What are PHRs?

Personal health records (PHRs) are electronic tools that allow for the management and maintenance of health information. The practice differs from traditional approaches because the patient is primarily responsible for generating and reporting their data. The method is often used for its flexibility because it allows users to input their health information directly or link it to their healthcare provider's electronic health records (EHRs) without the need for excessive administrative burden on providers.

What differentiates PHRs from PHI?

1. PHRs are managed by individuals, while protected health information (PHI) is maintained by healthcare providers.
2. PHRs include health information that patients choose to enter and manage, whereas PHI consists of health data collected and stored by covered entities.
3. PHRs empower patients to control their own health data, while PHI is subject to strict regulations under HIPAA.
4. PHRs can contain a variety of health-related information, including self-reported data, while PHI specifically refers to identifiable health information that is protected under HIPAA.
5. PHRs are designed for personal use and accessibility, while PHI is primarily used for clinical purposes and healthcare operations.
6. PHRs may not always be protected by HIPAA regulations, but all PHI is protected under HIPAA guidelines.
7. Patients can share their PHRs with anyone they choose, but access to PHI is restricted and regulated to protect patient privacy.

The value of PHR in patient diagnosis

PHRs offer a different approach to fragmented medical records housed across various healthcare providers. With a central repository of information, patient data can be readily shared with clinicians during consultations. This facilitates better communication between patients and their doctors in a way that supports collaborative care.

According to a study published in Family Medicine, “Personal health records can be used for a variety of purposes but may hold the greatest potential clinical value in chronic disease management, which requires continuity of care and long-term follow-up…Family physicians and other primary care physicians, who provide most chronic disease care, have inadequate time during outpatient appointments to educate patients about the complexities of chronic disease management.”

When patients can present well-organized health data, time is saved and the likelihood of miscommunication is reduced. The streamlining of this exchange then leads to quicker diagnoses and more tailored treatment plans based on a full picture of a patient's history.

How to share it securely

HIPAA compliant email is one of the most convenient methods for communicating about PHRs securely. The primary advantage of using email lies in its accessibility and security with patients able to quickly send health information. 

In turn, providers can respond to patients' PHR communications in a way that protects the information from unauthorized access. The immediacy offered by email communication also improves the timely medical interventions necessary for patients to receive the best possible treatment.

FAQs

Does PHI only include medical records?

No, PHI encompasses a wide range of information beyond medical records. It can include any health-related information linked to an individual, such as appointment details, billing information, and even communications like emails or text messages.

Can a healthcare provider disclose PHI without patient consent?

Generally, covered entities may not use or disclose PHI without the patient’s prior authorization.

What are the minimum necessary standards for disclosing PHI?

The "minimum necessary" standard requires that only the least amount of PHI necessary to accomplish the intended purpose of the disclosure should be shared.