Bibliography

Advisory Committee on Automated Personal Data Systems. 1973. Records, Computers and the Rights of Citizens. Washington DC: US Government Printing Office.

One of the seminal works on data protection

Agency for Health Care Administration (Florida), HIPAA Privacy Law and Procedures Manual (2003)

Good overview of HIPAA, that includes discussion of state Medicaid regulations. Little discussion of Florida statutory/regulatory requirements, however.

Agency for Health Care Policy and Research. 1996. Healthcare Informatics Standards Activities of Selected Federal Agencies: A Compilation. Washington DC: Moshman Associates.

The foundations for HIPAA's transactions and code sets standards were set long ago

American Hospital Association. 1992. A Patient Bill of Rights. Chicago IL: American Hospital Association.

Several of the rights relate to access to, and protection for, patients' information

American Medical Association. 2001,2002. Council on Ethical and Judicial Affairs. Principles of Medical Ethics and Current Ethical Opinions. Chicago IL: American Medical Association.

Anderson, James G. and Kenneth W. Goodman. 2002. Ethics and Information Technology. New York: Springer-Verlag.

Association of American Medical Colleges. 2001. Guidelines for Academic Medical Centers on Security and Privacy: Practical Strategies for Addressing the Health Insurance Portability and Accountability Act. Washington DC: AAMC.

Good overview or privacy and security rules, with a medical center perspective

Barrows, Randolph and Clayton, Paul. 1996. "Privacy, Confidentiality and Electronic Medical Records" Journal of the American Medical Informatics Association 3:139-148.

Beauchamp, Tom L. and Childress, James F. 1994. Principles of Biomedical Ethics, 4th Edition. New York NY: Oxford University Press.

Bennett, Bob. 1995. Medical Records: Sweeping Reforms to Ensure Privacy of Personal Medical Records. Federal Document Clearinghouse Press Release, 24 October.

Bennett, Colin J. 1992. Regulating Privacy: Data Protection and Public Policy in Europe and the United States. Ithaca NY: Cornell University Press.

Centers for Disease Control and Prevention. 1996. Legislative Survey of State Confidentiality Laws, with Specific Emphasis on HIV and Immunization.

Council of Europe. 1981. Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data.

One of the early European declarations of fair information principles

Cushman, Reid and Detmer, Don E. 1998. "Information Policy for the US Health Sector: Engineering, Economics and Ethics" Milbank Quarterly.

An overview of the topic for a general audience

Department of Health and Human Services. 1993. Health Records: Social Needs and Personal Privacy. Washington DC: US Government Printing Office.

Department of Health and Human Services. 1995. Task Force on Privacy of Private-Sector Records: Final report. Rockville MD: Kunitz and Associates.

Electronic Privacy Information Center and Privacy International, Privacy and Human Rights 2002: An International Survey of Privacy Laws and Developments (September 2002)

EPIC and PI provide a comprehensive overview of current privacy issues, including in-depth reports on more than 50 countries.

Etziony, M. B. 1973. The Physician's Creed: An Anthology of Medical Prayers, Oaths and Codes of Ethics Written and Recited by Medical Practitioners through the Ages. Springfield IL: Charles C. Thomas.

Evans, RS, Larsen RA, Burke JP, Gardner RM, Meier FA, Jacobsen JT, and Hulse RK. 1996. "Computer Surveillance of Hospital-Acquired Infections and Antibiotic Use." Journal of the American Medical Association 256:1007-11.

Flaherty, David H. 1989. Protecting Privacy in Surveillance Societies: The Federal Republic of Germany, Sweden, France, Canada, and the United States. Chapel Hill NC: University of North Carolina Press.

Folland, Sherman, Allen C. Goodman, and Miron Stano. 1993. The Economics of Health and Health Care New York NY: MacMillan Publishing.

Gavison, Ruth. 1984. Privacy and the Limits of Law. In Schoeman, Ferdinand (ed). Philosophical Dimensions of Privacy: An Anthology. Cambridge UK: Cambridge University Press.

Gellman, Robert M. 1996. "Can Privacy Be Regulated Effectively on a National Level? Thoughts on the Possible Need for International Privacy Rules." Villanova Law Review 41(1):129-165.

Gellman, Robert. "Health Privacy: The Way We Live Now" (August 2002)

Gellman's narrative provides a particularly clear-eyed (and depressing) assessment of how little health privacy we have today.

General Accounting Office. 1991. Medical ADP Systems: Automated Medical Records Hold Promise to Improve Patient Care. Washington DC: US Government Printing Office.

The expected benefits of greater "automated data processing" for the health sector have long been discussed

General Accounting Office. 1993. Automated Medical Records: Leadership Needed to Expedite Standards Development. Washington DC: US Government Printing Office.

Standardization of transaction formats, codes and, especially, vocabularies has long stymied attempt to fully "automate" health care

General Accounting Office. 1996. Defense Achieves World-Wide Deployment of Composite Health Care System. (Washington DC: US Government Printing Office)

The DOD's effort to develop fully-computerized health information systems shows both the promises and the pitfalls

Goldman, Janlori. 1995. Statement Before the Senate Committee on Labor and Human Resources on S.1360. Federal Document Clearinghouse Congressional Testimony, 14 November.

Goodman, Kenneth W. 1998. Ethics, Computing and Medicine. Cambridge UK: Cambridge University Press.

Gostin, Lawrence O. et al. 1993. Privacy and Security of Personal Information in a New Health Care System. Journal of the American Medical Association 270 (24 November) 2487-2493.

Gostin, Lawrence O. 1994. "Health Information Privacy" Cornell Law Review 80:101-132.

