The Travel of Privacy Standards and Regulations in Healthcare

Abstract

Increasing technology dependence by individuals and organizations has resulted in a profusion of information privacy standards and regulations created to protect personal information. There are expectations of universality in the scope of standards and regulations but also, in most cases, some degree of flexibility that allows for adaptation and compliance with local requirements and influences. Our research into the privacy policy development at a health information exchange (HIE) finds that in practice, standards and regulations are subject to multiple translations that can result in policies and practices which inhibit the HIE’s goal of facilitating data exchange. Translation must therefore be appropriately managed by the HIE to ensure data exchange is not constrained. This has important theoretical and practical implications for health information privacy in an increasingly technology pervasive world, by contrasting the global view with the local view of information privacy, through an application of healthcare standards setting and execution.