Literature Review and Environmental Scan

Evaluation of Personal Health Records Pilots for Fee-for-Service Medicare Enrollees from South Carolina

Contract No: HHSP23320045020XI

NORC Project #6488

Prepared for:

Ms. Suzie Burke-Bebee
U.S. Department of Health and Human Services
Office of the Secretary
Assistant Secretary for Planning and Evaluation

Prepared by:

NORC at the University of Chicago
4350 East West Highway, Suite 800
Bethesda, MD 20814

_{Skip Contents}

Table of Contents

Executive Summary

Methodology

Findings

Chapter 1. Introduction

What are Personal Health Records (PHRs)?

ASPE Evaluation of the CMS PHR Pilot Demonstration

The QSSI Role in the CMS PHR Pilot Demonstration

Purpose of Literature Review/Environmental Scan within the Context of the ASPE Evaluation

Chapter 2. Methodology

Chapter 3. Medicare FFS Beneficiaries and PHRs

The Characteristics of Medicare FFS Beneficiaries

Chapter 4.  PHR Definitions, Attributes and Models

PHR Definitions and Attributes

PHR Elements and Functions

Summary: PHR Definitions, Attributes, and Models

Chapter 5.  Consumers and PHRs

General Consumer Attitudes about and Usage of PHRs

How Do PHRs Benefit Consumers?

Increasing Consumers’ Awareness of PHRs

PHR Utility and Benefits

Consumer Perceptions of PHR Utility

PHR Usability

Current Knowledge about PHR Usability

Summary: Consumers and PHRs

Chapter 6:  Standards for Personal Health Records

The Standards Development Community

Standards for Personal Health Records

Continuity of Care Record Versus Continuity of Care Document as the Basis for Interoperable Information

Gaps In Interoperability Standards

Security Standards

PHR Privacy Policies and Standards (Do you specifically reference NCVHS privacy & Confidentiality work group as they sent recommendations around June 2006 to the Secretary and continue to work on furthering them – their recommendations were specific to ‘limited’ consumer control of PHI?)

Portability Standards

Plan-to-Plan PHR Transfer (X12)

Standards for Claims-Based PHRs

Use Cases Related to PHRs

Other Gaps In The Current PHR Standards Arena

Summary: Standards For PHRs

Chapter 7. The Potential Impacts of PHRs

Impact on Providers
Provider Workflow
Other Impacts of PHRs
Summary:  The Potential Impacts of PHRs

Appendix A.  Key Research Questions

Appendix B.  Key Informant Interview Participants

Appendix C.  Bibliography

Appendix D.  Sample Discussion Guide

Appendix E.  Key PHR Initiatives

Citations

_{Back to Top}

List of Exhibits

• Exhibit 1      Key Informant Discussion Participants and Topics
• Exhibit 2      Alternate Definitions of the Term ‘PHR’
• Exhibit 3      PHR Models: Advantages, Disadvantages, and Sponsors
• Exhibit 4      Usage of Share Care Plan’s PHR during the Month of November, 2007
• Exhibit 5      Key Players in PHR Standards Development
• Ehxibit 6      Select Standards for Interoperability
• Exhibit 7      Security Standards for PHRs

Executive Summary

The Office of the Assistant Secretary for Planning and Evaluation (ASPE), in close collaboration with the Centers for Medicare and Medicaid Services (CMS), has contracted with NORC to conduct an evaluation of a pilot demonstration project to introduce Personal Health Records (PHRs) to Medicare fee-for-service (FFS) beneficiaries. The pilot study represents one component of a diverse set of CMS Health Information Technology (HIT) initiatives. This pilot is being implemented in the South Carolina service area by QSSI, an information technology (IT) solutions contractor.

The PHR demo titled ‘My Personal Health Record, South Carolina’ (MyPHRSC) was launched in early 2008. As part of the evaluation of the PHR demo, NORC developed this literature review and environmental scan to explore current definitions of what a PHR is, assess the usability and utility of PHRs, and to identify best practices for developing PHR standards and features.

To date, little work has been done to examine what, if any, assistance may be needed to help elderly and disabled populations use PHRs. Due to the potential of PHR technology to improve health care services, additional insight is needed to identify PHR features and functions that will encourage PHR adoption by consumers. This review is intended to contribute to the overall development of PHRs by providing a current-state, panoramic snapshot of many key aspects of the PHR field. The report will inform policy efforts to identify best practices for developing PHR features and standards that will encourage PHR adoption by consumers–especially FFS Medicare beneficiaries.

_{Back to Top}

Methodology

In compiling this document, NORC used three approaches to gather up-to-date information about PHR development and implementation. First, we conducted a review of the existing published literature, gray literature, and various official government documents. Second, NORC completed discussions with sixteen key informants who are involved with and otherwise knowledgeable about PHR development efforts, product design, standards, and usability/utility (see Appendix B for list of key informants). Finally, NORC submitted a draft of the literature review to a fourteen-member expert panel, and incorporated their comments into the document.

The sixteen individuals who took part in key informant interviews contributed a broadened perspective on how other organizations are currently sponsoring and delivering PHR functionality. Initial key informant interview participants were identified through the use of referrals from key Federal and other contacts. Subsequent interview subjects were identified by asking the initial subjects to recommend individuals who are known for their expertise on PHR development and implementation. Key informant interview participants were asked to share their views about their own PHR efforts as well as current Medicare PHR efforts.

NORC staff considered data from each of these three sources in crafting the analysis in this document. We synthesized and incorporated findings into the literature review and environmental scan through an iterative process of mapping data to the project’s research questions.

_{Back to Top}

Findings

In synthesizing lessons learned from the literature review and key informant discussions, this analysis focuses on issues in four key areas: (1) PHR definitions, attributes and models; (2) consumers and PHRs; (3) standards for PHRs; and (4) potential impacts of PHRs. Select findings of the review are presented below.

While the findings of the report provide a broad current state analysis on the PHR field, to the extent possible the specific needs of the Medicare population have been researched and documented. When developing PHRs for senior citizens such as Medicare FFS Beneficiaries, a number of factors must be taken into account including the demographics of the population, their levels of computer and health literacy, and their predominant health issues. Medicare beneficiaries are more likely to have impaired vision and mobility, as well as other health problems that can impede their use of PHRs.[1] They may also face challenges in reading and comprehending information in PHRs due to levels of literacy and health literacy.

PHR Definitions, Attributes, and Models. Although there has been a groundswell of interest in PHRs, consensus has not yet been reached on a commonly accepted definition of a PHR, and many proposed definitions remain vague. One definition of a PHR, as proposed by the Markle Foundation states: ‘A PHR is an electronic application through which consumers can access, manage and share their health information, and that of others for whom they are authorized, in a private, secure, and confidential environment.’[2]

There has also been significant debate among experts on the different models for PHRs and how they should be structured, what functions they should deliver, or how they can be of greatest use. While a broadly accepted taxonomy of PHR models has not been established thus far, the different ‘flavors’ of PHRs that exist today include:

• Institutional/IDN provider portal
• Populated from claims data
• Individual provider portal
• Untethered–USB, desktop, PDA
• Service oriented
• Population oriented
• Condition oriented
• Health 2.0 sites
• Network/Interconnected PHRs

Given the rapidly evolving PHR market and the entry of organizations like Microsoft and Google, it is likely that the PHR landscape will be dramatically different 5-10 years from now.

While organizations such as American Health Information Management Association (AHIMA) and Office of the National Coordinator for Health Information Technology and the National Alliance for Health Information Technology (ONC-NAHIT) are working to define PHRs in terms of their use, objectives, and ownership rights, other organizations such as the Robert Wood Johnson Foundation (RWJF) have defined criteria for the functional components and platforms of PHRs. In fact, the PHR industry has gone to great lengths to separate a PHR definition from the description and characteristics of functionality and data sources. The National Committee on Vital and Health Statistics (NCVHS) proposed using the term PHR to refer to a health or medical record that includes clinical data, and the term ‘personal health record systems’ (PHR-S) to refer to multi-function tools that include PHRs among a battery of functions.

PHRs may encompass a number of functions, providing consumers with the ability to control their information, manage their health through decision support tools, interact with their health care providers, and authorize access and use of their health information through a designated proxy or care manager.

Findings of this review suggest that consumers have diverse expectations and needs for PHRs. Accordingly, certain health information and supporting features and functions may be more relevant to some users than others. In particular, health status may play a role in the functions that Medicare beneficiaries desire in a PHR. Although only a subset (15%) of community-dwelling, elderly patients require care from a geriatrician or geriatric services, many of those seniors have multiple, chronic conditions. By age 75, the average older adult has between two or three chronic conditions, and some have ten or twelve chronic conditions.[3] Thus the elderly and disabled may require different functions and features of a PHR than other consumers.

PHRs can be customized by offering specific, health-related information modules; providing templates for creating individualized care plans, or by offering a fully specialized PHR. There is no ‘one size fits all’ PHR and it is likely that there will be different flavors of PHRs to support unique user needs. To some extent consumers’ expectations and needs are being met by a variety of organizations including independent software vendors developing stand-alone solutions, providers/Integrated Delivery Networks making available PHRs that are closely tied or tethered to their existing systems, or health insurers or employers offering claims-based PHRs.

Consumers and PHRs. In order for PHRs to gain widespread adoption, consumers must be made aware of the availability and advantages of using PHRs, and they must be taught how to use them. Recent research on public attitudes suggests that although only a small percentage of the population has used a PHR, consumers are interested and willing to use PHRs. Additionally, those with chronic conditions reported the highest interest and most urgent need to use PHRs.

Although consumers express interest in PHRs generally, consumers cite major concerns around the security and confidentiality of information contained in PHRs, and this may affect whether or not consumers decide to use a PHR. However, these concerns vary depending on the PHR sponsor. For example, one study indicated that consumers are more likely to use a PHR if it is recommended by a provider. Although some studies suggest that consumers would be particularly concerned about the security and privacy of an employer-based PHR, others suggest that when financial incentives are provided consumers are significantly more willing to use these PHRs. Consumers also seem to suggest that the convenience of access to their information would outweigh their concerns.

PHRs may be particularly useful for Medicare beneficiaries. Early research indicates that improvements have been observed in care management for various chronically ill and disabled populations that have used PHRs. For chronically ill and disabled patients PHRs assist with medication reminders, better tracking of special diets and enhanced communication with providers. For cognitively impaired patients, PHRs which contain health event reminder functions (such as reminders for health care visits or daily medication regimens) and tracker tools may assist consumers with memory problems. In one study, generally healthy consumers reported forgetting to ask health related questions during provider visits that they had intended to discuss. Thus, PHRs could result in more productive interactions with providers.

State, regional, and national efforts that offer social marketing campaigns to encourage PHR use may help raise awareness of their value. Consumer perspectives must be taken into consideration when defining the attributes of PHRs. NORC’s discussions with PHR experts indicated that a user-centered approach to developing PHRs seeks to align the conceptualization and design of PHRs with consumers’ needs. Taking into account the consumer’s viewpoint will create PHRs that are valuable and easy to use. User-centered designs ensure that consumer perspectives are incorporated into PHRs, greatly impacting their successful adoption and use.

There has been a limited amount of work thus far to measure PHR usability. In addition, usability guidelines specific to PHRs have not been developed and traditional usability theory and existing guidelines have limited applications to PHRs because PHRs vary so widely in terms of configuration and features and functions which they offer. However, web usability guidelines have been written for aged, disabled and limited literacy populations, and these may be helpful in developing PHRs which meet the needs of Medicare beneficiaries.

Today there are no standardized measures for PHR utility. According to experts, potential measures of PHR utility include the number of consumers consistently using their PHR; the number and types of data elements or functions that are accessed and consistently used; and the overall quality improvement of the consumer’s health through PHR use.

Standards for PHRs. Standards (a set of rules that ensure that personal health information can be easily stored, accessed, shared, exchanged, and understood by health care providers, payers, regulators, and consumers[4]) are recognized as the key to realizing the value of PHR technology. Standards provide the basis through which different EHRs, claims and other data sources will be able to populate a PHR.

There are a number of entities involved in developing standards for PHRs and standards are currently available for data transfer, semantic interoperability, security and portability. One key informant suggested that between 70 and 80 percent of the standards developed for EHRs are relevant and potentially transferable to PHRs. Standards for semantic interoperability are becoming increasingly available, as are a number of security standards for authentication, consent, confidentiality, accountability, and non-repudiation. Organizations such as Integrating the Healthcare Enterprise (IHE) and Health Level Seven (HL7) have been, and are continuing to develop portability standards for plan-to-plan transfer of information.

While a number of standards for PHRs have already been developed, there are some important gaps that will need to be addressed to support development and use of PHRs. Currently there is no uniform standard to protect privacy of personal health information stored in a PHR. There are several other gaps in the PHR standards development space, most notably in the following areas: standards for patient-initiated changes to their health information; uniform privacy policies for PHR service providers; standards that address when a consumer’s proxy or care manager accesses, uses, and controls the account holder’s PHR; standards for consumer entered information into PHRs; and definitions of the rights and legal responsibilities of all parties involved with PHRs. PHRs are now being offered by entities that are not covered by HIPAA and are thus not required to comply with HIPAA regulations. Privacy policies and security standards for these entities will need to be developed.

There are also areas of overlap in the standards development area today. These areas include PHR portability standards, conditions and diagnosis standards, and consents standards. Despite the many areas of overlap as well as gaps in standards for PHRs, there are a number of standards organizations that are looking at issues of PHR privacy and security, and interoperability and portability. AHIMA is currently working on a project for ONC-NAHIT to explore the different initiatives and their areas of overlap.

Potential Impacts of PHRs. Findings from key informant discussions suggest that PHRs could have significant implications for providers and the wider health care system. For example, implementers of PHRs will need to carefully consider the optimal process for integration and application of PHRs into the workflow of routine clinical practice. While some providers recognize the potential utility presented by PHRs – particularly in the areas of patient engagement and chronic disease management – others are more resistant to change, and are concerned about the impact on workflow, PHR data accuracy, and lack of reimbursement for PHR-related work. Kaiser Permanente has found that providers are resistant to PHRs before using them, but after having used the PHRs they report positive impacts on relationships with patients, and that their initial fears of things like receiving overwhelming amounts of emails from patients were false. Many providers reported a reduced number of emails from patients with continued use of the PHR. Thus, PHRs may produce benefits for providers such as better communication with patients. Overcoming initial preconceived notions regarding the utility of PHRs may be a significant factor in improving provider adoption of PHRs.

A number of major employers have embraced PHRs and the broader idea of patient access to records and communication channels. Currently, empirical evidence of return on investment, quality improvement and improved efficiency is scant. Nonetheless, many expect that PHRs will positively affect these aspects of the health care system. Numerous experts believe that PHRs will increase patient empowerment, improve medical record keeping, and increase communication between patients and providers. Furthermore, many experts believe that improved medical record keeping as a result of PHR use could lead to reduced health care costs through a reduction in unnecessary hospital visits and tests, and fewer medication errors.

The present PHR evaluation seeks to establish an understanding of PHR utility for Medicare beneficiaries in order to address potential impacts. However, additional PHR implementations and research will be necessary to better understand how providers can effectively incorporate PHR technology into the provision of care, and how PHRs will more broadly impact health care system.

_{Back to Top}

Chapter 1.
Introduction

What are Personal Health Records (PHRs)?

Personal Health Records (PHRs) are the focus of widespread interest as a tool for improving consumers’ ability to manage their health and health care interactions in a variety of settings. There exists tremendous diversity in the functions offered by PHRs and there is no universal definition of what constitutes a PHR. One definition as proposed by Markle states that, “ A PHR is an electronic application through which consumers can access, manage and share their health information, and that of others for whom they are authorized, in a private, secure, and confidential environment.”[5]

The vision for and potential of this tool have not crystallized into a solid foundation of understanding about what technical and functional attributes make PHRs easy, attractive, and worthwhile for consumers to use. While PHRs have existed for nearly a decade, consumers have not rushed to start using this new technology and the literature indicates a relatively low level of adoption.[6] Even as the PHR market evolves, many questions remain about what characteristics are most important to ensure their usability and utility; what standards and methods should be used to develop them; and how PHR adoption and integration into consumers’ overall health care experience can be supported.

There is no shortage of commercially available PHR applications-the website of the American Health Information Management Association (AHIMA) offers links to 89 PHR products.[7] These PHRs can vary widely in their characteristics. For instance, PHR applications may differ in the nature of information they contain, features and functions offered, sources of information, locations where information is stored, technical approaches to security, and designation of control over who has access to them.

The concept of PHRs and PHR systems continues to evolve.[8] Additionally the National Alliance for Health Information technology (NAHIT), funded by the Office of the National Coordinator (ONC) is actively working on a PHR definition at the time of this report.[9]

_{Back to Top}

ASPE Evaluation of the CMS PHR Pilot Demonstration

Medicare faces an urgent need to optimize the efficiency, quality, and cost-effectiveness of health care services for its beneficiaries. As the largest provider of health insurance in the U.S., Medicare currently covers over 44 million beneficiaries, and it is anticipated that a massive expansion in the Medicare-eligible population will occur from 2010 to 2025.[10] The Centers for Medicare & Medicaid Services (CMS) thus has a compelling interest in successfully leveraging health information technology (HIT), including the use of electronic health records (EHRs) and PHRs.

To this end, CMS is conducting a pilot demonstration project to introduce PHRs to Medicare fee-for-service (FFS) beneficiaries. The pilot, which represents one component of a diverse portfolio of HIT initiatives, is being implemented in the South Carolina service area by QSSI, an IT solutions contractor selected by CMS. The PHR demo, ‘My Personal Health Record, South Carolina’ (MyPHRSC) was launched in March 2008.

The Office of the Assistant Secretary for Planning and Evaluation (ASPE) has funded an evaluation to assess the usability and utility of the PHR system implemented through the CMS pilot. It is also exploring findings related to PHR standards, design, and development. To carry out the study, ASPE has contracted with the National Opinion Research Center at the University of Chicago (NORC). NORC is gathering and analyzing information from end-users of the PHR (consumers and providers) to learn which features they find most valuable, and is eliciting insights from QSSI and HealthTrio staff about their experiences in designing the PHR.

_{Back to Top}

The QSSI Role in the CMS PHR Pilot Demonstration

QSSI is working with three key vendors and other partners to implement MyPHRSC. Specifically, QSSI has obtained its PHR product from a vendor called HealthTrio. Palmetto GBA is facilitating access to and importing of CMS claims data into the PHR, and IBM is performing general consulting in an advisory capacity related to PHRs. MyPHRSC is designed with three central components: data (which include records of patients’ visits, surgeries and procedures, and medications); tools (which help patients to plan for their health needs and capture important measurements); and security features (which include functions that allow the user to assign permission to access the PHR).

Visitors to the HealthTrio PHR web-based homepage are informed that the PHR is designed to help them gather their medical information in a single location, so that they and others to whom they grant access (e.g. family members or providers) can monitor health-related activities and events, or review and update information as necessary. Instructions guide consumers through the process of filling out a questionnaire about their health; exploring a care plan for their health; adding to their own health record; assigning permissions for others to view the PHR; and subscribing to receive education information about certain health topics.

_{Back to Top}

Purpose of Literature Review/Environmental Scan within the Context of the ASPE Evaluation

As a preliminary step, NORC has conducted a formal literature review and environmental scan to gather, summarize and synthesize existing information relevant to key research questions for the evaluation as a whole (See Appendix A). The findings of the literature review help to define issues to be explored in greater depth during the study’s focus group and observational study components. Specifically, it is being used to develop discussion guides for focus group meetings about PHR feature usability and utility. These focus groups are tentatively scheduled to take place during the summer of 2008. The FFS PHR evaluation will be closely coordinated with an evaluation funded by CMS and Agency for Healthcare Research and Quality (AHRQ).

The CMS/AHRQ PHR evaluation will examine the use, usability, and utility of a Registration Summary/Medication History PHR tool. Seven health plans have integrated these two components into their existing PHRs and offered the PHR to Medicare Managed Care and/or Part D Drug Plan beneficiaries at no cost. Evaluation components for this project include a survey of beneficiaries who have used the PHR and focus groups with beneficiaries who either: 1) have used the PHR more than once; or 2) have decided not to register for the PHR. These focus groups will help identify factors which drive adoption of the PHR, as well as identify features and functions considered easiest to use and most useful for beneficiaries. The CMS/AHRQ evaluation team is regularly involved with the Fee-For-Service evaluation efforts, and both projects benefit from this mutual collaboration. Moreover, the literature review for this evaluation will inform later findings for both PHR evaluations by offering broad perspectives on the current PHR landscape.

Due to the potential of PHR technology to improve health care services, additional insight is needed to identify PHR features and functions that encourage PHR adoption by consumers. This review is intended to contribute to the overall development of PHRs by providing a current-state, panoramic snapshot of many key aspects of the PHR field. It offers an understanding of current knowledge of PHR usability and utility, and identifies best practices for developing PHR features and standards. At a time when PHR adoption is in its early stages, these issues are of great interest.

_{Back to Top}

Chapter 2.
Methodology

To gather up-to-date information about PHR development and implementation for this comprehensive literature review we conducted a review of the existing published and unpublished literature, gray literature, and various official government documents. Based on our findings from the literature and through discussions with ASPE and CMS we identified an initial group of key informants who are involved with and otherwise knowledgeable about PHR development efforts, product design, standards, and usability/ utility. We completed discussions with sixteen key informants (see Appendix B). Finally NORC submitted a draft version of the literature review to a fourteen-member expert panel and incorporated their comments into the document.

A complete listing of sources consulted for the literature review is provided in Appendix C. NORC obtained recommendations for relevant materials and information sources by seeking initial guidance from the ASPE Task Order Monitor and key contacts at ASPE, CMS, AHRQ, and other federal agencies and foundations. We also conducted broad searches using the following online resources:

1. Google
2. Google Scholar– A more specialized search engine that focuses on peer-reviewed and other academic literature.
3. Lexis Nexis– A search engine that primarily indexes proprietary content, including a range of public and trade periodicals.
4. Academic Search Premier– A multi-disciplinary database of academic journal articles, drawing from over 3,700 peer-reviewed publications.
5. MEDLINE– A computerized bibliographic retrieval system containing a comprehensive listing of articles in the scientific medical literature.
6. HSRProj– A database providing access to ongoing grants and contracts in health services research available through the National Library of Medicine.
7. HSTAT– Health Services/ Technology Assessment Text- A searchable collection of large, full-length text clinical practice guidelines, technology assessments, and health information.
8. AHRQ National Resource Center for Health IT Knowledge Library– An online comprehensive search engine compiled by NORC and its partners, containing articles and information on topics such as evaluation, economics, and management of information systems.
9. HIMSS– The online resources of the Health Information and Management Systems Society

The sixteen individuals who took part in the key informant interviews contributed a broadened perspective on how other organizations are currently sponsoring and delivering PHR functionality. Initial key informant interview participants were identified through the use of referrals from key Federal and other contacts. Subsequent interview subjects were identified by asking the initial participants to recommend other individuals who are known for their expertise on PHR development and implementation. Exhibit 1 summarizes information about the organizations represented in these discussions and specific topics addressed. A sample discussion guide is included in Appendix D.

NORC staff considered each of these three data sources in crafting the analysis presented in this document. Findings were synthesized and incorporated into the document through an iterative process in which NORC collected relevant data, and organized the information into broad categories. These categories were then mapped to the project’s research questions. A detailed outline of themes was developed and revised, ultimately taking the form of the chapters presented in this document. NORC staff outlined each chapter in detail, and revised chapter contents as the literature review and key informant discussions progressed.

_{Back to Top}

Chapter 3.
Medicare FFS Beneficiaries
and PHRs

There are many challenges inherent to the development, implementation, access and use of high value-add PHRs. When developing PHRs for senior citizens such as Medicare FFS Beneficiaries, a number of additional factors must be taken into account. Key aspects that must be considered include the demographics of this population, their levels of computer and health literacy, and their predominant health issues. The remainder of this chapter addresses the unique aspects of the Medicare FFS Beneficiary population in relation to the use of PHRs.

_{Back to Top}

The Characteristics of Medicare FFS Beneficiaries

The CMS PHR pilot involves Medicare FFS beneficiaries in the South Carolina service area. The Medicare program provides health insurance to individuals who are 65 or older and certain younger disabled persons. In 2002, most Medicare beneficiaries (87 percent) were enrolled in traditional fee-for-service (FFS) Medicare, while others signed up for private health plans that contract to serve Medicare beneficiaries, known as Medicare Advantage plans. [11] Traditional FFS Medicare reimburses physicians a pre-determined amount for each service they provide, based on an established fee schedule. Physicians who ‘accept assignment’ agree to accept Medicare's fee as payment in full.[12]

The demographic characteristics of Medicare FFS beneficiaries should be examined when designing PHR solutions targeted to them. Health knowledge, attitudes, and beliefs for specific subpopulations may also be important to consider. On the whole, the Medicare population tends to be female (56%), white (78%), between the ages of 65 and 84 (67%), in good or fair health (53%), and living with a spouse (44%). Most Medicare beneficiaries live in urban areas (73%), have at least a high school education (69%), and have some form of supplemental insurance coverage (79%). Half have incomes under 200 percent of poverty level, and almost a third of beneficiaries (30%) have no high school diploma. Chronic illness is highly prevalent among members of the Medicare population–especially the elderly. One survey of Medicare beneficiaries indicated that 65 percent of all elderly people had two or more chronic conditions, and 34 percent of seniors reported limitations in mobility or activities of daily living. [13] Another report found that 36 percent of Medicare beneficiaries have three or more chronic conditions.[14]

Barriers to PHR Use among Medicare Beneficiaries

To date, little work has been done to examine what assistance may be needed to help elderly, disabled, and immigrant populations use PHRs. In a recent feasibility study of PHR usage in these populations, factors such as a lack of computer literacy, anxiety about using computers, cognitive and physical impairments, and the lack of health literacy were found to impede PHR use if additional support was not provided.[15]

Distrust may be another significant barrier among underserved populations. A 2007 focus group study found that participants from underserved minority groups expressed distrust of electronic record systems that would require them to store personal health data in computers other than their own or those of their physicians. One alternative they would consider is the use of a ‘smart card’. [16]’§

Medicare beneficiaries are more likely to have impaired vision and mobility, as well as other health problems that can impede their use of PHRs. [17] Changes in vision that occur with age include reductions in the amount of light that reaches the retina, loss of contrast sensitivity, and loss of the ability to detect fine details, all of which makes reading a computer screen difficult. An estimated 21 percent of adults aged 65 years and older have impaired vision.[18]

Medicare beneficiaries may also suffer from arthritis, Parkinson’s disease, and other conditions that reduce fine motor skills and their ability to use a keyboard or mouse.[19] In addition, cognitive impairment as a result of Alzheimer’s, dementia, or seizures may limit their ability to remember their user name and password, or to recall how to use a PHR application’s functions. Thus, whether or not Medicare FFS beneficiaries adopt PHRs and find them to be useful depends as much on systems and graphical user interfaces (computer programs designed to allow users to interact easily with the computer, typically by making choices from menus or groups of icons[20]) as on the data that the PHRs contain.[21]

Low reading literacy and health literacy levels may also be barriers to PHR use among Medicare beneficiaries. Although there has been no published assessment of the reading level of the information contained in PHRs, information on most general websites is far beyond the reading level of most of the population.^[22] In addition, many individuals have difficulty reading and comprehending health information. A study of information technology use and literacy found that nearly one of two adults has difficulty understanding information necessary to make basic appropriate health decisions.^[23] The 2003 National Assessment of Adult Literacy determined that adults in the study’s oldest age group–65 and older–have lower average health literacy than adults in younger age groups. Among adults ages 65 and older, 59 percent had below basic or basic health literacy, compared with 32 percent of adults ages 40-49 and 28 percent of adults ages 25-39.^[24][2]

In addition, content and format of many health-oriented materials and IT applications do not meet the needs of many of the elderly and disabled. Health-oriented website content is often too technical for consumers to understand and may not be relevant to their culture or lifestyle.[25] Consumers may also lack record keeping experience. Standard text format guidelines helpful to a senior citizen user for print and web materials–large font size, white space, appropriate reading level, active use of verbs, clear and short sentences, etc.–are often not followed. PHR computer navigation, scrolling, moving objects and animation, and search functions (particularly difficult for the aged with functional issues) hinder accessibility and use.

The elderly are less likely to have experience using computers, access to the Internet, and broadband connection than those under age 65.[26] Many elderly individuals do not have computers at all,[27] and would need to access their PHR from a public place (e.g., a library, senior center, health care facility). In a study of barriers to PHR use among the elderly, Lober et al. found computer literacy and computer anxiety were two major barriers. (Computer literacy skills were demonstrated when performing tasks such as turning the computer on, using a mouse or keyboard, or logging in. ‘Computer anxiety’ is a term used to describe a lack of willingness to attempt these tasks not due to an apparent physical or cognitive barrier.)[28]

Although the percentage of elderly people who use computers is much lower than among the general population, an increasing number of older adults are accessing the Internet. In 1996, only 2 percent of adults 65 and older were ‘online’; by 2004 that number had risen to 22 percent.[29] Kaiser Permanente, VHA, and Whatcom County have all reported that significant numbers of elderly and disabled members are signing up for and successfully using their PHRs. To entice Medicare beneficiaries to use a PHR, though, the tools must be designed to accommodate their needs.

_{Back to Top}

Chapter 4.
PHR Definitions, Attributes and Models

There is a high level of interest in PHRs among both health IT experts and the stakeholders who stand to benefit from their implementation (e.g., consumers, providers, employers, payers, and vendors). New approaches to engaging consumers to become active participants in their own healthcare have influenced the health care industry’s interest in PHRs. For example, the concepts of “consumer-directed care” and “consumer-facing technologies,” have gained popular attention in recent years. Both emphasize empowering consumers to assess their own health care needs, and to make informed choices about what services would best meet those needs.[30]

By offering tools that facilitate information-seeking and record-keeping, PHR applications are able to help consumers take a more proactive role in their healthcare. Due to the efforts of PHR sponsors, vendors, and government and private funders, considerable progress has been made over the past decade in developing valuable PHRs. Yet much work remains to be done to ensure that PHRs are appropriate for and accessible to a wide range of potential users, including elderly and disabled populations and those who lack health and computer literacy skills.

