Electronic Protected Health Information (ePHI) empowers patients and supports positive outcomes. With ePHI, patients can educate themselves, lookup provider instructions, and make informed decisions without risking their privacy — at least in theory.
In practice, there are barriers that make it hard for patients to view their ePHI, such as cost. HIPAA lets hospitals charge for Electronic Health Records (EHR) based on labor, but many state laws permit steep charges. Some providers even go beyond state laws, such as a New York hospital being sued for allegedly charging $1.50 per page — twice what New York allows.
But for most providers, adoption is the biggest obstacle. More than two decades after HIPAA, only a relatively small minority of patients access electronic protected health information. Until providers swap secure portals for more user-friendly PHI encryption, that’s not likely to change.
HITECH Goals For Electronic Protected Health Information Have Failed
The 2009 HITECH Act set ambitious goals for healthcare technology. HITECH Compliance rules set technology benchmarks for using electronic protected health information in treatment, backed up by adoption incentives and Medicare reimbursement “adjustments” to penalize noncompliance. As of 2015, the government had invested over $35 billion in adoption, on top of billions more by the healthcare industry.
It hasn’t worked.
Low adoption has forced the government to lower HITECH benchmarks and rollback deadlines by years. A recent Government Accountability Office (GAO) report showed that, although hospitals offered EHR access to 88% of patients, only 15% actually accessed their Protected Health Information.
Which is weird, because patients who adopted ePHI feel empowered, as GAO interviews show:
Patients described numerous benefits from the ability to electronically access their health information… [including] the ability to communicate better with their healthcare providers, track health information over time, and share information with other providers. Multiple patients described circumstances in which they used information in their portal to improve their interactions with their provider and adhere to provider recommendations. For example, one patient described how he logged into the portal after a visit to review instructions from his provider that he had forgotten.
So if electronic protected health information is empowering, why aren’t more patients using it? It’s the portals. Interviewed patients had been forced to create a new login and learn a new portal for each medical provider they visited. Many also cited “incomplete and inconsistent” information, with some doctors providing all records, and others only sharing basic information like vitals and appointments. Patients just weren’t getting the convenient ePHI access they needed.
Empower Your Patients With Convenient Encrypted ePHI Access
To put patients in control of their health, providers need to address the barriers to ePHI adoption: clunky interfaces, multiple accounts, and incomplete medical records.
Virtru’s HIPAA compliant email meets these challenges with one-click encryption from your existing email account. You can send lab tests, email, and other info to patients even if they haven’t installed Virtru. Sharing records with colleagues is just as easy, providing a simple and secure way to consolidate medical records. And you can protect emails, attachments, and G Suite files in minutes — all without having to talk anyone into using your portal.
To learn more about how Virtru can empower patients and facilitate HIPAA and HITECH compliance, check out these resources below, or contact us to get started:
- Personally Identifiable Information: HIPAA Best Practices
- HIPAA Compliance in the Cloud [eBook]
- Is It a HIPAA Breach Notification or a Close Call?
- Virtru Enables HIPAA Compliance for Massena Hospital [Case Study]