- Количество слайдов: 21
Medical and Workplace Privacy Michael I. Shamos, Ph. D. , J. D. Institute for Software Research International Carnegie Mellon University
Outline • Medical privacy stakeholders: – patient – heath care provider – insurer – federal government – (sometimes) employer – What is the basis for privacy? • Workplace privacy stakeholders: – employee – employer – basis for privacy?
U. S. Privacy Law • Privacy law is a patchwork of state and federal statutes and judicial decisions • The Federal government has limited powers to protect privacy – “Interstate commerce” (Federal Trade Commission) • There are three Federally protected categories of personal data: – financial (Gramm-Leech-Bliley) – educational (FERPA) – medical (HIPAA) • Plus some narrow protections, e. g. video rental data
Employee Polygraph Protection Act • Make it illegal for an employer in interstate commerce to require an employee or prospective employee to take a lie detector test • to use the results of a lie detector test • to use the refusal to take a test to discharge the employee • Exceptions: – governments – employer investigations of theft where the employer has reasonable suspicions the employee was involved – security personnel 29 U. S. C. § 2002
Tiberino v. Spokane County 13 P. 3 d 1104 (2000) • Gina Tiberino worked for Spokane County, WA • She misused her office computer for personal email and was fired • She threatened to sue; Spokane printed out her email (551 messages; 467 were personal) • The media requested copies • Tiberino sued to prevent disclosure • Held, the emails were “public records” but the contents were exempt from disclosure. The fact of the emails, not their contents, were of public interest