Despite the groundswell of interest in PHRs, general consensus has not yet been reached on how they should be structured, what functions they should deliver, or how they can be of greatest use. No commonly accepted definition of what constitutes a PHR has been developed to date, although the Office of the National Coordinator for Health Information Technology (ONC) is currently developing a standardized definition funded by the National Association for Health Information Technology (NAHIT). This chapter explores the landscape of current knowledge about PHRs, including how they are being defined, what attributes they typically have, and what components (e.g., screen configurations, data elements, and features or functions) are currently being offered. Examples of key PHR models and initiatives are provided.

As noted by Patricia Flatley Brennan, RN, PhD, FAAN (consultant to ASPE for this evaluation) this review takes an approach to PHRs that is largely health care provider-focused. Many PHR case studies offered in this document are described in terms of who ‘owns’ or provides the PHR, and emphasize the PHR as a connection to clinical care providers or claims data services. Brennan has commented that this emphasis is understandable, because health care providers generate data, and the PHR abstracts some subset of that data. While provider-focused PHRs may be typical of those available at the time of this review (Spring 2008), future developments in the field may yield a broader suite of personal health information management tools.

_{Back to Top}

PHR Definitions and Attributes

Consumers have long maintained paper records of health information, such as their medical history or a list of prescribed medications. Yet few have the time, ability, or motivation to keep a paper record up-to-date. It is generally believed that digitalizing consumers’ health records will help to maintain accurate information over time, and that this information will lead to improved health care access, use of services and health outcomes. In recent years, technological advances have increased the options available for maintaining personal records. Consumers have also become more comfortable in using technology. Thus, today’s PHRs are often computer-based. In the future, cell phones, personal digital assistants (PDAs), iPods, and other devices with Internet access may also offer the functionality for hosting full or partial PHRs.

The National Committee on Vital and Health Statistics (NCVHS) concluded that no uniform definition of the term PHR existed in industry or government as of 2006. The committee suggested that PHRs should be characterized by their attributes, including the scope or nature of their contents; source(s) of that information; features and functions offered; the custodian of the record; the storage location of the content; technical approaches to security, and the party designated to authorize access to the information.[31]

While a universal definition of what constitutes a PHR has not yet been adopted, leading organizations continue to work towards creating a standardized definition of PHR elements, methods, scope, desirable features, functions and infrastructural elements. Exhibit 2 below presents two alternative definitions of the term PHR–from the Markle Foundation and the American Health Information Management Association (AHIMA). Although these definitions differ there are commonalities. Each definition suggests that a PHR is an electronic application, accessed and managed by consumers, through which personal health information is maintained and shared in a secure, private, and confidential environment.

ONC-NAHIT, ASTM International (a voluntary standards development organization) and International Organization for Standardization (ISO) have also developed PHR definitions. ONC-NAHIT and ASTM both define PHRs as consumer-controlled, and health records which are payer-controlled are excluded from their PHR definitions.[32] AHIMA and ONC-NAHIT have included data inputs as components of their PHR definitions. Both organizations, along with RWJF, have agreed that the objective of a PHR includes universal availability and lifelong use for the consumer. Although most organizations define PHRs as being interoperable, ISO specifically recommends that PHRs maintain identical architecture to electronic health records (EHRs), which would simplify the often tricky process of providing interoperability between a PHR and an EHR in a particular health care system.

_{Back to Top}

EXHIBIT 2 Alternate Definitions of the Term ‘PHR’

Markle Foundation Definition
An electronic application through which consumers can access, manage and share their health information, and that of others for whom they are authorized, in a private, secure, and confidential environment.[33]

AHIMA Definition
An electronic, universally available, lifelong resource of health information needed by individuals to make health decisions. Individuals own and manage the information in the PHR, which comes from health care providers and the consumer. The PHR is maintained in a secure and private environment, with the individual determining rights of access. The PHR is separate from and does not replace the legal record of any provider.[34]

While organizations such as AHIMA and ONC-NAHIT are working to define PHRs in terms of their use, objectives, and ownership rights, other organizations such as RWJF have defined criteria for the functional components and platforms of PHRs.[35] In fact, the PHR industry has gone to great lengths to separate a PHR definition from the description and characteristics of functionality provided by the PHR and the different potential data sources. NCVHS proposed using the term PHR to refer to a health or medical record that includes clinical data, and the term ‘personal health record systems’ (PHR-S) to refer to multi-function tools that include PHRs among a battery of functions.

In 2005, the Health Level Seven (HL7) Personal Health Record Work Group of the HL7-EHR Technical Committee was charged with developing a PHR-system functional model and standards. This group has focused on identifying features and functions required for a PHR system to be effective. Its draft recommendations were submitted for public review, and final recommendations were due to be released at the end of March 2008.[36] Currently HL7 has available a draft standard for trial use (DSTU).

_{Back to Top}

PHR Elements and Functions

Data Elements

There are no standard conventions for what information a PHR should contain.[37] Some experts believe that, to guide consumers’ care decisions and self management, PHRs should include all relevant medical data.[38]’[39] Others have expressed the view that ‘more can be less’ as there is the potential to overwhelm users with too much information. The presentation of PHR data in a more easily understood, user-friendly format is crucial. This is particularly important if PHRs are to be relevant to consumers who face literacy and health literacy challenges. Participants in the 2005 American Medical Informatics Association’s (AMIA) College of Medical Informatics working symposium suggested that a PHR should contain at least the following data elements:

• Personal identification and contact information
• Health provider contact information
• Health insurance information
• Test results
• Significant illnesses
• Medical treatments and surgeries
• Immunizations
• Allergies
• Social history and lifestyle risk factors
• Family history.

AHIMA has also created an excellent resource that includes a comprehensive list of suggested and common data elements by type, (e.g., suggested “Personal Information” elements include name, address, and employer information). Other types of data relevant to health may include cost and payment information, patient-centered health risk assessment, and home and self-monitoring data that have been entered by the consumer or transmitted directly to the PHR from a medical device. Consumers may enter non-coded data (e.g., free text) through means such as typing journal entries into their PHR. They can also upload information into their PHR, such as the phone numbers of health care providers, insurance information, funeral plans, and even documents such as advanced directives.

PHR Functions

Some PHRs offer interactive tools that enable consumers to understand and act on their health information (some refer to these additional software tools as ‘personal health applications’. Others use the term PHR-S to refer to applications and data). These functions allow consumers to control their information, utilize decision support, and have more convenient interactions with the health care system. Some functions enable consumers to control access to their PHR information (i.e., by authorizing access for individuals such as relatives, spouses, friends, or health care providers).

Users can also control the type of information that each person is allowed to access, and whether that person has ‘read-only’ or ‘read and write’ access. Some PHRs provide an audit trail that tells the PHR owner who has accessed their information, and when. HL7’s Personal Health Record Systems Functional Model (PHR-S FM) includes PHR functional capabilities in the categories of ‘Personal Health’, ‘Supportive’, and ‘Information Infrastructure’. Each function is listed hierarchically and includes a name, identifier, description, examples and conformance criteria. Johnson et al. name six types of PHR functions:[40]

1. Patient-Provider Communication (e.g., appointment scheduling, secure messaging with providers, prescription refills, lab result)
2. Personal Health Advocate (e.g., communication with patient proxies, health care expense/billing tracking, insurance understanding/coverage)
3. Personal Decision Support (e.g., diagnosis education support, lifestyle choices support, medication support, provider selection support, shared patient experiences support, treatment education support)
4. Personal Health Journal (for recording and tracking diet, exercise, symptoms, questions, etc.)
5. Personal Health Monitoring and Management (e.g., home monitoring device data collection, symptom diaries, self and wellness management)
6. Personal Health Reminders (e.g., visit, consult, immunization, lab, and medication reminders)

   The mere presentation of health data to consumers is unlikely to be transformative. Applications likely will have interpret and apply the data in innovative ways that provide specific benefit to specific people, and connect them with their health team and caregivers.

   Connecting for Health

Some PHRs guide consumers to sources of online health information or disease management programs. Sophisticated PHRs can be targeted to consumers who have specific risk factors or diseases (e.g., obesity, diabetes) and can suggest relevant websites or tools for these patients, or offer web search functions to them. PHRs can also offer access to virtual communities through their portals. These can be particularly useful for patients who have serious or chronic conditions. For example, women with breast cancer may be interested in interacting online with each other to discuss available providers and potential treatment options, and to share the impact of this condition on their personal lives.

Different user populations require tailored functions, depending on their health interests and needs. For beneficiaries over the age of 85 (12 percent of Medicare beneficiaries), an adult, child or other caregiver is more likely to manage the PHR. Similarly, a beneficiary with health problems may want different information and functions than a healthy beneficiary. Customization can be achieved by offering specific information modules, providing individualized plans within a PHR, or by offering specialized PHRs.

The Markle Foundation’s Personal Health Technology Council found that ensuring consumers’ privacy and control over their own records is essential to full consumer acceptance of electronic information exchange and the sharing of PHRs. To guide the development of PHRs, this Council endorsed seven patient and consumer principles intended to ensure that PHRs include the privacy and security functions necessary to alleviate consumers’ concerns about security.[42] The privacy and security principles are as follows:

1. Individuals should be able to access their health and medical data conveniently and affordably.
2. Individuals should be able to authorize when and with whom their health data are shared.
3. Individuals should be able to designate someone else, such as a loved one, to have access to and exercise control over how their records are shared.
4. Individuals should receive easily understood information about all the ways that their health data may be used or shared.
5. Individuals should be able to review which entities have had access to their personal health data.
6. Electronic health data exchanges must protect the integrity, security, privacy, and confidentiality of an individual's information.
7. Independent bodies, accountable to the public, should oversee local and nationwide electronic health data exchanges, with no single stakeholder group dominating these oversight bodies.

_{Back to Top}

PHR Models

Exhibit 3 presents a summary of currently available PHR configurations, and the data elements and functions they typically include. It provides an overview of the characteristics of each of these configurations, their advantages and disadvantages, and sponsors. For additional detail on key PHR initiatives, an overview of nine current efforts is provided in Appendix E. Various PHR configurations include:

• Institutional/IDN provider portal
• Populated from claims data
• Individual provider portal
• Untethered–USB, desktop, PDA
• Service oriented
• Population oriented
• Condition oriented
• Health 2.0 sites
• Network/Interconnected PHRs

Exhibit 3 below provides a more detailed overview of each of these PHR configurations:

Another type of configuration is an interconnected PHR, or a ‘networked’ model. The networked model connects the PHR with multiple health care data sources. Experts involved with Connecting for Health and other PHR experts believe that only a networked PHR has the potential to offer consumers an electronic health information environment that will live up to their consumer- and patient focused principles for the handling of electronic personal health information.[45] They view such linkages as being critical to providing the level of portability, long-term history, and up-to-date information necessary to make the PHR useful for consumers. To date, a networked PHR model is not viable due to non-standardized data elements and systems, and a low proportion (14 percent[46]) of all provider practices using EHRs.

New PHR configurations are also emerging from the models seen today. Health record banks are consumer-controlled repositories that hold complete copies of consumers’ medical records. PHRs such as HealthVault are blurring the distinctions between PHR configurations. The data in HealthVault may be entered by the consumer, or entered via an EHR, claims database, or a medical device. The record is owned by the consumer, who controls access to it.[47] Adding to the complexity, organizations are partnering with Microsoft to build other PHR solutions on top of the HealthVault infrastructure. For example, Whatcom County’s Regional Health Information Organization (RHIO) is expanding the capability of its PHR called SharedCare Plan by using HealthVault’s capability to link the PHR to biomedical devices.[48] Google is preparing to release Google Health. In 2008, Google announced that the Cleveland Clinic will test a pre-release version of this service.[49]

It remains uncertain how PHRs will look in five to ten years, but it is clear they will differ significantly from the PHRs of today. In the future, PHRs may provide a lifelong record of consumers’ health, including all relevant and important health information. They may be accessible at the consumer’s direction, while maintaining appropriate privacy and security precautions. It is also plausible that PHRs could enable lay-people to make their wishes known. For example, they could provide guidelines that could be transmitted to EMRs, ensuring that treatments provided are consistent with the consumers’ wishes, desires, and preferences. PHR functions could also include the electronic expression of the individuals’ preferences for privacy and for disclosing health information into computable forms. With respect to evolving models, Patricia Brennan notes that, ‘PHRs can be viewed from an architectural perspective, having a data source or repository, a set of mediating functions, and an applications interface.  IN some PHRs all three components are wrapped up in a single product; others have the ability to draw data from and put data into various data stores; these may employ the mediating functions, specific decision logic, or interesting interfaces that help people take health action.’

_{Back to Top}

Summary: PHR Definitions, Attributes, and Models

There are a number of efforts currently underway to clarify the definition of a PHR. Most experts agree that PHRs consist of electronic patient health records controlled by consumers. Although there is some debate regarding whether the PHR encompasses just the underlying infrastructure or the entire system and its tools, ONC-NAHIT and other organizations are working to develop consensus on what constitutes a PHR, its system, and its functions and features.

PHRs can include many different functions, and there are a few different ways to define functionalities. Many organizations define functionality based on the HL7 PHR S-FM Model, which defines PHR functional capabilities by hierarchical categories of ‘Personal Health’, ‘Supportive’, and ‘Information Infrastructure’. Contrastingly, Johnson et al define PHR functions by six different types, such as Patient-Provider Communication.

Consumers have diverse expectations and needs for PHRs; therefore, certain data elements or functions may be more relevant to some than others.[50] There are a number of PHR models available with particular data elements and functions associated with them. These models vary from very basic to sophisticated configurations. Current PHR models also may be designed for general population use, or tailored to support a specific consumer population, address particular health concerns or chronic conditions, or help consumers perform a particular healthcare-related activity. PHR models will continue to evolve, and it is likely that the current PHR landscape will be remarkably different in the next five to ten years.

_{Back to Top}

Chapter 5.
Consumers and PHRs

What factors determine whether or not consumers access and use a PHR? At the most basic level, an individual’s usage of PHRs depends on knowing what PHRs are and how they operate. Studies show that a large percentage of the U.S. population is unaware of the existence of PHRs. A 2007 survey found that nearly two thirds (64 percent) of adults aged 18 and older were not familiar with the term ‘PHR.’[51] Another survey found that, among respondents who had never used PHRs, fifty-two percent said the reason was that they had never heard of them.[52]

While generating awareness of the existence of PHRs is certainly a critical first step, education alone is not adequate to ensure that consumers will adopt PHRs and use them on a regular basis. Consumers will not incorporate a PHR into their lives unless doing so provides them with helpful information and features, and easily enables them to get their health care needs met. This section of the review examines the value of PHRs from the consumer’s perspective. It begins by examining consumer attitudes towards PHRs, and continues by looking at how consumers can use PHRs. Finally, this section provides possible strategies for raising consumers’ awareness of PHRs, explores the concepts of PHR utility and usability, and examines consumers’ perceptions of how well existing PHRs meet their needs.

_{Back to Top}

General Consumer Attitudes about and Usage of PHRs

While recent research on public attitudes and beliefs about PHRs suggests interest in their potential, few statistics on their actual usage are available, and PHRs have not yet caught on with many patients.[53] In a recent Harris Interactive survey,^[54] approximately two in five respondents indicated that they maintained personal health information, but most said they were keeping these records in paper form.

Although some commercial vendors and health plans track the number of users registered for their own products, to date there is no comprehensive source of information on how many people total in the U.S. are using any type of PHR. It is believed that only a small proportion of the population has ever used a PHR, and that adoption of commercially available PHRs by consumers has been negligible.[55] A survey conducted by Aetna in 2007 found that an estimated four percent of the U.S. population uses some form of electronic PHR.[56] Another survey conducted in 2006 found that 17 percent of the adult consumer population has used a paper- or electronic-based PHR.[57] An estimated two percent of adult consumers in this survey have used PHRs to create and maintain their own records.[58]

A survey conducted in 2007 by the Foundation for Accountability (FACCT) as part of the Markle Foundation’s Connecting for Health Collaborative found that nearly three-fourths of respondents would be willing to routinely use one or more features of PHRs. The function they most frequently said they desired was the ability to communicate by email with their physicians.^[59] About two-thirds reported they would use PHRs to track immunizations, identify errors in their medical records, transmit information between providers, and store and track medical test results. Interest in using PHRs was highest among respondents who had chronic medical conditions or were caring for those with chronic conditions, and thus were heavy users of health care services.

Carmella Boccino, Executive Vice President for Clinical Affairs and Strategic Planning at the America’s Health Insurance Plans (AHIP) estimates that 70 million insured people have access to PHRs through their health plan or insurer.[60] Among consumers who are offered PHRs through their health plans, it is believed that 15 to 20 percent will sign up.[61] A 2006 survey sponsored by the Blue Cross Blue Shield Association suggested respondents prefer an insurer-sponsored PHR to one provided by the government or a third-party vendor.[62] IBM, Pepsi, Dell, and other employers offer PHRs to their employees through health plans or third-party vendors. They advertise the use of firewalls to address issues of distrust. A number of health plans and employers provide, or are considering providing, financial incentives (e.g., reduced premiums) to employees who access the PHR.[63]

Consumers appear to be very concerned about the security and confidentiality of information contained in PHRs. According to David Lansky, Senior Director of the Health Program at the Markle Foundation, almost all (91 percent) consumers they surveyed in 2003 said that confidentiality of information in a PHR would be “very important” to them.[64] Yet most also said the convenience of being able to access their health information would outweigh their concerns.[65]

Research findings suggest that consumers’ concerns about privacy vary by the PHR sponsor. One survey found that electronic PHRs sponsored by primary care providers were more acceptable to consumers than electronic PHRs sponsored by an employer or pharmaceutical company. They preferred detached, paper- or PC software-based PHRs to employer or pharmaceutical PHRs.[66] A 2006 survey conducted for the Markle Foundation found that 74 percent of respondents were ‘very concerned’ or ‘somewhat concerned’ about their employers gaining access to the information and 79 percent of respondents were ‘very concerned’ or ‘somewhat concerned’ that their insurance company would gain access to sensitive health data.[67] Another survey found that 79 percent of respondents were ‘very concerned’ or ‘somewhat concerned’ that their insurance company would gain access to sensitive health data.[68]

_{Back to Top}

How Do PHRs Benefit Consumers?

Many of the same factors that impede consumers’ adoption and usage of PHRs can be seen as reasons why consumers can benefit from these tools. Individuals with chronic illnesses or disabilities, cognitive impairments, and low reading and health literacy skills may need significant support and guidance to access PHRs. Yet preliminary evidence indicates that, even in these ‘special needs’ populations, PHRs may help consumers keep better track of their own healthcare and communicate more effectively with health care providers. PHRs can also allow consumers to monitor their own observations, such as those captured in the course of everyday living (e.g., exercise, nutritional habits, or relief of pain obtained through medication).

Consumers have reported improvements in their ability to self-manage their healthcare as a result of using PHRs. A survey by Keseleman et al (2007) found that 76% of patients reported that viewing health information in their PHR led them to make better decisions that subsequently affected their care: 42% requested specific care and 37% changed their self-care.[69] As consumers kept better track of their own healthcare, they were better able to inform their doctors at visits, and many reported improvement in relationships with physicians as a result.[70] Over time, patients reported their self-management behavior improved and they became more interested in taking a proactive role in their own care. [71]

PHRs may help consumers to have more productive interactions with their physicians by helping them keep track of topics for discussion. A Harris Interactive study found that 60% of patients 18 years and older could not recall all of the questions they meant to ask their providers during their visits.[72] In another study, consumers reported through qualitative focus groups that they tried to keep records of their own healthcare at home as they have trouble remembering things.[73] A PHR eliminates the need to rely on patients’ recall ability when it comes to healthcare, and consumers in this study reported this was a huge benefit.

The Needs of Chronically Ill or Disabled Populations

The Markle Foundation’s 2003 online survey of the Connecting for Health project found that people with chronic illnesses and those caring for the elderly reported the greatest need and most urgent interest in PHRs.[74] Although the literature in this area is preliminary, improvements have been observed in the management of care for various chronically ill populations and consumers with chronic conditions trying PHRs have responded enthusiastically. A 2002 study of the Whatcom Pursuing Perfection Project by RWJF found that chronically ill patients sometimes encouraged friends and family to participate in managing their PHR.[75] Another study found that patients who interacted with their providers online reported that mode of communication to be efficient for disease management.[76]

Often, problems occur when chronically ill patients do not properly adhere to their health care regimens at home. The SharedCare Plan PHR, which is currently being used by Whatcom County’s Regional Health Information, contains a function that sends a message to a caregiver’s cell phone or computer to remind them to administer medication at a certain time each day. It can provide reminders about prescription refills as well.[77] Such reminder features could help chronic care patients better adhere to their regimens, and even help reduce the number of visits to the hospital or prevent regenerating disease as a result of missed doses.

Diabetic patients have reported improvements in health as a result of using PHRs to better manage their own healthcare. In one example, a patient using the Kaiser Permanente’s PHR HealthConnect reported keeping better track of his diet through a function that allowed him to record his daily food intake. This enabled him to compile a diet history, and he was successful in achieving needed weight loss.[78]

Lind et al. (2007) explored using digital pen diaries (e.g., electronic journals) to impact palliative home care cancer patients’ pain assessment. Patients were given digital pen diaries in which they recorded momentary pain intensity and number of extra pain analgesics consumed three times per day. Patients reported greater involvement in their own care, and increased contact with their caregivers, which led to a feeling of increased security in the safety and quality of their health care delivery.[79]

Providers also responded quickly to digital entries involving any medical changes, and this high level of involvement in their care led patients to feel they are receiving an enhanced quality of care.[80] Integrating a PDA with moment-to-moment assessment capability into PHRs for this type of chronic care could be an area for future research. Breast cancer patients have also experienced progress in self-management of care through PHRs. One study gave breast cancer patients access to an internet-based system designed to streamline the search process for clinical trails; they reported this was helpful in guiding them towards appropriate treatment.[81]

PHRs have the potential to improve the health care transitioning process from pediatric to adult health care. This may be particularly beneficial for chronically ill children who continue into adulthood with disorders such as spina bifida, cystic fibrosis, congenital heart disease, or cancer. One study examined electronic PHR use in adolescents with spina bifida, a congenital malformation resulting in physical and learning disability. In one focus group study, Carsten et al. (2007) found that parents (particularly mothers) tended to control their child’s (the patient’s) health care information. Parents reported a specific gap in standard medical record forms. They do not offer enough space to hold complete information for their children with spina bifida, therefore, many of these parents maintain their own form of paper records of their children’s health care as a result.[82]

Carsten et al (2007) also found that parents in the study reported a desire for a central medical record, either electronic or paper-based, that would contain all of their children’s health information, supporting the continuity of their children’s care through the information sharing of their care involving many different providers and institutions.[83] Since these children have difficulty understanding their health care records or remembering care issues, a PHR could help these children and their designated caregivers keep track of their own health care as they transition to adulthood.

The Needs of Cognitively Impaired Patients

Many patients over the age of 65 have problems with cognitive function. Memory impairment affects roughly 11% of women and 15% of men in this age group.[84] Serious symptoms of mental illness are also found in 2% of women and 3% of men over 65 years of age.[85] Yet Laurikas et al. (2007) found that patients with mild to moderate dementia were capable of handling basic electronic equipment and patients reported having more confidence and an enhanced positive effect from using Information and Communications Technology (ICT)-based solutions aimed at compensating for disabilities affecting memory or daily activities[86]. Global positioning systems (GPSs) and medical monitoring devices such as blood pressure monitors resulted in increased feelings of safety and reduced anxiety for those with dementia.

Kim et al. (2005) developed a web-based, patient-centric PHR entitled ‘The Personal Health Information Management System’ (PHIMS), and tested it in a group of low-income, elderly and disabled individuals in the Everett Housing Authority in Everett, Washington. Since individuals who share the characteristics of the targeted population for this study tend to be less adoptive of computer and Internet technologies, the researchers provided a community-based resource sharing and support center with public access to computers with nursing students available to assist them with computers.[87]

To assist elderly users with slow motor-vision synchronization, the researchers adapted the system response times to accommodate delays and extended reaction times. Final results indicated that 92% of the participating residents were satisfied with the system in general.[88]

_{Back to Top}

Raising Consumers’ Awareness of PHRs

Before consumers accept and use PHRs on a widespread basis, they must be made aware of their availability and advantages, and they must be taught how to use. Several local education and marketing campaigns have sought to encourage community residents who have chronic health conditions and/ or other health needs to adopt PHR usage. While these efforts have not been empirically evaluated, the initial lessons learned may offer insight into how similar strategies could be applied to larger-scale initiatives to inform consumers about PHRs.

Whatcom County has presented its PHR as a community resource, which it promotes through channels such as support groups for chronically ill persons; mailings to hospitals, pharmacies, emergency service providers; and outreach to other existing community programs (e.g., senior, parish and nursing programs). The Veterans Health Administration (VHA) has worked to obtain buy-in for its PHR, My HealtheVet, from the local health care facilities, American Foreign Legion clubs, and VHA health fairs. VHA has found that physicians are enthusiastic and effective in promoting PHR use to their patients with clinical and support staff being supplied with printed educational materials for patient distribution. VHA pharmacy staff members have also been champions of My HealtheVet and their mail order prescription division is placing information about My HealtheVet on each patient’s prescription bottles.

State, regional, and national efforts to market PHRs help to raise awareness of their value. Social marketing campaigns could be used to increase consumers’ awareness of the advantages of taking an active role in their health care. These efforts could include information on the advantages of PHRs, their availability, and how they work. The American Health Information Management Association (AHIMA) has initiated a state-level campaign, called the Community Education Campaign for PHRs, which enlists members to coordinate community education efforts or make community presentations.[89] Many of its members have enlisted to volunteer.

_{Back to Top}

PHR Utility and Benefits

Utility in this project is defined as the quality or condition of being useful.[90] It refers to the functionality of the PHR’s design: does it do what users need it to do? The benefits of PHRs that are often cited by the health care community include: enhanced self-management; better communication between consumers and providers; improved medical safety (e.g., provider access to health information in emergency situations; medication error checks); and increased medical practice efficiencies (e.g., registration summaries, reduced duplicative lab tests, faster transmission of relevant clinical data).

This review found that consumers detect additional utilities as well.[91] PHRs facilitate the speed and quality of consumers’ interactions with health care providers and facilitate access to health care information. Secure electronic communications with providers are considered more convenient and efficient than calling the provider and waiting for a return call. Similarly, PHRs can provide consumers with timely, convenient access to their test results in a secure setting at all hours of the day. These characteristics of PHRs have the potential to empower consumers to take a more active role in their health care.

Measuring Utility

No standard measures of PHR utility have been developed.[92] Nonetheless, NORC’s discussions with PHR experts indicate that PHR sponsors currently seek to assess the usefulness of PHRs, both systematically and by gathering anecdotal evidence. One measure of utility is the number of consumers who use and continue to use their PHR. Some health plans, employers, and vendors have found that registration for the use of PHRs met or exceeded their expectations, implying that consumers viewed the PHRs as useful. Repeated or regular use of PHRs is another key measure of usefulness. Even a one-time visit to the PHR may signify usefulness, although for many consumers, entering the data routinely and consistently, and printing it for future use (such as sharing with providers) serves a greater purpose.[93]

In Whatcom County, Washington, the SharedCare Plan tracks monthly usage by patients, health care professionals, and care team members. The total monthly logins and specific usages are tracked with the information being plotted, graphed, and distributed to its staff. Staff then analyze this information and incorporate the findings into its program and marketing strategies.

_{Back to Top}

Exhibit 4 Usage of Share Care Plan’s PHR during the Month of November, 2007

D

Source: Whatcom County Shared Care Plan.

The number of times certain data elements or functions are accessed is also a measure of utility. For example, Kaiser Permanente tracks the number of secure messages sent to and from members and providers, the number of times lab results were accessed, and the number of appointments made over the phone. It believes these numbers are a general indication of which functions are most utilized and, thus, most useful to members. However, these measures may not always be valid indicators of usefulness. In the case of infrequently accessed immunization records, for example, Kaiser Permanente believes that this does not necessarily indicate they are not useful; instead, it may be an example of information that is valuable but only occasionally needed.

Future assessments of PHR utility will hopefully have data available to assess effectiveness and efficacy. These data may illuminate the impact of PHRs impact on clinical, financial, and quality of life outcomes, and other valued objectives. Questions to be addressed regarding the effectiveness and efficacy of PHRs may include:

• Do PHR data elements, features and functions, and tools like decision support improve consumers’ decision-making ability; consumers’ health; and consumers’ satisfaction with the health care system?
• Do PHRs increase the efficiency (cost and access) of the health care system for consumers, health care providers, or other stakeholders?
• Do PHRs increase consumers’ compliance with drug regimens and preventive health care recommendations?

_{Back to Top}

Consumer Perceptions of PHR Utility

Wisespread adoption and use of PHRs will not occur unless they provide perceptible value to users and are easy to learn and easy to use and have associated costs (both financial and effort) that are easily justified related to the PHR's perceived value.

