Key points
- The National Center for Health Statistics (NCHS) takes protecting patient privacy and provider confidentiality very seriously.
- Specific legal protections safeguard private and confidential information collected by the National Ambulatory Medical Care Survey.
- The Health Information Portability and Accountability Act allows NAMCS to collect these data.
Privacy protections
The National Center for Health Statistics (NCHS) takes participant privacy very seriously. We do not release the names of providers or practices that participate in the National Ambulatory Medical Care Survey (NAMCS) to anyone. This protects your privacy and the privacy of the patients and communities you serve.
Only NCHS employees working directly on this project, our specially designated agents (including contractors managing the survey), and our full research partners can see information collected in the survey that could be used to identify providers or practices.
Anyone else can use your data only after all information that could identify you and your practice has been removed. All information that relates to or describes identifiable characteristics of providers and their practices is combined with other providers' information before it is released. This protects everyone's identity.
Legal protections
NCHS staff, contractors, agents, and full research partners will not disclose or release responses in identifiable form without the consent of the individual or establishment in accordance with—
- Section 308(d) of the Public Health Service Act (42 U.S.C. 242m(d)), and
- The Confidential Information Protection and Statistical Efficiency Act of 2018 or CIPSEA (44 U.S.C. 3561-3583).
In accordance with CIPSEA, every NCHS employee, contractor, and agent has taken an oath and is subject to a jail term of up to five years, a fine of up to $250,000, or both if they willfully disclose ANY identifiable information about you.
NCHS also complies with the Privacy Act of 1974 (5 U.S.C. § 552a) and the Federal Cybersecurity Enhancement Act of 2015 (6 U.S.C. §§ 151 and 151 note). The Privacy Act established a code of "fair information practices" to protect against unwarranted invasions of privacy. The Federal Cybersecurity Enhancement Act protects federal information systems from cybersecurity risks by screening their networks.