Patient Access to Medical Records to Improve but Privacy May Be Compromised

The Trump Administration announced on March 9 broad new rules that will allow you to share your medical records with third-party apps of your choice in order to retrieve medical data like blood test results and doctor’s progress notes directly from your health care providers.  According to the Department of Health and Human Services (HHS) the new system intends to make it easy for you to manager your health care on smartphones, similar to how you manage your finances through apps on their smartphones.


Anyone who has tried to access their medical records can tell you that giving people access to their medical records via mobile apps is a major milestone for patient rights. Some physicians still require patients to pick up health records on computer disks or issue paper copies only, charging patients exorbitant fees to process a request for copies of your medical records.


Even if your health care provides you access to your medical records, they can still limitation what type of information you can access from your medical records. For example, if you get blood drawn from a laboratory, you cannot have access to the results of your test until your doctor views your results and authorizes the laboratory to release your blood test results to you.  In the last several years there has been a proliferation of online portals to access information about upcoming appointments, medical records, and vital signs. These portals do not always provide access to progress notes or results from imaging tests, like MRIs and x-rays.


A significant drawback of the new HHS Rules is patient privacy. By giving a third-party or consumer app access to your medical records, your health care provider is no longer responsible for maintaining confidentiality and in turn privacy related to the inadvertent or purposeful exposure of the information cannot be guaranteed. As HHS warns, “Be careful when sending your health information to a mobile application” because health care providers are “no longer responsible for the security of your health information after it is sent to a third party.”


The American Medical Association has warned that without accompanying safeguards from the government, in terms of keeping the information provided to a third-party app confidential and private, people’s diagnoses and intimate medical details will be ripe for serious data abuses. The protections provided to patients through the Health Insurance Portability and Accountability Act (HIPAA), which limits how health care providers may use and share your medical information, would no longer apply once you transfer your medical data to third-party or consumer apps.


The new HHS Rules are part of a federal initiative to centralize medical data online to help you make more informed treatment choices.  Should you opt to share your medical information with a third-party, make sure you understand the confidentiality and privacy implications of your choice before providing access.

Contact Information