Patients want 'granular' privacy control of electronic health info

Tools

Patients want strict control over the health information contained in providers' electronic health records, according to a new study in the Journal of the American Medical Informatics Association.

The study, conducted by researchers at Clemson and Indiana Universities, interviewed 30 patients whose health information was stored in EHRs. They found that sharing preferences varied by the type of information to be shared and the recipient. Not surprisingly, patients were more willing to share less sensitive information with healthcare providers. However, no one wanted to share all of their records unconditionally.

"All participants preferred granular control over the sharing of their medical records--that is, all patients wanted to share parts of their record but not other parts with recipients," the authors said.

Researchers suggested that the information could help EHR designers create "privacy persevering EMR systems" including interfaces for patients to express their privacy sharing preferences.

Patient privacy is a front burner issue, especially as the Meaningful Use program becomes more popular among providers and moves to more advanced stages. Although HIPAA requires providers to keep patient records private, security and privacy breaches have exploded, with many of the security breaches of patient protected health information involving electronically stored records. OIG flagged health IT data security as one of HHS' top management challenges.

Privacy of patient records also is one of the key issues facing health information exchanges, which are caught in the conflict between information transparency and patient confidentiality.

To learn more:
- here's the study abstract

Related Articles:
ONC: HIPAA rules increasingly important in Meaningful Use program
Health information exchange: significant market growth ahead
Electronic health data security among HHS top management challenges
EHR technology falls short on protecting teens' privacy
OCR's Leon Rodriguez: HIPAA enforcement more critical with transition to EHRs