Too often, providers and payers use privacy and security issues as excuses to not permit patients access to their own information, the leader of a personal health records software vendor told federal officials on Dec. 3.

The Office of the National Coordinator for Health Information Technology and the Federal Trade Commission held a public roundtable on Dec. 3 to hash out PHR issues. They got an earful from Colin Evans, president and CEO at Dossia, a Cambridge, Mass.-based PHR vendor targeting large employers.

The real barrier to consumer access of their health information via PHRs is not privacy and security issues but the unwillingness of providers and payers holding the information to give consumers control over information, Evans said.

Large employers and PHR vendors have seen hospitals, physicians, laboratories, pharmacies, pharmacy benefit management firms and insurers block a patient's access to his or her information in the name of privacy and security, Evans contended.

"Many health plans and providers tell us that sending a patient's information to a PHR service like Dossia would create unacceptable risks," Evans testified. "They hold on to this position even after the health plan or providers' lawyers review Dossia's very strict standards regarding the receipt and housing of protected information. After lengthy and time-consuming negotiations with health plans and providers, it becomes clear that the issue is not about risk or liability but about trapping customers. Many medical products and procedures are commodities and a patient with access to his or her own medical information can make better and more informed decisions about medical services--and that might mean choosing another health plan or provider. They would rather withhold the information than compete on service, price and quality."

Federal officials have responsibilities to establish policies and standards to ensure the protection of health information, Evans noted. But officials also have the responsibility "to ensure health care companies do not stifle competition by spuriously waving the banner of privacy."

The vendor recommends requiring providers and payers to release a patient's information to any PHR vendor meeting certain standards, and fining providers and payers impeding the release of such information. Full text of Evan's testimony is available at

--Joseph Goedert


Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access