Health information technology (“Health IT” or “Electronic Medical Records” or “Personal Health Records (PHR)”) has tremendous potential to improve health care quality and reduce costs while empowering patients to play a greater role in the management of their own care. At the same time, however, electronic storage and exchange of personal health information poses risks to privacy.  Unaddressed, privacy concerns can stand in the way of realizing the benefits of health IT, for neither patients nor providers will make full use of a system they do not trust.

As corporations such as Google (Google Health), Microsoft (Microsoft HealthVault), IBM (IBM Healthcare and IBM Health Integration Framework for Healthcare Providers), and UnitedHealth Group ( develop personal health systems (PHS) to exchange private medical records and health information, consumers must demand fully transparency in the use of their data and require access to check and verify their own personal records.

Federal laws give you the right to see, get a copy of and amend (correct) your medical record by adding information to it.  Additionally, most states have laws that give you rights to your medical records.  The following organizations help consumers and patients navigate the complex relationships between privacy, security, confidentiality, and the management of personal electronic health records.

The Prescription Project (The Pew Charitable Trusts)
Created with the Pew Charitable Trusts, the Prescription Project seeks to eliminate conflicts of interest created by pharmaceutical marketing by promoting policy change within academic medical centers, professional medical societies and public and private payers. In addition, the Prescription Project will advance state and national level policy solutions. New prescription drugs and medical devices are revolutionizing the practice of health care, enhancing disease management and improving quality of life. However, aggressive pharmaceutical marketing to physicians is creating real and perceived conflicts of interest in the medical profession and raising questions about the appropriateness of treatment choices. These practices can compromise patient care and increase health care costs. It is essential that physicians base their prescribing decisions on accurate and unbiased information, not on misleading marketing materials.

Georgetown University’s Center on Medical Records Rights and Privacy
Georgetown University’s Center on Medical Records Rights and Privacy provides state-specific guides to help consumers access their medical records and electronic medical records. The Center on Medical Record Rights and Privacy is based at Georgetown University’s Health Policy Institute, a non-partisan multi-disciplinary group of faculty and staff dedicated to conducting research on key issues in health policy and health services research. The Center is dedicated to raising public awareness of the rights and responsibilities associated with medical records and other health information. The Center focuses on a range of topics related to consumers’ rights to their own medical records and privacy protections afforded to this information. The Center has expertise in the Health Privacy Rule issued under the Health Insurance Portability and Accountability Act (HIPAA), the Fair and Accurate Credit Transactions Act as well as state laws that address medical record rights and privacy. The Center provides information on these topics to a broad range of stakeholders such as policy makers, health care professionals, consumers, and the media through research studies, policy analyses, testimony, and consumer guides.

The Health Privacy Project
The Center for Democracy and Technology’s Health Privacy Project addresses policy questions, including: the proper role of notice and consent, the right of patients to access their own health records, identification and authentication, secondary uses, and enforcement mechanisms. The Center for Democracy and Technology’s Health Privacy Project also tackles the traditional exchange of records among health plans and providers, as well as new consumer access services and personal health records. The Health Privacy Project is a resource for information on medical records confidentiality. Its web site includes information on federal HIPAA regulations as well as state laws of all 50 states.

Coalition for Patient Privacy
The Coalition for Patient Privacy is a bipartisan coalition of 40+ organizations to lobby Congress to add basic privacy protections to health IT legislation. Coalition members ranged from the Family Research Council and the Christian Coalition to the Electronic Privacy Information Center, the ACLU, and the California Medical Association. Patient Privacy Rights and the Coalition continue to educate Congress about the need to save health privacy. The Coalition for Patient Privacy is a project of Patient Privacy Rights (PPR), a group that educates and empowers Americans to ensure control and access to their health records. Patient Privacy Rights (PPR) educates the public, healthcare and IT industries, the media, and Congress about the massive threats technology poses to Americans’ privacy rights; it represents the consumer ‘stakeholders’ in the healthcare system. For electronic health systems to be trusted and succeed, the rights and interests of patients and consumers must come first. is a private organization that works on behalf of families, employees, and businesses to improve privacy protections for personal medical information, establish technological standards for insurance company use of consumer reporting data, and reduce out-of-pocket costs for consumers by detecting and deterring insurance company fraud and discrimination.  Under Federal law, all consumers are entitled to an annual copy of their medical report files from the nationwide specialty consumer reporting agencies.

The American Medical Student Association (AMSA)
The American Medical Student Association (AMSA) is the oldest and largest independent association of physicians-in-training in the United States. Today, the American Medical Student Association (AMSA) is a student-governed, national organization committed to representing the concerns of physicians-in-training. Among the “Strategic Priorities” of the American Medical Student Association, AMSA is dedicated to allocating time, energy and resources toward the priorities of (1) Quality, Affordable Health Care for All, (2) Global Health Equity, and (3) Enriching Medicine Through Diversity.

  1. Quality, Affordable Health Care for All – AMSA mobilizes students in advocating for quality, affordable health care for all. AMSA works through state and national coalitions to improve existing public programs and to advocate for a public national health insurance program.
  2. Global Health Equity – This encompasses the issues of wellness, safety, opportunity and environment that make up a healthy society. It also highlights the interconnected nature of all people and our responsibility for rational and proportional assistance for all people, regardless of the country in which they live. Justice and equity are paramount to assuring that race, religion, income, gender, sexual preference or nationality are not factors limiting access to quality care.
  3. Enriching Medicine Through Diversity – As the world becomes more integrated and mobile, the need for a health care workforce to reflect our society grows more acute. AMSA’s independence was fueled by the civil rights era and continues today in advocacy for culturally-appropriate care, underrepresented providers in medicine, and admission criteria that do not disadvantage those from different backgrounds.

