HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Perceptions of Privacy and Security of Medical Records and Health Data Exchange Explored by ONC

Great strides are being made toward a fully interoperable health IT infrastructure. Adoption of certified health IT is growing and healthcare organizations and office-based physicians are increasingly exchanging health information electronically, but how do patients feel about the electronic exchange of their PHI? Is concern over data security growing?

The Office of the National Coordinator for Health Information Technology (ONC) has been assessing public feeling and has recently issued a brief detailing the findings of surveys it has conducted on consumers over the past few years.

Between 2012 and 2014, ONC conducted a nationwide survey which examined security concerns about electronic health records and electronic health information exchange.

The number of individuals who are very or somewhat concerned about the privacy and security of their medical records has been decreasing and the number of individuals who expressed a lack of concern about the privacy and security of their medical records is increasing.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

In 2012, 7% of individuals were choosing to withhold information from their healthcare providers due to concerns about the privacy of their data. That figure rose to 8% in 2013, but fell to 5% in 2014. In 2012, 77% of individuals were very or somewhat concerned about the privacy of their health data, while 72% were very or somewhat concerned about the security of their medical records. Those figures had fallen to 58% and 52% respectively in 2014.

In 2012, 12% were concerned about the privacy of their medical records, and 9% expressed concern about the security of their health records. In 2014, the figures had risen to 23% and 19% respectively.

ONC found that it didn’t matter how healthcare providers stored and shared data. There was no statistically significant difference between electronic and physical records when it came to consumers’ perceptions about privacy and security. Concerns about privacy and security of medical records was actually slightly lower when healthcare providers had implemented electronic health records.

Support for the use of EHRs is actually growing. Even though many healthcare patients do have concerns about the privacy and security of their data, 78% of individuals said they supported the use of EHRs in 2014. The figure stood at 75% in 2012. 84% of patients said they believed their healthcare providers had systems in place to keep their data secure: the same percentage as in 2012.

Concern about the sharing of health records has fallen significantly since 2012 when 64% expressed concern about the sending of health records by fax, and 61% were concerned about data sharing via email. Those figures were 51% and 50% in 2014, and had fallen by 20% and 16% respectively between 2013 and 2014.

EHR adoption and HIE have increased yet consumers’ privacy and security concerns have decreased over the same period. However, ONC data nobly covers the period from 2012 to 2014. 2015 was the worst ever year for healthcare data breaches. The health records of one in three Americans were exposed or stolen by hackers. It will be interesting to see how 2015 has affected the perceptions of consumers about the security of healthcare data.

The full ONC report can be downloaded here.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.