Personal Health Records (PHR) Roundtable
The Office of National Coordinator for Health Information Technology (ONC) hosted a free day-long public Roundtable on "Personal Health Records — Understanding the Evolving Landscape" on December 3, 2010. The Roundtable was designed to inform ONC’s Congressionally mandated report on privacy and security requirements for non-Covered Entities (non-CEs), with a focus on personal health records (PHRs) and related service providers (Section 13424 of the HITECH Act).
The Roundtable included four panels of prominent researchers, legal scholars, and representatives of consumer, patient, and industry organizations. It addressed the current state and evolving nature of PHRs and related technologies (including mobile technologies and social networking), consumer and industry expectations and attitudes toward privacy and security practices, and the pros and cons of different approaches to the requirements that should apply to non-CE PHRs and related technologies.
Read blog post on Personal Health Records: A Focus on Privacy and Security by HHS Privacy Officer Joy Pritts
Non-HIPAA Covered Entities
The Office of the National Coordinator for Health Information Technology (ONC) contracted with MAXIMUS in 2008 to analyze:
- Definitions and characteristics of personal health records (PHRs);
- Legislation applicable to PHRs;
- Privacy and security policies of selected PHR vendors and related entities; and
- Consumer views on PHRs and PHR privacy practices.
As part of ONC’s Health Information Technology for Economic and Clinical Health (HITECH) Act activities, the MAXIMUS whitepaper will assist ONC in identifying existing privacy and security legal framework for PHRs and assess the current gaps in their privacy and security practices.