Paul Tang

Although there is a low level of public awareness about PHRs, surveys have found consumer interest in using PHRs once the concept was explained. For example, a 2004 poll found two in five adults keep personal or family health records in either paper (e.g., paper folders with benefit statements) or electronic form. Among those who do not keep either paper or electronic records, 84 percent thought it was a good idea to do so.[94] Nearly 70 percent of respondents in a 2005 Markle Foundation survey said they would use an online PHR to check for mistakes in their medical records and to check and refill prescriptions.[95] About one-half of participants in a 2006 Markle survey said they would use a PHR to email physicians and retrieve test results over the internet, and 58 percent said they would use PHRs to send secure, private email communications to their physicians.[96]

Existing evidence suggests consumers who understand the functions a PHR offers generally accept them and would use them for a variety of tasks (e.g., to check their records for mistakes, refill prescriptions, and communicate with providers).[97] Assessments of several existing PHRs have shown high overall levels of satisfaction.[98] For example, one study was conducted by the Palo Alto Medical Foundation (PAMF), which has been operating an EHR-PHR integrated system since 2002. PAMF solicited qualitative feedback from PHR users and found almost all (92 percent in 2005) of their users were satisfied with the services offered.[99] Staff affiliated with Kaiser Permanente’s HealthConnect, VHA’s My HealtheVet, LifeLedger (a PHR targeted to adult children and other caregivers of the aged), and Whatcom County’s SharedCare Plan, all have found consumers’ feedback to be very positive.[100]

Consumer acceptance of PHRs appears to vary by both population subgroup and PHR platform (e.g., paper, personal computers, internet, and portable devices) used. Consumers who have higher levels of health or financial risk (e.g., individuals with chronic conditions, recent illnesses, higher deductibles, and health savings accounts) may value PHRs more than those who are not in these circumstances, as they have more to gain from their use. Two research studies, however, found no statistical evidence that chronic illness leads to increased desire for use of a PHR.[101]

A Wall Street Journal/Harris 2004 consumer poll found that, among consumers in general, there was no clear preference for a PHR platform. Many preferred the smart card (a pocket-sized card with embedded integrated circuits which can process information) (28 percent), but other choices ranked close behind, including a PHR on a home computer (non-internet based) (27 percent); paper-based PHRs (24 percent); and internet-based records (20 percent).[102] Older persons and those from underserved communities were less comfortable using an online PHR than younger persons. One-half of those aged 65 and older said they prefer paper-based PHRs, compared with only one in five of those under age 65. Conversely, younger respondents were more likely to prefer web-based records (30 percent of those under age 65, versus 10 percent of those aged 65 and older).[103] While elderly populations may not prefer online PHRs, they may be open to using them.

Consumer Views on the Utility of PHR Data Elements and Features

Kaiser Permanente’s Jan Oldenburg suggests that PHR features that are interactive, or provide added convenience, are most often used by consumers. According to Oldenburg, consumers appreciate having access to test results and secure messaging with providers, as well as the ability to order medications electronically, or to make appointments. Kaiser Permanente also found consumers’ PHR use increase when the PHR helped them resolve an issue on their own. Representatives from Consumers Union and AARP expressed the view that comprehensive medication lists are among the most useful data elements for consumers.[104] Consumers Union argues that older populations (those over age 50) would be very interested in using a PHR to track medications (e.g., drug name and dosage, when to take it) and plans to launch a medication tracking software tool in early 2008 as a possible prelude to the offer of more comprehensive PHR options in the future.[105]

Medicare beneficiaries, in particular, value sharing their PHR with family members, friends, care managers, and others.[106] This feature increases in importance as beneficiaries’ cognitive and physical function declines. Beneficiaries may authorize designated proxies to access information in their PHR for many reasons. For example, they may do so because they are physically unable to access the PHR themselves; are cognitively unable to comprehend or act on the information; lack access to a computer or the ability to use a computer; or prefer to have another person involved in their health care decision making.

Consumers seem to value the ability to print out their PHR. They find it easier to read information in a printout versus on their computer screen. For those who do not have a home computer but have occasional access to one (e.g., at a library or community center), a hard copy is portable. They can also carry a small-sized printout in their wallets, place a full-sized printout in an envelope on the refrigerator door, or keep a copy in the car in case of an emergency. Consumers and health care providers using health information print-outs from PHRs during an office visit find it very useful. Whatcom County reports, for example, that when consumers bring a paper copy of their ‘SharedCare Plan’ PHR to their health care provider, it promotes dialogue.[107]

Incorporating Consumer Perspectives of Utility into PHR Design

It is generally agreed that a PHR’s utility should be judged by its usefulness to the consumer. While PHRs are thought to be valuable to consumers, this has not been widely or empirically proven, nor has a comprehensive value analysis of PHRs ever been conducted.[108] Thus, little is known about the extent to which consumers value PHRs, or how they would prefer to use them.[109]

User-centered design usually focuses on a product's primary user. In contrast, PHR design to date has focused almost exclusively on the perspective of others, such as providers and payers.

Margarita Rodriguez and Patti Brennan

Due to the lack of rigorous data on consumer perceptions of PHRs, existing PHRs have largely been designed based on the priorities of the health care industry, which may differ from those of consumers. For example, while health care professionals emphasize the benefits of communication with providers, consumers may place higher value on using PHRs as a way to gain independence from providers― to become more aware of their medical conditions, and better able to take independent action.[110] Consumers may be more interested in PHRs as tools to facilitate a more fulfilling and convenient health care experience, rather than to improve quality of care.[111]

User-centered design is a well-established process that has been widely adopted by many organizations to deliver products that meet consumers’ needs.[112] User-centered design seeks to align the conceptualization and design of PHRs with consumers’ needs through a structured product development methodology. This process involves users throughout all stages of website development.[113] User-centered design begins with a user needs assessment that aims to understand consumers’ environments and workflows and how PHRs might integrate with their daily lives.[114] The needs assessment may utilize a variety of techniques, including field-based user observation, paper prototypes, electronic prototypes, scenario boards, storyboards (a series of simple pictures to show the sequence for completing a task), discussions, and focus groups.

Intuit uses a process called ‘consumer driven invention’ to learn about consumers’ needs. The process is geared to find problems that are important to consumers today, and use this information to determine how to best solve the problem. Intuit’s approach is to:

• Deeply understand people’s current pain points;
• Watch people and build tools that work the way people work;
• Create solutions that help them make better decisions and feel more confident;
• Focus on the prospect and include non-customer behavior to learn of consumers’ needs.[115]

Intuit begins its user-centered design efforts with what it calls, ‘follow-me-home observations’ in which researchers actually follow people home and watch them use the PHR in their own environment. They talk minimally to the consumer simply relying on observation. They also conduct town hall meetings, standard usability testing, user focus groups for observation, user forums for discussions, and surveys. In ranking the value of the data sources, Intuit’s principles are: trust follow-me-home observations more than usability tests; trust the customers’ words more than preconceived notions; trust ‘verbatims’ more than survey research; and observe the actions behind the words. Intuit also performs a quantitative analysis of its qualitative data (by coding its qualitative information) to verify its preliminary findings.

As Intuit and others have found, not all consumers desire a PHR to manage their healthcare. (Intuit found that only 41 percent of those surveyed wants a tool to do so.)[116] Consumers’ views stem partly from their experience with the health care system, which has a history of putting the health care provider in charge of a consumer’s care, rather than having the consumer play a major role in managing his/her own care.[117] Consumers may not understand how their medical records are recorded and stored. Many incorrectly believe that their physician has a complete record of their care and many also incorrectly believe that this record is stored electronically.[118] Additionally, many consumers do not understand the importance of a complete and accurate medical record for obtaining high quality medical care.

As important as it is to uncover and align with consumers’ needs, there may be limitations to user-centered design approach. First, consumers may not be clear about or fully understand what PHR features they want or would use, particularly for a tool that they are unfamiliar with. They may have difficulty envisioning a tool that leverages technologies they have never seen or used. (For example, 30 years ago, people would have had difficulty imagining how a computer mouse could be useful.)

According to Patricia Flatley Brennan, RN, PhD, FAAN, Director of Project Health Design, consumers may not be able to conceptualize how PHRs should be designed for the future. This creates an inherent tension between user-centered design and innovation. Whereas user-centered design responds to users today, Brennan believes that PHRs should be conceptualized and developed for 2012.[119]

Despite the difficulties of user-centered design for PHRs and other products, there are techniques and lessons that developers have learned that can help identify problems that consumers face and uncover solutions to these problems. George Olsen, in his 2006 article titled, ‘Designing Breakthrough Products: Going Where No User Has Gone Before’, advocates the following steps:[120]

• Look for real problems that consumers don’t realize they need to solve;
• Help users visualize solutions (mockups and prototypes help consumers understand product concepts);
• Recognize that consumers may not comprehend a product concept immediately;
• Ask how consumers might use a product (rather than asking whether they would use a product);

He argues that it is important to give consumers something familiar to ‘hang their hats on’, and that designers should consider downplaying the truly breakthrough aspects of the product, especially if they are hard for consumers to understand.

Medical product developers have successfully used scenario boards to assess and validate whether a product is useful to consumers. Scenario boards consist of a series of paper or electronic-based sketches that loosely depict how the new product integrates into the consumers’ workflow and environment.[121] The product is loosely sketched, purposely focusing on the product’s process, rather than its form or features. The scenario board helps users to envision and point out how the product may fit into or interfere with other important activities and products. It helps users to offer feedback for how a PHR might be modified to enhance its use within the home, at work, or while exercising.

_{Back to Top}

PHR Usability

When deciding whether or not to use a PHR, consumers balance its expected utility with its actual ease of use–or usability. It matters little that something is easy to use if it is not what you want. Similarly, a PHR would offer little value if the system can hypothetically do what you want, but you can’t make it happen because the user interface is too cumbersome or difficult to navigate (e.g., too many mouse clicks moving from screen-to-screen or irrelevant but required data-entry fields).[122] This section defines the term ‘usability’ presents general principles and methods to enhance usability, and reviews what is known about PHR usability from the perspective of consumers. This section emphasizes a user-centered design approach. Although there is some overlap in the techniques for assessing the utility and usability of a product, this section focuses on user-centered design process after it is determined that the PHR offers utility to consumers.

Definition of Usability

Usability is a quality attribute that refers to how well users can learn and use a product to achieve their goals and how satisfied they are with that process. The term usability also refers to methods for improving ease-of-use during the design process.[123] Hess and Shneiderman recommend that usability research be conducted from the user’s perspective. They maintain, however, that proposing and asking the right questions is difficult.

Historically, computer developers have been tempted to ask, ‘What can the computer do?’ New advances in health IT are prompting developers to ask, ‘What can people do?’ To be effective, health IT research should combine best evidence from user sciences (human factors engineering, human-computer interaction, psychology, and usability) with best evidence in medicine.[124]

Each of the usability components below involves the extent and success to which a user can perform tasks at all levels of complexity. When viewed together, the following five components lead to an assessment of consumers’ overall user experience:[125]

1. Learnability: How easy is it for users to accomplish basic tasks the first time they encounter the design?
2. Efficiency: Once users have learned the design, how quickly can they perform tasks?
3. Memorability: When users return to the design after a period of not using it, how easily can they reestablish proficiency?
4. Errors: How many errors do users make, how severe are these errors, and how easily can they recover from the errors?
5. Satisfaction: How pleasant is it to use the design?

General Principles and Methods to Enhance Usability

To maximize usability, PHRs must accommodate the needs and characteristics of a range of potential users, follow usability guidelines and checklists for their design, iteratively test and revise the PHR, and monitor usage and usability of the PHR after its release. An important goal of PHRs is to extend the reach of PHRs to diverse beneficiaries in an equitable fashion.

The University of Wisconsin’s Comprehensive Health Education Support System (CHESS) used formative usability testing to help ensure that CHESS is equally accessible to a broad range of users. CHESS is a computer-based system designed to support women with breast cancer. Usability testing and principles were used throughout CHESS’ design. A study demonstrated that underserved women with breast cancer successfully used CHESS as much if not more than their more advantaged counterparts. In addition, access to CHESS was correlated with quality of life improvement and greater participation in the health care system.[126] Usability testing was also examined in a study of the differential effects of online narrative and didactic information on participants by race. This study found that African Americans use and benefit more from online narrative and didactic information than do Caucasians.[127]

Usability guidelines specific to PHRs have not yet been developed. Until such guidelines are developed, basic usability theory and guidelines (often called checklists) can be applied to PHRs. Gary Marchionini believes that once developed, generic PHR guidelines look like basic web usability guidelines (Marchionini himself utilized the National Cancer Institute’s usability guidelines for his own PHR usability studies.) Web usability guidelines have also been written for aged, disabled, and limited literacy populations.[128] These guidelines generally advise that the reading level, content, and format of the IT be designed to be accessible to all potential users. A sample of recommended guidelines suggests the following:[129]

• Plain and clear language
• Placement of the most important content at the top of the page
• 12 or 14 point type size for body text
• Left justification of text (no right justification)
• Simple and straightforward organization of website
• Avoidance of the need for scrolling text

The VHA’s PHR, ‘My HealtheVet’ follows general usability and Federal Section 508 accessibility guidelines for persons with disabilities. According to VHA staff, ‘My HealtheVet’ was designed for the ‘lowest common denominator’ as it serves a wide variety of veterans–young, old, and highly and less highly educated.

Iterative Usability Testing and Revision

User-centered design and usability theory and guidelines recommend that the product (the PHR) be tested again and again throughout the design process, and that prospective users be included in the testing. Usability testing has a number of possible goals and purposes. One of the most important is to discover major problems in the user interface that could result in human error, termination of the interaction, and lead to frustration on the part of the user.[130] Other goals might be to reduce training time, promote performance and efficiency, and increase user satisfaction.[131]

The testing by prospective users should address the following questions:

• Is the application easy to use and navigate?
• Is the content appropriate, acceptable, and applicable?
• Do participants want and choose to use the application?

Usability testing employs representative users who try to do typical tasks with the product, while observers, including the development staff, watch, listen and take notes. Testing may take place in the home or in a testing facility with a two-way mirror or similar observation techniques. Home testing provides the design team with information on the capability of the users’ computer hardware, as well as the ease of use of the program’s features. During the software design stage, successive and iterative rounds of testing by the design team and potential users should continue. Testing and revision should continue until there is little to be learned from additional testing.

After adequate usability testing, alpha and beta tests should be conducted to assess whether the PHR works effectively in a ‘real world’ scenario. Then, major modules or features should be released in phases. This ‘phase in’ allows the PHR vendor or sponsor to isolate problems and correct for them. Whatcom County staff developed and tested its PHR using user-centered design principles, but found that it needed to engage providers in this process and incorporate their needs and workflow as well.

Ongoing Monitoring of PHR Usability

The usability of a PHR should continue to be monitored after the large-scale release. A number of monitoring techniques can be used:

• Monitor help desk questions, as these questions highlight problems that users experience
• Conduct satisfaction surveys (online or at a provider’s office) to assess user satisfaction and dissatisfaction with the overall PHR and its specific functions
• Monitor the number of users and the functions they employ
• Assess the questions and comments emailed to the webmaster
• Administer follow-on usability tests (as consumers’ expectations may change)
• Conduct user research (observing consumers) to assess how the product is used (especially before the product’s second release)

NORC’s discussions with Kaiser Permanente, VHA, Intuit, LifeLedger and Whatcom County staff indicated that they have found these approaches to be effective for uncovering barriers to usability.

_{Back to Top}

Current Knowledge about PHR Usability

Current best practices call for spending about 10% of a design project's budget on usability. On average, this will more than double a website's desired quality metrics and slightly less than double its intranet's quality metrics.

Jakob Nielsen

In a 2007 report entitled ‘Evidence Base for Personal Health Record Usability’, Gary Marchionini et al. stated that the number of empirical studies on PHR usability has been small. Their extensive literature review of 52 studies found only eight that focused on patients as users, while 44 focused on health care professionals. Marchionini believes, however, that the number of published studies may not be representative of the actual number of usability studies conducted. Large vendors–Microsoft (HealthVault) and Google (Google Health), for example–employ usability testing, but their results are usually proprietary, and vendors of all sizes have little incentive to publish their findings in academic journals.[132]

During the development of different PHR applications, the extent to which consumers have been engaged in usability testing has been limited, largely because of pressure for vendors to put their product on the market quickly and to manage the process within a limited budget. Many health IT developers believe it will cost them more to incorporate consumer-centric usability design into their product development. To the contrary, this type of usability testing is expected to substantially increase consumer traffic (e.g., website visitors) and user performance, providing substantial returns to the cost of usability testing.[133]

Conversely, health IT projects that forgo or de-emphasize usability testing early in the development process should expect lower usability. The usability rule, ‘test early; test often’ should be followed, as the cost of revising the IT after its release will be considerably more than if usability testing had been done during its initial development.[134] A revised product is a burden for consumers to relearn and those who tried the first version may be difficult to lure back.

Usability Testing Methodologies: Findings from Expert Discussions

NORC’s discussions found several organizations going to considerable efforts to ensure the usability of their PHRs. These include two large health systems, the Veterans Health Administration and Kaiser Permanente, the software developer, Intuit (maker of Quicken Health and Quicken Medical Expense Manager), and Whatcom County Washington State PHR system. All four of these organizations consider the consumer-centric usability testing of their PHR to be integral to their development protocol.

VHA, My HealtheVet

Usability testing of the VHA’s My HealtheVet includes full-functioning mock-ups early in the design process; one-on-one and small group testing in the laboratory (e.g., monitoring key strokes and eye movement); and other descriptive tests (users provide their thoughts with their actions tracked as they use the PHR). After the initial version is considered satisfactory, alpha and beta tests are conducted at pilot sites before its large-scale release. Web metrics are then used to monitor website usage. Additional functions are developed, tested, and released one-at-a-time. Although its guidelines and features are not geared specifically to older users, the VHA had made accommodations for older users. For example, it allots more time before the system ‘times out’ because older users generally require more time to complete a task.

Kaiser Permanente, HealthConnect

Kaiser Permanente has a key testing unit, which brings in small groups of users that undergo testing in a single day. It found it most effective to do in-depth testing with small numbers. These users are assigned tasks, filmed, and their keystrokes recorded. After this information is analyzed, the IT staff makes the necessary changes and then test again. Kaiser Permanente had initially released a version of HealthConnect that offered members the ability to make notes in their records. However, it discontinued this feature because one-in-four users did not understand that their doctor does not see the notes entered on their record and, therefore, no longer valued its use.

Intuit, Quicken Health

After it has completed user-centered design efforts, Intuit presents a low-resolution prototype to 10-15 consumers. Once this feedback has been obtained, the information is incorporated into the design of a higher resolution prototype, with the product and features drawn in more detail. Only after this is done do they begin feature-by-feature detailed usability tests. As of the winter of 2008, Quicken Health was being tested at a beta site, in order to assess its end-to-end elements. Its usability test approach was also used to develop Quicken and Turbo Tax. When asked what insights a focus group might offer, Intuit representatives said that focus groups were helpful for understanding consumers’ needs, and the extent to which a solution is desired.

Intuit has found that there are two segments of the population most interested in a health expense management application[3]: 1) healthy young families who make a lot of transactions online; and 2) recently retired persons with large medical expenses. They have done extensive testing with 50-64 year olds and have found them very engaged in these application concepts. This population receives a considerable number of medical bills and has little confidence paying their bills.

Whatcom County, SharedCare Plan

Whatcom County employed a user-centered design specialist who interviewed consumers to determine what information they wanted to track and how they would use this information. They interviewed consumers over age 50 with diabetes or congestive heart failure. Whatcom then designed a paper prototype (in Microsoft Word) and discussed the prototype with consumers, their family members, and health professionals. Changes were made to the prototype based on this feedback. After numerous iterations, the electronic screen-versions were designed in detail.

The PHR was developed in sections. Demographics, ‘about me’, diagnosis, medications, and allergies were the core pages. The medications from the hospital systems, electronic prescribing, and the advanced directives page were built later. At the request of consumers, a family history page was added, and refinements were made to the patient-controlled privacy capabilities. Online registration was then designed and tested. Whatcom County found that consumers prefer that the names of medications be written in English only (no Latin abbreviations). Consumers also requested that both the generic and brand-names names be displayed (to prevent consumers from unintentionally taking a double dose of their medications).

_{Back to Top}

Summary: Consumers and PHRs

Although consumers have a tremendous need for support in taking a more active role in their healthcare, many remain unaware of the potential for PHRs to help them in this area. It is clear that community, state, and national marketing and education efforts are needed to increase consumers’ awareness of the availability and value of PHRs.

PHRs must be developed with consumers’ needs in mind from the beginning, with consumers’ perspectives being incorporated into what attributes a PHR should have. A user-centered approach to PHR development will help to create PHRs that are valuable and easy to use for the consumer. Various techniques can be used to discover consumers’ needs and preferences, such as conducting field-based user-observations, using paper and electronic prototypes, preparing scenario and story boards, and holding discussion and focus groups.

Once consumers’ needs and preferences have been identified, usability guidelines and feature-by-feature testing can ensure that the PHR is designed to be as useful and easy to use as possible.

Tremendous strides have been made in improving the design and functionality of PHRs. As consumers become increasingly interested in taking charge of their health care decisions, and as the health care and health IT industries develop the ability to produce comprehensive, portable, and lifelong consumer records, the information and functionality that PHRs can provide will become increasingly valuable to consumers. Currently we do not know what the PHR of the future will look like, but it is clear that the focus of the work and the quality of research that is being done today will have significant impact on the PHRs of the near and distant future.

_{Back to Top}

Chapter 6:
Standards for
Personal Health Records

Standards for PHRs are a set of rules that ensure that personal health information can be easily stored, accessed, shared, exchanged, and understood by health care providers, payers, regulators, and consumers.[135] Standards have been recognized as the ‘key to realizing the value of PHR technology.’[136] They not only enforce a common language and architecture for storing and displaying health information, but they also provide the framework for health information exchange. While a number of standards for PHRs are currently available or under development, there are also notable gaps in the PHR standards development space.

The goals of this chapter are three-fold: (1) to describe the current standards for PHRs with respect to interoperability, security, privacy, and portability; (2) to highlight the gaps in standards development activities; and (3) to identify the challenges and issues associated with developing and implementing standards for PHRs.

We begin by providing an overview of the standards development community, identifying the stakeholders in PHR standards development, and discussing the current methods used to develop standards. Then, we provide a discussion of the key PHR standards with respect to interoperability, security, privacy, and portability. For each of the four standards categories, we describe the current standards available, identify gaps, and discuss relevant issues and/or challenges with respect to implementing the standards. We move on to discuss other gaps in standards development, highlight areas of overlap in the current standards development arena, and review relevant international standards development efforts. Finally, we close the chapter with our concluding thoughts, list of best practices, and recommendations for moving forward.

_{Back to Top}

The Standards Development Community

Standards development activities involve a number of stakeholders that represent the interests of the consumer, government, regulators, vendors, consultants, providers, informaticists, and other public and private stakeholders. The standards development community is tasked with addressing complex technical and implementation challenges, and also balancing a host of other policy, medical, and ethical considerations. This section provides a high-level introduction to the key players in the standards development community, and other leading organizations in the PHR space.

_{Back to Top}

Exhibit 5 Key Players in PHR Standards Development

D

• Federal and State Agencies. The federal government has played a key role in standards development for EHRs and has more recently focused attention on PHRs. The U.S. Department of Health and Human Services (DHHS) established the National Health Information Coordinator position in the Office of the National Coordinator (ONC) to facilitate the development of standards-based electronic health records. Within the ONC, the Office of Interoperability and Standards (OIS) coordinates with other DHHS offices to foster the use of standards and certified technology, and advance the development, adoption, and use of health IT standards nationally.[137] The Center for Medicare and Medicaid Services (CMS) is also currently engaged in testing the feasibility of utilizing personal health records for Medicare beneficiaries. The National Committee on Vital and Health Statistics (NCVHS) created recommendations for PHR standards.[138] Finally, the American Health Information Community (AHIC), a federally chartered advisory board, creates recommendations regarding the development and adoption of health IT and delivers these recommendations to the Secretary of DHHS.
• Certification Organizations. The Certification Health Care Commission of Health Information Technology (CCHIT) decides whether vendor systems meet standards accepted by the Secretary of DHHS. Governed by a Board of Commissioners, CCHIT approves the final certification criteria and oversees a number of work groups that make recommendations on key issues related to standards. The CCHIT Privacy and Compliance workgroup has been tasked with PHR certification. Mark Leavitt, MD, MPH, Chair of CCHIT, announced CCHIT’s plans to certify PHRs by 2009 or 2010.[139]
• Standards Development Organizations (SDOs). The American National Standards Institute (ANSI) facilitates the development of standards through an accreditation process. ANSI-accredited Standards Development Organizations (SDOs) produce clinical data standards (sometimes called specifications or protocols) for a specific health care domain. Health care domains include clinical and administrative data, pharmacy, medical devices, imaging, insurance, etc. Currently, more than 200 ANSI-accredited SDOs exist in different sectors, including Health Level Seven (HL7), National Electronics Manufacturers Association, Clinical Data Interchange Standards Consortium, The National Council of Prescription Drug Programs, World Health Organization, Regenstrief Institute for Health Care, College of American Pathologists, ASTM International, Centers for Disease Control, and many others. HL7 developed the PHR-S draft trial standard for usage, and ASTM created the Continuity Care Record (both will be discussed in greater detail later). ANSI decides whether the SDO’s standard meets the requirements necessary for accreditation. The ANSI’s Health Information Technology Standards Panel (HITSP) is a cooperative partnership between public and private sector stakeholders to achieve a broadly accepted set of standards that contribute to interoperability and health information exchange, and also to identify gaps in standards development. The HITSP focuses on breakthrough projects specifically recommended by the American Health Information Community, a federal advisory board, as priorities; projects focus on biosurveillance, consumer empowerment, chronic care, and electronic health records. The International Organization for Standardization (ISO) is a non-governmental organization that also develops information technology standards; the ISO is composed of standards development organizations from 157 countries.
• Technical Committees and Workgroups. A variety of technical committees and workgroups exist in the PHR space. SDOs create workgroups within their overarching framework to address issues relevant to PHRs and EHRs, and to develop standards. The American Health Information Community (AHIC)’s Consumer Empowerment (CE) workgroup is working towards widespread adoption of PHRs over time.
• Health Care Providers. Providers have a stake in standards development for PHRs, as there are many advantages to interoperability between PHRs and EHRs as well as PHRs and other systems. Standards ensure adequate linkages with the providers’ existing EHRs, fostering a more seamless exchange of patient information.[140] Standards also provide some assurance that the products that providers seek to purchase are capable of exchanging information with other systems.[141]
• PHR and EHR Vendors. PHR and EHR vendors are involved in the standards development process. Some collaborate to develop new standards, and others review and test trial standards. A variety of vendors exist in the EHR and PHR space – each developing products that vary in terms of architecture, format, features, functions, and business model. Vendors also serve on workgroups and panels for HITSP and SDOs like HL7. Vendors have become increasingly interested in acquiring CCHIT certification; the certification demonstrates their commitment to the overarching goals of enabling interoperable health information exchange.
• Health Plans and Health Care Organizations. Many health plans and employers have been advocates of the movement toward PHRs. Given that one of the main goals for health plans and employers is to reduce costs, this stakeholder group generally supports PHRs. PHRs are designed to involve patients in their healthcare, and may potentially reduce health care costs indirectly through increased prevention and disease management activities.[142]
• Consumers and Consumer Advocates. Consumers are a critical part of the standards development process. In order for PHRs to be successfully adopted, consumers need to feel comfortable with the various standards and policies. Consumer advocate groups have been highly visible in standards development efforts as well, especially with regard to privacy and security issues. For example, the World Privacy Forum, a nonprofit, non-partisan public interest research group, explores PHRs and consumer privacy. In February 2008, the World Privacy Forum issued a consumer advisory about the privacy of PHRs and gaps in privacy standards for PHRs.[143]
• Employers. Employers are beginning to offer PHRs to their employees. Recent research shows that there is an array of employer-based PHRs in existence, and each offers a variety of services.[144] A 2007 study of PHR uptake by large national employers concluded that employers will need to be involved in the PHR standards development process: ‘Employers need to facilitate and adopt standards for PHRs to enable their development, use, and interoperability. At a minimum, these standards should address the privacy, confidentiality, and security of PHRs.’[145] Given that some types of employers are not considered ‘covered entities’ under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), employers may be especially concerned about the development of standards for privacy.
• Other Stakeholders. Research organizations, survey groups, information technology firms, experts in the field, and other stakeholders have been highly involved in standards development efforts – providing relevant research findings and fostering dialogue that has helped the industry to assess the needs in the PHR standards space. For example, the Markle Foundation explores how the use of technologies such as EHRs and PHRs can address public needs in the areas of health and national security.[146] Markle’s Connecting for Health provides policy and technical resources focused on networked health information sharing.[147] The American Health Information Management Association (AHIMA) is a professional community that works to improve healthcare via the advancement of best practices and standards for health information management.[148] RWJF and the California HealthCare Foundation are also supporting new research on PHRs through Project HealthDesign, a $4.4 million program that will work to stimulate innovation in the development of PHRs.[149]

Methods for Standards Development

The American National Standards Institute (ANSI) facilitates the development of standards from more than 200 ANSI-accredited standards developing organizations in the United States. The ANSI Board of Standards Review approves standards as American National Standards if they meet ANSI’s requirements. The ANSI process for standards development incorporates: stakeholder input and consensus; expert and public review and feedback; formal voting; and an appeal process.[150]

Standards are vetted through a group or ‘consensus body’ that includes a variety of relevant stakeholders, and then offered up to the public for a review and comment period as draft trial standards. After the comment period, feedback from the public as well as from voting members is incorporated into the draft standard. The appeal process is open to any person who believes that due process principles were not followed during the ANSI-accreditation process.

The International Organization for Standardization (ISO) uses a process that is similar to ANSI’s method for standard development. The features of ISO’s process include: creating a work group composed of experts from various countries to explore the standard; negotiating the details underlying the standard and gaining feedback from manufacturers, vendors, consumer groups, laboratories, governments, and other professionals; and an approval process that results in International Standard acceptance.[151] To be accepted as an International Standard, two-thirds of the ISO members that were part of the work group must approve the standard, and 75% of all ISO members that vote must approve the standard.[152]

_{Back to Top}

Standards for Personal Health Records

According to David Lansky, Ph.D., Senior Director of the Health Program at the Markle Foundation, about seventy to eighty percent of the standards developed for EHRs are relevant to and potential serviceable for PHRs.  However, there are still a number of gaps in the PHR standards space. This section begins with an overview of the most comprehensive efforts to date focused on developing a framework for PHR functionality. Then, we address standards for PHRs in four categories: interoperability, security, privacy, and portability.