The American Medical Student Association (AMSA) has a membership of more than 62,000 medical students, premedical students, interns, residents and practicing physicians from across the country.

The National Physicians Alliance
The National Physicians Alliance (NPA) is a national, multi-specialty medical organization founded in 2005 by former leaders of the American Medical Student Association. The primary goal of the NPA is re-establish the professionalism in medicine through “service, integrity, and advocacy.” The National Physicians Alliance has a membership of approximately 20,000 physicians. Membership is limited to physicians (MD, MBBS, MBChB and DO) in the United States. The NPA is a 501c(6) organization based in Reston, Virginia. The NPA Foundation, a 501c(3) entity, was established in 2007. Unlike the American Medical Association, the National Physicians Alliance (NPA) does not accept money from the pharmaceutical industry. The NPA was founded in part in response to criticism that professional medical organizations, particularly the AMA, act as physician guilds, primarily serving the economic interests of physicians rather than patients and public health. To ensure that the NPA continues to work on behalf of patients, the organizational structure includes a Council of Consumers, consisting of patient advocacy organizations to advise the National Physicians Alliance (NPA) Board.

The American Civil Liberties Union (ACLU) – Technology & Liberty Program and Consumer Privacy Program
The American Civil Liberties Union (ACLU)Technology & Liberty Program monitors the relationship between cutting-edge technology and civil liberties, actively promoting responsible uses of technology that enhance privacy and freedom, while opposing those that undermine Constitutionally-protectedd freedoms.  The American Civil Liberties Union (ACLU)Consumer Privacy Program exposes the reversal of consumer privacy protections by banks, insurance companies and many other corporations who gather details about the financial and personal lives of Americans, and increasingly see those details as a valuable resource to be mined for profit.

The Electronic Frontier Foundation (EFF)
The Electronic Frontier Foundation (EFF) is an international non-profit digital rights advocacy and legal organization based in the United States. The EFF’s stated mission is to: engage in and support educational activities which increase popular understanding of the opportunities and challenges posed by developments in computing and telecommunications; develop among policy-makers a better understanding of the issues underlying free and open telecommunications, and support the creation of legal and structural approaches which will ease the assimilation of these new technologies by society; raise public awareness about civil liberties issues arising from the rapid advancement in the area of new computer-based communications media; support litigation in the public interest to preserve, protect, and extend First Amendment rights within the realm of computing and telecommunications technology; encourage and support the development of new tools which will endow non-technical users with full and easy access to computer-based telecommunications. In the area of health privacy law, many contemporary privacy rules and debates center on the notion of “personally identifiable information” (PII). The “personally identifiable information” (PII) concept is used by several legal regimes and many organizations’ privacy policies; generally, information that identifies a particular person is considered much more sensitive than information that does not. (Including the Health Insurance Portability and Accountability Act of 1996 (HIPAA)). However, HIPAA’s protections generally do not “travel” with or follow a medical record that is disclosed to a third party outside the health care treatment and payment system. If a health care provider (such as a hospital or a pharmacy, etc.) or a health plan maintains a health care record, the record is protected under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). But if a third party that is not a covered entity under HIPAA obtains the records, then HIPAA does not usually apply.

Electronic Privacy Information Center (EPIC) for Privacy Information
The Electronic Privacy Information Center (EPIC) is a public interest research group in Washington, D.C. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values in the information age. EPIC maintains two of the world’s most popular privacy sites – and – and publishes the online EPIC Alert every two weeks with information about emerging privacy and civil liberties issues. Health information has come into use by many organizations and individuals who are not subject to medical ethics codes, including employers, insurers, government program administrators, attorneys and others. As uses of medical information multiplied, so have regulatory protections for this highly sensitive and deeply personal information. The regulatory regime for protecting privacy of health information is complex and fragmented. Some protections apply only to information held by government agencies. Some protections apply to specific groups, such as federal employees or school children. Some protections apply to specific medical conditions or types of information, such as information related to HIV/AIDS or substance abuse treatment. The first comprehensive set of federal regulation of health information, the Privacy Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), came into effect in April 2003. The Security Rule, also required under HIPAA, was issued in final form on February 20, 2003 and will become effective in 2005.

The World Privacy Forum
The World Privacy Forum examines the relationship between privacy, security, confidentiality and electronic health records. The World Privacy Forum is a nonprofit, non-partisan 501 (C) (3) public interest research group. The organization is focused on conducting in-depth research, analysis, and consumer education in the area of privacy. It is the only privacy-focused public interest research group conducting independent, longitudinal work. The World Privacy Forum has had notable successes with its research, which has been groundbreaking and consistently ahead of trends. World Privacy Forum reports have documented important new areas, including medical identity theft. Areas of focus for the World Privacy Forum include health care, technology, and the financial sector. The Forum was founded in 2003 and works both nationally and internationally; the “World Privacy Forum’s Top Ten Opt Outs” is a popular list of “privacy opt-outs” are among the most important and most useful to many consumers.

The Medical Privacy Coalition
The Medical Privacy Coalition is a national partnership of organizations concerned about the threat to Americans’ right to protect their medical information. The Medical Privacy Coalition (MPC) is dedicated to upholding the long-standing and fundamental confidentiality right of individuals to decide when and to whom their personal health information is disclosed. Patient control over the flow of their personal health information is essential for maintaining patients’ confidential relationships with doctors and other health providers, and for the delivery of quality health care. To accomplish its mission, the MPC seeks to restore, maintain, and improve individuals’ right to give their informed consent before their personal health information is shared with others, including for purposes related to health-care treatment, payment and health-care operations. The MPC is seeking to obtain administrative, legislative and/or judicial action to ensure that individuals’ consent is obtained prior to the release of their personal health information.

Related News:

Tags: , , , , , , , , , , , , , , , , , , , , , , ,