IN RE: NEW YORK TIMES COMPANY et al., Respondents, v. NEW YORK STATE DEPARTMENT OF HEALTH, Appellant.
Appeal from a judgment of the Supreme Court (Ceresia Jr., J.), entered June 17, 1997 in Albany County, which granted petitioners' application, in a proceeding pursuant to CPLR article 78, to annul a determination of respondent denying petitioners' Freedom of Information Law request.
This appeal concerns petitioners' access to certain data maintained by the Statewide Planning and Research Cooperative System (hereinafter SPARCS), a State-wide centralized health care system that incorporates data submitted to it by hospitals, residential health care facilities and providers of ambulatory surgery (see, 10 NYCRR 400.18[a] ). By letter dated February 27, 1995, petitioner New York Times Company filed a request with respondent under the Freedom of Information Law (Public Officers Law art 6) (hereinafter FOIL) seeking all data in SPARCS for the years 1985 to present. A similar request was filed by petitioner Newsday Inc. on October 17, 1995 for the years 1988 to present. On April 12, 1995 and December 4, 1995, respectively, respondent denied petitioners' requests, finding that the unconditional release of all data requested would constitute an unwarranted invasion of personal privacy (see, Public Officers Law § 89[a] ).1 The Times and Newsday both filed administrative appeals, with the Times conceding that certain identifying data, such as patient names and Social Security numbers, could be withheld. As to information concerning physicians, hospitals and insurers, however, the Times argued that such individuals or entities did not have a privacy interest cognizable under FOIL and, to the extent that respondent's regulations relative to SPARCS (see, 10 NYCRR 400.18) provided to the contrary, such regulations were inconsistent with FOIL.
Petitioners' respective administrative appeals ultimately proved to be unsuccessful, prompting them to commence this proceeding pursuant to CPLR article 78 to challenge respondent's determination. In response thereto, respondent apparently agreed to disclose the name/identity of hospitals and insurers, leaving only the identity of physicians in dispute. Supreme Court, inter alia, granted the petition to the extent of directing respondent to release the requested data subject to the redaction of all identifying details as specified in the court's decision. In so doing, Supreme Court expressly rejected respondent's argument that the disclosure of physician identifiers, even when such information was used in combination with other disclosable data, would lead to the identification of patients and, hence, would constitute an unwarranted invasion of personal property. This appeal by respondent ensued.
We affirm. It is well settled that all records of a public agency are presumptively available for public inspection and copying, unless the documents in question fall within one of the enumerated exemptions set forth in Public Officers Law § 87(2) (see, Matter of Capital Newspapers Div. of Hearst Corp. v. Burns, 67 N.Y.2d 562, 566, 505 N.Y.S.2d 576, 496 N.E.2d 665). To that end, “FOIL is to be liberally construed and its exemptions narrowly interpreted so that the public is granted maximum access to the records of government” (Matter of Capital Newspapers, Div. of Hearst Corp. v. Whalen, 69 N.Y.2d 246, 252, 513 N.Y.S.2d 367, 505 N.E.2d 932). In this regard, the agency seeking to prevent disclosure bears the burden of demonstrating that the requested material falls squarely within the particular exemption claimed “by articulating a particularized and specific justification for denying access” (Matter of Capital Newspapers Div. of Hearst Corp. v. Burns, supra, at 566, 505 N.Y.S.2d 576, 496 N.E.2d 665; see, Matter of Ruberti, Girvin & Ferlazzo v. New York State Div. of State Police, 218 A.D.2d 494, 496-497, 641 N.Y.S.2d 411; Matter of Legal Aid Socy. of Northeastern N.Y. v. New York State Dept. of Social Servs., 195 A.D.2d 150, 153, 605 N.Y.S.2d 785). This respondent has failed to do.
Public Officers Law § 89(2) plainly permits an agency to delete “identifying details” from records made available by it to the public in order to prevent an unwarranted invasion of personal privacy, and the parties do not dispute that certain patient information, including but not limited to the patient's name, Social Security number and/or address, constitutes identifying details subject to deletion. Respondent would have this court believe, however, that in view of the SPARCS data it already discloses, providing the identity of the patient's physician is the one additional factor that “could readily permit a third party to deduce logically the identity of a given patient, resulting in a breach of medical confidentiality”. In our view, such speculation falls far short of “articulating a particularized and specific justification for denying access” (Matter of Capital Newspapers Div. of Hearst Corp. v. Burns, supra, at 566, 505 N.Y.S.2d 576, 496 N.E.2d 665).
As summarized in respondent's brief, the “nondeniable SPARCS data” already disclosed by respondent includes: the month and year of the patient's birth; the zip code and county of the patient's residence; the name of the facility; the patient's gender, race and ethnicity; the month and year of the patient's admission; the month and year of the patient's discharge; the patient's length of stay; the patient's number of preoperative days; the patient's number of postoperative days; the class of payor; the census tract location of the patient; the age of the patient at one-year intervals for patients one year old or older; the age of the patient at one-week intervals for patients less than one year old; the physician specialty; the number of attending physicians; the presence or absence of an accident; and the facility reimbursement peer group. In view of the wealth of patient information already disclosed by respondent, and given respondent's concession that “even without the physician identifier, it is conceivable that one could attempt to connect the disclosable SPARCS data outlined above to invade a patient's medical privacy”, we are not persuaded that the additional disclosure of the physician identifier will result in an unwarranted invasion of personal privacy. To the extent that respondent attempts to invoke Public Health Law §§ 2804-b and 2807-n as justification for denying petitioners access to the requested records, we need note only that our review is limited to the specific grounds invoked by the administrative agency (see generally, Matter of Larry R. v. State of New York Dept. of Social Servs., 245 A.D.2d 813, 666 N.Y.S.2d 782, 783) and, as such, a postdetermination legislative enactment cannot serve as a basis for respondent's actions and will not be considered by this court.
ORDERED that the judgment is affirmed, with costs.
1. Insofar as is relevant to this appeal, an “unwarranted invasion of personal privacy” includes, but is not limited to, the “disclosure of items involving the medical or personal records of a client or patient in a medical facility” (Public Officers Law § 89[b][ii] ).
MIKOLL, J.P., and MERCURE, YESAWICH and CARPINELLO, JJ., concur.