Document Type


Publication Date



Thoughtful scholarship in the area of informational privacy sometimes assumes that a significant level of privacy can coexist with the development of a modern health information infrastructure. Some commentators suggest that we can have it both ways: that adequate legal protection of informational privacy will eliminate the need to significantly limit the collection of health data. This article demonstrates that there is no such easy resolution of the conflict between the need for information and the need for privacy. Because significant levels of privacy cannot realistically be achieved within the health information infrastructure currently envisaged by policymakers, we confront a hard choice: should we sharply limit the systematic collection of identifiable health care data in order to achieve reasonable levels of informational privacy? The result of that choice would be to reduce considerably the social good that would be achieved from the thoughtful use of health data. Alternatively, we may decide that the value of information collection is so important to the achievement of societal aspirations for health that the law ought not promise absolute or even significant levels of privacy at all, but rather should require that the data be used only for authorized and limited purposes. The author shows that the law at present neither adequately protects privacy nor ensures fair information practices. Moreover, the substantial variability in the law probably impedes the development of the kind of information systems envisaged; such systems require access to data in many jurisdictions, each of which has different legal standards.

Publication Citation

80 Cornell L. Rev. 451-528 (1995)