I posted recently about my worries regarding having medical records online. My main concern: do online health records mean all the better for computer hackers to steal my personal information and run rampant with my identity and send themselves to Tahiti with my credit cards (and will they at the least send me a postcard)?

Turns out some folks in the know – folks who are privacy activists – think having an online personal health record could actually go a long way to protecting you.

The Privacy Rights Clearinghouse (PRC) has a nifty little primer on the Health Insurance Portability and Accountability Act (HIPAA), with a subfocus on HIPAA’s Privacy Rule. HIPAA was enacted by Congress in 1996 to set a national standard for the electronic transfer of health data. The Clearinghouse is none too hopeful that HIPAA will "restore your confidence that sensitive medical data is a matter between you and your doctor." Instead, according to the Clearinghouse folks:

HIPAA sets the standard for privacy in the electronic age where health industry, government, and public interests often prevail over the patient’s desire for confidentiality.

So what’s a person to do? The Clearinghouse lists several tips for ensuring your medical records remain private, including this:

Keep a personal health record. This may include copies of your medical files and other information related to your health such as diet and exercise programs. For more on keeping a personal health file, see the PRC’s Alert www.privacyrights.org/ar/keepmedfile.htm and the American Health Information Association resources on personal health files: www.myphy.com/what/index,asp.

This may include copies of your medical files and other information related to your health such as diet and exercise programs. For more on keeping a personal health file, see the PRC’s Alert  

 

 

 

Follow the first link and you’ll see that they issue a caveat:

Commercial products sold to organize and store your medical data vary from vendor to vendor. Just like paper records, data stored on your computer or a distant web site can be lost, stolen, or damaged. Electronic data — whether on your computer, a distant web site, or a data storage device — is also vulnerable to unauthorized access. If you consider purchasing one of these products, be sure to read the fine print, especially the company’s posted privacy policy. When shopping for technology, encryption is a must.

That first link includes even more tips regarding your medical privacy with a personal health record, either one paper-based or online. The list is long, so I won’t post it in its entirety here. But I will leave you with one that I never would have thought of, yet when I read it, I immediately saw how important it is and it’s something I’ll do the next time I visit my health care provider:

Exercise your HIPAA rights by ordering copies of your medical records as soon after your visit as possible.

They even provide a link to a sample letter you can use to request your medical record: http://www.privacyrights.org/Letters/medical2.htm.