The PHR-System (PHR-S) Functional Model

The Health Level Seven (HL7) PHR work group – under the auspices of the HL7 EHR technical committee – developed a PHR-System functional model (PHR-S).[153] The PHR-S may be the first effort to define the basic functions for PHRs.[154] The PHR-S is a draft standard for trial use (DSTU). It provides a common framework for understanding the basic functionality that should be part of any PHR offered to consumers. The model has between 60 and 70 different functions, which describe the requisite functions for a PHR. The model is composed of personal health functions, supportive functions, and information infrastructure functions:

• The personal health functions enable the consumer to manage his/her health care information, including encounters with providers, preventive activities, and historical clinical data. The functions also enable the consumer to maintain an accurate and up-to-date record of his/her healthcare.
• The supportive functions address administrative and financial management requirements. The functions manage provider and facility information, health insurance and benefit information, legal documents, consents and authorizations, end-of-life documents and advance directives, and public health related updates.
• The information infrastructure functions address privacy and security issues, and interoperability between PHR systems and between PHR and EHR systems.

As a DSTU, the PHR-S will be released into the industry for up to two years where health care organizations, vendors, and consumers can use it for various purposes and provide feedback. Specifically, the trial use period also provides time for PHR vendors to examine what types of activities they need to engage in to conform to the functional model. After two years and appropriate revisions, the model will be balloted for ANSI accreditation. According to Donald Mon, Ph.D., Vice President of Practice Leadership at the American Health Informatics Association (AHIMA), the EHR functional model was designed using the same process, and was a draft standard for trial use for approximately two years before it was balloted.

To date, there is already growing acceptance of the HL7 PHR-S functional model, as payers such as Blue Cross Blue Shield and Delta Dental are planning to develop a payer-based profile derived from the PHR-S functional model, and providers such as Kaiser Permanente and the Mayo Clinic are leading an effort for a provider-based PHR, and one for health record banking.

Project HealthDesign’s Functional Requirements and Common Platform Components

Project HealthDesign is a $4.4 million project funded by RWJF with support from the California HealthCare Foundation that is fostering the development of new PHR applications. Project HealthDesign worked with Sujansky & Associates, LLC to create a set of functional requirements and common platform components for PHR applications.[155] The team worked closely with the project’s nine grantees to identify the functional needs of the projects; findings from this assessment informed the development of a common platform – or infrastructure – for PHR applications. The platform components are software modules for medication list management, calendaring, observations captured in the course of daily living, and identity management. Essentially, these platform components will be the building blocks of PHRs.

The goals of this project are to: (1) promote the development of personal health applications through the development of needed software resources, and (2) move towards interoperability among PHR applications by creating models for exchanging data and common interfaces that will be accessible to multiple PHR applications.

Project HealthDesign’s effort to develop functional requirements and common platform components differs from HL7’s work on the PHR-S functional model. While the HL7 PHR-S functional model defines the end-user functionality, the Project HealthDesign components will be used to identify the types of data that the common platform components should handle and the operations that they should provide to enable PHR applications.[156] Thus, while both HL7 and Project HealthDesign address some of the same elements of PHRs, the projects are quite distinct from one another. Project HealthDesign’s efforts are intended to inform future PHR standards development efforts.

Interoperability Standards

PHR and EHR standards create opportunities for interoperability. Regardless of how one defines a PHR, interoperability is critical to ensuring that the information used by the patient and provider are linked.[157] One of the goals of interoperability is to ensure that providers can access data from PHRs as seamlessly as possible.[158] Another key aspect of interoperability is the ability of multiple EHRs from different providers to populate the same PHR.

Current standards address interoperability with respect to both syntax and semantics. Syntax targets the structure of communication, whereas semantics address the meaning of the communication during health information exchange.[159] Both types of interoperability are achieved through standards for data exchange and messaging, terminology, documents, concepts, applications, and architecture. [160]

Semantic interoperability is the ability of systems to exchange information with one another and have a common understanding and interpretation of that information. Semantics convey the meaning of communication during information exchange.[161] Semantic interoperability is important because it ensures that data can be understood and used by the receiver of the information during information exchange. The relevant standards for semantic interoperability are terminologies such as SNOMED and LOINC and document standards such as HL7 Clinical Document Architecture.Select standards for interoperability are provided in Exhibit 6.

In addition to the standards discussed in Exhibit 5, HL7 released the EHR Interoperability Model (EHR-IM) as a draft standard for trial use in February 2007. The EHR-IM provides a reference list of requirements for interoperable EHRs. The HL7 EHR-IM was created by a public-private partnership led by the HL7 EHR Technical Committee. EHR/IM establishes the requirements for interoperable EHR records.[165]

_{Back to Top}

Continuity of Care Record Versus Continuity of Care Document as the Basis for Interoperable Information

Document standards are essential to achieving interoperability between PHR systems and between PHRs and EHRs.[166] Two types of common document standards are the Continuity of Care Record (CCR) and the Continuity of Care Document (CCD). The CCR and CCD are standard specifications developed by different groups of organizations to achieve similar goals: improved continuity of healthcare, a reduction in medical errors, and improved health information transportability between patients, providers, and health care institutions. It is particularly important to note that the CCD or CCR is not the underlying personal health record itself; rather it is an interchange. The CCD and CCR provide the ability for one record to extract information, and for the next record to insert the information extracted into its own system.

The CCR is a standard specification that has been developed by ASTM International, the Massachusetts Medical Society (MMS), the Health Information Management and Systems Society (HIMSS), the American Academy of Family Physicians (AAFP), and the American Academy of Pediatrics.

ASTM’s CCR is an XML-based set of data from health care records, medical legal documents, and health care encounters. The CCR is the clinical record of the patient’s current and historical health care status. [167]^,[168] The basis for CCR is a Patient Care Referral Form developed by the Massachusetts Department of Public Health. Basic patient information is included, such as patient and provider information, insurance, patient health status, recent care provided, care plan information, and reason for referral or transfer.[169] One of the CCR’s goals is to foster health information transportability between providers, such as when a patient is referred, transferred to, or seen by another provider. The CCR was designed to ensure that adequate information is collected on a patient prior to referral or transfer so that the information can be exchanged.

The Continuity of Care Document (CCD) was developed as a result of collaboration between ASTM and HL7. HL7 is a not-for-profit, international standards development organization that is accredited by the ANSI. Both ASTM and HL7 were working independently to develop a standard for health information exchange. ASTM developed the CCR, while HL7 focused on developing the Care Record Summary. Both ASTM and HL7’s efforts were targeted at developing a standard to produce an electronic patient care summary that could be exported and read by EHRs and PHRs.[170] In 2005, ASTM and HL7 signed a memorandum of understanding to collaborate and create the CCD.

The CCD has been said to combine the ‘best of HL7 technologies’ and the ‘rich experience of ASTM’s CCR with clinical data representation.’[171] The CCD describes the use of the CCR standard dataset so that it can function within the HL7 Clinical Document Architecture (CDA). HL7 members were balloted regarding the adoption of CCD. The CCD was a successful ballot, concluding on January 7, 2007, and termed a ‘very significant development for healthcare IT’ and ‘a milestone in the standards world.’[172]

In February 2007, the Health Information Technology Standards Panel (HITSP) of the American National Standards Institute (ANSI) approved the CCD, recognizing the harmonization of the ASTM and HL7’s standards.[173] Currently, both the CCD and the CCR are used to transfer health information electronically among providers.

Some experts have questioned the adequacy of the minimum data set used in the CCR and CCD. A CCR can have up to 17 categories of information, and each category contains structured fields rather than free text. However, one key concern is whether the CCR and CCD capture all of the necessary information resulting from a health care encounter. The National Committee on Vital and Health Statistics Subcommittee on Privacy and Security noted that the CCR and CCD’s minimum data sets may be unnecessarily omitting important health information, if this information does not fit neatly into one of the structured data fields.[174] In other words, consumer friendly language and informal medical data needs to be mapped to the structured, technical medical jargon.

Since the development of CCD, there has been some controversy regarding whether the CCD or the CCR should be the basis for interoperable information for PHRs. Specifically, should PHR vendors use the CCD or CCR? According to Donald Mon, Ph.D., Vice President of Practice Leadership at AHIMA, larger vendors, which have likely adopted many of HL7’s specifications already, may find it easier to use the CCD. This is because the CCD is already part of the HL7 CDA architecture. Other vendors that do not utilize the HL7 CDA architecture can choose to use either the CCD or CCR just as easily.

The PHR-S functional model, developed by the HL7 work group, is agnostic in terms of specifying the CCD or CCR, so that the market can decide which approach to adopt. According to an expert from the HL7 work group, both CCD and CCR-related activities are proceeding.

Vendors have also adopted the various standards. Microsoft’s HealthVault, while not a PHR, is a platform that has the ability to service numerous personal health applications (PHAs) – and thus, is important to the future of PHRs. Taking a ‘standards agnostic’ approach to interoperability, Microsoft has created data exchange interfaces that are compliant with both the CCD and the CCR.[175]

_{Back to Top}

Gaps In Interoperability Standards

The National Committee on Vital and Health Statistics of the U.S. Department of Health and Human Services (DHHS) determined that interoperability standards development efforts for PHR systems should focus mapping formal medical terms to consumer-oriented concepts and terms.[176] In addition, the Committee recommended that DHHS should encourage the adoption of standards for PHRs that are currently used to promote the interoperability of EHRs. The Committee also determined that the private sector, vendors, and health care institutions should adopt data content and exchange standards based on standards accepted for EHRs.[177]

Another interoperability standards gap is for workflow processes related to ‘request changes’. According to HITSP, there are no known standards that govern patient-requested changes to the PHR.[178] Request changes involve three key steps. First, the annotated document is transmitted to the original provider or institution for confirmation. Second, the original provider confirms that he/she has received and read the annotation. Third, the annotated document is sent back to the consumer’s PHR and indicates that a change has been made. Standards need to be developed to govern each step of the workflow. Standards also need to be developed to address more complicated situations, such as if the original provider is not available to read/ receive the annotation, or if the provider refuses to respond to the request change.[179]

Standards are also needed to address more complicated situations, such as if the PHR is offered by a health plan. Dr. Archelle Georgiou, an independent consultant, noted that in this case, the ‘request change’ process may be more challenging. If the PHR is offered by a health plan, the originator of the data is actually the provider (hospital/doctor/facility) that submitted the data through claims. In order to change the data, the provider would potentially need to resubmit a claim – which is unlikely to be a feasible approach if the claim has been processed and paid.

Other more complicated situations that need to be considered are if the original provider is not available to read and/or receive the annotation, or if the provider refuses to respond to the ‘request change’.[180]

_{Back to Top}

Security Standards

PHRs can either be exclusively controlled by the individual (e.g., via a thumb-drive based PHR system or a smart-card system) or sponsored by a health care provider, health plan, or other commercial vendor. In addition, for the aged, disabled, and children, the PHR may also be controlled by a care manager (e.g., an adult child, parent, relative, or friend of the patient). Depending on the type of PHR used and who has access, there are different security issues that need to be considered.

Security standards for PHRs must address an array of issues including authentication, identity proofing, access consent and control, data integrity, confidentiality, privacy, accountability, and non-repudiation.[181] For example, does the consumer have ultimate control of the information stored in the PHR? How should amendments or deletions be indicated within the PHR? What are the relevant security features for assigning a care-manager or proxy to manage another account holder’s PHR? In this section, we discuss security standards, and highlight potential challenges with respect to the development and implementation of new security standards for PHRs.

Security Standards for Authentication and Access Control

PHR vendors approach security issues such as authentication and access control in various ways. For authentication, vendors may require the account holder to authenticate his/her identity by entering a name and password combination. Other vendors require additional information such as zip code, date of birth, or an answer to a self-selected question. CMS has received feedback that higher levels of security in terms of authentication and authorization are necessary, especially for a PHR designed specifically for Medicare beneficiaries. In 2005, CMS solicited public feedback about its role in the PHR space via a Request for Information.[182] A total of 51 organizations, including vendors, health plans, provider organizations, and trade associations, responded to questions specific to PHRs. Respondents were asked about the types of authentication that should be used for a PHR. Responses ranged from physical tokens and biometrics to a Medicare smart card.

With respect to access control, some PHR vendors enable the account holder to have full access control to view, add, edit, and delete information. Others have functions which enable the account holder to assign read/ write access to all or parts of the PHR via a proxy function. The security implications associated with assigning a proxy are discussed in greater detail later in this section.

Currently, there are a number of security standards that are mature and ready for use. PHRs can employ different security mechanisms and need to carefully balance ease of access and security.Exhibit 7 describes the current security standards for PHRs.[183]

Integrating the Healthcare Enterprise’s Work on Privacy and Security Issues

Integrating the Healthcare Enterprise (IHE), an initiative designed to improve electronic health care information sharing, has done work in the areas of privacy and security. First, IHE has addressed the encryption of information and audit trails for information to maintain privacy.

Second, IHE has worked on the Basic Patient Privacy Consent (BPPC). The BPPC was implemented as a trial, further refined, and adopted by HITSP in 2007. The BPPC is proposed as the first step for consent management. IHE has tried to devise the BPPC to maintain patient control over the PHR, and enable patients to handle consent issues in multiple ways.

Third, IHE has addressed user authentication issues through the Cross-Enterprise User Assertion (XUA). User authentication or user assertion ensures that it is possible to assert who users are when they try to access the PHR. The XUA work is fairly recent and has been adopted by HITSP. It provides the foundation to convey basic roles for user assertion.

The final area that IHE has been working on related to privacy and security is digital signatures for documents.

Challenges Associated with Developing Security Standards

One of the greatest challenges to developing security standards for PHRs is deciding how much access, use, and control consumers should have over their personal health information. According to Donald Mon, Ph.D., Vice President of Practice Leadership at AHIMA, there is less clarity with respect to standards for PHRs because there is not a broadly accepted policy about how much access, use and control a consumer should have over their PHR. Dr. Mon also noted that while there are prescribed legal procedures for EHRs with respect to documenting information, the same is not true for PHRs. For example, the EHR is a legal record for business and disclosure purposes; rather, deletions are marked as erroneous and amendment can be added.

According to Donald Mon, Ph.D., the industry cannot encumber the consumer with responsibility to maintain a legal record on the clinical side. However, there is no clear answer as to how much control consumers should over the information within their PHR. When developing the PHR-S functional model, the HL7 work group – composed of vendors, consumer advocates, and clinicians – discussed consumer access to and control of information. Vendors in the work group stated that consumers would like the ability to remove information from their PHRs. However, other experts have stated that presenting an incomplete PHR to a clinician will have serious consequences from both a health information exchange standpoint and a clinical standpoint.

One solution offered by the HL7 work group was to flag information that has been deleted or changed within a PHR to alert the clinician. The HL7 PHR-S functional model has a criterion that a flag must indicate that some information in the record has been modified, which communicates important information to the provider. While the flag does not disclose what information has been deleted, it will serve as a reminder to the clinician that information has been deleted, so that the clinician can have an informed conversation with the patient. According to Donald Mon, Ph.D., regardless of whether the flag method proposed by the HL7 work group becomes a law or a best practice, it is necessary to make a policy decision first, and then implement from a technical perspective: ‘After we deal with the social and ethical issues, we can then figure out how to deal with [these issues] within the context of a PHR.’

Security Considerations for People Who Have a Care Manager

For the frail, aged, or disabled, a care manager may be responsible for coordinating health care visits; scheduling appointments, tests, and consultations; transporting the patient to and from the provider; and potentially even assisting in the patient’s admission to different health care facilities.[184] There are several security considerations related to designing a PHR that enables the account holder (the person whose information is embedded in the PHR) to assign his/her care manager as a proxy to the PHR.

While some consumers may be comfortable with authorizing their proxy to have full access to view their entire PHR, others prefer that their proxy or care-manager have access to only certain aspects of their record (e.g., physician information, medications, emergency information, final plans, etc). Vendors are providing account holders with the ability to assign field-by-field access controls to each proxy. For example, in the case of the LifeLedger – a PHR-like product which enables a care-manager to manage an aged individual’s health information – the PHR account holder may assign the care manager (or any number of proxies) three degrees of access: ‘none;’ ‘read only’ or ‘read/write’ to each individual page. As a result, the account holder can control what pages the proxy does or does not see, and whether the proxy can amend information in the PHR. Other vendors address this issue in a slightly different way, providing the account holder with the ability to hide specific sub-sections or elements of the PHR, such as one particular health encounter, from the care-manager or proxy.

The HL7 PHR-S functional model is addressing the issue of proxies via the requirement that vendors must give the account holder the ability to determine what information is available to an authorized account holder of the PHR information.[185] While PHR-S indicates that the account holder should be able to authorize the proxy to update information within the PHR, it does not state how to implement the authorization. PHR-S also says that ‘account-holders should have the ability to mask data on a selective, record, field-by-field, or class basis as one aspect of controlling access to personal health data.’ [186]

According to Donald Mon, Ph.D., from a technical standpoint, it is not particularly complicated for a software vendor to implement a PHR where the proxy has access to all or none of the account holder’s information. However, from a vendor’s perspective, it is more technically challenging to implement a PHR whereby the proxy has granular access to only parts or specific sub-sections of the PHR.

Do consumers want the ability to assign varying levels of control and read/write access to their proxies or care-manager? David Lansky, Ph.D., suggest consumers are highly segmented in terms of their desire to employ access controls. The expert noted that while some users want to restrict access to providers and other parties by utilizing detailed access controls, between 60 and 80% of consumers would prefer not to navigate the access and consents processes.

Gaps in Security Standards

Currently, there are several critical gaps in PHR security standards:

Authentication practices. While the PHR community broadly accepts that it is necessary for the account holder to be able to authenticate himself/herself to the PHR, there is not a broadly accepted standard for authentication. According to an expert on the PHR-S model, clarifying standards related to authentication is an important and necessary step for the industry.

• Authorization practices. Security standards need to be developed for authorizing a care-manager or proxy to have access to and control over health information in the PHR.
• Audit practices. The National Committee on Vital and Health Statistics recommends that PHR standards enable consumers to audit who has accessed their personal health information.
• Data Access. The industry needs to come to a consensus about ‘blinding’ data or restricting access to subsets of information within the PHR.
• Emergency Override Practices. The industry needs to develop a standard practice for overriding authentication practices in the case of a medical emergency.

_{Back to Top}

PHR Privacy Policies and Standards

Privacy of personal health information is a key concern for consumers of PHRs. A 2005 survey conducted by CHCF in collaboration with Forrester Researcher found that two-thirds of the sample of 2,000 consumers (1,000 nationally and 1,000 in California) said they were ‘very concerned’ (36%) or ‘somewhat concerned’ (31%) about the privacy of their health records.[187] Research also suggests that consumers are concerned about the types of information collected and entered into the PHR; how the information is handled internally; and whether and how the information is provided to any external entities.[188] Clearly there is a need for privacy standards and privacy policies for PHRs. However, there is not yet a consensus among PHR service providers about the specific elements that should be in all PHR privacy policies. [189] Experts have attested that the widespread adoption of PHRs will largely be a function of public confidence and trust that personal health information will be adequately protected.[190]

This section addresses privacy issues related to PHRs. First, we discuss privacy standards and issues related to privacy with respect to personal health information stored in PHRs. Then we present an overview of several PHR privacy policies under development. It is important to note that the privacy standards section and the security standards section are highly related, as many aspects of privacy are entwined with security issues.

Challenges Associated with Developing Privacy Standards for PHRs

There are a number of challenges associated with developing privacy standards for PHRs. In this section, we discuss the following challenges:

1. There are no statutes or standards that define PHR service providers’ legal responsibilities.
2. Consumers are misinformed about their privacy rights with respect to personal health information under HIPAA.
3. Privacy standards for employer-provided PHRs will need to be considered, especially since HIPAA does not cover some employers.
4. PHR vendors or third parties that are not covered by HIPAA do not need to notify consumers of their privacy policies and practices related to secondary uses of personal health information. As a result, consumers may be unaware that their personal health information is being used and disclosed to other entities in the U.S. or abroad for secondary.
5. States have different laws governing privacy and security of personal health information.
6. Privacy standards must balance the needs for privacy and confidentiality, with the need to maintain an accurate medical record.

The first key challenge associated with developing a privacy standard for PHRs is defining the legal responsibilities of PHR service providers, given that they are non-covered entities under the Health Insurance Portability and Accountability Act (HIPAA). The National Committee on Vital and Health Statistics (NCVHS) at the Department of Health and Human Services (DHHS) concluded that there are no statutes or standards that define PHR service providers’ legal responsibilities.

Under HIPAA, ‘covered entities’ are asked to provide consumers with information about their privacy policies and practices. Covered entities include health plans, health care clearinghouses, and health care providers that engage in electronic transactions for which HIPAA standards have been adopted.[191] Entities such as PHR vendors, employers, certain types of insurers, providers that do not engage in electronic transactions for which HIPAA standards have been adopted, and third-party data warehouses are all not covered by HIPAA, and thus not required to comply with HIPAA regulations.[192] Privacy policies will need to clearly outline whether the PHR vendor is covered by the HIPAA privacy policy.

A second challenge is that research suggests that consumers are misinformed about their privacy rights with respect to personal health information under HIPAA.[4] For example, when PHR vendors state that they are ‘compliant with HIPAA’ this does not mean that they are ‘covered under HIPAA’. This is an important distinction that consumers may not understand.[193] Such a distinction may be confusing, and further necessitates the development of a PHR privacy policy and privacy standards, more generally.

A third issue is that HIPAA does not cover some employers, and thus, privacy standards for employer-provided PHRs will also need to be considered. HIPAA does not consider employers who collect information directly from employees (e.g., for a pre-employment physical, job application, or via an employee assistance or wellness program) to be ‘covered entities.’[194] Given that PHRs are being developed by certain employers and other entities that are not covered by the HIPAA privacy rule, privacy standards will need to be developed with respect to the use and disclosure of personal health information within employer-provided PHRs. A 2007 CHCF issue brief concluded that employers will need to develop standards that ‘at a minimum address privacy, security, and confidentiality of PHRs.’[195]

A fourth challenge is that non-covered entities, such as PHR vendors, do not need to notify consumers of their privacy policies and practices (e.g., secondary uses of data for other purposes, such as marketing, population health purposes, other purposes) with respect to personal health information.[196] The NCVHS concluded that: ‘The Committee is unaware of any requirement that compels PHR vendors not covered by HIPAA to provide to consumers the terms and conditions governing the privacy of their personal data.’[197] Thus, consumers may be unaware that their personal health information is being used and disclosed to other entities in the U.S. or abroad for secondary purposes. This is a major concern for consumers with a PHR service provider that involves an outside business partner like a third party data warehouse. Lecker et al. (2007) studied PHR privacy policies for the Department of Health and Human Services and found that only 3% (one in 30) of PHR privacy policies indicated that consumers needed to explicitly consent before the PHR vendor could share the data in their PHRs.[198] None of the privacy policies studied identified the PHR vendor’s third party partners. This study demonstrates that even though consumers have not given explicit consent to share their personal health information with a third party or for other purposes such as marketing, consumers may still be at risk due to the construct of the PHR vendor’s privacy policy. [199]

A fifth challenge is that states have different laws governing privacy and security of personal health information, and consumers may not be aware of their rights. For example, while California has stringent privacy and security laws governing the use of personal health information that are layered on top of the HIPAA privacy rule, other states have more limited regulations.[200] A February 2008 issue brief by CHCF explored the issue of consumer control over personal health information, and determined that the current legal system ‘falls short as a viable legal framework for health information custodians,’ such as PHRs.[201] Existing federal and state laws will need to be considered when developing PHR privacy standards.

A final key challenge associated with developing a privacy policy for PHRs is balancing the need for consumer privacy and confidentiality, with the need for an accurate medical record. Experts have debated the issues of access and control from a privacy standpoint. What degree of control should consumers have over the information in their PHR? Some believe that account holders should have the ability to prevent access to certain aspects of the record or ‘blind’ sensitive information within the PHR. Others are concerned about enabling consumers to blind or delete health information, as omissions may lead to deleterious clinical implications.

In June 2006, NCVHS released its report titled Privacy and Confidentiality in the Nationwide Health Information Network, which includes recommendations on consumer rights over their personal health information and also covers a host of other issues ranging from regulatory issues to recommendations for maintaining and establishing the public trust.[202] These recommendations were presented to the U.S. Secretary of Health, Michael O. Levitt. The NCVHS recommended that consumers should have a limited right to control their personal health information electronically:

Giving individuals unlimited control is one way to empower them. On the other hand, if individuals had unfettered control, health care providers would likely place less confidence in the accuracy and completeness of their records….For these reasons, if individuals are given the right to control access to their records, the right should be limited.[203]

NCVHS was not prescriptive about the best method to institute limited individual control over health records. NCVHS continues to work on furthering these recommendations. In June 2007, the NCVHS Subcommittee on Privacy and Confidentiality Working Group discussed privacy issues and other issues related to consumer control over PHRs in a working session held in Washington, D.C.[204]

Specifically, the group addressed privacy of health information within the context of the CCR and CCD. [205] The Committee discussed the merits of masking certain types of data in the CCR or CCD, and the implications of transferring masked data from one provider to another. For example, should certain types of drugs (e.g., mental health drugs) or genetic information (e.g., family history of Huntington’s disease) be masked to protect the account holder’s privacy? One member of the Committee was particularly concerned about the social and ethic ramifications of blinding/masking mental health or genetic information: ‘By treating mental illness separately [and] by treating genetic disorders separately, we may be further contributing to the stigmatization of these conditions and putting into the future the time when there will be no difference between mental illness and other illnesses and so forth.’[206]

The Subcommittee did not come to a consensus on a privacy standard for PHRs. Specifically, the Committee concluded that it would be optimal to wait for Congress’s definition of ‘genetic information’ under the Genetic Information Nondiscrimination Act (GINA). A Congressionally mandated definition of genetic information could dictate whether and what type of genetic information can/should be masked in a CCR or CCD. Despite these challenges, deciding upon the principles and components of a privacy policy for PHR service providers is a critical and necessary step to ensuring consumers and PHR service providers under their rights and responsibilities.

Recommendations for PHR Privacy Standards

The NCVHS made several recommendations for the development of PHR privacy standards. [207] First, standards should be developed to ensure that consumers are always notified of secondary uses of data in PHRs. NCVHS specifically recommended that if HHS or another agency intends to use CMS data in PHRs, then there should be a requirement which ensure that those PHR systems provide notice to consumers of the uses of personally identifiable information. Second, privacy standards for PHRs should be developed within the context of the National Health Information Network (NHIN). Third, consumers should be educated about their rights with respect to privacy and personal health information stored in PHRs. Fourth, if individuals are granted control over the specific content within their health records, that control should be limited by specific factors such as the individuals’ age, treatment/condition, and/or type of provider.[208] Finally, the NCVHS recommended that third party vendors, or other entities not covered by HIPAA, adopt their own privacy policies that are at least equal to those outlined in HIPAA.[209]

Additional recommendations for a PHR privacy policy were developed by Altarum, a non-profit research institute, in early 2007. Altarum was contracted by the Office of the National Coordinator for Health Information Technology (ONC), in support of the American Health Information Community (AHIC) Consumer Empowerment (CE) Workgroup, to review existing privacy policies for PHRS and make recommendations.[210] Recommendations for characteristics of a PHR privacy policy included:

• Policy must be required for all PHR vendors;
• Policy must be transparent on secondary data uses;
• PHR vendor must disclose business relationships relating to “handling, processing, data mining, or other management of PHR data” to consumers;
• Policy must provide information about the relationship between the PHR service provider’s policies to HIPAA; and
• Policy must be written at a 6^th grade reading level and include a glossary of technical terms used.[211]

The World Privacy Forum released a report on privacy and PHRs in February 2008, which specifically outlines eight areas of concern: ‘privilege, subpoenas, marketing of health care data, linkage of records, security, ability to correct files, consent issues, and the role of privacy policies.’[212] These areas should be considered when developing privacy standards for PHRs. Finally, the Federal Trade Commission (FTC) is also exploring patient privacy and consumer protection issues in health information technology, which may be relevant to the development of PHR privacy standards. The FTC is holding a public workshop to examine patient privacy in health information technology in April 2008.[213]

Examples of Privacy Statements

While privacy standards for PHRs are still under development, organizations such as Microsoft and Elder Issues have released privacy policies and statements for the use of their PHR products and platforms. A brief discussion of their privacy policies is presented below.

Microsoft recently released a privacy statement for the beta version of HealthVault. The privacy statement specifically applies to data collected by Microsoft through the Microsoft HealthVault beta version, but not data collected through other Microsoft products.[214] The privacy statement begins with an introduction to sharing health information via HealthVault. The second section addresses the collection of personal health information and authentication process. This section indicates that the owner of the account is, by default, the custodian of the record, and therefore has full control over the information.

Given that HealthVault is a platform – not a PHR – Microsoft also urges users to reference the privacy statements of other programs that they use in concert with HealthVault. The third section of the privacy statement explains the utility of the HealthVault Connections Center; users can use the Connections Center to add data to health records in their HealthVault account from other health devices (e.g., heart-rate monitor, etc). The fourth section discusses how users can share health information with other parties or programs, and the process of assigning access. The fifth and sixth sections address how Microsoft will use the personal health information in HealthVault, and the process used to aggregate information and statistics. In addition, the statement explains that personal information collected using HealthVault may be “stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or agents maintain facilities, and by using the Service, [users] consent to any such transfer of information outside of the U.S.”[215] Microsoft HealthVault’s privacy statement indicates that users’ personal information may aggregated for marketing purposes, but is not associated with an individual account without the users’ opt-in consent. [216]

Microsoft also refers users to its general privacy policy, ‘Microsoft Online Privacy Statement’, as this policy explains how credential information is used when the user signs in to Microsoft sites, including HealthVault.[217]

The next few sections discuss account access and controls, sharing records with other programs/ services, deleting records, and archiving health information. Microsoft describes the process for sharing records with other service users. The lower levels of access are view-only access and view-and-modify access; both are time-limited. Custodial access is the highest level of access, as the custodian of the health record can read, change, and delete the record. The custodian of the account can also grant and revoke different levels of access to others.[218] Other components of the privacy statement include: Microsoft’s TRUSTe certification; enforcement of the privacy statement; use of cookies; use of web beacons; changes to the privacy statement; and contact information for more information.

LifeLedger has a privacy policy comprised of five components: treatment of personally identifiable information; sharing of information with third parties; security technology and procedures; cookies; and the consumer’s role in protecting health information.[219] The privacy policy indicates that Elder Issues will not share personally identifiable information internally or with a third party. Access to personally identifiable information can be granted to a care-manager or proxy by the account holder. The policy describes the encryption practices used to secure sensitive data. In addition, the privacy policy encourages users of LifeLedger to protect the password information. Contact information is provided if users have additional questions or concerns about the confidentiality of their personal health information.

