The purpose of these principles is to provide the ACC position on personal health records (PHR). The principles set forth on this page are intended to educate ACC members and advocate the College's position to legislators. Technical specifications for PHRs are not included.
Introduction
The ACC is a 33,000 member non-profit professional medical society and teaching institution. Its purpose is to foster optimal cardiovascular care and disease prevention through professional education, promotion of research, and leadership in the development of standards and formulation of health care policy.
In the world of health care technology, the ACC is a leader in the physician community and supports the national agenda to accelerate the integration of health information technology (IT) into physician practices. To meet the health IT needs of its members, the ACC established the Health IT Committee to coordinate the activities and policies of the College. The ACC participates in many activities in the health informatics domain, and is involved with efforts related to interoperability, standards harmonization, and electronic health record adoption.
What Is a Personal Health Record?
A PHR, in concept, contains the medical history of an individual aggregated from the medical sources with whom a patient interacts over the course of his/her lifetime. The Connecting for Health definition of a personal health record is as follows:
The Personal Health Record (PHR) is an Internet-based set of tools that allows people to access and coordinate their lifelong health information and make appropriate parts of it available to those who need it. PHRs offer an integrated and comprehensive view of health information, including information consumers generate themselves such as symptoms and medication use, information from doctors such as diagnoses and test results, and information from their pharmacies and insurance companies. Individuals access their PHRs via the Internet, using state-of-the-art security and privacy controls, at any time and from any location. Family members, doctors or school nurses can see portions of a PHR when necessary and emergency room staff can retrieve vital information from it in a crisis.
Principles
The ACC advocates the following principles and positions regarding PHRs:
1. The PHR is a consumer health management tool that is controlled by the patient-consumer, and is contributed to, but not controlled by, health care providers and organizations.
2. The PHR should be a tool that provides a high-level synopsis view of health information but may also contain or connect to electronic health records that contain a complete medical history for a patient.
3. The PHR provides consumers with a convenient, affordable mechanism to access, manage, and amend their health record information.
4. When available, PHR applications must be certified by Certification Commission for Healthcare Information Technology (CCHIT) and comply with PHR standards and dataset recommendations developed by nationally recognized health IT organizations, such as the American Health Information Community (AHIC), the Healthcare Information Technology Standards Panel (HITSP), Connecting for Health and HL-7.
5. Protected health information (PHI) in a PHR may be used only for legitimate purposes as defined in HIPAA and other applicable statutes. Privacy and security protections articulated in HIPAA and other applicable statutes must be included in the PHR solution, no matter where the data resides.
6. Uniform and universal laws to protect PHI in a PHR should be enacted at the federal level to apply across all jurisdictions. This will help to facilitate consistent understanding by those covered by such laws and the individuals whose health information is covered by such laws.
7. It is critically important that the health care data entered into the PHR are attributed to the correct patient. Erroneous data imports because of similar names and birth dates are potentially very harmful for the patient. Prevention of these types of errors is best addressed by a patient-specific identifier.
8. The patient-consumer and the vendor of the PHR solution assume responsibility (and liability) for the content of PHI in a PHR, including the inappropriate use or misuse of PHI provided via the PHR. There is no extension of responsibility (or liability) to the originating entity of PHI for the inappropriate use or misuse of PHI provided via the PHR.
ACC Disclaimer
The electronic PHR is a new and evolving health care application. Issues related to privacy, portability, content, liability, and required functionality are being actively debated and created. ACC’s PHR Principles blend health IT application best practices with guidance from the efforts of various national HIT organizations working to define PHRs.