Hmm, I'd expect a better level of understanding from the National Coordinator for Health Information Technology.
Or maybe it's just the reporting that's bad, and something is lost in the translation. At the Brainstorm Health conference yesterday
, Dr. Vindell Washington, head of ONCHIT, said that patient data belongs to the patient (true), and that the providers who hold the data do not own it (hmm, not true).
You know the Cubs won the World Series, right? That's data, and you have it, and you own it. I also know the Cubs won, so I also have and own that data. If you stayed up late enough, you'd have seen that the MVP, Ben Zobrist, got a Chevy Camaro. That's also data, and you and I and Ben all have and own that. The car itself? Only Ben owns that; you and I don't. That's the thing about data -- it's an asset capable of being owned, but it's not a zero-sum game, and the fact that one person owns it doesn't prevent others from owning it as well.
The medical RECORD (the actual specific paper or digital representation of the data), on the other hand, is a different story. Dr. Washington noted that 20 states say that the medical provider owns the data; I don't think that's true. I believe those 20 states' laws refer to ownership of the record, not ownership of the data. And that does make sense; while both the patient and provider may own the data, and while the patient has a right to get a copy of the data from the provider, the provider actually is the owner of the specific copy of the data that is the medical record. Additionally, if the patient owns the data and the provider does not also own it, presumably the patient could require the provider to delete its copy of the data. That would not be a good idea, for reasons that you and I (and even Ben Zobrist) can figure out.
The lesson is, don't confuse the concepts of "data" and "records." They mean the same thing in many situations, but not always.
The article also states, ""Contrary to what some people may believe, patients have the right to ask their health care providers for access to their personal data." I guess it may be true that "some" people believe that patients DON'T have that right, but I'd suspect it's a precious few who are so ill-informed. OF COURSE people have the right to "ask . . . for access"; you also have the right to ask your provider to fix you a sandwich, or to marry you, but don't expect him/her to agree. But more importantly, assuming your provider is covered by HIPAA which 99.99% are, your provider is OBLIGATED to actually give you that access. Not necessarily for free, as Dr. Washington implies, but at a cost not to exceed the cost of producing the data. But your provider doesn't have to give you the only copy, or delete his/her copy after giving you access.
Blogger: HIPAA Blog - Edit your Template