To serve and protect? Electronic health records pose challenges for privacy, autonomy and person-centered medicine

Main Article Content

Talya Miron-Scahtz
Glyn Elwyn


This paper highlights potential challenges to privacy posed by electronic health records and proposes to increase patient involvement in maintaining the privacy of their data. Electronic health records are heavily promoted in the United States, rendering sensitive health information accessible and potentially jeopardizing patient privacy. Yet certain HIPAA regulations are consistently violated, suggesting that the Federal Government is unable to fully enforce privacy standards. On the other hand, proportionately there are few civilian complaints to the U.S. Department of Health and Human Services (HHS), implying that patients are unaware of privacy breaches, the means to report them, or both. Without permitting patient control over information, the proposed privacy system assumes that leakages will occur and offers to notify patients of breaches after the fact. This deprives patients of the right to defend their intimate details, which are more available to caretakers, employers, and insurers than ever. Our proposed solution is to render usage of patient information transparent by default, so that patients can monitor and control who is privy to what input. This will enhance patient empowerment, feeding into improved governmental control over health data.

Article Details

Regular Articles
Author Biographies

Talya Miron-Scahtz, Center for Medical Decision Making, Ono Academic College, Israel; Lecturer, Marketing Department, Wharton School, University of Pennsylvania, Philadelphia, Pennsylvania, USA

Founding director

Glyn Elwyn, Clinical Epidemiology Interdisciplinary Research Group, Department of Primary Care and Public Health, Cardiff University, Cardiff, UK

Professor of Primary Medical Care


. Goldberg D. Access denied: HIPAA, HITECH mandate need-to-know for retrieving EMR files. Dermatology Times. 2011.

. The Health Insurance Portability and Accountability Act (HIPAA) of 1996. Pub. L. No. 104-191. Accessed January 13, 2011,

. Guthrie, J. (2003). Time is running out - the burdens and challenges of HIPAA compliance: A look at preemption analysis, the minimum necessary standard, and the notice of privacy practices. Annals of Health Law 12, 143-178.

. Darves, B. (2003). From minor annoyances to treatment delays, physicians feeling fallout of HIPAA privacy law. ACP Observer.

. McIntosh, M. (2007) Healthcare applications and HIPAA [2007 May 4; cited 2011 Jan 2]. Available from:

. Rothstein, M.A. and Talbott, M.K. (2006). Compelled disclosure of health information: Protecting against the greatest potential threat to privacy. Journal of the American Medical Association. 295, 2882-2885.

. Steinbrook, R. (2008) Personally controlled online health data: The next big thing in medical care? New England Journal of Medicine 258,1653-1656.

. Obama, B. Remarks of President Barack Obama– as prepared for delivery address to joint session of Congress. [document on the internet]; 2009 Feb 24. Available from:

. Health Information Technology for Economic and Clinical Health Act (HITECH). [cited: 2011 Jan 2]. Available at:

. U.S. Department of Health and Health Services. Enforcement data. 2009; [2011 Jan 2]. Available at:

. Hall, M.A. and Schulman, K.A. (2009) Ownership of medical information. Journal of the American Medical Association 301, 1282-1284.

. Gunter, T.D. and Terry, N.P. (2005). The emergence of national electronic health record architectures in the United States and Australia: Models, costs, and questions. Journal of Medical Internet Research 7, e3.

. Rosenbaum, J.I. (1998) Privacy on the internet: whose information is it anyway. Jurimetrics 38, 565-568.

. Organisation for Economic Co-operation and Development. The Security Economy. Washington DC: OECD Publishing; 2004. [cited: 2011 Jan 2]. Available from:

. Lee, L.M., Gostin, L.O. (2009) Ethical collection, storage, and use of public health data: a proposal for a national privacy protection. Journal of the American Medical Association 302, 82-84.

. Baldwin, R.W. (1962) Confidentiality between physician and patient. Maryland Law Review 22 (3).

. Wynia, M.K., Coughlin, S.S., Alpert, S., Cummins, D.S., Emanuel, L.L. (2001) Shared expectations for protection of identifiable health care information. Journal of General Internal Medicine 16, 100-111.

. Blumenthal, D. and Tavenner, M. (2010) The “Meaningful Use” Regulation for Electronic Health Records. New England Journal of Medicine 363 (6), 501-504.

. Pfeiffer, K. (2009) Future development of medical informatics from the viewpoint of health telematics. Methods of Information in Medicine 48, 55-61.

. Walker, J., Ahern, D., Le, L.X. and Delbanco, T. (2009) Insights for internists: “I want the computer to know who I am.” Journal of General Internal Medicine 24, 727-732.

. Box, T.L., McDonnell, M., Helfrich, C.D., Jesse, R.L., Fihn, S.D. and Rumsfeld, J.S. (2010) Strategies from a nationwide health information technology implementation: The VA CART STORY. Journal of General Internal Medicine 25, 72-76.

. Jing, J., Ahn, G.J., Hu, H., Covington, M.J. et al. (2011) Patient-centric authorization framework for electronic healthcare services. Computers & Security. 30, 116-127.

. Mandl, K.D. and Kohane, I.S. (2008) Tectonic shifts in the health information economy. New England Journal of Medicine 358, 1732-1737.

. Kim, E., Stolyar, A., Lober, W.B. et al. (2009) Challenges to using an electronic personal health record by a low-income elderly population. Journal of Medical Internet Research 11, e44.

. Wiljer, D., Urowitz, E.A., DeLenardo, C. et al. (2008) Patient accessible electronic health records: exploring recommendations for successful implementation strategies. Journal of Medical Internet Research 10, e34.

. Acheson, H.W.K (1974). Confidentiality in general practice. Journal of the Royal College of General Practitioners 24, 194-195.

. Winfried, E.K. (1995) A paradigm for user-defined security policies. Proceedings of the 14th Symposium on Reliable Distributed Systems. pp135–144.

. Kenny, D.J. (1982). Confidentiality: the confusion continues. Journal of Medical Ethics 8, 9-11.

. Patterson, A.R., Robinson, L.D., Naftalis, E.Z., Haley, B.B. and Tomlinson, G.E. (2005). Custodianship of genetic information: clinical challenges and professional responsibility.

Journal of Clinical Oncology 23, 2100-2104.

. Thaler, R.H. and Sunstein, C.R. (2008). Nudge: Improving Decisions about Health, Wealth and Happiness. New Haven (CT): Yale University Press

. Thadani, S.R., Weng, C., Bigger, J.T., Ennever, J.F. and Wajngurt, D. (2009). Electronic screening improves efficiency in clinical trial recruitment. Journal of the American Medical Informatics Association 16, 869-873.

. Wright, A., McGlinchey, E.A., Poon, E.G., Jenter, C.A., Bates, D.W. and Simon, S.R. (2009) Ability to generate patient registries among practices with and without electronic health records. Journal of Medical Internet Research 11, e31.