The American Medical Informatics Association and the American Health Information Management Association issued joint recommendations to modernize HIPAA during a Dec. 5 briefing on Capitol Hill.
The briefing, titled "Unlocking Patient Data: Pulling the Linchpin of Data Exchange and Patient Empowerment," comprised a panel of health informatics and health information management experts who discussed how federal policies influence patients' ability to access their health data.
Here are three ways policymakers could update HIPAA to improve patients' access to their data, as outlined by AMIA and AHIMA:
1. Establish a new term, "Health Data Set," which includes all clinical, biomedical and claims data maintained by a HIPAA-covered entity or business associate, and require health IT systems certified by the ONC to provide this information to patients electronically.
2. Revise the existing definition of the "designated record set" under HIPAA to provide greater clarity for providers and patients, if establishing a "Health Data Set" term is not possible.
3. Extend HIPAA's existing policies regarding a patient's right to access their health data to all entities that manage individual health data, even if they are not covered by HIPAA today. These entities might include mHealth apps that generate and store health data.
To read AMIA and AHIMA's recommendations, click here.