_{Back to Top}

Portability Standards

Portability standards address the consumer’s ability to move his or her entire PHR to a new location. Portability more typically refers to data transfer and not the transfer of the PHR’s functionality. This becomes particularly important for patients that have visited a number of hospitals and doctors in various systems. How is it possible to gather the patient’s information from multiple providers, and aggregate this information within a PHR? Experts believe that plan-to-plan PHR portability is a necessary move in the direction of interoperability and a National Health Information Network. [220]^,[5][221]

In December 2007, the Health Privacy Project released best practices from the Employers’ Working Group on PHRs, an expert work group convened by CHCF and IBM which focuses on issues facing employers that offer PHRs. The work group, composed of the Center for Democracy & Technology, Dell, Hewitt Associates, IBM, Markel Foundation, Omnimedix Institute, Pfizer, Pitney Bowes, Revolution Health, Wal-Mart, and WebMD, identified a portability best practice. The portability best practice is that ‘employers should offer PHRs that are portable, to the extent feasible, allowing employees to maintain or move the PHR and/or the data it contains even after employment or coverage ends or changes.’[222]

Standards and communication protocols are currently available to transmit information from other systems to PHRs. Common standards and protocols include Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Simple Object Access Protocol (SOAP), Extensible Markup Language (XML), Web Service Definition Language (WSDL), and Universal Description Discovery and Integration (UDDI).

HITSP and Integrating the Healthcare Enterprise have worked to empower the consumer with the ability to manage their health care information, and be able to further distribute that information to providers. Efforts underway to develop portability standards for PHRs are discussed in this section.

_{Back to Top}

Plan-to-Plan PHR Transfer (X12)

Industry-led efforts beginning in 2006 have catalyzed a movement towards portability standards for payer-based PHRs. In 2006, America’s Health Insurance Plans (AHIP) and Blue Cross Blue Shield Association (BCBSA) announced their plan to conduct a pilot test that explores PHR portability between PHRs, and between PHRs and EHRs.[223] The goal of the pilot was to develop standards that ensure patients can move their payer-based PHRs from one plan to another as their health coverage changes. This pilot demonstrated the ability to move and transfer the data from the PHR only. When the data was transported to another health plan’s PHR, the format, display, navigation, and functionality were unique to the receiving health plan’s PHR.

AHIP, BCBSA, and HL7 announced plans to collaborate on data portability standards for PHRs in December 2007, when the three organizations signed a Memorandum of Understanding.[224] AHIP and BCBSA developed an implementation guide with standards and other information that will foster PHR portability standards.[225] AHIP and BCBSA have entrusted HL7 and Accredited Standards Committee X12 with further development and technical maintenance of the portability standards. The X12 plan-to-plan transfer portability standard is currently being balloted by HL7 as part of the PHR-S functional model.

The X12 standard is used to ‘communicate individual patient information requests and patient information (either solicited or unsolicited) between separate health care entities in a variety of settings to be consistent with confidentiality and use requirements.’[226] In this definition, patient information is defined as demographic, clinical, and other supporting data.

Cross-Enterprise Document for Sharing (IHE-XDS) Integration Profile

Integrating the Healthcare Enterprise (IHE), an initiative designed to improve electronic health care information sharing, has done a great deal of work related to portability. [227] Namely, IHE’s standards-based specifications address the movement of the content within PHRs. According to Charles Parisot, Manager of Standards and Testing for GE Healthcare, and co-chair of the IHE IT Infrastructure Planning Committee, the movement of information is handled by the Cross-Enterprise Document for Sharing (IHE-XDS) Integration Profile. The XDS also provides the functionality to extract and move information between systems, and to share that information in a certain domain, which could be managed by a PHR, a RHIO, or a PHR hosted in a hospital. This is consistent with the HITSP Interoperability Specification IS 03 which also relies on XDS for PHR interchange of CCDs with EHRs, Plans and Pharmacies.

For example, suppose a patient were to visit a hospital/provider. The hospital/provider would produce several documents that summarize the health encounter. Through XDS, the patient would then be able to access information that the hospital/provider published. The hospital/provider would also be able to publish the information to the patient’s PHR or through the Regional Health Information Organization (RHIO). Then, the patient can search for these documents and bring them into his/her own PHR. Thus, the XDS enables the patient to retrieve information, gather it, and bring it into their own PHR.

Cross-Enterprise Document Reliable Transfer (IHE-XDM)

IHE also created the Cross-Enterprise Document Reliable Transfer, IHE-XDM, a standards-based specification which provides cross-enterprise document interchange using a common file and directory structure over standard media devices. This specification is highly relevant to PHRs because it permits patients and/or providers to use physical media to carry sets of medical records. Specifically, the IHE-XDM provides the interchange to transfer documents and metadata over memory devices (e.g., CD-R and USB) and email using ZIP attachments.[228] The specification promotes interoperability between EHRs and PHRs, enabling the exchange of documents between patients and providers, or between providers. According to Charles Parisot, Manager for Standards and Testing for GE Healthcare, and co-chair of the IHE IT Infrastructure Planning Committee, the real value of XDM is that it can work in conjunction with XDS.

HITSP approved the use of XDM to extract part or all of the content source or aggregate information from a PHR, and move it to another doctor or provider location. XDM defines an interoperable media organization and file system that enables a person to carry documents from the PHR to another place that will be able to open the media, and navigate the media through various registration entries. The media may contain one or many documents of interest, and serves as a transportable mini registry and document repository.

Charles Parisot described the process of moving information from one doctor/ provider location to another. The patient can input documents (previously received as input from a variety of locations) from his/her PHR into a piece of media,  as well as extract his/her current view as a CCD document, and copy this document to the media. Then, the patient is able to carry the media with them.  If they chose to open a new PHR somewhere else, the patient will be to load the input documents, and reconstruct the PHR with the same content as on the other server.

Cross-Enterprise Document Reliable Interchange (IHE-XDR) Integration Profile

The IHE Cross-Enterprise Document Reliable Interchange (XDR) Integration Profile is a standards-based specification that was also published by IHE. The IHE-XDR enables the exchange of patient-related medical documents between ‘health care entities’ (e.g., private physicians, clinics, in-patient facilities, etc) using a point-to-point network.[229]

In contrast to the XDM, where the person carrying the media does the sharing of information and has the ability to give specific access to a party, the XDR is useful in situations where a patient wants to share information with a single designated entity. The XDR is point-to-point in the sense that when one or more documents in a source system need to be shared with the target system, the patient can use the XDR to push documents into the target system. The patient can choose to not publish specific pieces of information to the target system as well (such as medication information).

One of the benefits of the IHE-XDR Integrastion Profile is that it enables document sharing in the absence of a document sharing infrastructure such as the IHE-XDS Integration Profile.[230] A second benefit of the IHE-XDR is that it enables document sharing between one or more health care entities via a point-to-point interchange.[231] The IHE-XDR is an important standard for PHRs because it enables interoperability between PHRs, EHRs and other health IT systems.[232]

PDF/H Standard

The PDF/H (PDF Healthcare) was co-developed by Adobe Systems and Intel, and also has support from a number of medical societies.[233] PDF-H is a secure data exchange container or ‘safe-deposit box’ for data inclusive to a PHR.[234] The PDF-H contains for personal health information in the form of digital images and data (e.g., X-Rays, CT-Scans, MRIs, and Sonograms, lab data, ECD, EEG, etc). The PDF-H will work in conjunction with the CCD or CCR format to make data portable across and between different types of systems.[235] The PDF technology has several benefits. First, the PDF is platform and system-neutral. Second, it enables various types of data to be stored regarding of source or destination. Third, information stored in a PDF can be easily selected and quickly printed. Finally, the technology enables bi-directional information exchange.[236]

In 2007, AIIM – the Enterprise Content Management Association (ECM) and ASTM International developed a working group charged with developing best practices for the PDF/H that ‘facilitate the capture, exchange, preservation and protection of health care information.’ The PDF/H effort represents an effort by industry leaders to promote the adoption of PHRs and ensure that medical information is portable. The PDF-H standard has been submitted for ISO approval.

_{Back to Top}

Standards for Claims-Based PHRs

Donald Mon, Ph.D. indicates there is not a specific set of standards currently available for claims-based PHRs. There are, however, two overlapping standards for claims-based PHRs: X12 and IHE-XDR. Claims-based PHRs use a HIPAA X12 275 transaction standard for transmitting PHR data, and the HIPAA X12 275 uses XML to encode the data elements. Specifically, the X12 275 transaction is the outer ‘envelope’ that will contain the CDA/CCD data elements supported by health plan claims and administrative data entered by consumers into the PHR.[237] Claims-based PHRs also use the IHE-XDR; this standard enables the exchange of patient-related medical documents between health care entities using a point-to-point network.

HL7 is striving to produce standards at the functional requirement level, which will then be applicable to all PHR models, rather than developing standards for different types of PHR models (e.g., claims-based, provider-based, stand-alone, or web-based),

According to an expert from the HL7 work group, which developed the PHR-S, the goal is for all PHR models to be derived from the same functional model – regardless of whether the PHR is populated by claims data or via some other mechanism. From a standards perspective, it would be beneficial for all PHR systems to conform to a functional model.

_{Back to Top}

Use Cases Related to PHRs

The American Health Information Community (AHIC) develops use cases to provide context for standards harmonization and inform policy discussions that advance health information technology activities.[238] The 2008 use cases under development include remote monitoring, patient-provider secure messaging, personalized healthcare, consultations and transfers of care, public healthcare reporting, and immunizations and response management. AHIC has released three new detailed use cases on patient-provider secure messaging, remote monitoring and personalized healthcare in March 2008. The use cases are described in this section because of their relevance to PHRs.

Patient-Provider Secure Messaging

AHIC released a detailed use case on patient-provider secure messaging, which explores the ability of patients to communicate with their health care clinicians from a remote location using technology.[239] AHIC defines patient-provider secure messaging as ‘both secure messaging sent from patients to providers as well as secure messages sent from providers to patients.’[240] In the detailed use case, AHIC also notes that patient caregivers or patient advocates may be included in these communications. Secure messaging tools are built around a PHR, EHR, patient portal, or other types of communication tools.[241] Information is exchanged live and transactions include messages with structured content, unstructured content, or a mixed format. Additional materials can be attached to communications. Secure messaging is not intended for use during emergency situations.

The detailed use case focuses on the processes for both patient-initiated communication from the patient and clinician perspectives, and for clinician-initiated communication from the clinician and patient perspectives. While presenting each of these processes in detail is outside the scope of this section, we provide a brief overview of the processes for patient-initiated communication from the patient’s perspective in order to highlight where the PHR fits into the process.

Patient-initiated communication from the patient’s perspective includes the following processes: (1) the patient is authorized and authenticated to participate in secure messaging with his/her clinician; (2) the patient receives a user identification code and password to establish his/her identity; (3) the patient may need to be trained to use the secure messaging tool; (4) the patient can compose a message and send it to a clinician (read receipt features and other capabilities are available); (5) once the clinician responds, the patient is notified that they have a secure message waiting to be read; (6) the patient logs in to read the secure message; and (7) the patient reads the secure message and may update his/her PHR to reflect the information.[242]

Remote Monitoring

The remote monitoring detailed use case focuses on the communication of ambulatory remote monitoring information (e.g., physiologic measurements, diagnostic measurements, medication tracking device information, and activities of daily living measurements) to the PHR or EHR.[243] Measurements collected by the remote monitoring devices are transmitted to the PHR so that patients and/or caregivers can access the data. The information may also be sent to clinicians to help them to better manage or treat the patient’s condition. In order to ensure that the data can be transmitted to a PHR or EHR, the remote monitoring information must be available in an interoperable manner.[244]

The detailed use case presents the processes communication of remote monitoring information to the EHR or PHR from three different perspectives: the clinician’s perspective, care coordinator’s[6] perspective, and patient’s perspective. Essentially, there are five main processes: (1) the patient or caregiver sets up the device; (2) the patient records measurements using the remote monitoring device, which communicates the data to the EHR, PHR, or other device at specific times; (3) the care coordinator reviews the measurement information via a portal provided by the device manufacturer or other third party; (4) the care coordinator will work with the patient or caregiver to check the information communicated and potentially acquire additional information; and (5) if necessary, the clinician will review the measurement information through the EHR, determine if a change in the patient’s treatment is necessary, and then transmit the needed change to the care coordinator and the patient’s PHR. Remote monitoring is an important component of care management for the aging population and people with chronic conditions.

Personalized Healthcare

AHIC defines personalized healthcare as the ‘processes by which health care providers can customize treatment and management plans for patients based on their unique genetic makeup.’[245] AHIC’s detailed use case on personalized healthcare focuses on the processes underlying the exchange of family history information and genetic and genomic testing information between patients and clinicians, and how this information is available in an EHR or PHR.[246] The detailed use case explores: (1) the clinical assessment from the clinician and consumer perspectives, and (2) genetic testing, reporting, and clinical management from the clinician and consumer perspectives. In terms of the clinical assessment piece, the use case describes that a consumer can share his/her medical history with a clinician by entering their personal health information into a PHR and then making that information available to the clinician. In terms of the genetic testing, reporting and clinical management component, the use case describes that consumers would receive and incorporate genetic/genomic testing information into their PHR. If the information is interoperable, then consumers can send the data to their clinician. Consumers may also wish to assign a proxy or caregiver access to the information within their PHR. [247]

_{Back to Top}

Other Gaps In The Current PHR Standards Arena

Next, we address several other gaps in the PHR standards arena that have not been discussed in other sections.

Data Content Standards

Donald Mon, Ph.D.suggests one of the major areas that the standards community will need to revisit is data content standards. While HL7, DICOM, SNOMED, and LOINC are useful for PHRs, health care organizations still record data according to their own current data set. Thus, interoperability challenges are still present. Two examples illustrate the need for greater standardization with respect to data content.

The first example addresses gender data. Gender is currently collected in multiple ways across EHRs and PHRs (e.g., male = 1, female = 2; male = M, female = F; etc). Health care organizations may have systems to recognize various types of codes for male and female during data exchange. However, other organizations may also utilize additional codes for gender equal to hermaphrodite or unknown. During data exchange, this additional information would not be recognizable to a system that does not have hermaphrodite or unknown in the current data set.

The second example relates to medication use habits. David Lansky, Ph.D. asserted that there are a number of medical history data elements that are not standardized across PHRs, leading to interoperability challenges. One example is medication use habits (e.g., does the patient split pills in half; what are the patient’s reasons for not taking the prescribed pills; does the patient have post-procedure complications, etc.). The industry does not currently have a method to make this information part of the patient’s PHR, though it is critical data to include in the patient’s health record.

Until the industry has greater data standardization or potentially a standard data set, it will be impossible to achieve semantic interoperability for certain data elements. Dr. Archelle Georgiou, an independent consultant, commented on the difficulty of achieving consistency around semantics: ‘Achieving consistency around semantics – beyond the semantics for very specific or objective data points – is a much broader objective than establishing a technology based resource for holding health related information. Semantic interoperability would require cultural change that begins during the medical education process. Since this is unlikely, another approach is to recognize the inevitability of semantic variability and to create systems, support, and processes that work around them.’

Areas of Overlap in Standards Development

A number of standards organizations and work groups have been tasked to address similar issues related to PHR privacy, security, interoperability, and portability. While coordination between initiatives is ideal, initiatives sometimes move along different paths – with different missions, charges and time frames. Thus, areas of overlap do exist in the current standards development arena.

AHIMA is exploring the issues of overlap in standards development initiatives through a new project focused on the development of Regional Health Information Organization (RHIO) best practices for the Office of the National Coordinator for Health Information Technology (ONCHIT). As part of this project, AHIMA will look at how health information is exchanged in a health information exchange (HIE) environment, whereby the PHR could be one node in any HIE. Donald Mon, Ph.D. indicated that the ONCHIT project will require the standards community to think critically about the gaps and inconsistencies with respect to PHR standards and standards initiatives. Currently, a number of different initiatives have addressed PHR standards – including but not limited to the HISPC project, HITSP, IHE, and CCHIT. The project will explore whether the different initiatives, and their areas of overlap, are affecting the HIE (when the PHR is one of the nodes that information can be exchange to and from). Several areas of overlap to date are discussed below.

Consents. One specific example where there is overlap among standards development efforts is for consents. David Lansky, Ph.D. suggests that currently consents are done in different ways. One method is to use a consent directive, which essentially enables the provider to acquire all of the account holder’s consents up front. The benefit is that when a health care episode occurs, the provider does not need to acquire consent again. This process reduces burden on clinicians and improves the clinician’s workflow. However, from a policy and privacy perspective, there are problems with using a consent directive. Consumer advocates have asserted that consumers will be better protected by a policy that requires providers to ask for consent during each health care episode. Consent directives are one key area where the EHR-PHR standards community lacks a consistent policy. HISPC, HITSP, and other groups have addressed consent directives in a variety of ways, creating overlap in the standards development space.

Conditions and Diagnoses. According to HITSP, there is also an overlap of standards for conditions and diagnoses – namely SNOMED-CT and ICD-9/10. In 2007, HITSP recommended that both types of codes could be requested, and thus, whatever form the information is available in would be provided.[248]

Portability. In 2007, HITSP also explored PHR portability standards and determined that that IHE-XDM and X12 are areas of overlap.[249]

_{Back to Top}

Summary: Standards For PHRs

Standards govern the way health information is exchanged between PHRs and other health information systems. A number of entities are involved in developing standards for PHRs. Most recently, HL7 developed the PHR-S functional model (PHR-S). This represents the first effort to define personal health functions, supportive functions, and information infrastructure functions for PHRs. In addition to this effort, other standards development organizations have created standards for EHRs that are also applicable to PHRs. The relevant standards for semantic interoperability are terminologies such as SNOMED, developed by the College of American Pathologists, and LOINC, maintained by the Regenstrief Institute. The HL7 Clinical Document Architecture is another important data exchange and message standard for clinical and administrative data.

A number of security standards for authentication, consent, confidentiality, accountability, and non-repudiation are available for PHRs. However, one outstanding security issue is how much access, use and control a consumer should have over their PHR. Various PHRs and PHR platforms treat the issues of access, use and control differently. Closely connected to security, privacy is a key concern for consumers of PHRs. Currently, there is no uniform standard for privacy of personal health information stored in a PHR. The NCVHS has released recommendations for the characteristics of a PHR privacy. Several organizations have also released privacy statements for their PHR products and platforms. However, there is no consensus among PHR service providers about the specific elements that should be in all PHR privacy policies.

Portability of information between health care entities and between PHRs and EHRs is another important issue that the standards community has addressed. Integrating the Healthcare Enterprise has developed the IHE-XDS, IHE-XDR and IHE-XDM standards-based specifications for cross-enterprise document interchange. In addition, America’s Health Insurance Plans and Blue Cross Blue Shield Association have explored portability between PHRs, and between PHRs and EHRs. Their work resulted in the X12 plan-to-plan transfer portability standard, which is under further development by HL7 and Accredited Standards Committee X12.

Finally, AHIC has developed detailed use cases in the areas of patient-provider secure messaging, remote monitoring, and personalized healthcare; each of these use cases has implications for PHR users.

While a number of standards are available or under development for PHRs, the standards community, health researchers, and policy makers will need to address four key gaps with respect to standards. First, no standards exist for patient-initiated changes to information within the PHRs. Standards must be developed to ensure that changes requested by consumers are made in a uniform fashion to protect the accuracy of the clinical record. Second, future work should address privacy and security issues related to PHRs. Researchers should explore the possibility of developing a uniform privacy standard that applies to all PHR service providers, regardless of whether or not they are covered by HIPAA. Research should also explore the implications of assigning access, use, and control over a PHR to a care-manager or proxy, as this issue will be particularly relevant to Medicare beneficiaries. Third, future work should focus on further standardizing data content in PHRs to ensure semantic interoperability. Fourth, the PHR community must come to a consensus on the rights and legal responsibilities of all parties involved with PHRs. A clear definition of the rights and responsibilities of consumers, health care providers, PHR suppliers/ vendors, and other entities involved with PHRs will help to foster interoperability and also facilitate the protection of personal health information.

_{Back to Top}

Chapter 7.
The Potential Impacts of PHRs

As previous sections have discussed, PHRs remain in their infancy. While payers and vendors have stepped into this emerging marketplace, few Americans own a PHR, and many providers remain skeptical of their utility.[250] Nonetheless, PHRs have the potential to have a significant impact on the U.S. health care system.

This section explores the potential ramifications of PHR technology for payers, vendors, and the U.S. health care system in general. Discussion focuses on providers and costs. It discusses the impact of PHRs on patient-provider interactions and provider workflows, and also reviews the related issues of provider reimbursement for PHR usage and support. Each section draws from various forms of evidence that, together, provide the most complete picture available of how PHRs affect key stakeholders and components of the health care landscape.

_{Back to Top}

Impact on Providers

Providers have different attitudes toward and experiences with PHRs. As with all health information technologies, some providers are more receptive than others. Physicians who are early HIT adopters may incorporate the latest technology into their practices, while other segments of the provider community remain resistant to change. Some providers see the potential utility presented by PHRs, particularly in the areas of patient engagement and chronic disease management.[251]^{, [252]} Specifically, PHRs create the opportunity for providers to engage patients outside of traditional health care settings and empower them with additional information.[253]^{, [254]} Despite the potential benefits, the broader provider community has not played a central role in personal health record adoption efforts.

Some closed systems such as Kaiser Permanente and the Veterans Health Administration have engaged their providers in the implementation and ongoing use of PHR systems.[255]^{, [256]} Preliminary studies of these implementations suggest positive results, yet closed networks are atypical as most payers do not directly employ physicians.[257]^, [258]

Without the type of support and mandate created by closed systems, physicians are left with many barriers that could prevent their active support for the adoption of PHRs. These barriers include the challenge of integrating large volumes of patient data into their clinical workflow and decision making processes, discerning the accuracy of patient-provided data, connecting PHR systems with existing EHR systems, legal liability risks related to incorporating PHRs in the delivery of care and the issues surrounding the creation of new electronic communication channels with patients.

Provider membership associations such as the American Medical Association (AMA) remain skeptical of PHRs. One AMA trustee expressed hope that PHRs could save time for both patients and providers, help prevent medication errors, and prevent duplicate laboratory tests.[259] However, legal concerns and the notion that PHRs would simply amount to ‘garbage in, garbage out’ prevent the AMA from fully embracing PHRs.[260]

The extent to which the concerns expressed by some providers and administrators are typical of the entire provider community is not easily verified in the PHR literature. For example, there are evaluations of PHR use that have shown very high levels of satisfaction with PHRs among providers.[261]^, [262] One health care network even received more complaints from providers who were not initially given access to a PHR than those who were given access.[263] These early experiences with PHRs suggest that providers attitudes towards PHRs may evolve based on first-hand experience and the ongoing evolution of PHRs, HIT and health care as a whole.

Key Factors that Affect Provider Adoption of PHRs

The successful expansion of PHRs is largely dependent upon their uptake and adoption by providers. Tang et al. (2006) identified a number of potential benefits to providers who utilize PHRs.[264] Namely, PHRs can improve communication between the provider and patient; improve communication between the provider and members of their health care team; and enable patients to input more information about their health directly into a health record that can be connected with the clinician’s EMR. PHRs may also help to foster dialogue between the patient and provider about chronic conditions and medication regimens. Tang et al. (2006) have found, however, that the benefits of the PHR for the provider are contingent upon the PHR being integrated into the provider’s EMR. [265]

Despite these potential benefits, there are a number of key factors that affect provider adoption of PHRs – some are enablers and others are barriers.

Tang (2006) cited a number of barriers to provider participation in PHRs including: concerns about liability risks; reliance on proprietary systems; lack of reimbursement or financial incentives to adopt PHRs; concerns about increased workload and negative impacts on provider workflow; costs associated with staff training and implementation of PHRs; uncertainties about the regulations underlying PHRs; fear of cultural change in the organization; and an absence of information about the sustainability of PHRs.[266]

Impact of PHRs on Patient–Provider Interactions

Currently, most patients play a relatively passive role in their healthcare, relying on providers and payers to track clinical information over time. PHRs, along with other patient-centric technologies, could significantly alter this dynamic. As one commentator put it, ‘Providers and patients will need to develop different mindsets and levels of trust [in working with PHRs].’[267]

In some ways, PHRs represent a departure from traditional patient-provider interactions. For example, providers can use the patient-provided medical data from the PHR to inform their treatment decisions. Patients have the ability to hide certain aspects of their medical history from providers. Some might argue that PHRs provide individuals with more direct control over their healthcare. Further, many PHRs include secure messaging between patients and providers, opening a new mode of communication that may dramatically affect relationships. These potential impacts on the patient-provider relationship are discussed below in further detail.

Provider Access to Patient Generated Clinical Information

PHRs allow providers to access patient health data in new ways. For example, PHRs could provide data that would eliminate the onus of filling out and filing “clip board” questionnaires at a provider’s office. A single electronic registration would make it easier for individuals to provide their information and for clinicians to use it. The American Health Information Community’s (AHIC) Consumer Empowerment Work Group (CEWG) is making recommendations that will guide the development of a consumer-directed secure electronic registration summary; AHIC’s CEWG Work Group has also been charged with facilitating the widespread adoption of PHRs. With a registration summary, the consumer will be able to complete his/her medical paperwork one time electronically and share the information with all of his/her health care providers.[7]

In 2006, AHIC CEWG tasked CMS with piloting programs that measure and demonstrate the value of a Registration Summary and Medication History PHR for patients with chronic conditions and their clinicians. To meet the goals of the CEWG, CMS has contracted with AHRQ to evaluate the uptake, use, and utility of the pilot tool for Managed Care beneficiaries.[268]

In addition to a registration summary, there are tracking tools for health indicators such as blood pressure and blood glucose levels that could show the provider a more complete picture of a patient’s health status between visits.

Although the ability for providers to access these new data may be promising, the sheer volume of information included in PHRs could also have negative consequences.[269] Some in the provider community anticipate patients bringing large volumes of self-entered health data to office visits.[270] While often cumbersome and repetitive, clipboard questionnaires allow providers to control the types of data provided by patients from the very first moment of contact. PHRs theoretically reverse that relationship, empowering consumers to bring personal data in various forms and in limitless quantity to their in-person visits.

In addition, some commentators suggest that providers could be held legally responsible for the material in a patient’s PHR.[271]^, [272] Providers fear being held legally liable for overlooking key information in patients’ PHR medical histories, even if this information may not ultimately prove relevant to their delivery of care.[273] Conversely, some suggest that providers could be held legally negligent if they provide low-quality care, based on inaccurate patient-provided PHR data.[274] In this way, PHRs present providers with a dilemma: they must either ignore what they consider to be questionable medical data and be sued if it turns out to be accurate and significant, or use inaccurate patient data and be held responsible if the data dictate inappropriate or dangerous care. Similarly, providers need to know the origin of information; whether it is from a fellow provider or originally from a provider and since modified by the patient. This issue has not been consistently addressed across all PHRs.[275]

Some findings suggest that the utility and relevance of PHR data to providers varies by situation and the type of care needed. For example, LifeLedger and other PHR products offer a wallet-sized reference card to direct providers to the PHR’s URL.[276] Directing providers to the PHR using this method could be useful in situations where patients are not able to communicate with providers. Some approaches have proven less effective in care settings. In a study of a Minnesota emergency room, patients could not recall their PHR user name or passwords, rendering the PHR system useless in emergency situations.[277] Other PHRs offer specific reports that patients can print out and carry in their purses and wallets.[278] This type of report could include information relevant in an emergency (such as drug allergies, blood type, advanced directives, etc.), but would exclude many classes of data housed in the PHR. One study suggests that this type of report has proven very useful for emergency medical technicians.[279]

There are also examples of patients utilizing PHRs that allow them to add their own annotations of official clinical EHR records. Indivo, an open source personally controlled health record application that was developed at Children’s Hospital in Boston, allows patients and caregivers to annotate the record in a controlled manner. At the time of this review, Indivo is in use at Children’s Hospital Boston and other testbeds. Users are allowed to add to a record, but are not allowed to delete any content. Information added by the user is clearly marked so providers and other caregivers accessing the record have strong assurance regarding the veracity of the information they use to guide treatment decisions. Indivo is being adapted for use by the Dossia Consortium. The source code for Indivo is available for free download and use under the LGPL license.

Finally, while PHRs allow providers to access patient health data in new ways, the same risks of inaccurate and incomplete information apply. Users do have control over the content of their PHRs, and in some cases, can add or delete information from their medical history. Thus, PHRs are not entirely dissimilar from a patient’s verbally reported medical history. Archelle Georgiou, M.D., an independent consultant, noted that, ‘Just as the doctor uses a verbal medical history as a component of the care decision-making process, the doctor should use the PHR as a valuable data point in care planning. However, PHRs should never be used to make health care decisions. The risks of a poor patient history are the same risks of inaccurate or incomplete data in a PHR.’ Thus, PHRs should be used to inform – rather than to determine – the provider’s treatment decisions.

Secure Communication with Patients

Many PHRs offer users the capability to directly communicate with their primary care providers. In the words of Paul Tang, this function ‘provide[s] an ongoing connection between patient and physician…which changes encounters from episodic to continuous,’ something Tang cited as a ‘critical benefit.’[280] To date, PHRs have largely adopted a secure message functionality that provides greater security assurances and controls than standard email. Research comparing secure messaging with standard email in health care settings shows that messaging provides a number of significant advantages over email in areas such as: encryption, access controls, message templates, prescription routing, and reimbursement.[281]

Many argue that secure messaging capabilities could be abused by patients and that it could pose a liability if users misunderstand the purpose of provider messaging.[282] In many cases, providers express concern about the sheer number of messages and the workflow changes that would be required to answer all messages in a responsible way. These potential negatives represent significant barriers to adoption for providers.

