Assessing the HIPAA standard in practice: PHR privacy policies
- PMID: 22254820
- DOI: 10.1109/IEMBS.2011.6090664
Assessing the HIPAA standard in practice: PHR privacy policies
Abstract
Health service providers are starting to become interested in providing PHRs (Personal Health Records). With PHRs, access to data is controlled by the patient, and not by the health care provider. Companies such as Google and Microsoft are establishing a leadership position in this emerging market. A number of benefits can be achieved with PHRs, but important challenges related to security and privacy must be addressed. This paper presents a review of the privacy policies of 20 free web-based PHRs. Security and privacy characteristics were extracted and assessed according to the HIPAA standard. The results show a number of important differences in the characteristics analyzed. Some improvements can be made to current PHR privacy policies to enhance the audit and management of access to users' PHRs. A questionnaire has been defined to assist PHR designers in this task.
Similar articles
-
A Framework for Privacy-preserving Classification of Next-generation PHR data.Stud Health Technol Inform. 2014;202:119-22. Stud Health Technol Inform. 2014. PMID: 25000030
-
A framework for privacy-preserving access to next-generation EHRs.Stud Health Technol Inform. 2014;205:740-4. Stud Health Technol Inform. 2014. PMID: 25160285
-
HIPAA for physicians in the information age.Conn Med. 2014 Aug;78(7):425-7. Conn Med. 2014. PMID: 25195309
-
Health Insurance Portability and Accountability Act of 1996 (HIPAA): a provider's overview of new privacy regulations.Conn Med. 2002 Feb;66(2):91-5. Conn Med. 2002. PMID: 11908191 Review.
-
Integrated personal health record (PHR) security: requirements and mechanisms.BMC Med Inform Decis Mak. 2023 Jul 10;23(1):116. doi: 10.1186/s12911-023-02225-0. BMC Med Inform Decis Mak. 2023. PMID: 37430242 Free PMC article. Review.
Publication types
MeSH terms
LinkOut - more resources
Medical