Watchdog issues privacy report card for personal health record systems
Systems are separate from HHS plans for electronic health records
- By Alice Lipowicz
- Dec 07, 2009
The Health and Human Services Department is preparing to issue rulemaking later this month for privacy and meaningful use of electronic health records, but in the meantime, consumers might be risking their privacy by using an adjunct application known as personal health records, according to one watchdog group.
EHRs are patient medical records primarily used by doctors and hospitals. Under HHS's plans to distribute $20 billion in economic stimulus law funding, those records will be more widely used, shared and aggregated to save money and improve health care quality. Rulemaking is expected by year’s end.
PHRs consist of software and Web-based programs that allow consumers to collect and store their medical records in one place. Google Health and Microsoft HealthVault are examples of the technology.
Although HHS has no immediate plans to issue rulemaking on the use of PHRs, experts have said the applications might eventually become part of the official health information technology infrastructure in some form. In addition, there might be some overlap with EHRs because consumers are expected to have access to their records in some type of storage application.
The Patient Privacy Rights coalition released a report card Dec. 3 on privacy protections for five PHR systems. NoMoreClipboard.com earned an A, while WebMD and CapMed both earned Cs and employer- or insurer-based systems earned Fs. Google Health got a D and Microsoft HealthVault a B, but both Google and Microsoft got Fs for lack of privacy protections in their partner arrangements.
“We should never have to give up control over our sensitive health records to get health care. But many PHRs today do not put you in control of the information, so it can be used by others you would never want to see it,” the coalition said in a news release. “There are no laws today that prevent anyone from designing a PHR that you do not control. That is why it is so critical to know which PHRs keep you in control of access to your health information.”
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.