Patients must have control of their medical records

An interesting article written by Mohammad Al-Ubaydli, founder and chief executive of Patients Know Best in which he explains the benefits of using Personal Health Records over electronic ones. To view the full article, please visit Patients must have control of their medical records.


  • -an electronic health record is designed for employees of an institution to work together. It is logistically, technically, and legally difficult to connect such records.
  • -an electronic health record is designed for employees of an institution to work together. It is logistically, technically, and legally difficult to connect such records. The number of connections in a network necessary for integrated care goes up exponentially if the connections are institution to institution, but only linearly if they go through the patient (a hub). In other words, only the latter approach can cope with the networks of care of modern medicine.
  • -There are also formidable legal difficulties with institutions sharing data about patients. Patients, by contrast, can quickly and usefully consent for data sharing if they are in control.
  • -it is hard to see how care can truly be patient centred when patients’ records are scattered and not under their control.

Harvard’s Data Privacy Lab Launching HRB

We are proud that one of our Board of Directors of Patient Privacy Rights, Latanya Sweeney, PhD, is leading this major project that puts patients in control of the collection and use of sensitive personal health information in a very secure ‘health bank’. No information can be disclosed without the patient’s informed consent.

Link to Harvard’s Data Privacy Lab
Link to Article in Healthcare IT News

Health banks can enable health information to exchange data for treatment and other uses WHEN patients say so, instead of the way today’s electronic systems operate: millions of employees of “covered entities” like hospitals and hospital chains, clinics, doctor’s offices, health plans, and health clearinghouses decide when to use, sell, or disclose patients’ health information for a myriad of reasons without obtaining informed patient consent or giving advance notice.

Today, Americans have no idea which parts of their sensitive personal health data is being disclosed to whom or for what purposes. Moving to a health banking system would put patients back in charge of records, not corporate and government users, or researchers.

PPR is working with Professor Sweeney and her lab on a complementary project to map where health data flows. Patients cannot weigh the risks of using electronic health systems without knowing where their data goes and who is using it. Professor Sweeney will unveil the PPR/Harvard Data Privacy Lab Health Data Map on June 6th in DC at the 2nd International Summit on the Future of Health Privacy. Registration to attend or watch via live-streamed video is free.

Privacy Risk Calculator

Is your sensitive health information at risk of being exposed and sold?

Take the following quick quiz to see if your health privacy is at risk.

Please Note:
Keep track of the total points earned by each answer
to calculate your health information’s privacy risk.


AthenaHealth Paying Dearly to Take on Larger Rivals

Athenahealth is a high-flier in the Boston business community, led by the outspoken and forceful Jonathan Bush. Bush, however, openly admits that his Watertown, MA-based company (NASDAQ:ATHN) is relatively unknown outside of local business and technology circles—including among most U.S. physicians. Athena has been ramping up efforts to raise its profile among doctors, the target audience for its Internet-enabled billing and electronic health records services. Yet the company has been criticized for the relatively high price of the push…

…To compete with larger firms in the EHR game, Athena has been trying to allay the concerns of many physicians that they will ultimately end up losing money by deploying the records systems. Bush says that Athena might be able to halve the amount that physicians pay to use its EHR if they participate in what is now a nascent effort at the company called “AthenaCommunity.” Athena’s EHR customers who opt to share their patients’ data with other providers would pay a discounted rate to use Athena’s health record software. Athena would be able to make money with the patient data by charging, say, a hospital a small fee to access a patient’s insurance and medical information from Athena’s network. For a hospital’s part, this might be cheaper than paying its own staff to gather a patient’s information through standard intake procedures. Hallock, Athena’s spokesman, says the community is in development and is slated to launch later this year.

IT’s surprising leader in patient privacy

IT vendors will make billions of dollars on electronic health records (EHR) – if we can get people to use them. But vendors are mostly silent on the issue of health privacy…

The problem
Dr. Deborah Peel, a psychiatrist and founder of Patient Privacy Rights said in a recent column in the Wall Street Journal:

In 2002, under President George W. Bush, the right of a patient to control his most sensitive personal data—from prescriptions to DNA—was eliminated by federal regulators implementing the Health Insurance Portability and Accountability Act. Those privacy notices you sign in doctors’ offices do not actually give you any control over your personal data; they merely describe how the data will be used and disclosed.

But patients are right to fear the release of potentially embarrassing information on such health issues as STDs, depression or substance abuse problem, abortions or miscarriages and other issues that should be between a patient and their doctor – not a mortgage company or an employer.

PHR Privacy Questions Get Tougher When Criminal Justice System Involved

The Kabuki we see in the transition to electronic health records obscures two obvious and fundamental issues: The nature of the confidentiality privilege for electronic records maintained by patients instead of doctors; and The right to avoid self-incrimination when medical records contain information that might result in criminal prosecutions.

Both issues deal with the legal rights patients have in their medical records. To be clear, this is not the same as the patient rights granted under HIPAA or the types of private sector commitments to not abusing use of medical records. We seem to have a grasp on these finer points.

Instead, there seems to be little enthusiasm for dealing with the more mundane non-health related issues that arise when patient data meets the court system and the criminal code. These more concrete and practical issues are the real posers.

