Patients want granular privacy control over health information in electronic medical records

From Clinfowiki
Jump to: navigation, search

This is a review of Caine, K. & Hanania, R. 2013 article, “Patients want granular privacy control over health information in electronic medical records”.[1]


As more and more healthcare facilities have adopted the use of Electronic Medical Records (EMR) and Electronic Health Records (EHR) the primary barrier to acceptance of these systems is the privacy and security of collected patient information. This article describes a study that was conducted “to assess patients’ desire for granular level privacy control with regard to personal health information and how it should be shared, with whom, and for what purpose; and whether these preferences vary based on sensitivity of health information”.[1]


This study was conducted as part of a larger project in which investigated patient sharing and access preferences to an EMR. The focus was also on designing a user interface in which enables patients to access their EMR record and how it is shared with others. However, for this particular study participants completed a questionnaire in which consisted of a three-card-sorting exercises and a semi structured interview to gain a better understanding of patients’ desire for sharing information. Thirty participants were used for the study. Inclusion criteria included individuals who were receiving healthcare in central Indiana and were current or recent patients with health records in the Indiana Health Information Exchange. These individuals’ records also contained sensitive health information such as domestic violence, genetic information, mental health information, reproductive/sexual health and substance abuse. Participants were then given a sharing references card task. This was “conducted to identify which types of health information participants wanted to share with which potential recipients” [1].

Results and Discussion

From the interviews conducted the results reported were that no patients preferred to share all information stored in an EMR with all potential recipients. Preferences with sharing varied by three categories. They are the following: Type of information (EMR data element), Recipient (eg, primary care provider), and overall sharing preferences varied by participant. It was also noted that “Patients with and without sensitive records preferred less sharing of sensitive versus less sensitive information” [1]. The implications for this study are that patients expressed sharing preferences to be consistent with a desire for granular privacy control over their health information in EMR data.


This article was interesting as it consisted of gaining the patients’ perspective of how their data should be shared amongst various individuals. Having this understanding will provide user design improvements on how to strengthen privacy functions within EMRs and EHRs. This will ultimately benefit the healthcare facility and the patients as both criteria and expectations will be met by each involved party. This will help overcome the barrier of acceptance of health technologies. Patients will feel more at ease that their information is kept private and secure.


  1. 1.0 1.1 1.2 1.3 Caine, K., & Hanania, R. (2013). Patients want granular privacy control over health information in electronic medical records. J Am Med Inform Assoc., 20(1), 7-15. doi: 10.1136/amiajnl-2012-001023 Retrieved from: