Personal Health Records
| A “PHR” is a Personal Health Record. PHRs can collect and store official records, labs, tests, and claims data directly deposited by providers. They can also store other health-related data such as heart rate, glucose levels, medications, allergies, exercise habits, lifestyle, sexual history, personal notes and other data you create.
The term ‘PHR’ implies you control this type of electronic health record – because its ‘personal,’ it’s yours. But that is simply not true of all PHRs. How much control do you really have? Think twice about who you allow to see, use, or control your most sensitive, personal health records, from DNA to prescriptions. Patient Privacy Rights (PPR) did our best to decode PHR privacy policies and spell out what control you have over your information. PPR makes no recommendations on specific PHRs. The Report Card is our opinion based on the information available on these companies’ websites. Click on each PHR below to see why it received that grade. |
| CapMed – icePHR | C |
| Google Health | D/F |
| Microsoft HealthVault | B/F |
| No More Clipboard | A |
| WebMD | C |
| PHRs Offered by Employers & Insurers | F |
Grading System
| Letter Grade | Numerical Value | Explanation |
| A | 4.0-5.0 | Excellent: No invasive practices; solid protections; ensuresyour privacy rights; user friendly. |
| B | 3.1-3.9 | Fairly comprehensive efforts and protections; room for improvement. |
| C | 2.6-3.0 | Some safeguards, a number of key flaws, weak protections |
| D | 2.0-2.5 | Few, if any, safeguards and protections, and/or misleading information, and/or very user “un-friendly.” |
| F | 1.0-1.9 | Threatens patient privacy and control over personal information either via inaction or actual business practices |
Americans have strong rights to control sensitive personal health information. We should never have to give up control over our sensitive health records to get health care. But many PHRs today do not put you in control of the information in your PHR, so it can be used by others you would never want to see it.
Certain PHRs can allow employers, insurers, researchers, marketing corporations, hospitals, drug companies, and government agencies, etc. to access all the information in your PHR without getting your explicit informed consent. There are no laws today that prevent anyone from designing a PHR that you do not control. That is why it is SO critical to know which PHRs keep you in control of access to your health information.
We must demand real privacy and individual control from PHRs. Sign the PHR Petition and share this Report Card with others.
| Help support Patient Privacy Rights! Your contributions can help grade more PHRs, add more tools to the Patient Privacy Toolkit, and so much more! |
 |
| Sign up for our Toolkit Updates, our quarterly Newsletter and other updates on how to protect your private health records. |  |
| Become a fan of Patient Privacy Rights on Facebook to see the latest news in your News Feed and help spread the word! |  |
The Privacy Report Card was made possible by the generous support of the Rose Foundation.