Skip to site content
Search

Patients Want More Out of the Data You Collect About Them

By Elizabeth Woodcock, MBA, FACMPE, CPC

August, 2019


Patients are seeking to interface the data you collect about them in your practice with their mobile health tracking device – a Fitbit, Apple Watch, or the like. If your practice is fielding these patient requests, you may be questioning your liability related to this information transfer. On April 18, 2019, the Office of the Inspector General released a statement with instructions regarding the liability, while recommending guidance be issued to the patient.  

"Under the individual right of access, an individual may request a covered entity to direct their ePHI (electronic protected health information) to a third-party app. In such a circumstance, the covered entity would not be responsible for unauthorized access to the individual’s ePHI while in transmission to the app. With respect to such apps, the covered entity may want to consider informing the individual of the potential risks involved the first time that the individual makes the request." 1

If you consider such a request outlandish, recognize that the Office of the National Coordinator for Healthcare Information Technology (ONC) issued a proposed rule that makes your practice's participation a requirement. In the press release, the ONC states, “The proposed rule helps ensure that patients can electronically access their electronic health information at no cost.” This is one of many components of fulfilling the interoperability requirement of the 21st Century Cures Act. 

The final rule has not yet been issued. In the interim, the ONC has launched a pilot program called "Data at the Point of Care" (DPC) as part of the federal government’s MyHealthEData initiative. The final rule is expected to be released by the end of 2019.

For more information, see the CMS fact sheet here

https://www.hhs.gov/hipaa/for-professionals/faq/3010/what-liability-does-a-covered-entity-face.html

About The Author

Elizabeth Woodcock is the founder and principal of Woodcock & Associates. She has focused on medical group operations and revenue cycle management for more than 20 years and has led educational sessions for the Medical Group Management Association, the American Congress of Obstetricians & Gynecologists, and the American Medical Association. She has authored and co-authored many books. She is frequently published and quoted in national publications including The Wall Street Journal, Family Practice Management, MGMA Connexion, and American Medical News. Elizabeth is a Fellow in the American College of Medical Practice Executives and a Certified Professional Coder. In addition to a Bachelor of Arts from Duke University, she completed a Master of Business Administration in healthcare management from The Wharton School of Business of the University of Pennsylvania.

The contents of The Sentinel are intended for educational/informational purposes only and do not constitute legal advice. Policyholders are urged to consult with their personal attorney for legal advice, as specific legal requirements may vary from state to state and/or change over time.

Ready to get started?

Our team is here to answer any questions you might have or to help you fill out a quote application.

Start a Quote