Cutting to chase of Personal Health Record debate

Cutting to chase of Personal Health Record debate

Summary: The correct answer, doctor, is it's none of your business. I'm not a covered entity under HIPAA. Google and Microsoft are working for me, not for you, and thus they're not covered entities either.


New England Journal of Medicine logoThe New England Journal of Medicine has entered the debate over Personal Health Records (PHRs) with four articles, all with different perspectives, all with the full text behind their registration firewall.

So let's cut to the chase. I've seen this play out in a host of industries over the years -- news, music, video -- and it's all about one word.


Arguments about control of the data are really arguments about control of the customer. The health industry, like all industries, fears losing that control.

They have it now. Each doctor's office I visit, each hospital, each clinic, has a file on me. It's behind the nurse's station. Usually it's on paper. Sometimes it's in a computer. But it's not going anywhere -- control resides with the physician.

And I'm not really given access to it, although by rights I should be.

In these debates Google and Microsoft are stand-ins for the loss of data control to the customer. To me.

It's easy to see this because of the obvious conflation going on.

Electronic Medical Records (EMRs) are the records held by my doctor or hospital. I'm entitled to a copy of them under the law, but I seldom get them, and even when I do I only get pieces of them at a time.

PHRs are those copies I control. Google and Microsoft have both offered means by which EMRs can become PHRs, and technology for storing them on behalf of consumers.

So, the doctors say, what if Google or Microsoft misplace them? What if there's a data breach -- as there is so often in the vast medical computerocracy -- what then?

The correct answer, doctor, is it's none of your business. I'm not a covered entity under HIPAA. Google and Microsoft are working for me, not for you, and thus they're not covered entities either.

It's between me and my Web host.

Google and Microsoft themselves are too polite to say this out loud. "I am skeptical of the concept of paternalism,” Microsoft Vice President Peter Neupert wrote to The New York Times.

Me, I'm not so polite. HIPAA is meant to protect me from you, Doc, not as a defense against sharing what you have on me with me. I'm not the covered entity. You are.

Neither is the owner of the server where I choose to store it. There are other laws to cover their mistakes. If something happens I will use them. They will hear from my lawyer.

The bottom line is once I have my data, it's mine. And I want it.

Now, please.

Topics: Google, Government, Government US, Health, Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • We agree

    Dana, though I often disagree with what you write on the healthcare space, you nailed this topic/issue right. Congratulations! Like you, been around the IT block more than a few times and it is clear, control is the issue, nothing more.
    • Thanks...

      I don't insist you agree with me. The fact you usually disagree shows you're thinking. I'd much rather have people thinking and thoughtfully disagreeing than listen to a bunch of ditto-heads tell me what teh awesome I am.

      Because I'm not. I'm just a reporter.
  • RE: Cutting to chase of Personal Health Record debate

    Dana, would you like to see a game of gotcha turn into defensive medicine?

    Why should physicians be reluctant to allow transparency? Here is one huge disincentive: Malpractice suits reward attorneys who are good at second guessing using miniscule and otherwise unimportant details. They are waiting at the gate, pandering greed.

    So what evolves from this? In the end, medical records will harm patients by alteration or omission of subtle strategic facts. Darrell Pruitt
    Darrell Pruitt DDS
  • RE: Cutting to chase of Personal Health Record debate

    I am medical doctor (family physician). For sure there is some sense of "loss of control" within the medical community.

    But trust me, most of the concerns of doctors are related with risks to patients.

    Only when you are a doc and visit 40 different people by day, you realize that privacy is critical.

    Only when you hear people saying to you: "ok, I am married but I have gay sexual relations, please don't write it in your notes" you understand that privacy is critical.

    I really believe in patients having control over their own health records. I think it can improve their health and my communication with them.

    But I know health (and disease) is used to obtain economic benefits without improving the health of the patients. Let see pharma industry and disease mongering.

    I am really concerned about health information controlled by people or organizations that are not patients-doctors.

    I don't like the idea of google having my (or my relatives) health information.

    Why a PHR needs to know who am I? Why not a anonymous personal health record. THIS IS a really "only patient has control over his information". The other way is "now the information is under Google/Microsoft/Whoever control, and not under control of physicians"

    So I have designed the first anonymous personal health record: Confessors do not ask your name. Why do we?
    • Tell me more

      This, drbonis, is interesting. Darrell
      Darrell Pruitt DDS
  • RE: Cutting to chase of Personal Health Record debate

    Man & Machine Inc has teamed with 3M and Samsung to create Private Eye, the computer LCD Monitor specifically designed for hospital, medical and dental practices to comply with HIPAA regulations. The Private Eye features a high quality Samsung LCD computer monitor with built-in-3M Private Filter that protects critically important medical data by obscuring view from any angle except direct line-of sight by the computer operator. No external filter screens to slide around or sticky filter installation to worry about. Protect your critically important medical data from wandering eyes with Private Eye Monitors from Man and Machine.
  • RE: Cutting to chase of Personal Health Record debate

    Man & Machine, Inc. is an international provider of leading edge computer accessories focusing on medical, governmental, industrial and general office environments. Products include waterproof keyboards and mice, mobile keyboards for the RIM Blackberry, LCD privacy monitors for HIPAA compliance and financial security, and customized products to meet client?s unique applications. The company was founded in 1982 outside of Washington, DC with satellite offices in New York, Tennessee, Florida, Netherlands and China. Man & Machine, Inc. adheres to a strict environmental code for the sustainability and protection of our environment. Please visit
  • RE: Cutting to chase of Personal Health Record debate

    I, too agree. There are some fascinating studies done by Jack Wenberg MD from USC about medical outcomes of the various states. Oddly MA with its four highly ranked medical schools, high MD/patient ratio and reputed tendency toward social consciousness ranked among the three worst. Although the study offered no explanations, my considerable experience has been that there is a heavy reliance on specialists and very poor communication among them. There's a lot more....

    Greg Starr