Privacy and Security

The use of health information technology and the electronic exchange of clinical information will promote health care quality, patient safety,cost-efficiency, and public health. Respecting individuals' right to privacy and protecting their personal health information is critical to the successful widespread adoption and use of health information technology and exchange by health care providers. Along with proper mechanisms for oversight and accountability, enhanced privacy and security will help develop public and provider trust and confidence in health information technology and exchange,leading to the realization of its potential benefits. It is essential that health care providers have access to the health information needed to care for patients where and when it is needed, while at the same time protecting patients' information from privacy violations and security breaches. Patients are just as concerned about the quality of care they receive as they are about the privacy and security of their health information. Achieving the right balance is the key to privacy and security in the electronic health care environment.

State Privacy and Security Legislation and Resources

Wisconsin HIPAA Harmonization, 2013 Wisconsin Act 238

Federal Privacy and Security Legislation and Resources 

U.S. Department of Health and Human Services Office of Civil Rights

Privacy and Security and Health Information Technology

Health Information Security and Privacy Collaborative (HISPC)

The Health Information Security and Privacy Collaborative (HISPC) was established in June 2006 by RTI International through a contract with the U.S. Department of Health and Human Services. The goal of the Collaborative isto identify and solve privacy and security barriers to health information exchange (HIE) and create a knowledge base to inform future HIE activities. It has grown from 34 to 42 U.S. States and territories. Most recently, in 2008, the HISPC divided into seven multi-state collaboratives, each focused on a specific project designed to develop common, replicable multi-state solutions that could help reduce variation in and harmonize privacy and security laws, policies and practices.  Wisconsin participated in the 11-state Interstate Disclosure and Patient Consent Requirements Collaborative (IDPCRC), which documented state law requirements for disclosure of health information for treatment purposes within and across state lines.

Wisconsin's IDPCRC Scenario 1 and 2 Template (PDF, 406 KB) September 2008

Wisconsin's IDPCRC Scenario 3 Template (PDF, 302 KB) September 2008

Wisconsin's Assessment of Variation and Analysis of Solutions Report (PDF, 592 KB) March 2007

Wisconsin's Implementation Plan Report (PDF, 296 KB) April 2007

HISPC Reports on State Law, Business Practices, and Policy Variations

Final HISPC Deliverables for the seven multi-state collaborative privacy and security projects completed in Phase III of HISPC.  These projects focused on education , state law and consent policy, and organizational policy. June 4, 2009

HIPSC's Action and Implementation Manual (Online PDF, 4.7 MB) June 2009

Last Revised: September 27, 2016