However, some empirical studies show that these concerns are not borne out by the evidence. One study of a secure message system using a patient portal showed that message volume peaked at 8.5 weekly messages per 100 scheduled visits.[283] Studies of secure-messaging done at Beth Israel Deaconess Medical Center (BIDMC) further demonstrate that physicians are not inundated with patient messages, with an average of 20 messages each month per 100 patients ⁵⁷ These results suggests that access to secure messaging does not automatically lead to abuse or unmanageable message volumes, a potential barrier to adoption. Further, messaging may decrease over time as patients become better acquainted with PHRs and their functionality.[284] In this way, patients may learn more about the appropriate topics for messages and learn to use the message function more efficiently over time. Another study found that providers who receive more messages found integrating message-related work easier than providers who received fewer messages.[285] This finding suggests that message volume may not be a primary workflow obstacle in PHR implementation. Alternatively, provider comfort with PHRs or commitment to using them could cause greater problems for providers.

Anecdotal evidence further suggests that patients respect their providers’ time, and generally do not burden them with unnecessary messages.[286] An independent study of Kaiser’s KP HealthConnect shows that 70% of user sessions result in a message between the patient and provider.[287] This demonstrates that KP HealthConnect and its users have fully embraced secure messaging. At the same time, positive feedback from Kaiser Permanente providers suggests that this embrace has not resulted in a flood of clinically irrelevant messages.[288] Kaiser has also found that the secure message function is more efficient than telephone communication.[289] Additional PHR studies support this idea, although there is not yet a clear consensus in the literature.[290] [291] [292] [293]

Recent implementations of PHRs have created approaches to implementing secure messaging in a manner that could be more palatable to providers. Kaiser Permanente empowers providers to choose the patients they think will benefit most from this form of communication.[294] In this system, the PHR amounts to a tool for patients over which providers retain considerable control. This type of solution may convince skeptical providers who may be resistant to new information systems, especially where they can identity no direct benefit.[295]

Research has shown that successful electronic communication does not have to directly connect patients with their physicians. Kaiser Permanente has given each of its geographic regions the authority to decide which types of providers are authorized to read and respond to patient messages sent through HealthConnect.[296] This means that registered nurses or other types of providers can handle messages, in addition to physicians. This sort of compromise could allay physician fears of being overwhelmed by patient messages.

Other examples in the literature show that sites that utilize secure messaging often have established processes for triaging messages so that office administrative staff deal with scheduling of appointments, nurses and physician assistant staff respond, to some patient email and providers are only expected to respond to email that requires their specific involvement. In addition, most practices establish turn around times for responding to messages, ensuring that patient expectations are appropriately managed. Patients are also informed about the circumstances in which email communication should be used.

_{Back to Top}

Provider Workflow

As with any new technology, understanding how providers will incorporate the technology into the medical practice is a key determinant of use and adoption.[297] As one recent report on PHRs states, ‘providers may or may not have the means or inclination to use the information in the PHR when they make treatment decisions.’[298] This quote suggests that both infrastructure and attitudes could affect the level to which providers include PHRs in their workflow. Also, providers who have implemented EHRs cite workflow concerns as the most significant barrier to PHR adoption.[299]

The impact of PHRs on provider workflow will depend to a large extent on the level of integration between PHRs and EHRs. Where the EHR and PHR are not linked, the provider would have to access two disparate systems–the provider EHR and the patient PHR–to gather a complete account of the patient’s medical record. Providers may also encounter other issues, such as trying to reconcile two different records, having to make a determination on which record has the most up-to-date information and whether all the information in the PHR comes from a trusted source. In other instances where the PHR and EHR are interoperable, the provider will be able to log into the EHR, access the patient’s record and have a view into specific information from the patient’s PHR that has been added to the EHR. In the latter scenario the process of accessing information contained in the patient’s PHR would be more seamless.

To respond to these concerns, implementation of PHRs will need to carefully consider the optimum processes for using PHRs in routine clinical practice. Some leading institutions that have implemented patient portals have already taken a number of steps to help integrate the PHR into providers’ workflow. Group Health Cooperative, for example, actively assists with the routing of messages, follows up with providers about unanswered messages from patients and includes all messages in patients’ EMRs.[300]

In addition to workflow, the organization of PHR data is an important factor for providers.[301] Where data can be visually scanned, summarized and analyzed easily, PHRs do not present a significant workflow burden. This suggests that reports and graphical summaries of patient tracking data and a quick reference page for patient medical histories would be most useful for primary care providers.

Finally, provider attitudes also play a key role in ensuring workflow integration. Provider reluctance and negative perceptions prior to PHR use have been well-documented, but evaluations of PHR implementations show that providers are generally satisfied with PHRs.[302]^{, [303]} Results of such studies suggest that although providers initially express negative attitudes toward PHRs, once they have the opportunity to use PHRs provider experiences have been generally positive.

_{Back to Top}

Other Potential Impacts of PHRs

As PHRs are more broadly introduced into the health care system, they may have a significant financial impact. Aside from eVisits, PHRs could serve as a type of intervention that reduces more traditional health care costs through improved chronic disease management, more comprehensive medication management and patient compliance and better informed consumers. These financial impacts will be felt by multiple stakeholders, including providers, payers, patients and employers. However given the relative newness of this technology and limited production instances of PHRs, clear empirical evidence of return on investment and cost savings is scant. There are already efforts underway to identify criteria to measure the impact of a PHR product, but findings have not yet been published.[304] Most of the literature on this subject deals with the areas of provider reimbursement for PHR adoption and employer support for PHRs as a means of lowering health care costs and improving employee health outcomes.

Employer Support for PHR Adoption

A number of major American employers have embraced PHRs and the broader idea of patient access to records and communication channels.[305] Benefits to employers include savings in chronic disease management costs[306] and reduced costs for medications and wellness programs.[307] A 2007 study by Forrester Research noted that large employers are ‘the first out of the gate’ towards PHRs because they have much to gain in terms of lower health care costs and improved productivity from their employees.[308]

A 2007 study by CHCF explored the uptake of PHRs by large national employers.[309] The study found that there are a variety of existing employer-based PHRs, many of which help employees to track and manage their benefits (flexible spending accounts, claims data and payments, and wellness programs). Some of the existing employer-based PHRs enable employees to enter, check, and track health data (e.g., cholesterol, weight, drug information, etc), search for providers, and view their benefits over the internet.[310]

The CHCF study also found that while some employers are launching a PHR on their own, others are forming collaboratives. Wal-Mart, Intel, Pitney-Bowes, Applied Materials and BP America have joined to create Dossia, a patient data system that allows employees to access their electronic medical records.[311]^{, [312]} While this approach differs from a PHR, these employers similarly seek to empower employees to take part in their healthcare. This PHR collaborative has added other employer members since its launch, including Cardinal Health and AT&T, and received public support from health care industry and consumer groups such as: the American Association of Family Physicians, American Academy of Pediatrics' Council on Clinical IT; National Association of Manufacturers, the Centers for Disease Control and Prevention, and National Consumers League.[313]

Dell, another large American employer, has implemented PHRs as a part of an effort to reduce health care costs and to empower employees to take a more active role in their health care. Dell began offering PHRs three years ago, along with other health improvement plans and has since reported a 10% decrease in overall health care costs.[314] Dell did not specify how much of the decrease could be attributed to PHR use, instead considering the new technology as a necessary step toward an improved health care system and better informed health care consumers.[315] In this way, Dell and others cast PHR functionality as a part of a broader strategy to maximize the savings and efficiencies offered by health information technology solutions.[316]

Other employers have not embraced personal health records. After being approached to join Wal-Mart, Intel and others, Cisco decided that their employee base would not significantly benefit from access to electronic medical records.[317] In this way, Cisco evaluated the benefits and challenges of personal health records and concluded that the new technology would not reduce health care costs for their relatively young and healthy employee base.[318] The different approach taken by Cisco suggests that the perceived return on investment for PHR-related technologies is lower for specific populations, in this case a relatively young and healthy workforce.

In addition to concerns about return on investment, employers have cited a number of barriers to adopting or expanding PHRs including: costs associated with implementation; policy uncertainties; privacy and security concerns; misperceptions about employer access to employee health information; uncertainties surrounding the HIPAA privacy rule; problems associated with sustainability; lack of research about the benefits of PHRs; and limited consumer demand.[319]

The uncertainty surrounding the HIPAA privacy rule was also highlighted as a major concern among employers in the 2007 CHCF issue brief on PHR adoption by employers. Some employers are not considered HIPAA- covered entities, and thus, the privacy rule does not apply. The study concludes that employers should outline the legal rules that apply to them to ensure transparency, and also develop and post their own corporate privacy policies regarding PHRs, which specifically describe how they handle employees’ personal health information.[320] Furthermore, in the event that employers wish to collaborate on a PHR initiative, it is important for them to create transparent policies and scopes of work that govern their collaboratives.[321]

Provider Reimbursement

Finally, reimbursement for PHR-related work is another a key concern for some physicians. Primary care providers cite a lack of reimbursement for coordinating care as a key barrier to PHR adoption.[322] [323] Reimbursement was also found to be a major concern for providers using web messaging systems with patients.[324] As is often the case with health information technology, payers play an integral role in adoption. Some in the policy realm have argued for changes to reimbursement policies to compensate providers for their time spent working with PHR data and communicating with patients electronically.[325] Recent shifts made by Cigna, Aetna and some Blue Cross Blue Shield affiliates to reimburse for online consultations may signal receptiveness to PHR reimbursement in the payer community.[326] Group Health, another payer, incentivizes providers to use secure messaging; paying them five dollars for every message they send.[327] Finally, others have noted that the Centers for Medicare and Medicaid Services (CMS) could greatly affect the policy discussion regarding PHR reimbursement.[328]

Kaiser Permanente’s PHR implementation did not provide any direct financial compensation to providers in return for their participation in secure messaging with patients. Nonetheless, Kaiser Permanente has had significant success in encouraging providers to use this function. This illustrates that while direct compensation to providers is one possible way of encouraging provider buy-in to PHRs, it is not the only method.[329] [330] [331] In the case of Kaiser Permanente, however, it is important to note that physicians are salaried, and thus, already compensated for communicating with patients in any form (whether it is in-person, online, on the telephone, etc).

Archelle Georgiou, M.D. noted that financial reimbursement is not a relevant factor for salaried physicians. Reimbursement is a significant barrier for providers when time is the only determinant of their income. The impact of reimbursement on PHR adoption will continue to evolve, however. Dr. Georgiou highlighted that the Medical Home model[332] – a model whereby a patient and provider have an ongoing relationship and develop a coordinated approach to the patient’s healthcare – may affect the adoption of provider adoption of PHR. The model includes provider reimbursement for alternative methods of care delivery and care coordination activities such as electronic email and e-visit communication systems, and telemedicine services. Reimbursement for such activities may drive the adoption of PHRs in the future.

_{Back to Top}

Summary: The Potential Impacts of PHRs

PHRs present both potential benefits and challenges to providers and the wider health care system. PHRs offer providers unprecedented access to patient medical histories and clinical tracking information, while empowering patients to become more actively engaged in their healthcare. Consequently, PHRs have the potential to dramatically change patient-provider relationships, expanding the flow of health care data and opening new channels of communication.

Greater access to data could present problems for providers who may not be able to sift through volumes of patient-provided health data or to verify data accuracy. Further, many in the provider community fear the consequences of secure messaging with their patients, although early efforts by Kaiser Permanente and others indicate that innovative policies can successfully harness the potential of this functionality.

Outside of the provider and payer communities, employers are increasingly looking to technologies such as personal health records to control health care costs and to provide employees easy access to their health records. Finally, PHRs have the potential to both affect and be affected by reimbursement policies, as stakeholders consider adapting existing policies to new forms of care. As this section demonstrates, few have attempted PHR implementation and many challenges lie ahead, yet the impact of PHRs has already been seen and will likely continue to be felt throughout the health care system.

_{Back to Top}

Appendix A

_{Back to Top}

Appendix B

_{Back to Top}

Appendix C.
Bibliography

• The Markle Foundation, http://www.markle.org.
• www.thefreedictionary.com/utility.
• AHIMA, http://www.myphr.com/resources/index.asp.
• Merriam Webster Online Dictionary, http://www.merriam-webster.com/dictionary.
• American Health Informatics Management Association, http://www.ahima.org.
• AHIMA, http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_027539.hcsp?dDocName=bok1_027539.
• K. Ackerman. "Early Employer Efforts to Shape Future Health It Initiatives." I Health Beat (2007), www.ihealthbeat.org.
• "Aetna: Nearly Two-Thirds of Americans Are Not Familiar with Personal Health Records, a Resource Available to Millions of Consumers." Biotech Week, August 1 2007.
• R. Agarwal, and C. M. Angst. "Technology-Enabled Transformations in Us Health Care: Early Findings on Personal Health Records and Individual Use." In Human-Computer Interaction and Management Information Systems: Applications, edited by Dennis Galletta and Ping Zhang. Armonk, NY, 2006.
• AHIMA e-HIM Personal Health Record Work Group. "The Role of the Personal Health Record in the EHR." Journal of AHIMA 76, no. 7 (2005): 64A-D.
• B. Albright. "Prepping for PHRs. The Growing Trend of Consumer Empowerment Includes the Speedy Rise of Personal Health Records." Healthcare Informatics 2007, 44-46.
• "The American National Standards Process." The American National Standards Institute, http://www.ansi.org. .
• "Americans Support Online Personal Health Records; Patient Privacy and Control Are Crucial to Acceptance." Markle Foundation, http://www.markle.org/resources/press_center/press_releases/2005/press_release_10112005.php.
• C.M. Angst, Agarwal, R., Downing, J. "An Empirical Examination of the Importance of Defining the PHR for Research and for Practice." Robert H. Smith School of Business, Working Paper No. RHS-06-011.
• "Annual Report of the Boards of Trustees of the Federal Hospital Insurance and Federal Supplementary Medical Insurance Trust Funds." edited by Department of Health and Human Services. Washington, DC: Boards of Trustees of the Federal Hospital Insurance and Federal Supplementary Medical Insurance Trust Funds, 2008.
• "Astm E2211-02 Standard Specification for Relationship between a Person (Consumer) and a Supplier of an Electronic Personal (Consumer) Health Record." ASTM, http://www.astm.org/Standards/E2211.htm.
• L. Nancy Atkinson, A. Holly Massett, Christy Mylks, Bethany Hanna, Jo Mary Deering, and W. Bradford Hesse. "User-Centered Research on Breast Cancer Patient Needs and Preferences of an Internet-Based Clinical Trial Matching System." J Med Internet Res 9, no. 2 (2007): e13.
• Attitudes of Americans Regarding Personal Health Records and Nationwide Electronic Health Information Exchange. Edited by Public Opinion Strategies: Markle Foundation, 2005.
• "Attitudes of Americans Regarding Personal Health Records and Nationwide Electronic Health Information Exchange: Key Findings from Two Surveys of Americans." Markle Foundation, http://www.phrconference.org/assets/research_release_101105.pdf.
• M. J. Ball, and J. Gold. "Banking on Health: Personal Records and Information Exchange." Journal of Healthcare Information Management 20, no. 2 (2006): 71-83.
• F. Bazzoli. "Continuity of Care Standards Reach Milestone." Healthcare IT News, http://www.healthcareitnews.com.
• R. Benoit. "PDF-H: The “Safe Deposit Box” for Personal Healthcare Data." Intel, http:// http://www.niphysiciansforconnectivity.org.
• William Bernstein, Julie Murchinson, Melinda Dutton, Terry Keville, Robert Belfort, and Manatt Health Solutions. "Whose Data Is It Anyway? Expanding Consumer Control over Personal Health Information." In Issue Brief, edited by California Health Care Foundation: California Health Care Foundation, 2008.
• "Best Practices for Employers Offering Personal Health Records (PHRs)." Health Privacy Project and the California Health Care Foundation, 2007.
• M.B. Bloche. "Consumer-Directed Health Care." New England Journal of Medicine 355, no. 7 (2006): 1756-59.
• C. Bocchino. "AHIC Testimony." American Health Information Community, Consumer Empowerment Subgroup 2006.
• John Boden. December 3 2007.
• –––. December 3 2007.
• E; Manning Boehm, H; McInnes, A; Melnikova, O. "PHRs: From Evolution to Revolution. A Health Plan Guide to Navigating the Personal Health Record Market." Forrester Research, 2007.
• K.W. Boone. "Patient Controlled Health Information Infrastructure." GE Healthcare, http://www.pchri.org/2006/presentations/pchri2006_boone.pdf.
• "Boston’s Caregroup Hospitals Pioneer the Web-Based Patient Portal." Canadian Healthcare Technology, . http://www.intersystems.com/cache/analysts/CHT_May2005.pdf.
• Patricia Flatley Brennan. "Discussion." (2007).
• Patricia Flatley Brennan, Stephen Downs, Gail Casper, and Daniel Kenron. "Project Healthdesign: Stimulating the Next Generation of Personal Health Records." AMIA Annual Symposium Proceedings (2007): 70-74.
• B. Bright. "Benefits of Electronic Health Records Seen as Outweighing Privacy Risks." Wall Street Journal, November 28 2007.
• C. Broder. "Insurers Plan Interoperable PHRs." Healthcare IT News, http://www.healthcareitnews.com.
• Cynthia Burghard. "Truth and Fiction of Personal Health Management Tools." Gartner Research, 2006.
• J. Burrington-Brown, Friedman, B. "Educating the Public About Personal Health Records." Health Care Policy Report Health Care Policy Report Journal of AHIMA 77 (2005): 94-95.
• S.O. Carsten, Nienke, P.D., Smith, C.A. "Mother Knows Best: Medical Record Management for Patients with Spina Bifida During the Transition from Pediatric to Adult Care." AMIA 2005 Annual Symposium Proceedings (2005): 580-84.
• A. Civan, M. M. Skeels, A. Stolyar, and W. Pratt. "Personal Health Information Management: Consumers’ Perspectives." AMIA Annu Symp Proc 156 (2006): 60.
• J. Conn. "Ccd Standard up for a Vote." Modern Healthcare, http://www.modernhealthcare.com.
• –––. "Standards Rivals’ Collaboration Could Have Major Impact." EMR Advice, http://www.emradvice.wordpress.com.
• "Connecting Americans to Their Health Care: A Common Framework for Networked Personal Health Information." In The Connecting for Health Common Framework: Markle Foundation, 2006.
• "Connecting for Health." Markle Foundation, Personal Health Working Group, Final Report, 2003.
• "Connecting for Health." The Markle Foundation, http://www.connectingforhealth.org. .
• "Defining Key Health Information Technology Terms." In Draft Report prepared for the 2nd public comment period, edited by The Records Workgroup: Office of the National Coordinator funded by the National Alliance for Health Information Technology, 2008.
• Lorraine Doo. "Registration Summary & Medication History - a Personal Health Record (PHR) Pilot for Medicare Beneficiaries." December 5 2007.
• Joyce DuBow. December 10 2007.
• Charles B. Eaton, and David K. Ahern. Integration of EMR/PHR and Patient Portal with Decision Support, 2007. PowerPoint presentation.
• "EHR-S Fm and EHR/Im Package." Health Level Seven, http://www.hl7.org/ehr/downloads/index_2007.asp.
• J. Eichner, Dullabh, P. "Accessible Health Information Technology (Health It) for Populations with Limited Literacy: A Guide for Developers and Purchasers of Health It." In Agency for Healthcare and Research Quality. Rockville, MD, 2007.
• S. Emmer, and J. Horvath. "American Geriatrics Society (Ags)." Geriatric medicine: a clinical imperative for an aging population. New York: AGS, Association of Directors of Geriatric Academic Programs (2004).
• "Essential Similarities and Differences between the HL7 Cda/Crs and Astm Ccr." American Academy of Family Physician's Center for Health Information Technology, 2005.
• S. Fenton. December 12 2007.
• –––. "Quicken for Healthcare Briefing for Consumer Empowerment Workgroup." Department of Health and Human Services, 2006.
• J. Ferranti, C. Musser, et al. . "The Clinical Document Architecture and the Continuity of Care Record: A Critical Analysis." Journal of the American Medical Informatics Association 13, no. 3 (2006): 245-52.
• "Final Report." The Markle Foundation Personal Health Working Group, 2003.
• Steve Findlay. November 26 2007.
• Rashida Fleming. "Myhealthevet Discussion." (2007).
• –––. December 12 2007.
• S. Fox. "Older Americans and the Internet: ." Pew Internet and American Life Project, 2004.
• L. Frieden. "Consumer-Directed Health Care: How Well Does It Work?" In National Council on Disability, 2004.
• L. Gallagher. "Privacy and Security Issues for PHRs. ." Health Information and Management Systems Society, http://www.himss.org/content/files/PHRPrivSecCOO-LGV1.0.pdf.
• Terhilda Garrido, Brian Raymond, Laura Jamieson, Louise Liang, and Andrew Wiesenthal. "Making the Business Case for Hospital Information Systems--a Kaiser Permanente Investment Decision." Journal of Health Care Finance 31, no. 2 (2004): 16-25.
• Christopher J. Gearon. "Perspectives on the Future of Personal Health Records." California HealthCare Foundation, 2007.
• Robert Gellman. "Personal Health Records: Why Many PHRs Threaten Privacy." The World Privacy Forum, 2008.
• Janlori Goldman. "Personal Health Records: Employers Proceed with Caution ": California HealthCare Foundation, 2007.
• Google. "Cleveland Clinic to Test Google Health." http://googlesystem.blogspot.com/2008/02/cleveland-clinic-to-pilot-google-health.html.
• David H. Gustafson, Fiona M. McTavish, William Stengle, Denise Ballard, Robert Hawkins, Bret R. Shaw, Ellen Jones, Karen Julesberg, Helene McDowell, Wei Chih Chen, Kanittha Volrahongchai, and Gina Landucci. "Use and Impact of Ehealth System by Low-Income Women with Breast Cancer." Journal of Health Communication 10 (2005): 195-218.
• R.A. Guth. "Microsoft’s Health Push Faces Obstacles." Wall Street Journal, October 5 2007, B3.
• "Harris Interactive Survey." 2004.
• "Health Literacy: A Prescription to End Confusion." In Institute of Medicine Committee on Health Literacy, edited by Panzer Nielsen-Bohlman L, AM, and Kindig DA, editors. Washington, DC: The National Academic Press, 2004.
• "Healthcare Policy Report." edited by Bureau of National Affairs, 655, 2006.
• B. W. Hesse, and B. Shneiderman. "Ehealth Research from the User’s Perspective." American Journal of Preventive Medicine 32, no. 5S (2007): 97-103.
• Kevin Heubusch. "Piecing Together the PHR." Journal of AHIMA 78 (2007): 4.
• "HIMSS Personal Health Records Definition and Position Statement." Healthcare Information Management and Systems Society (HIMSS), 2007.
• "HITSP Consumer Access to Clinical Information Use Case Requirements, Design and Standards Selection." Consumer Empowerment Technical Committee, http://publicaa.ansi.org
• "HITSP Document Reliable Interchange Transaction." Paper presented at the Submitted to the Healthcare Technology Standards Panel by the Population Health Technical Committee, December 7, 2007 2007.
• "HL7 Finalizing Health It Standards." <http://www.fiercehealthit.com/story/hl7-finalizing-phr-standards/2007-11-12?utm_medium=rss&utm_source=rss> (accessed December 1, 2007).
• R. J. Hodes, and D. A. B. Lindberg. "Making Your Web Site Senior Friendly." National Institute on Aging and the National Library of Medicine, 2002.
• J. Nicholas Hoover. "Get Well Soon: Fed up with Rising Health Care Costs, Intel, Wal-Mart, and Others Think Giving Employees Digital Records Will Help." InformationWeek, December 4 2006.
• T. K. Houston, D. Z. Sands, M. W. Jenckes, and D. E. Ford. "Experiences of Patients Who Were Early Adopters of Electronic Communication with Their Physician: Satisfaction, Benefits, and Concerns." Am J Manag Care 10, no. 9 (2004): 601-8.
• "How Are ISO Standards Developed?" International Organization for Standardization, http://www.iso.org/iso/standards_development/processes_and_procedures/how_are_standards_developed.htm.
• "Implementation Guide for the Personal Health Record Data Transfer between Health Plans." America's Health Insurance Plans and Blue Cross Blue Shield Association, 2006.
• "Industry Leaders Join Forces to Advance Portable Healthcare Document Practices – New Best Practices Guide Addresses Exchange of Healthcare Information." AIIM, the ECM Association, http://www.aiim.org/article-pr.asp?ID=32097.
• "Innovations in Health Care Delivery." Paper presented at the FTC Public Workshop, Washington, DC, April 24, 2008 2008.
• "Issues in American Labor Statistics: Computer Ownership up Sharply in the 1990s." edited by Bureau of Labor Statistics U.S. Department of Labor, 1999.
• D. et al Johnson. "A Framework and Approach for Assessing the Value of Personal Health Records (PHRs)." AMIA Annu Symp Proc (2007): 374-78.
• Douglas Johnston, David Kaelber, Eric C Pan, Davis Bu, Sapna Shah, Julie M. Hook, and Blackford Middleton. "A Framework and Approach for Assessing the Value of Personal Health Records (PHRs)." AMIA Annual Symposium Proceedings (2007): 374-78.
• Valeria Tate Jopeck, and Marion Ein Lewin. Developing an Information Infrastructure for the Medicare+Choice Program:Summary of a Workshop. Edited by Institute of Medicine Office of Health Policy Programs and Fellowships, Committee on Choice and Managed Care: Furthering the Knowledge Base to Ensure Public Accountability and Information for Informed Purchasing by and on Behalf of Medicare Beneficiaries. Washington, DC: National Academy Press, 1999.
• M. Jordan. "Scenario Boards Can Be Used to Improve Validation of Early Product and Service Concepts: A Critical Skill in Today’s Environment." www.pdma.org. .
• S. J. Katz, C. A. Moyer, D. T. Cox, and D. T. Stern. "Effect of a Triage-Based E-Mail System on Clinic Resource Use and Patient and Physician Satisfaction in Primary Care: A Randomized Controlled Trial." Journal of General Internal Medicine 18, no. 9 (2003): 736-44.
• S. J. Katz, N. Nissan, and C. A. Moyer. "Crossing the Digital Divide: Evaluating Online Communication between Patients and Their Providers." Am J Manag Care 10, no. 9 (2004): 593-98.
• Alla Keselman, Laura Slaughter, Catherine Arnott-Smith, Hyeoneui Kim, Guy Divita, Allen Browne, Christopher Tsai, and Qing Zeng-Treitler. "Towards Consumer-Friendly PHRs: Patients’ Experience with Reviewing Their Health Records." AMIA Annual Symposium Proceedings (2007): 399-403.
• E. H. Kim, Mayani, A., Modi, S., Soh, C.B., Kim, Y. "Evaluation of Patient-Centered Electronic Health Record to Overcome the Digital Divide." In Engineering in Medicine and Biology 27th Annual Conference. Shanghai, China, 2005.
• Eung-Hun Kim, Anna Stolyar, William B. Lober, Anne L. Herbaugh, Sally E.Shinstrom, Brenda K. Zierler, Cheong B. Soh, and Yongmin Kim. "Usage Patterns of a Personal Health Record by Elderly and Disabled Users." AMIA Annual Symposium Proceedings (2007): 409-13.
• Katherine Kim. "Clinical Data Standards in Health Care: Five Case Studies." California HealthCare Foundation, 2005.
• M. I. Kim, and K. B. Johnson. "Personal Health Records: Evaluation of Functionality and Utility." Journal of the American Medical Informatics Association 9, no. 2 (2002): 171.
• A. F. Kittler, G. L. Carlson, C. Harris, M. Lippincott, L. Pizziferri, L. A. Volk, Y. Jagannath, J. S. Wald, and D. W. Bates. "Primary Care Physician Attitudes Towards Using a Secure Web-Based Portal Designed to Facilitate Electronic Communication with Patients." Informatics in Primary Care 12, no. 3 (2004): 129-38.
• M. Kutner, E. Greenburg, Y. Jin, and C. Paulsen. "The Health Literacy of America's Adults." 76: National Center for Education Statistics, 2006.
• D Lansky. December 3 2007.
• D. Lansky. "A National Agenda for Personal Health Records? How Will We Really Empower Consumers in the Next Decade?" Connecting for Health presentation, 2006.
• S. Lauriks, A. Reinersmann, H. G. Van der Roest, F. J. M. Meiland, R. J. Davies, F. Moelaert, M. D. Mulvenna, C. D. Nugent, and R. M. Droes. "Review of ICT-Based Services for Identified Unmet Needs in People with Dementia." Ageing Research Reviews 6, no. 3 (2007): 223-46.
• W. Lazarus, and F. Mora. "Online Content for Low-Income and Underserved Americans: The Digital Divide's New Frontier. A Strategic Audit of Activities and Opportunities." Children's Partnership, 2000.
• M. Ray Leavitt, A. "Cchit Town Hall." Paper presented at the Healthcare Information and Management Systems Society (HIMSS) Annual Conference 2008, Orlando, FL 2008.
• R Lecker, D Armijo, S Chin, J Christensen, J Desper, A Hong, L Kneale, and Altarum Institute. "Review of Personal Health Record (PHR) Service Provider Market Privacy and Security." edited by Office of the National Coordinator for Health Information Technology (ONC) Department of Health and Human Services, 2007.
• R. & Gordon Leonard, AR. Statistics on Vision Impairment a Resource Manual. Vol. 4th ed.: Research Institute of Lighthouse International, 2001.
• E. M. Liederman, J. C. Lee, V. H. Baquero, and P. G. Seites. "The Impact of Patient-Physician Web Messaging on Provider Productivity." Journal of Healthcare Information Management–Vol 19, no. 2: 81.
• –––. "Patient-Physician Web Messaging." Journal of General Internal Medicine 20, no. 1 (2005): 52-57.
• Leili Lind, Daniel Karlsson, and Bengt Fridlund. "Patients' Use of Digital Pens for Pain Assessment in Advanced Palliative Home Healthcare." International Journal of Medical Informatics In Press, Corrected Proof (2007).
• W. B. Lober, B. Zierler, A. Herbaugh, S. E. Shinstrom, A. Stolyar, E. H. Kim, and Y. Kim. "Barriers to the Use of a Personal Health Record by an Elderly Population." AMIA Annual Symposium Proceedings (2006): 514-8.
• "LOINC." RegenStreif Institute, http://www.regenstrief.org/medinformatics/loinc.
• K.D. Mandl, et al. "Indivo: A Personally Controlled Health Record for Health Information Exchange and Communication." BCM Medical Informatics and Decision Making 7, no. 25 (2007).
• G. Marchionini. November 13 2007.
• G. Marchionini, B. K. Rimer, and B. Wildemuth. "Evidence Base for Personal Health Record Usability Final Report to the National Cancer Institute." National Cancer Institute 2007.
• "The Medical Home Position Statement." edited by AAMC Executive Council: Advisory Panel on Healthcare, 2008.
• "Medicare Fee-for –Service Beneficiary Access to Physician Services: Trends in Utilization of Services, 2000 to 2002." edited by U.S. Government Accountability Office, 2005.
• "Medicare: A Primer." Kaiser Family Foundation, 2007.
• "Microsoft Healthvault Beta Version Privacy Statement." Microsoft Corporation, https://account.healthvault.com/help.aspx?topicid=PrivacyPolicy
• K. Miller. "Health Level Seven, America's Health Insurance Plans, and the Blue Cross and Blue Shield Association Sign Mou to Collaborate on Portability Standards for Personal Health Records." Blue Cross Blue Shield Association, http://www.bcbs.com/news/bcbsa/hl7_ahip_bcbsa_collaborate_on_phrs.html?templateName=template-28767547&print=t
• L Moreno, et. al. "Personal Health Records: What Do Underserved Consumers Want." Mathematica Policy Research, Inc., Issue Brief, no. 4 (2007).
• J. Morrissey. "But What Does the Public Think?: For Consumers to Adopt PHRs, They Need Reasons That Hit Home." Journal of AHIMA 76, no. 10 (2005): 42-44.
• D. B. Nash, D. Shulkin, F. Comite, R. Loeppke, B. Van Cleave, R. Kane, J. Christianson, and D. Pousma. "Measurement of the Impact of Winona Health Online." Disease Management 4, no. 1 (2001): 15-18.
• "National Committee on Vital and Health Statistics Subcommittee on Privacy and Confidentiality Working Session. U.S. Department of Health and Human Services ". Paper presented at the National Committee on Vital and Health Statistics Subcommittee on Privacy and Confidentiality Working Session. U.S. Department of Health and Human Services Washington, D.C., June 2007 2007.
• "National Consumer Health Privacy Survey 2005." California Healthcare Foundation, 2005.
• "New Health Data Standards Gaining Support." Fierce Health IT, http://www.fiercehealthit.com/story/new-health-data-standards-gaining-support/2007-05-29.
• Lori Nichols. December 19 2007.
• –––. December 19 2007.
• J. Nielsen. "Usability 101: Introduction to Usability." http://www.useit.com/alertbox/20030825.html.
• K. L. Norman, and E. Panizzi. "Levels of Automation and User Participation in Usability Testing." Interacting with Computers 18, no. 2 (2006): 246-64.
• "Office of the National Coordinator: Mission." Office of the National Coordinator. U.S. Department of Health and Human Services http://www.hhs.gov/healthit/onc/mission.
• Jan Oldenberg. November 1 2007.
• Jan Oldenburg. November 1 2007.
• G. Olsen. "Designing Breakthrough Products: Going Where No User Has Gone Before." UX Matters, http://www.uxmatters.com/MT/archives/000130.php.
• "Patient-Provider Secure Messaging Detailed Use Case." Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, 2008.
• "PDF Healthcare Overview." AIIM - Enterprise Content Manager, http://www.aiim.org/standards.asp?ID=31832.
• "Personal Health Record Data Transfer between Health Plans: Standards for Electronic Data Interchange." America’s Health Insurance Plans and Blue Cross Blue Shield Association, 2006.
• "Personal Health Records and Personal Health Record Systems." edited by U.S. Department of Health and Human Services. Washington, D.C., 2006.
• "Personalized Healthcare Detailed Use Case." U.S. Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, 2007.
• "PHR-System Functional Model, Release 1 Dstu." HL7 EHR Technical Committee, 2007.
• M. Pierson. "Perspective on PHR Clinical, Patient, and Consumer Perspectives." Paper presented at the AHIC 2007 Presentation, Whatcom County, WA 2007.
• Sandra Potthoff, Jing Du, Stuart Speedie, and Donald P. Connelly. "Emergency Room Providers’ Perceptions of Mychart’s My Emergency Data: Findings from a Focus Group Study." AMIA Annual Symposium Proceedings (2007): 1082.
• "Privacy and Confidentiality in the Nationwide Health Information Network." National Committee on Vital and Health Statistics, 2006.
• "Privacy Statement." Elder Issues, http://www.elderissues.com/pages/index.cfm?fuseaction=customerservice&CFID=92501113&CFTOKEN=92444035&x=9871322.
• "Project Healthdesign: Rethinking the Power and Potential of Personal Health Records." The Robert Wood Johnson Foundation, 2006.
• J. D. Ralston, D. Carrell, R. Reid, M. Anderson, M. Moran, and J. Hereford. "Patient Web Services Integrated with a Shared Medical Record: Patient Use and Satisfaction." Journal of the American Medical Informatics Association 14, no. 6 (2007): 798.
• "Remote Monitoring Draft Detailed Use Case." Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, 2008.
• "Research-Based Web Design and Usability Guidelines." edited by U.S. Department of Health and Human Services. Washington, DC, 2006.
• "Review of the Personal Health Record Service Provider Market: Privacy and Security." Altarum, http://www.hhs.gov/healthit/ahic/materials/01_07/ce/PrivacyReview.pdf.
• L Ricciardi. "Project Healthdesign and HL7 Functional Requirements for PHRs Compared." edited by Project Health Design, 2008.
• Andis Robeznieks. "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records." Modern Healthcare, May 21 2007.
• "Roundtable Summary Report: Personal Health Records and Electronic Health Records. Navigating the Intersections." Oakland, CA: Agency for Healthcare Research and Quality, American Medical Informatics Association, Kaiser Institute for Health Policy, and the Robert Wood Johnson Foundation, 2006.
• ACC/ HIMSS/ RSNA. "IHE It Infrastructure Technical Framework, Supplement 2006-2007: Cross-Enterprise Document Media Interchange (XDM)." Integrating the Health Enterprise, http://www.ihe.net.
• "Rxnorm Overview." U.S. National Library of Medicine. National Instititutes of Health., http://www.nlm.nih.gov/research/umls/rxnorm/overview.html.
• D. Z. Sands. "Making It Real: Patientsite." AMIA 2006 Spring Congress, http://www.amia.org/meetings/s06/post/sands_5-17_1030a.pdf.
• Brigid McHugh Sanner. "Creating Age-Friendly Websites: Does Your Website Meet the Needs of Senior Surfers? This Communications Expert Outlines How You Can Make the Most of the Internet Opportunity." The Journal on Active Aging (2004).
• George Scriban. January 10 2008.
• B. Shneiderman. "Designing the User Interface: Strategies for Effective Human-Computer Interaction." (1997).
• L. Sprague. "Personal Health Records: The People’s Choice?" NHPF Issue Brief 820 (2006): 1-13.
• W. W. Stead. "Rethinking Electronic Health Records to Better Achieve Quality and Safety Goals." Annual Review of Medicine (2006).
• Walter Sujansky, and Associates LLC. "Project Healthdesign: Common Platform Requirements: Technical Specifications Overview." California Health Care Foundation, 2008.
• "Summary of Responses to an Industry Rfi Regarding a Role for Cms with Personal Health Records ". Center for Medicare and Medicaid Services, http://www.cms.hhs.gov/PerHealthRecords.
• "Survey Finds Americans Want Electronic Personal Health Information to Improve Own Health Care." Markle Foundation, http://www.markle.org/downloadable_assets/research_doc_120706.pdf.
• Paul C. Tang, Joan S. Ash, David W. Bates, J. Marc Overhage, and Daniel Z. Sands. "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption." Journal of the American Medical Informatics Association 13, no. 2 (2006): 121-26.
• Paul Tang, and David Lansky. "The Missing Link: Bridging the Patient- Provider Health Information Gap." Health Affairs 24, no. 5 (2005): 1290-95.
• C. Tessier, Waegermann, P., Kibbe, D., Smith, D., Brewer, P. "The Concept Paper of the Ccr - Version 3." Medical Records Institute, 2006.
• C.B. Thielst. "The New Frontier of Electronic, Personal, and Virtual Records." Journal of Healthcare Management 52, no. 2 (2007): 75-78.
• Joanne K. Tobacman, Pamella Kissinger, Marilyn Wells, Joan Prokuski, Mary Hoyer, Patricia McPherson, Julie Wheeler, Joyce Kron-Chalupa, Carol Parsons, Patricia Weller, and Bridget Zimmerman. "Implementation of Personal Health Records by Case Managers in a Vamc General Medicine Clinic." Patient Education and Counseling 54, no. 1 (2004): 27-33.
• "Two in Five Adults Keep Personal or Family Health Records and Almost Everybody Thinks This Is a Good Idea." Health Care News 4, no. 13 (2004).
• "An Uphill Climb for Personal Health Records." American Medical News (2006): 22.
• "The Value of Personal Health Records, a Joint Position Statement for Consumers of Health Care." AHIMA/AMIA, 2007.
• J. Walker, E. Pan, D. Johnston, J. Adler-Milstein, D. W. Bates, and B. Middleton. "The Value of Health Care Information Exchange and Interoperability." Health Affairs (2005).
• Harry Wessel. "More Insurers Reimburse Doctors for Online Care." Orlando Sentinel, May 15 2006.
• M. Wise, J. Y. Han, B. Shaw, F. McTavish, and D. H. Gustafson. "Effects of Using Online Narrative and Didactic Information on Healthcare Participation for Breast Cancer Patients." Patient Educ Couns (2008).
• Yasnoff. "Healthvault–a Step in the Right Direction." http://williamyasnoff.com/?p=42.
• Y. Y. Zhou, T. Garrido, H. L. Chin, A. M. Wiesenthal, and L. L. Liang. "Patient Access to an Electronic Health Record with Secure Messaging: Impact on Primary Care Utilization." Am J Manag Care 13 (2007): 418-24.

