The NIH Health Insurance Portability and Accountability Act of 1996 (HIPAA) [hhs.gov] required HHS to develop standards for protecting the privacy of individually identifiable health information from inappropriate use and disclosure. The resulting Privacy Rule [hhs.gov] came into effect on April 14, 2003. Within the Privacy Rule, genetic information is treated as all other "Protected Health Information." The Privacy Rule does not preempt more stringent state law, therefore, there are many state laws that prevail over the Privacy Rule.
HIPAA was also the first step toward implementation of the policy recommendations on health insurance and provided some protection from discrimination, but gaps remain.
In the mid 1990s, the National Human Genome Research Institute (NHGRI) and the National Action Plan on Breast Cancer (NAPBC) co-sponsored an initiative to address privacy and confidentiality of information in genetics research. Following previous successful collaborations to address genetic discrimination in health insurance and employment, NHGRI and NAPBC initiated an assessment of the protections for confidentiality in genetics research.
A workshop on privacy in genetics research was held on Sept. 16 and 17 in Bethesda, Md. The purpose of this workshop was to address key unresolved issues identified at a June 1997 Planning Meeting and to develop a set of policy recommendations.
Last Reviewed: February 28, 2012