A Solution to the Privacy Problem: Provide Patients with a Copy of their Health Record
As the healthcare industry increasingly adopts electronic health records, organizations must address the unique privacy problems that arise from sharing data and information with multiple stakeholders. They must be able to answer the question:
“How do we provide multiple stakeholders with access to data without jeopardizing data integrity?”
Ironically, the answer lies in how paper records have been governed for decades: make a copy.
While some organizations have enabled patients to access their health records electronically using patient portals, these portals were designed only to provide patients with access to their data directly from the organizations’ source systems. These portals were not designed to address the serious security and privacy problems that organizations face when patient health records are shared with multiple stakeholders.
With patient portals, organizations must question what happens when that patient shares the information with another individual. Does that individual also have a legal obligation for that information once it is shared? If the receiving individual violates privacy considerations, what liability is assumed by the originating organization that made the portal available? And of equal importance, how is the provider organization that makes the portal available intending to authenticate and maintain the infrastructure to manage all private relationships the patient has?
As provider organizations and patients seek to work collaboratively across the continuum, but outside the confines of a single organization, the risk for the provider organization increases substantially as it relates to both privacy and medico-legal responsibility.
While patient portals allow organizations to meet their short-term obligation to provide patients with access to their health records, they do not meet the necessary privacy and security standards for this data when data must be shared across multiple stakeholders. Perhaps this explains why, while there is a growing acceptance of the rights and potential benefits of patients accessing their own health information, it is not yet a reality for many patients. Obviously, organizations need to find another, more secure solution.
One solution that addresses the problems with patient portals is NexJ Connected Wellness, which is a cloud-based solution that allows patients to access a copy of their health information and control how that data is shared with other stakeholders in their circle of care. The unique architecture of NexJ Connected Wellness allows the organization to meet its obligations to share patient data with patients and other stakeholders while maintaining the privacy and security of the patients’ health record. Moreover, because it is a cloud-based solution it has the added benefit of allowing organizations to simultaneously reduce the costs associated with meeting these obligations. NexJ Connected Wellness also enables organizations to share patient data securely using a mobile device or web browser, while safe-guarding an organization’s role as the legal custodian of patient health data.