Building a Strong Privacy and Security Policy Framework for Personal Health Records

A growing number of individuals use electronic personal health records (PHRs) to manage personal health information and connect to health-related services. Early evidence suggests that PHRs have strong potential to help people become more engaged in the management of their own health care. But the success of PHRs depends on whether consumers trust that their information will be safeguarded. To protect consumers and foster innovation in this evolving field, CDT recommends that the government set baseline legal requirements for PHRs and related applications, and also establish incentives to encourage companies to voluntarily adopt more comprehensive policies that mirror the Markle Common Framework for Networked Personal Health Information.