Gostin, Lawrence O. and Hodge, James G. 1999. "Privacy and Security of Public Health Information" Model State Public Health Privacy Project.

This project seeks to develop, draft, and implement a model state privacy law pertaining to the use of public health information, particularly information gathered pursuant to HIV/AIDS reporting requirements.

Harris-Equifax. 1993. Harris-Equifax Health Information Privacy Survey 1993 Atlanta GA: Equifax Inc.

Health Privacy Project, The State of Health Privacy: an Uneven Terrain (A Comprehensive Survey of State Health Privacy Statutes) (ongoing)

HPP is in the process of reviewing each state's health privacy laws

Institute of Medicine. 1988. The Future of Public Health. Washington DC: National Academy Press.

Institute of Medicine. 1990. Modern Methods of Clinical Investigation. Washington DC: National Academy Press.

Institute of Medicine. 1991. The Computer-Based Patient Record: An Essential Technology for Health Care. Washington DC: National Academy Press.

One of the most comprehensive studies of the benefits of computerizing health records

Institute of Medicine. 1994. Health Data in the Information Age: Use, Disclosure and Privacy. Washington DC: National Academy Press.

One of the most comprehensive studies of the privacy risks of computerization

Jones, Nancy Lee and Smith, Alison M. 2003. "Genetic Information: Legal Issues Relating to Discrimination and Privacy" Congressional Research Service Report (RL-30006)

National Committee on Vital and Health Statistics(NCVHS). 1997. Hearings of the Subcommittee on Health Data Needs, Standards and Security, and of the Subcommittee on Privacy and Confidentiality, under the Health insurance Portability and Accountability Act (P1 104-191).

National Institute of Standards and Technology. 1994. Putting the Information Infrastructure to Work: Report of the Information Infrastructure Task Force Committee on Applications and Technology. Washington DC: US Government Printing Office.

National Library of Medicine. 1996. Current Bibliographies in Medicine: Confidentiality of Electronic Health Data. Washington DC: US Government Printing Office.

A comprehensive list (though somewhat dated now) of writing on the subject

National Research Council. 1972. Databanks in a Free Society: Computers, Record-Keeping, and Privacy. Washington DC: National Academy Press.

National Research Council. 1991. Computers at Risk: Safe Computing in the Information Age. Washington DC: National Academy Press.

A comprehensive analysis of computer security from the NRC

National Research Council. 1994. Information Technology in the Service Society. Washington DC: National Academy Press.

Overview of IT's impact on the sector that accounts for the majority of value-added in the US economy

National Research Council. 1997. For the Record: Protecting Electronic Health Information. Washington DC: National Academy Press

A comprehensive study of healthcare privacy practices, that set the foundation for the HIPAA security regulations

Office of Technology Assessment. 1993. Protecting Privacy in Computerized Medical Information. Washington DC: US Government Printing Office.

An early analysis, of the usual high quality one associates with OTA reports

Office of Technology Assessment. 1994. Information Security and Privacy in Network Environments. Washington DC: US Government Printing Office.

  • Another high-quality, albeit now somewhat dated discussion of the data protection challenges raised by computer networks

Office of Technology Assessment. 1995a. Bringing Health Care Online: The Role of Information Technologies. Washington DC: US Government Printing Office.

A good overview of the issues

Organization for Economic Cooperation and Development. 1980. Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.

Another important early statement of fair information practices; in Europe, unlike in the US, these explorations led to comprehensive, trans-sectoral privacy laws

Privacy Protection Study Commission. 1977. Personal Privacy in an Information Society. Washington DC: US Government Printing Office.

Prosser, William O. 1960. "Privacy" California Law Review 48(3):383-423.

A classic four-part categorization of privacy -- the right to be freedom from unwanted intrusion, from revelation of embarrasing privacy facts, from false light, and from identity misappropriation

Regan, Priscilla M. 1995. Legislating Privacy: Technology, Social Values and Public Policy. Chapel Hill NC: University of North Carolina Press.

An excellent introduction to privacy law in the US, which Regan has divided into information, communications and psychological categories; also includes material on history and philosophy of privacy in the US

Schwartz, Paul. 1995a. "Privacy and Participation: Personal Information and Public Sector Regulation in the United States" Iowa Law Review 80:553-618.

Schwartz, Paul. 1995b. "European Data Protection Law and Restrictions on International Data Flows" Iowa Law Review 80:471-xxx.

Smith, Marcia S. 2003. "Internet Privacy: Overview and Pending Legislation" Congressional Research Service Report (RL-31408)

Sparrow, Malcolm. 1996. License to Steal. New York, NY: Westview Press.

Stevens, Gina Marie. 2001. "Online Privacy Protection: Issues and Developments" Congressional Research Service Report (RL-30322)

Stevens, Gina Marie. 2003. "Privacy Total Information Awareness Programs and Related Information Access, Collection, and Protection Laws" Congressional Research Service Report (RL-31730)

van den Hoven, M. J. 1995. Information Technology and Moral Philosophy: Philosophical Explorations in Computer Ethics Rotterdam: Ridderprint BV.

Warren, Samuel D. and Brandeis, Lewis D. 1890. "The Right to Privacy" Harvard Law Review 4:193.

One of the foundation documents of US privacy law, including the famous statement of the "right to be let alone"

Westin, Alan F. 1977. Computers, Health Records and Citizen's Rights New York NY: Petrocelli Books.

Workgroup for Electronic Data Interchange. 1992. Report to the Secretary of the Department of Health and Human Services. Washington DC: US Government Printing Office.

Last modified: 27-Mar-2006


   © 2002-2006 Contributing authors and University of Miami School of Medicine