Public wants PHRs, but with privacy caveats: survey

Privacy concerns could present a significant psychological barrier to individuals signing up for personal health records while a sizable majority of the public wants a panoply of privacy protections wrapped around PHRs, according to a new public-opinion survey.

“The results documented firm attitudes in a majority of adults surveyed regarding privacy practices in the unfolding world on online PHR services,” according to a seven-page report of the survey findings. The survey discussion was part of a news conference on PHRs hosted by the Markle Foundation and its Connecting for Health program to promote the use of interoperable healthcare information technology.

Dossia wants PHR deal kept under wraps

Something is amiss in Portland, Ore., with a project to provide personal health records to millions of workers at some of the nation’s largest employers. Exactly what the problem is, the employer coalition, called Dossia, doesn’t want the world to know. Dossia asked an Oregon judge to seal court records in a case between it and Omnimedix Institute, the not-for-profit organization designated to develop the personal health-record system for the consortium.

The formation of Dossia was announced with considerable fanfare in December 2006 by its founders. They are Wal-Mart, the nation’s largest private employer with more than 1.3 million workers; Applied Materials; BP America; Intel Corp. and Pitney Bowes. Between them, they claimed more than 2.5 million employees, dependents and retirees. A sixth corporation, giant pharmaceutical wholesaler, Cardinal Health, joined the Dossia coalition in February.

Piecing the story together from previously published reports, conversations with court and clerk’s office employees in Multnomah County, Ore., and from the Web site of Omnimedix Institute, it would appear money is at least a reason for the demand for secrecy, if not the root of the dispute.

According to a court employee, on June 22, Circuit Court Judge Jean Maurer signed a temporary restraining order sought by Dossia against Omnimedix barring it from filing suit against Dossia except under court seal. Circuit Court Judge Edward Jones, who took over the case, extended the temporary restraining order on June 26 and set a three-hour hearing tommorow on Dossia’s request for a preliminary injunction against Omnimedix. Jones also sealed all records for the case from June 26 forward, the court employee said.

{Dossia, major employers, and insurers are all pushing Americans to use personal health records cpontrolled by them. First, they should “do no harm” and urge Congress to pass legislation to ensure that patients control all access to their highly sensitive health records—wherever they are kept. Otherwise the electronic health system will become a supergighway for data mining electronic health records. Instead of benefitting from technology, all Americans will suffer discrimination and denial of jobs, insurance, credit, and admission to schools when our diagnoses and medications are known the world. ~ Dr. Deborah Peel, Patient Privacy Rights}

PHRs: Promise vs. Problems

The US government is pressing to convert the nation’s health care system to electronic health records, wiring all our personal health records (PHRs) together for instant access. Why hasn’t America already gone digital? The biggest obstacle is not cost, but the fact that Americans’ electronic health records are not private. Medical privacy is your right to control access to personal medical records.

Electronic PHRs are being promoted as an elegant, technical solution to what ails the American health care system. They are ripe with great potential: for access anywhere, catching errors, lowering costs, and for opening the doors to research on a scale that will revolutionize the knowledge and treatment of disease. Electronic PHRs could also fix many annoyances that make health care so unpleasant. Annoyances like being unable to get electronic copies of medical records and tests, being unable to communicate electronically with doctors, schedule appointments, or being unable to compare the quality, costs, or effectiveness of doctors and hospitals.

But doctors are not the only ones who can see our medical records. Without federal law guaranteeing consumers’ rights to privacy, 600,000 to 800,000 health-related corporations and government agencies access and use our medical records without our knowledge or permission for business and other purposes that have nothing to do with improving our health. Employers, insurers, and bankers are snooping in our PHRs.

Medco and Revolution Health Join Forces to Make Healthy Living Easier for Millions of Americans

Medco Health Solutions, Inc., one of the nation’s leading pharmacy benefit managers, and Revolution Health, a leading consumer-centric health company created by AOL Co-founder Steve Case, today announced that they have joined forces to create an engaging consumer portal that Medco customers can provide to their members to empower them to be healthier and better control their health care costs. Among many of the portal’s innovative services will be a comprehensive, personal health record, enabling members to easily and safely store their health information online.
Under this agreement, Revolution Health — which already reaches millions of individual consumers through its comprehensive health site, and Medco, serving about 60 million Americans, will deploy a suite of online tools that are personal and action-oriented, making healthy living simpler, more approachable and more transparent. The joint effort will also bring to market communication capabilities and campaign management tools never before offered in the health arena.
“Medco’s experience has shown that when members are offered easy-to-use tools and information that help them live healthier and save money, they take action,” said David B. Snow Jr., Medco chairman and CEO. “By combining Medco’s expertise and leading online pharmacy capabilities with the innovative content, tools and programs offered by Revolution Health, we are expanding our suite of consumer-engagement products and services we offer to clients to more easily and effectively enable members to improve their health.”
{Revolution Health wants consumers to use PHRs that will give Revolution Health and Medco access to the sensitive health information naïve consumers enter into their PHRs.  Consumers are being led to believe that the medical records they enter into PHRs will be safe and private.  Wrong. PHRs are NOT legal medical records and therefore have NO protections under any laws. This means that Revolution Health and Medco can datamine the PHRs and sell any health records patients have entered. ~ Dr. Deborah Peel, Patient Privacy Rights}