Comments submitted last week from groups representing health care providers, patient advocates, and app developers reveal the divide over how far the changes in Federal rules should go to address the tension between rules permitting greater patient access to their medical records and the privacy afforded by the Health Insurance Portability and Accountability Act (HIPAA). Those comments were in response to “Proposed Modifications to the HIPAA Privacy Rule to Support, and Remove Barriers to, Coordinated Care and Individual Engagement,” from the Office for Civil Rights. 86 Fed. Reg 6446 (January 21, 2021).

Some groups, like the Association of American Medical Colleges (AAMC), support giving patients greater access to and control over their own health records but expressed concern about the increasing access to protected health care information from entities such as personal health application developers. Unless such entities are subject to HIPAA privacy and security standards, the AAMC wrote, "there is a real threat that the lack of appropriate patient privacy protections will erode any gains in patient engagement." 

And the other side of the coin was expressed in comments from app developers who believe the proposed rule changes do not go far enough. They argue that health information exchanges and networks, certified electronic health record vendors, and providers' other business associates could block requests for electronic health information from individuals, or from apps or services acting on a patient's behalf.

The proposed rule would allow patients to view and capture personal health information by, for example, taking notes, videos, or photos. The Medical Group Management Association recommended that OCR "allow clinicians to use their personal judgment in deciding when to allow patients to take photos or videos of their PHI at the point of care." 

Universal support was expressed for the OCR proposal to no longer require patient signatures on notices of privacy practices that will be provided to patients or their representatives.

It is worth following this issue to see how the final rules will impact this inherent tension