_{Back to Top}

Appendix D.
Sample Discussion Guide

Article I.          Key Informant: Jan Oldenburg

Organization: Lead Project Manager, Clinical Quality and Content

Kaiser Permanente and HealthConnect

Expertise: Usability/Standards

Usability

1. How long have you been working with Kaiser? How have you been involved with Kaiser’s HealthConnect Online? When was its PHR unrolled?

2. Do enrollees need to sign up for a PHR or are then automatically signed up?

3. How many members are currently using the PHR?
1. How many members are currently using KP HealthConnect Online?
2. Are the aged and/or disabled members using KP HealthConnect Online?
   
   
4. What functions do enrollees use most? Which are most helpful? Which do they like best/ least? Are there functions they aren’t using? How does this differ for the aged and disabled?

5. Have there been any changes made to the PHR since it was introduced?

6. Was there any initial usability testing done of the PHR? When? How?

7. Do you receive feedback on problems enrollees have using the PHR?
1. How do you get this feedback?
2. Do the aged have any particular problems?

8. What have enrollees found to be the biggest benefit of PHRs? (Does it save them time and effort? Improve their relationship with their physician? Allow them to better monitor their medical conditions?)

Standards

1. What would you say are the key standards that are relevant for PHR development?
   
   
2. Are there any gaps in the current PHR standards development activities?
   
   
3. Privacy and security

1. Can you discuss how consumer privacy and security issues will be addressed as these seem to be a major impediment to PHR adoption and use?

4. With regards to PHR-EHR interoperability what are the key standards that need to be considered?

5. Are the current SDOs (Standards Development Organizations) the right organizations to be overseeing PHR standards development?

Patient-Provider Interactions

6. How have physicians responded to KP HealthConnect Online?

1. Are all of Kaiser’s providers required to use Health Connect Online?
2. Have providers experienced changes in work flow?
3. How have provider attitudes changed over time?

7. How has KP HealthConnect Online affected patient-provider communication and interaction?

1. Are members asking providers more questions as a result of their experiences with the PHR?
2. Do you think that KP Health Connect Online has helped patients to become more involved in their own health care?
3. Have providers experienced a decline in appointments as a result of the PHR?
4. What concerns or issues do physicians have with the PHR?

Other resources that we may consult

Are there any products, papers, other resources related to PHRs that you think are particularly useful?

Is there anyone else you recommend that we contact?

_{Back to Top}

Appendix E.
Key PHR Initiatives

As this report has illustrated, the PHR space is both new and very dynamic. During the course of developing this report, a number of initiatives were identified that have the potential to significantly impact the development of PHRs. These initiatives profiled in this Appendix were selected for inclusion their number of users, the scope of the functions they offer, or other unique factors, such as an open source software approach, a design with a care management perspective, and financial (rather than a medical) model approach. A number of these initiatives are still in the early-design or implementation stage but offer new, interesting and potentially influential approaches to the design of future PHRs. The information provided is from our literature review and discussions with PHR implementers and leaders.

Kaiser Permanente’s HealthConnect

The HealthConnect PHR is part of Kaiser Permanente’s larger HealthConnect software system, designed by Epic Systems at a cost of $3 billion. Its core data elements are a shared view of the medical record. Access to the PHR provides a health history of allergies, immunizations, conditions, past visit information, and prescriptions. It also provides members with laboratory test results, behavior change modules, health education materials, information on health plan services and facilities, and patient instructions in English and Spanish. Secure messaging of providers is available for primary care providers in most regions and will soon allow messaging to specialists. Its PHR also offers members the ability to make and change appointments, tools to monitor chronic conditions, and online prescription refills.

Currently, 1.7 million of its 8.6 million members are registered for HealthConnect, with 79,000 repeat users each month. Of its 880,000 Medicare members, 220,000 are signed up. Members must opt-in to participate (this now requires members to register online and then receive an activation code by mail; in February 2007, this will become a one-step process.) The PHR provides family members who have been granted access the ability to view the full record (the exception being any mention of domestic violence.)

Veteran Health Administration’s My HealtheVet

My HealtheVet is linked with the VHA’s Computerized Patient Record System (CPRS) and VistA, a storage application for all VHA clinical documents. My HealtheVet provides online access to personal information, military health histories, medication tracking and VHA prescription refill, medical events, and immunization records. It makes available health information, links to Federal and VA benefits and resources, and a personal health journal (to track, for example, blood pressure, blood sugar, and cholesterol). Secure messaging will be released next year and online test results will be available after that. In the future, My HealtheVet registrants will be able to view appointments, co-pay balances, and key portions of their VHA medical records.

Over 41,000 veterans have signed up, 2,000 of whom are over 90 years old. The VHA is moving to national implementation and will end the pilot as this happens. Because in-person authorization is required to obtain a log-in ID and password, a major concern for the national roll-out is the lack of on-site staff to authenticate those applying for a PHR ID and password, particularly in outpatient rural clinics.[333]

LifeLedger

LifeLedger is a stand-alone computer application housed on the internet. It was designed by geriatric case managers as a paper form. LifeLedger is targeted to family members and care managers of the aged, with the intent to communicate information to all involved in the subscribers’ care. It records and stores health records, financial and demographic information, medication histories, funeral plans, and other important documents, such as living wills and health care power of attorney forms. Subscribers or caregivers manually enter the information; in the case of documents, they are uploaded to the personal record. Caregivers and providers may add progress notes. LifeLedger also includes a library, chat room, and forums.

Along with assisting in the day-to-day management of care, LifeLedger is designed for emergencies. It provides a print out of all emergency information and suggests that this be put in an envelope on the subscriber’s refrigerator (the first place that emergency medical personnel will check when they enter a house). Also, if the subscriber is unable to provide access to his/her records in the emergency room, LifeLedger provides emergency room providers with a password that allows them a view of the subscriber’s emergency information (medications, physician information, etc.) It is noted that LifeLedger is not a comprehensive medical record, but instead, a subset of information that is critical to the care of an individual.

Microsoft HealthVault

HealthVault is a personal health technology platform that allows consumers to gather, store, and share health information online. HealthVault is not a PHR; instead, it is a place to store health information. HealthVault links to Microsoft’s partners’ applications, with HealthVault’s role being to facilitate communication to and from partners and consumers. At its October 2007 release, Microsoft had agreements for over 40 applications and devices for its platform and its partner list now numbers in the hundreds. Partners include health-management device manufacturers (Johnson & Johnson), prevention and disease groups (American Diabetes Association, American Heart Association), and PHR companies (CapMed, Medem, ActiveHealth).

According to Microsoft, HealthVault’s value to consumers is that it offers them a platform to better manage their health information. It plans for consumers to collect (upload or enter) their private health information. Consumers are said to have complete control over this health information, which they can then offer to their health care providers. HealthVault also includes a specialized medical search engine that helps consumers to more effectively search the Internet for health information by organizing online health content, and according to Microsoft, allowing consumers to refine searches faster and with more accuracy, and eventually connecting them with HealthVault-compatible solutions.

Quicken Health

Quicken Health is now under development and its broad launch (with United Healthcare first and later CIGNA) is planned for 2008. This is an online application that aims to help consumers to understand their health care expenditures, settle their bills, and spend their dollars wisely. Unlike other medical- and health-related PHRs, Quicken Health focuses on the management of health care expenditures. It is designed to partner with health plans and employers, who then provide their members or employees access to Quicken Health. Once signed up, consumers permit the download of claims and benefit information, which Quicken Health translates into a language understandable to consumers, then provides tools to help consumers manage their expenditures. For example: in the case of a denied claim, the denial code is translated and the consumer advised of follow-on action. A financial diagnostic engine is included to assist consumers’ future financial decisions.

Quicken Health is a product of Intuit, maker of Turbo Tax, Quicken, Quicken Books (for small-businesses), and Quicken Medical Expense Manager. According to Intuit’s Director of Market Development, its market research shows that consumers’ health care expenditure data is scattered and difficult for consumers to manage. Its experience with Quicken Medical Expense Manager (its individual, non-group product which requires users to hand-enter all data) is that consumers want an application that enters the data for them. Intuit believes that many (but not all) health plan members and employees will use Quicken Health. The incentive for employers--particularly self-insured employers--to partner with Intuit is particularly strong, as they anticipate that Quicken Health will facilitate a decline in employee and employer health expenditures.

Children’s Hospital Boston’s, Indivo

Indivo (formerly PING) is a PHR (it calls itself “personally controlled health records”) that enables a patient to assemble, maintain, and manage a secure copy of his or her medical data.[334] It integrates health information across sites of care and over time. It is an open source, open standards PHR that is internet based and provides a web interface. All Indivo technical documents, including design concepts and source code, are accessible on the internet, enabling straightforward local customization of Indivo, as well as interoperability between Indivo and other vendor products.

In September 2007, the Children's Hospital Informatics Program and the Dossia Consortium announced that they would be partnering to make the Indivo PHR the core of the anticipated Dossia Personally Controlled Health Record system. Dossia will provide resources to extend the core Indivo functionality and server architecture, which will remain open source and freely available. Indivo is also the PHR for Children’s Hospital Boston and was deployed as part of an employee health program at Hewlett Packard. MIT and Harvard University are adopting Indivo as the PHR for their students and employees.

Palo Alto Medical Foundation’s PAMFOnline

The Palo Alto Medical Foundation is a large multispecialty group practice that has been operating its PHR since 2002. PAMF tightly integrates its electronic medical record system with its PHR. Patients can view summary data from their medical record, including the results of diagnostic tests, and request medical advice, prescription renewals, appointments, or updates to their demographic information. It has found that patients embrace this new communication channel and are using the service appropriately. Patients especially value electronic messaging with their physicians and timely access to their test results. While initially concerned about an increase in work, physicians have found that use of electronic messaging can be an efficient method for handling non-urgent communication with their patients.

CareGroup Healthcare System’s PatientSite

Caregroup’s PHR, PatientSite, serves an integrated delivery network of five hospital (its flagship hospital is Beth Israel Deaconess Medical Center), 12,000 employees, 2 million patients, and 1,700 physicians (as of December 2005). It has been up and running since 2000, and as of January 2006, over 22,000 patients had registered for PatientSite and 16 percent of these patients accessed their records each month. The median age user is 43, with four percent of users over age 70. Along with patients, clinicians and other staff use PatientSite (200 primary care clinicians and 300 staff used PatientSite every month in 2005). PatientSite achieved this degree of adoption by ensuring it is compatible with all browsers, is easy to use, and is highly customizable.[335]

PatientSite, provides secure messaging, personal medical records, and “convenience transactions” online (this includes requesting appointments, obtaining prescription refills, requesting referrals, and viewing medical claims). It allows patients to view their physician’s schedule and request a non-urgent appointment. PatientSite also includes health education modules and links and home pages may also be customized with health education links (either by the provider or patient).[336] Patients can also input their own medications, problems, allergies, and notes; track and graph data over time (e.g., blood glucose measurements, weight, blood pressure); and upload documents to the PHR. Caregroup estimates the cost of PatientSite to be $250,000 to $720,000 per year, an average of $6 per patient per month.

Project HealthDesign: Rethinking the Power and Potential of Personal Health Records

Funded by the Robert Wood Johnson Foundation in 2006, this program is intended to stimulate innovation in the design of PHR. It aims to build a PHR (described as a PHR system) in which an array of personal health applications can be built on top of a common platform of core data elements and technical services (e.g., a medical management tool that would alert consumers at the proper time to take their medication; and a tool to help consumers minimize medication expenses by searching the Internet to identify the lowest prices). Project HealthDesign’s design and prototyping efforts focus on the needs, preferences, and living environments of consumers.[337]

Project HealthDesign funds nine multidisciplinary teams of technology, health and design experts, each of which will design and test PHR systems before prototyping tools in communities. The design experience is set up to ensure that the teams’ design strategies engage and respond to the self-identified populations of interest. Teams will seek strategies for capturing consumers’ information throughout the course of daily living and address how a PHR can best fit with consumers’ day-to-day activities. Projects emphasize health promotion. The ActivHealth team, for example, is developing a PHR to assist sedentary adults become more physically active.[338]

_{Back to Top}

Citations

• § [1] Similar to a credit card in shape and size, a PHR smart card can be swiped by a health care provider to obtain the patient’s personal health information. The card can be updated when a patient sees a provider. Supporters of smart cards for PHRs cite that sophisticated data encryption and a two-factor authentication process provide a high level of security and have the potential to reduce fraud. To access the PHR, the person must have the card (which includes a personal photo) and the patient’s personal identification number (PIN). Mount Sinai Medical Center in New York City has been working closely with Siemens, a technology solutions firm, since 2004 to develop a Patient Health Card. In February 2007, Mount Sinai Medical Center began deploying smart cards as part of a 10-institution pilot program. Other states with smart card programs under development are Florida, Texas, New York, and Pennsylvania. (See citation #12).
• [2]The phrase, “Below basic health literacy” refers to literacy skills that are inadequate to complete more than the most simple and concrete literacy tasks; “basic literacy” is defined as literacy skills adequate to perform simple and everyday literacy activities.
• [3] A health expense management application can help consumers assess and manage healthcare expenditures (e.g., paying bills) and assist with future healthcare decision-making (e.g., choice of a health plan).
• [4] Forrester Research surveyed 2,100 adults aged 18 and older, nationally during the summer of 2005 via a telephone based instrument. The survey was conducted in Spanish and English. The final sample included 1,000 residents of the continental U.S. and an oversampling of 1,000 residents of California. An oversample of 100 people with HIV or substance abuse conditions was included.
• ^[5] Plan-to-plan portability may only ensure that the claims associated with the multiple visits are aggregated within a PHR, but not the clinical or other non-claim information. In order to gather a patient’s information from multiple providers, EHR-PHR information exchange can be also be done through the CCD.
• [6] AHIC defines the care coordinator as an individual who supports the clinician in managing the patient’s health.
• [7] HITSP incorporated the registration summary into the 2007 interoperability criteria for the certification of ambulatory EHRs. Specifically, one of HITSP’s categories addressed receipt of the registration summary from the patient and import into the EHR.

• [1] Valeria Tate Jopeck and Marion Ein Lewin, Developing an Information Infrastructure for the Medicare+Choice Program:Summary of a Workshop, ed. Institute of Medicine Office of Health Policy Programs and Fellowships, Committee on Choice and Managed Care: Furthering the Knowledge Base to Ensure Public Accountability and Information for Informed Purchasing by and on Behalf of Medicare Beneficiaries (Washington, DC: National Academy Press, 1999).
• [2] "Connecting for Health."
• [3] S. Emmer and J. Horvath, "American Geriatrics Society (Ags)," Geriatric medicine: a clinical imperative for an aging population. New York: AGS, Association of Directors of Geriatric Academic Programs (2004).
• [4] Katherine Kim, "Clinical Data Standards in Health Care: Five Case Studies," (California HealthCare Foundation, 2005).
• [5] "Connecting for Health."
• [6] Cynthia Burghard, "Truth and Fiction of Personal Health Management Tools," (Gartner Research, 2006).
• [7] , AHIMA, http://www.myphr.com/resources/index.asp.
• [8] "Personal Health Records and Personal Health Record Systems," ed. U.S. Department of Health and Human Services (Washington, D.C.: 2006).
• [9] "Defining Key Health Information Technology Terms," in Draft Report prepared for the 2nd public comment period, ed. The Records Workgroup (Office of the National Coordinator funded by the National Alliance for Health Information Technology, 2008).
• [10] "Annual Report of the Boards of Trustees of the Federal Hospital Insurance and Federal Supplementary Medical Insurance Trust Funds," ed. Department of Health and Human Services (Washington, DC: Boards of Trustees of the Federal Hospital Insurance and Federal Supplementary Medical Insurance Trust Funds, 2008).
• [11] "Personal Health Records and Personal Health Record Systems."
• [12] "Medicare Fee-for –Service Beneficiary Access to Physician Services: Trends in Utilization of Services, 2000 to 2002," ed. U.S. Government Accountability Office (2005).
• [13] Jopeck and Lewin, Developing an Information Infrastructure for the Medicare+Choice Program:Summary of a Workshop.
• [14] "Medicare: A Primer," (Kaiser Family Foundation, 2007).
• [15] W. B. Lober et al., "Barriers to the Use of a Personal Health Record by an Elderly Population," AMIA Annual Symposium Proceedings (2006).
• [16] L Moreno, et. al, "Personal Health Records: What Do Underserved Consumers Want," Mathematica Policy Research, Inc., Issue Brief, no. 4 (2007).
• [17] Jopeck and Lewin, Developing an Information Infrastructure for the Medicare+Choice Program:Summary of a Workshop.
• [18] R. & Gordon Leonard, AR., Statistics on Vision Impairment a Resource Manual, vol. 4th ed. (Research Institute of Lighthouse International, 2001).
• [19] Ibid.
• [20] , Merriam Webster Online Dictionary, http://www.merriam-webster.com/dictionary.
• [21] G. Marchionini, B. K. Rimer, and B. Wildemuth, "Evidence Base for Personal Health Record Usability Final Report to the National Cancer Institute," (National Cancer Institute 2007).
• [22] W. Lazarus and F. Mora, "Online Content for Low-Income and Underserved Americans: The Digital Divide's New Frontier. A Strategic Audit of Activities and Opportunities," (Children's Partnership, 2000).
• [23] "Health Literacy: A Prescription to End Confusion," in Institute of Medicine Committee on Health Literacy, ed. Panzer Nielsen-Bohlman L, AM, and Kindig DA, editors (Washington, DC: The National Academic Press, 2004).
• [24] M. Kutner et al., "The Health Literacy of America's Adults," (National Center for Education Statistics, 2006).

• _{Back to Top}

  [25] Lazarus and Mora, "Online Content for Low-Income and Underserved Americans: The Digital Divide's New Frontier. A Strategic Audit of Activities and Opportunities."

