How will federal privacy requirements be addressed when implementing health information technology?
A clear understanding of the issues pertaining to privacy and security of traditional health records is needed before addressing these issues in light of health information technology (HIT) projects in general and more specifically those in the area of behavioral health. • Key privacy principles for protecting personal information related to substance abuse treatment were in existence for decades prior to the passage of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) through the Public Health Service Act/Federal Confidentiality Requirements for Substance Abuse Patient Records which states that personally identifiable patient records maintained in connection with drug abuse or substance abuse treatment must be kept confidential, absent patient consent or a court order. (Complete information about this act commonly referred to as 42 CFR can be found in the SAMHSA June 2004 publication outlining the 42 CFR in the context of HIPAA at: http://library.ahima.org/xpedio
