JMIR Publications

ABSTRACT

Since 2000, federal regulations have affirmed that patients have a right to a complete copy of their health records from their physicians and hospitals. Today, providers across the nation use electronic health records and electronic information exchange for health care, and patients are choosing digital health applications (apps) to help them manage their own health and health information. Some doctors and health systems have voiced concern about whether they may transmit a patient’s data upon the patient’s request to the patient or the patient’s health app. This hesitation impedes shared information and care coordination with patients. It impairs patients’ ability to use state-of-the-art digital health tools they choose to track and manage their health. It undermines the ability of patients’ family caregivers to monitor health and to work remotely to provide care by using the nearly unique capabilities of health apps on people’s smartphones. This paper explains that sharing data electronically with patients and patients’ third-party apps is no different under the Health Insurance Portability and Accountability Act (HIPAA) than routine electronic data sharing with other doctors for treatment, or with insurers for reimbursement. The paper explains and illustrates basic principles and scenarios around sharing with patients, including patients’ third-party apps. Doctors routinely share health data electronically under HIPAA whether their organizations retain HIPAA responsibility or not. Sharing with patients and patients’ third-party apps is no different, and should be just as routine.