Maintaining the privacy of the confidential data held at the Department of Public Health (MDPH) is critical to the fulfillment of our core public health responsibilities. MDPH is subject to the Fair Information Practices Act (FIPA), a state law enacted to ensure the privacy of all personal data held by state agencies. In addition, some of MDPH's programs are required to comply with HIPAA (Health Insurance Portability and Accountability Act) and others are subject to different state or federal privacy laws.

MDPH is a public health authority as well as a health oversight agency. Many federal and state laws and regulations affect MDPH's relationship with the entities it regulates and oversees. Information is provided with respect to how MDPH's status affects its ability to collect information from individuals and facilities as well as their ability or obligation to provide information to MDPH.

The MDPH Confidentiality Policy and Procedures, which may be found here, are a synthesis of the many applicable privacy and confidentiality provisions, and constitute the standards by which the MDPH workforce must comply when collecting, using, or disclosing confidential data.

This information is provided by the Privacy and Data Compliance Office within the Department of Public Health.