• [26] S. Fox, "Older Americans and the Internet: ," (Pew Internet and American Life Project, 2004).
• [27] "Issues in American Labor Statistics: Computer Ownership up Sharply in the 1990s," ed. Bureau of Labor Statistics U.S. Department of Labor (1999).
• [28] Lober et al., "Barriers to the Use of a Personal Health Record by an Elderly Population."
• [29] Fox, "Older Americans and the Internet: ."
• [30] L. Frieden, "Consumer-Directed Health Care: How Well Does It Work?," in National Council on Disability (2004).
• [31] "Personal Health Records and Personal Health Record Systems."
• [32] "Defining Key Health Information Technology Terms." And "Astm E2211-02 Standard Specification for Relationship between a Person (Consumer) and a Supplier of an Electronic Personal (Consumer) Health Record," ASTM, http://www.astm.org/Standards/E2211.htm.
• [33] "Connecting for Health."
• [34], AHIMA, http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_027539.hcsp?dDocName=bok1_027539.
• [35] "Personal Health Records and Personal Health Record Systems."
• [36] "PHR-System Functional Model, Release 1 Dstu," (HL7 EHR Technical Committee, 2007).
• [37] Paul C. Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption," Journal of the American Medical Informatics Association 13, no. 2 (2006).
• [38] "The Value of Personal Health Records, a Joint Position Statement for Consumers of Health Care," (AHIMA/AMIA, 2007).
• [39] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [40] D. et al Johnson, "A Framework and Approach for Assessing the Value of Personal Health Records (PHRs)," AMIA Annu Symp Proc (2007).
• [42] "Americans Support Online Personal Health Records; Patient Privacy and Control Are Crucial to Acceptance," Markle Foundation, http://www.markle.org/resources/press_center/press_releases/2005/press_release_10112005.php.
• [43] "Connecting Americans to Their Health Care: A Common Framework for Networked Personal Health Information," in The Connecting for Health Common Framework (Markle Foundation, 2006). and Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [44] M. J. Ball and J. Gold, "Banking on Health: Personal Records and Information Exchange," Journal of Healthcare Information Management 20, no. 2 (2006).
• [45] "Connecting Americans to Their Health Care: A Common Framework for Networked Personal Health Information." and Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [46] Ball and Gold, "Banking on Health: Personal Records and Information Exchange."
• [47] Yasnoff, "Healthvault–a Step in the Right Direction," http://williamyasnoff.com/?p=42.
• [48] Lori Nichols, December 19 2007, –––, December 19 2007.
• [49] Google, "Cleveland Clinic to Test Google Health," http://googlesystem.blogspot.com/2008/02/cleveland-clinic-to-pilot-google-health.html.
• [50] Kevin Heubusch, "Piecing Together the PHR," Journal of AHIMA 78 (2007).
• [51] "Aetna: Nearly Two-Thirds of Americans Are Not Familiar with Personal Health Records, a Resource Available to Millions of Consumers," Biotech Week, August 1 2007.
• [52] "An Uphill Climb for Personal Health Records," American Medical News (2006).
• [53] K.W. Boone, "Patient Controlled Health Information Infrastructure," GE Healthcare, http://www.pchri.org/2006/presentations/pchri2006_boone.pdf.
• [54] "Harris Interactive Survey," (2004).
• [55] L. Sprague, "Personal Health Records: The People’s Choice?," NHPF Issue Brief 820 (2006).
• [56] "Aetna: Nearly Two-Thirds of Americans Are Not Familiar with Personal Health Records, a Resource Available to Millions of Consumers."
• [57] "An Uphill Climb for Personal Health Records."
• [58] B. Bright, "Benefits of Electronic Health Records Seen as Outweighing Privacy Risks," Wall Street Journal, November 28 2007.
• [59] "Connecting for Health," The Markle Foundation, http://www.connectingforhealth.org. .
• [60] C. Bocchino, "AHIC Testimony," (American Health Information Community, Consumer Empowerment Subgroup 2006).
• [61] D. Lansky, "A National Agenda for Personal Health Records? How Will We Really Empower Consumers in the Next Decade?," (Connecting for Health presentation, 2006).
• [62] "Healthcare Policy Report," ed. Bureau of National Affairs (2006).
• [63] E; Manning Boehm, H; McInnes, A; Melnikova, O, "PHRs: From Evolution to Revolution. A Health Plan Guide to Navigating the Personal Health Record Market," (Forrester Research, 2007).
• [64] "Connecting for Health."
• [65] D Lansky, December 3 2007.
• [66] C.M. Angst, Agarwal, R., Downing, J., "An Empirical Examination of the Importance of Defining the PHR for Research and for Practice," (Robert H. Smith School of Business, Working Paper No. RHS-06-011).
• [67] "Survey Finds Americans Want Electronic Personal Health Information to Improve Own Health Care," Markle Foundation, http://www.markle.org/downloadable_assets/research_doc_120706.pdf.
• [68] Ibid.
• [69] Alla Keselman et al., "Towards Consumer-Friendly PHRs: Patients’ Experience with Reviewing Their Health Records," AMIA Annual Symposium Proceedings (2007).
• [70] Andis Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records," Modern Healthcare, May 21 2007, Bright, "Benefits of Electronic Health Records Seen as Outweighing Privacy Risks."
• [71] Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records.", Bright, "Benefits of Electronic Health Records Seen as Outweighing Privacy Risks."
• [72] "Two in Five Adults Keep Personal or Family Health Records and Almost Everybody Thinks This Is a Good Idea," Health Care News 4, no. 13 (2004).
• [73] A. Civan et al., "Personal Health Information Management: Consumers’ Perspectives," AMIA Annu Symp Proc 156 (2006).
• [74] Lansky.
• [75] "Project Healthdesign: Rethinking the Power and Potential of Personal Health Records," (The Robert Wood Johnson Foundation, 2006).
• [76] T. K. Houston et al., "Experiences of Patients Who Were Early Adopters of Electronic Communication with Their Physician: Satisfaction, Benefits, and Concerns," Am J Manag Care 10, no. 9 (2004).
• [77] Nichols.
• [78] Jan Oldenberg, November 1 2007.
• [79] Leili Lind, Daniel Karlsson, and Bengt Fridlund, "Patients' Use of Digital Pens for Pain Assessment in Advanced Palliative Home Healthcare," International Journal of Medical Informatics In Press, Corrected Proof (2007).
• [80] Ibid.
• [81] L. Nancy Atkinson et al., "User-Centered Research on Breast Cancer Patient Needs and Preferences of an Internet-Based Clinical Trial Matching System," J Med Internet Res 9, no. 2 (2007).
• [82] S.O. Carsten, Nienke, P.D., Smith, C.A., "Mother Knows Best: Medical Record Management for Patients with Spina Bifida During the Transition from Pediatric to Adult Care," AMIA 2005 Annual Symposium Proceedings (2005).
• [83] Ibid.
• [84] Lober et al., "Barriers to the Use of a Personal Health Record by an Elderly Population."
• [85] Ibid.
• [86] S. Lauriks et al., "Review of ICT-Based Services for Identified Unmet Needs in People with Dementia," Ageing Research Reviews 6, no. 3 (2007).
• [87] E. H. Kim, Mayani, A., Modi, S., Soh, C.B., Kim, Y., "Evaluation of Patient-Centered Electronic Health Record to Overcome the Digital Divide," in Engineering in Medicine and Biology 27th Annual Conference (Shanghai, China: 2005).
• [88] Ibid.
• [89] J. Burrington-Brown, Friedman, B., "Educating the Public About Personal Health Records," Health Care Policy Report Health Care Policy Report Journal of AHIMA 77 (2005).
• [90] , www.thefreedictionary.com/utility.
• [91] Oldenberg. Rashida Fleming, December 12 2007. Nichols. John Boden, December 3 2007. See also Paul Tang and David Lansky, "The Missing Link: Bridging the Patient- Provider Health Information Gap," Health Affairs 24, no. 5 (2005).
• [92] Douglas Johnston et al., "A Framework and Approach for Assessing the Value of Personal Health Records (PHRs)," AMIA Annual Symposium Proceedings (2007).
• [93] Eung-Hun Kim et al., "Usage Patterns of a Personal Health Record by Elderly and Disabled Users," AMIA Annual Symposium Proceedings (2007).
• [94] "Two in Five Adults Keep Personal or Family Health Records and Almost Everybody Thinks This Is a Good Idea."
• [95] "Attitudes of Americans Regarding Personal Health Records and Nationwide Electronic Health Information Exchange: Key Findings from Two Surveys of Americans," Markle Foundation, http://www.phrconference.org/assets/research_release_101105.pdf.
• [96] "Survey Finds Americans Want Electronic Personal Health Information to Improve Own Health Care."
• [97] Attitudes of Americans Regarding Personal Health Records and Nationwide Electronic Health Information Exchange, ed. Public Opinion Strategies (Markle Foundation, 2005).
• [98] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [99] Tang and Lansky, "The Missing Link: Bridging the Patient- Provider Health Information Gap."
• [100] Oldenberg. Fleming. Boden. Nichols.
• [101] Angst, "An Empirical Examination of the Importance of Defining the PHR for Research and for Practice."and R. Agarwal and C. M. Angst, "Technology-Enabled Transformations in Us Health Care: Early Findings on Personal Health Records and Individual Use," in Human-Computer Interaction and Management Information Systems: Applications, ed. Dennis Galletta and Ping Zhang (Armonk, NY: 2006).
• [102] R.A. Guth, "Microsoft’s Health Push Faces Obstacles," Wall Street Journal, October 5 2007.
• [103]"Final Report," (The Markle Foundation Personal Health Working Group, 2003).
• [104] Steve Findlay, November 26 2007, Joyce DuBow, December 10 2007.
• [105] Findlay.
• [106] DuBow.
• [107] M. Pierson, "Perspective on PHR Clinical, Patient, and Consumer Perspectives" (paper presented at the AHIC 2007 Presentation, Whatcom County, WA, 2007).
• [108] Johnson, "A Framework and Approach for Assessing the Value of Personal Health Records (PHRs)."
• [109]"Project Healthdesign: Rethinking the Power and Potential of Personal Health Records."
• [110] J. Morrissey, "But What Does the Public Think?: For Consumers to Adopt PHRs, They Need Reasons That Hit Home," Journal of AHIMA 76, no. 10 (2005).
• [111] Ibid.
• [112] Patricia Flatley Brennan, "Discussion," (2007). S. Fenton, December 12 2007. Oldenberg, Rashida Fleming, "Myhealthevet Discussion," (2007), Nichols. George Scriban, January 10 2008.  J. Nielsen, "Usability 101: Introduction to Usability," http://www.useit.com/alertbox/20030825.html.
• [113], www.thefreedictionary.com/utility.
• [114] "Project Healthdesign: Rethinking the Power and Potential of Personal Health Records."
• [115] S. Fenton, "Quicken for Healthcare Briefing for Consumer Empowerment Workgroup," (Department of Health and Human Services, 2006).
• [116] Ibid.
• [117] M.B. Bloche, "Consumer-Directed Health Care," New England Journal of Medicine 355, no. 7 (2006).
• [118] Bright, "Benefits of Electronic Health Records Seen as Outweighing Privacy Risks."
• [119] Brennan, "Discussion."
• [120] G. Olsen, "Designing Breakthrough Products: Going Where No User Has Gone Before," UX Matters, http://www.uxmatters.com/MT/archives/000130.php.
• [121] M. Jordan, "Scenario Boards Can Be Used to Improve Validation of Early Product and Service Concepts: A Critical Skill in Today’s Environment," www.pdma.org. .
• [122] Nielsen, "Usability 101: Introduction to Usability."
• [123] Ibid.
• [124] B. W. Hesse and B. Shneiderman, "Ehealth Research from the User’s Perspective," American Journal of Preventive Medicine 32, no. 5S (2007).
• [125] Nielsen, "Usability 101: Introduction to Usability."
• [126] David H. Gustafson et al., "Use and Impact of Ehealth System by Low-Income Women with Breast Cancer," Journal of Health Communication 10 (2005).
• [127] M. Wise et al., "Effects of Using Online Narrative and Didactic Information on Healthcare Participation for Breast Cancer Patients," Patient Educ Couns (2008).
• [128] J. Eichner, Dullabh, P., "Accessible Health Information Technology (Health It) for Populations with Limited Literacy: A Guide for Developers and Purchasers of Health It.," in Agency for Healthcare and Research Quality (Rockville, MD: 2007). R. J. Hodes and D. A. B. Lindberg, "Making Your Web Site Senior Friendly," (National Institute on Aging and the National Library of Medicine, 2002). Brigid McHugh Sanner, "Creating Age-Friendly Websites: Does Your Website Meet the Needs of Senior Surfers? This Communications Expert Outlines How You Can Make the Most of the Internet Opportunity," The Journal on Active Aging (2004). "Research-Based Web Design and Usability Guidelines," ed. U.S. Department of Health and Human Services (Washington, DC: 2006).
• [129] Hodes and Lindberg, "Making Your Web Site Senior Friendly."
• [130] K. L. Norman and E. Panizzi, "Levels of Automation and User Participation in Usability Testing," Interacting with Computers 18, no. 2 (2006).
• [131] B. Shneiderman, "Designing the User Interface: Strategies for Effective Human-Computer Interaction," (1997).
• [132] G. Marchionini, November 13 2007.
• [133] Nielsen, "Usability 101: Introduction to Usability."
• [134] , www.thefreedictionary.com/utility.
• [135] Kim, "Clinical Data Standards in Health Care: Five Case Studies."
• [136] Christopher J. Gearon, "Perspectives on the Future of Personal Health Records," (California HealthCare Foundation, 2007).

• [137] "Office of the National Coordinator: Mission," Office of the National Coordinator. U.S. Department of Health and Human Services http://www.hhs.gov/healthit/onc/mission.

• [138] "Personal Health Records and Personal Health Record Systems."
• [139] M. Ray Leavitt, A., "Cchit Town Hall" (paper presented at the Healthcare Information and Management Systems Society (HIMSS) Annual Conference 2008, Orlando, FL, 2008).
• [140] Gearon, "Perspectives on the Future of Personal Health Records."
• [141] Ibid.
• [142] Ibid.
• [143] Robert Gellman, "Personal Health Records: Why Many PHRs Threaten Privacy," (The World Privacy Forum, 2008).
• [144] Janlori Goldman, "Personal Health Records: Employers Proceed with Caution " (California HealthCare Foundation, 2007).
• [145] Ibid.
• [146] , The Markle Foundation, http://www.markle.org.
• [147] "Connecting for Health."
• [148] , American Health Informatics Management Association, http://www.ahima.org.
• [149] "Project Healthdesign: Rethinking the Power and Potential of Personal Health Records."
• [150] "The American National Standards Process," The American National Standards Institute, http://www.ansi.org. .
• [151] "How Are ISO Standards Developed?," International Organization for Standardization, http://www.iso.org/iso/standards_development/processes_and_procedures/how_are_standards_developed.htm.
• [152] Ibid.
• [153] "PHR-System Functional Model, Release 1 Dstu."
• [154] "HL7 Finalizing Health It Standards," <http://www.fiercehealthit.com/story/hl7-finalizing-phr-standards/2007-11-12?utm_medium=rss&utm_source=rss> (accessed December 1, 2007).
• [155] Walter Sujansky and Associates LLC, "Project Healthdesign: Common Platform Requirements: Technical Specifications Overview," (California Health Care Foundation, 2008).
• [156] L Ricciardi, "Project Healthdesign and HL7 Functional Requirements for PHRs Compared," ed. Project Health Design (2008).
• [157] Gearon, "Perspectives on the Future of Personal Health Records."
• [158] Ibid.
• [159] Kim, "Clinical Data Standards in Health Care: Five Case Studies."
• [160] Ibid.
• [161] Ibid.
• [162] "LOINC," RegenStreif Institute, http://www.regenstrief.org/medinformatics/loinc.
• [163] Ibid.
• [164] "Rxnorm Overview," U.S. National Library of Medicine. National Instititutes of Health., http://www.nlm.nih.gov/research/umls/rxnorm/overview.html.
• [165] "EHR-S Fm and EHR/Im Package," Health Level Seven, http://www.hl7.org/ehr/downloads/index_2007.asp.
• [166] –––, "Clinical Data Standards in Health Care: Five Case Studies."
• [167] "Essential Similarities and Differences between the HL7 Cda/Crs and Astm Ccr," (American Academy of Family Physician's Center for Health Information Technology, 2005).
• [168] J. Ferranti, C. Musser, et al. , "The Clinical Document Architecture and the Continuity of Care Record: A Critical Analysis," Journal of the American Medical Informatics Association 13, no. 3 (2006).
• [169] C. Tessier, Waegermann, P., Kibbe, D., Smith, D., Brewer, P., "The Concept Paper of the Ccr - Version 3," (Medical Records Institute, 2006).
• [170] J. Conn, "Ccd Standard up for a Vote," Modern Healthcare, http://www.modernhealthcare.com.
• [171] Ibid.
• [172] –––, "Standards Rivals’ Collaboration Could Have Major Impact," EMR Advice, http://www.emradvice.wordpress.com.
• [173] F. Bazzoli, "Continuity of Care Standards Reach Milestone," Healthcare IT News, http://www.healthcareitnews.com.
• [174] "National Committee on Vital and Health Statistics Subcommittee on Privacy and Confidentiality Working Session. U.S. Department of Health and Human Services ", (paper presented at the National Committee on Vital and Health Statistics Subcommittee on Privacy and Confidentiality Working Session. U.S. Department of Health and Human Services Washington, D.C., June 2007 2007).
• [175] Scriban.
• [176] "Personal Health Records and Personal Health Record Systems."
• [177] Ibid.
• [178] "HITSP Document Reliable Interchange Transaction", (paper presented at the Submitted to the Healthcare Technology Standards Panel by the Population Health Technical Committee, December 7, 2007 2007).
• [179] Ibid.
• [180] Ibid.
• [181] Boone, "Patient Controlled Health Information Infrastructure."
• [182] "Summary of Responses to an Industry Rfi Regarding a Role for Cms with Personal Health Records ", Center for Medicare and Medicaid Services, http://www.cms.hhs.gov/PerHealthRecords.
• [183] –––, "Patient Controlled Health Information Infrastructure."
• [184] C.B. Thielst, "The New Frontier of Electronic, Personal, and Virtual Records," Journal of Healthcare Management 52, no. 2 (2007).
• [185] "PHR-System Functional Model, Release 1 Dstu."
• [186] Ibid.
• [187] "National Consumer Health Privacy Survey 2005," (California Healthcare Foundation, 2005).
• [188] L. Gallagher, "Privacy and Security Issues for PHRs. ," Health Information and Management Systems Society, http://www.himss.org/content/files/PHRPrivSecCOO-LGV1.0.pdf.
• [189] "Review of the Personal Health Record Service Provider Market: Privacy and Security," Altarum, http://www.hhs.gov/healthit/ahic/materials/01_07/ce/PrivacyReview.pdf.
• [190] Ibid.
• [191] Gallagher, "Privacy and Security Issues for PHRs. ."
• [192] Ibid.
• [193] Gellman, "Personal Health Records: Why Many PHRs Threaten Privacy."
• [194] Goldman, "Personal Health Records: Employers Proceed with Caution ".
• [195] William Bernstein et al., "Whose Data Is It Anyway? Expanding Consumer Control over Personal Health Information," in Issue Brief, ed. California Health Care Foundation (California Health Care Foundation, 2008).
• [196] "Personal Health Records and Personal Health Record Systems."
• [197] Ibid.
• [198] R Lecker et al., "Review of Personal Health Record (PHR) Service Provider Market Privacy and Security," ed. Office of the National Coordinator for Health Information Technology (ONC) Department of Health and Human Services (2007).
• [199] Gellman, "Personal Health Records: Why Many PHRs Threaten Privacy."
• [200] Bernstein et al., "Whose Data Is It Anyway? Expanding Consumer Control over Personal Health Information."
• [201] Ibid.
• [202] "Privacy and Confidentiality in the Nationwide Health Information Network," (National Committee on Vital and Health Statistics, 2006).
• [203] Ibid.
• [204] Ibid.
• [205] Ibid.
• [206] Ibid.
• [207] "Personal Health Records and Personal Health Record Systems."
• [208] "Privacy and Confidentiality in the Nationwide Health Information Network."
• [209] "Personal Health Records and Personal Health Record Systems."
• [210] "Review of the Personal Health Record Service Provider Market: Privacy and Security."
• [211] Ibid.
• [212] Gellman, "Personal Health Records: Why Many PHRs Threaten Privacy."
• [213] "Innovations in Health Care Delivery", (paper presented at the FTC Public Workshop, Washington, DC, April 24, 2008 2008).
• [214] "Microsoft Healthvault Beta Version Privacy Statement," Microsoft Corporation, https://account.healthvault.com/help.aspx?topicid=PrivacyPolicy
• [215] Ibid.
• [216] Ibid.
• [217] Ibid.
• [218] Ibid.
• [219] "Privacy Statement," Elder Issues, http://www.elderissues.com/pages/index.cfm?fuseaction=customerservice&CFID=92501113&CFTOKEN=92444035&x=9871322.
• [220] C. Broder, "Insurers Plan Interoperable PHRs," Healthcare IT News, http://www.healthcareitnews.com.
• [221] Ibid.
• [222] "Best Practices for Employers Offering Personal Health Records (PHRs)," (Health Privacy Project and the California Health Care Foundation, 2007).
• [223] Broder, "Insurers Plan Interoperable PHRs."
• [224] K. Miller, "Health Level Seven, America's Health Insurance Plans, and the Blue Cross and Blue Shield Association Sign Mou to Collaborate on Portability Standards for Personal Health Records," Blue Cross Blue Shield Association, http://www.bcbs.com/news/bcbsa/hl7_ahip_bcbsa_collaborate_on_phrs.html?templateName=template-28767547&print=t
• [225] "Personal Health Record Data Transfer between Health Plans: Standards for Electronic Data Interchange," (America’s Health Insurance Plans and Blue Cross Blue Shield Association, 2006).
• [226] Ibid.
• [227] ACC/ HIMSS/ RSNA, "IHE It Infrastructure Technical Framework, Supplement 2006-2007: Cross-Enterprise Document Media Interchange (XDM)," Integrating the Health Enterprise, http://www.ihe.net.
• [228] Ibid.
• [229] Ibid.
• [230] "HITSP Document Reliable Interchange Transaction".
• [231] Ibid.
• [232] RSNA, "IHE It Infrastructure Technical Framework, Supplement 2006-2007: Cross-Enterprise Document Media Interchange (XDM)."
• [233] "Industry Leaders Join Forces to Advance Portable Healthcare Document Practices – New Best Practices Guide Addresses Exchange of Healthcare Information," AIIM, the ECM Association, http://www.aiim.org/article-pr.asp?ID=32097.
• [234] R. Benoit, "PDF-H: The “Safe Deposit Box” for Personal Healthcare Data," Intel, http:// http://www.niphysiciansforconnectivity.org.
• [235] "New Health Data Standards Gaining Support," Fierce Health IT, http://www.fiercehealthit.com/story/new-health-data-standards-gaining-support/2007-05-29.
• [236] "PDF Healthcare Overview," AIIM - Enterprise Content Manager, http://www.aiim.org/standards.asp?ID=31832.
• [237] "Implementation Guide for the Personal Health Record Data Transfer between Health Plans," (America's Health Insurance Plans and Blue Cross Blue Shield Association, 2006).
• [238] "Patient-Provider Secure Messaging Detailed Use Case," (Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, 2008).
• [239] Ibid.
• [240] Ibid.
• [241] Ibid.
• [242] Ibid.
• [243] Ibid.
• [244] "Remote Monitoring Draft Detailed Use Case," (Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, 2008).
• [245] "Personalized Healthcare Detailed Use Case," (U.S. Department of Health and Human Services, Office of the National Coordinator for Health Information Technology, 2007).
• [246] Ibid.
• [247] Ibid.
• [248] "HITSP Consumer Access to Clinical Information Use Case Requirements, Design and Standards Selection," Consumer Empowerment Technical Committee, http://publicaa.ansi.org
• [249] Ibid.
• [250] B. Albright, "Prepping for PHRs. The Growing Trend of Consumer Empowerment Includes the Speedy Rise of Personal Health Records," Healthcare Informatics 2007.
• [251] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [252] Charles B. Eaton and David K. Ahern, Integration of EMR/PHR and Patient Portal with Decision Support (2007), PowerPoint presentation.
• [253] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [254] Y. Y. Zhou et al., "Patient Access to an Electronic Health Record with Secure Messaging: Impact on Primary Care Utilization," Am J Manag Care 13 (2007).
• [255] Ibid.
• [256] Joanne K. Tobacman et al., "Implementation of Personal Health Records by Case Managers in a Vamc General Medicine Clinic," Patient Education and Counseling 54, no. 1 (2004).
• [257] Ibid.
• [258] Zhou et al., "Patient Access to an Electronic Health Record with Secure Messaging: Impact on Primary Care Utilization."
• [259] Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records."
• [260] Ibid.
• [261] Lober et al., "Barriers to the Use of a Personal Health Record by an Elderly Population."
• [262] Tang and Lansky, "The Missing Link: Bridging the Patient- Provider Health Information Gap."
• [263] Jan Oldenburg, November 1 2007.
• [264] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [265] Ibid.
• [266] "Roundtable Summary Report: Personal Health Records and Electronic Health Records. Navigating the Intersections," (Oakland, CA: Agency for Healthcare Research and Quality, American Medical Informatics Association, Kaiser Institute for Health Policy, and the Robert Wood Johnson Foundation, 2006).
• [267] –––, "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [268] Lorraine Doo, "Registration Summary & Medication History - a Personal Health Record (PHR) Pilot for Medicare Beneficiaries" (December 5 2007).
• [269] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [270] Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records."
• [271] Ibid.
• [272] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [273] Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records."
• [274] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [275] M. I. Kim and K. B. Johnson, "Personal Health Records: Evaluation of Functionality and Utility," Journal of the American Medical Informatics Association 9, no. 2 (2002).
• [276] John Boden, December 3 2007.
• [277] Sandra Potthoff et al., "Emergency Room Providers’ Perceptions of Mychart’s My Emergency Data: Findings from a Focus Group Study," AMIA Annual Symposium Proceedings (2007).
• [278] Nichols.
• [279] Lober et al., "Barriers to the Use of a Personal Health Record by an Elderly Population."
• [280] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [281] E. M. Liederman et al., "Patient-Physician Web Messaging," Journal of General Internal Medicine 20, no. 1 (2005).
• [282] Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records."
• [283] S. J. Katz, N. Nissan, and C. A. Moyer, "Crossing the Digital Divide: Evaluating Online Communication between Patients and Their Providers," Am J Manag Care 10, no. 9 (2004).
• [284] A. F. Kittler et al., "Primary Care Physician Attitudes Towards Using a Secure Web-Based Portal Designed to Facilitate Electronic Communication with Patients," Informatics in Primary Care 12, no. 3 (2004).
• [285] Liederman et al., "Patient-Physician Web Messaging."
• [286] Oldenburg.
• [287] Zhou et al., "Patient Access to an Electronic Health Record with Secure Messaging: Impact on Primary Care Utilization."
• [288] Oldenburg.
• [289] Ibid.
• [290] S. J. Katz et al., "Effect of a Triage-Based E-Mail System on Clinic Resource Use and Patient and Physician Satisfaction in Primary Care: A Randomized Controlled Trial," Journal of General Internal Medicine 18, no. 9 (2003).
• [291] Katz, Nissan, and Moyer, "Crossing the Digital Divide: Evaluating Online Communication between Patients and Their Providers."
• [292] Zhou et al., "Patient Access to an Electronic Health Record with Secure Messaging: Impact on Primary Care Utilization."
• [293] Liederman et al., "Patient-Physician Web Messaging."
• [294] Oldenburg.
• [295] Kittler et al., "Primary Care Physician Attitudes Towards Using a Secure Web-Based Portal Designed to Facilitate Electronic Communication with Patients."
• [296] Oldenburg.
• [297] Terhilda Garrido et al., "Making the Business Case for Hospital Information Systems--a Kaiser Permanente Investment Decision," Journal of Health Care Finance 31, no. 2 (2004).
• [298] Gearon, "Perspectives on the Future of Personal Health Records."
• [299] Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records."
• [300] J. D. Ralston et al., "Patient Web Services Integrated with a Shared Medical Record: Patient Use and Satisfaction," Journal of the American Medical Informatics Association 14, no. 6 (2007).
• [301] Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records."
• [302] Tang and Lansky, "The Missing Link: Bridging the Patient- Provider Health Information Gap."
• [303] Lober et al., "Barriers to the Use of a Personal Health Record by an Elderly Population."
• [304] D. B. Nash et al., "Measurement of the Impact of Winona Health Online," Disease Management 4, no. 1 (2001).
• [305] Goldman, "Personal Health Records: Employers Proceed with Caution ".
• [306] J. Walker et al., "The Value of Health Care Information Exchange and Interoperability," Health Affairs (2005).
• [307] Tang et al., "Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption."
• [308] Boehm, "PHRs: From Evolution to Revolution. A Health Plan Guide to Navigating the Personal Health Record Market."
• [309] Ibid.
• [310] Bernstein et al., "Whose Data Is It Anyway? Expanding Consumer Control over Personal Health Information."
• [311] J. Nicholas Hoover, "Get Well Soon: Fed up with Rising Health Care Costs, Intel, Wal-Mart, and Others Think Giving Employees Digital Records Will Help," InformationWeek, December 4 2006.
• [312] Albright, "Prepping for PHRs. The Growing Trend of Consumer Empowerment Includes the Speedy Rise of Personal Health Records."
• [313] K. Ackerman, "Early Employer Efforts to Shape Future Health It Initiatives," I Health Beat (2007), www.ihealthbeat.org.
• [314] Hoover, "Get Well Soon: Fed up with Rising Health Care Costs, Intel, Wal-Mart, and Others Think Giving Employees Digital Records Will Help."
• [315] Ibid.
• [316] W. W. Stead, "Rethinking Electronic Health Records to Better Achieve Quality and Safety Goals," Annual Review of Medicine (2006).
• [317] Hoover, "Get Well Soon: Fed up with Rising Health Care Costs, Intel, Wal-Mart, and Others Think Giving Employees Digital Records Will Help."
• [318] Ibid.
• [319] Goldman, "Personal Health Records: Employers Proceed with Caution ".
• [320] Ibid.
• [321] Ibid.
• [322] Robeznieks, "Getting Personal; Legal Liability, Patient-Data Overload among Issues Making Physicians Uneasy over Emergence of Personal Health Records."
• [323] "HIMSS Personal Health Records Definition and Position Statement," (Healthcare Information Management and Systems Society (HIMSS), 2007).
• [324] Liederman et al., "Patient-Physician Web Messaging."
• [325]Tang and Lansky, "The Missing Link: Bridging the Patient- Provider Health Information Gap."
• [326] Harry Wessel, "More Insurers Reimburse Doctors for Online Care," Orlando Sentinel, May 15 2006.
• [327] Ralston et al., "Patient Web Services Integrated with a Shared Medical Record: Patient Use and Satisfaction."
• [328] Tang and Lansky, "The Missing Link: Bridging the Patient- Provider Health Information Gap."
• [329] Oldenburg.
• [330] Ibid.
• [331] E. M. Liederman et al., "The Impact of Patient-Physician Web Messaging on Provider Productivity," Journal of Healthcare Information Management–Vol 19, no. 2.
• [332] "The Medical Home Position Statement," ed. AAMC Executive Council (Advisory Panel on Healthcare, 2008).
• [333] Fleming, "Myhealthevet Discussion."
• [334] K.D. Mandl, et al., "Indivo: A Personally Controlled Health Record for Health Information Exchange and Communication," BCM Medical Informatics and Decision Making 7, no. 25 (2007).
• [335] "Boston’s Caregroup Hospitals Pioneer the Web-Based Patient Portal," Canadian Healthcare Technology, . http://www.intersystems.com/cache/analysts/CHT_May2005.pdf.
• [336] D. Z. Sands, "Making It Real: Patientsite," AMIA 2006 Spring Congress, http://www.amia.org/meetings/s06/post/sands_5-17_1030a.pdf.
• [337] "Project Healthdesign: Rethinking the Power and Potential of Personal Health Records."
• [338] Patricia Flatley Brennan et al., "Project Healthdesign: Stimulating the Next Generation of Personal Health Records," AMIA Annual Symposium Proceedings (2007).

Where to?

Top of Page

Home Pages:
Office of Science and Data Policy
Assistant Secretary for Planning and Evaluation (ASPE)
U.S. Department of Health and Human Services (HHS)

Last updated:  04/07/2010