Updating HIPAA for the electronic medical record era

With advances in technology, patients increasingly expect to access their health information on their phones and computers seamlessly, whenever needed, to meet their clinical needs. The 1996 passage of the Health Insurance Portability and Accountability Act (HIPAA), modifications made by the Health Information Technology for Economic and Clinical Health Act (HITECH), and the recent 21st Century Cures Act (Cures) promise to make patients' health information available to them without special effort and at no cost. However, inconsistencies among these policies' definitions of what is included in "health information", widespread variation in electronic health record system capabilities, and differences in local health system policies around health data release have created a confusing landscape for patients, health care providers, and third parties who reuse health information. In this article, we present relevant regulatory history, describe challenges to health data portability and fluidity, and present the authors' policy recommendations for lawmakers to consider so that the vision of HIPAA, HITECH, and Cures may be fulfilled.

[1]  Joann G. Elmore,et al.  Evaluating the impact of patients' online access to doctors' visit notes: designing and executing the OpenNotes project , 2012, BMC Medical Informatics and Decision Making.

[2]  Oksana Burford,et al.  Mobile Health Apps to Facilitate Self-Care: A Qualitative Study of User Experiences , 2016, PloS one.

[3]  Tom Delbanco,et al.  Sharing Physician Notes Through an Electronic Portal is Associated With Improved Medication Adherence: Quasi-Experimental Study , 2015, Journal of medical Internet research.

[4]  M. Reading,et al.  Factors Influencing Sustained Engagement with ECG Self-Monitoring: Perspectives from Patients and Health Care Providers , 2018, Applied Clinical Informatics.

[5]  Federico Chesani,et al.  FRAT-up, a Web-based Fall-Risk Assessment Tool for Elderly People Living in the Community , 2015, Journal of medical Internet research.

[6]  J. Ancker,et al.  Focus Section Health IT Usability: Applying a Task-Technology Fit Model to Adapt an Electronic Patient Portal for Patient Work , 2018, Applied Clinical Informatics.

[7]  J. Ancker,et al.  “You Get Reminded You’re a Sick Person”: Personal Data Tracking and Patients With Multiple Chronic Conditions , 2015, Journal of medical Internet research.

[8]  Allen L. Hsiao,et al.  Assessment of US Hospital Compliance With Regulations for Patients’ Requests for Medical Records , 2018, JAMA network open.

[9]  Joann G. Elmore,et al.  The road toward fully transparent medical records. , 2014, The New England journal of medicine.

[10]  Robert Hoyt,et al.  Qualitative and Quantitative Analysis of Patients' Perceptions of the Patient Portal Experience with OpenNotes , 2019, Applied Clinical Informatics.

[11]  H. Krumholz,et al.  Copy Fees and Limitation of Patients’ Access to Their Own Medical Records , 2017, JAMA internal medicine.

[12]  Donna M. Zulman,et al.  How Can eHealth Technology Address Challenges Related to Multimorbidity? Perspectives from Patients with Multiple Chronic Conditions , 2015, Journal of General Internal Medicine.

[13]  Joann G Elmore,et al.  Inviting Patients to Read Their Doctors' Notes: A Quasi-experimental Study and a Look Ahead , 2011, Annals of Internal Medicine.

[14]  Jolie N Haun,et al.  Large-Scale Survey Findings Inform Patients’ Experiences in Using Secure Messaging to Engage in Patient-Provider Communication and Self-Care Management: A Quantitative Assessment , 2015, Journal of medical Internet research.

[15]  Bongshin Lee,et al.  Investigating data accessibility of personal health apps , 2019, J. Am. Medical Informatics Assoc..

[16]  Nancy Staggers,et al.  “I want to know everything”: a qualitative study of perspectives from patients with chronic diseases on sharing health information during hospitalization , 2017, BMC Health Services Research.

[17]  J. Elmore,et al.  Transparent Electronic Health Records and Lagging Laws , 2016, Annals of Internal Medicine.

[18]  D M Fox,et al.  The politics of the Health Insurance Portability and Accountability Act. , 1997, Health affairs.

[19]  Mary D. Adu,et al.  Users’ preferences and design recommendations to promote engagements with mobile apps for diabetes self-management: Multi-national perspectives , 2018, PloS one.

[20]  Paul C. Tang An AMIA Perspective on Proposed Regulation of Privacy of Health Information , 2000, J. Am. Medical Informatics Assoc..

[21]  I. Glenn Cohen,et al.  HIPAA and Protecting Health Information in the 21st Century , 2018, JAMA.

[22]  D. Blumenthal,et al.  The "meaningful use" regulation for electronic health records. , 2010, The New England journal of medicine.