Introduction: Learning to Live with Risk—and Loving It
Introduction
Freedom of Information and Privacy Laws
Overview of Relevant Legislation
The Freedom of Information Act of 1966 (FOIA)
The Privacy Act of 1974
Third-Party Privacy Rights Under the Privacy Act and FOIA
Court Records
Access to Presidential Records: A Public/Private Hybrid
Online Public Records: How Much Access Is Too Much?
Recommendations
Student Education Records
Family Educational Rights and Privacy Act (FERPA)
Exemptions and Revisions
Duration of Restrictions
Remedies for FERPA Violations and Risks of Liability
Medical Records
HIPAA, the Privacy Rule, and HITECH
HIPAA Privacy Rule
Key HIPAA Terms and Definitions
Permitted and Prohibited Uses of PHI; Authorizations Under HIPAA
HIPAA's Security Rule
Access and Confidentiality in Organizational and Business Records
Legal Records and Discovery
Attorney-Client Privilege
Attorney Work Product Privilege
Civil Litigation, Discovery, and Compulsory Legal Process Discovery
The Effect on Archives of Challenging a Subpoena
Conclusion and Recommendations
Appendices
Appendix A: Further Reading
Appendix B: Case Study—Developing an Access Policy for a Rehabilitation Student Case File
by Melissa Salrin
Appendix C: Annotated Access Policies
Appendix D: Glossary
Sidebar
Threats to Privacy and Confidentiality in Digital and Online Archival Records