Question

Increasingly patients are creating and maintaining personal health records (PHRs) with data from a variety of healthcare providers as well as data they have generated about their health. What provisions should be included in a model privacy and security policy that patients might use in making decisions related to their privacy and the security of their PHRs?

Answer 1

Provisions should include in a Privacy and security Policy regarding PHR:

PHR or the Personal health record is an electronic health record, which is maintained by the patient and can be accessed by only the authorized person. There is an increase in the number of patients ,who use Personal health records now a days. They maintain their personal health information and access it on time to time. Personal health records are not only providing the static repositories but also it combines knowledge,data and different software tools and it provide and facilitate patient to actively participate in their own health management.

Privacy and security, both are important aspects while maintaining the PHR. Privacy is the freedom from damaging the publicity, public scrutiny , surveillance and disclosure of personal information, usually by a government or private organization. Security is the condition of not being threatened especially physically, psychologically, emotionally or financially. Policies regarding Privacy and Security of PHR should contain the following things:

* Integrate the PHR with Electronic health record (EHR).

* PHR should be made in 'stand alone' application that doesn't connect with any other systems.

* Patient should have control over his PHR and should authorize only the trusted person/ health care provider to have access to the PHR.

* Connecting with an EHR system will help to secure the data in case of a technical error or in a disaster situation

* Early education at school level itself about health management techniques and technologies.

* Integrate the curriculum with the informations regarding the maintenance and use if EHR and PHR.

* Educate the patient about the PHR and how to authorize the access properly .

*When choosing a PHR follow the guidelines given by American Health information Management Association (AHIMA). They provided with their 12 questions to ask before choosing PHR.

* PHR provided by Doctors or Health care providers are subjected to the security standards of HIPPA ( Health insurance portability and accountability Act)