Personal health record

A personal health record (PHR) is a health record where health data and other information related to the care of a patient is maintained by the patient. This stands in contrast to the more widely used electronic medical record, which is operated by institutions (such as hospitals) and contains data entered by clinicians (such as billing data) to support insurance claims. The intention of a PHR is to provide a complete and accurate summary of an individual's medical history which is accessible online. The health data on a PHR might include patient-reported outcome data, lab results, and data from devices such as wireless electronic weighing scales or (collected passively) from a smartphone.

Definition
The term "personal health record" is not new. The term was used as early as June 1978, and in 1956, there was a reference was made to a "personal health log." The term "PHR" may be applied to both paper-based and computerized systems; usage in the late 2010s usually implies an electronic application used to collect and store health data.

In the early 2000s, healthcare organizations began to propose formal definitions of the term. For example:

"The Personal Health Record (PHR) is an Internet-based set of tools that allows people to access and coordinate their lifelong health information and make appropriate parts of it available to those who need it. PHRs offer an integrated and comprehensive view of health information, including information people generate themselves such as symptoms and medication use, information from doctors such as diagnoses and test results, and information from their pharmacies and insurance companies."

- Markle Foundation's Personal Health Working Group

"The personal health record (PHR) is an electronic, universally available, lifelong resource of health information needed by individuals to make health decisions. Individuals own and manage the information in the PHR, which comes from healthcare providers and the individual. The PHR is maintained in a secure and private environment, with the individual determining rights of access. The PHR is separate from and does not replace the legal record of any provider."

- AHIMA e-HIM Personal Health Record Work Group (2005)

"The industry model personal health record (PHR) is a private, secure web-based tool maintained by an insurer that contains claims and administrative information. PHRs may also include information that is entered by consumers themselves, as well as data from other sources such as pharmacies, labs, and care providers. PHRs enable individual patients and their designated caregivers to view and manage health information and play a greater role in their own health care."

- America's Health Insurance Plans (2006)

It is important to note that PHRs are not the same as electronic health records (EHRs) or electronic medical records (EMRs), which are software systems designed for use by health care providers. Like the data recorded in paper-based medical records, the data in EHRs are legally mandated notes on the care provided by clinicians to patients. However, generally there is no mandate requiring patients to track their own health data. Like EHRs and EMRs, PHRs may still fall under the regulatory scope of governments, depending on their origin, but rigorous regulatory protection of their data is still lacking in parts of the world.

PHRs can contain a diverse range of data, including but not limited to:

• Allergies and adverse drug reactions,
 * Applicable diagnoses                                                                         .  medications, including over-the-counter and alternative treatments
 * Past medical and surgical interventions

• Chronic diseases,

• Family medical history,

• Illnesses and hospitalizations,

• Imaging reports (e.g. X-ray),

• Laboratory test results,

• Medications and dosing,

• Prescription record,

• Surgeries and other procedures,

• Vaccinations, and

• Observations of daily living (ODLs)

There are two methods by which data can arrive in a PHR. A patient may enter it directly, either by typing into fields or uploading/transmitting data from a file or another website. The second is when the PHR is tethered to an electronic health record, which automatically updates the PHR. Not all PHRs have the same capabilities, and individual PHRs may support one or all of these methods.

In addition to storing an individual's personal health information, some PHRs provide added-value services such as drug-drug interaction checking, electronic messaging between patients and providers, managing appointments, and reminders.

Benefits
PHRs grant patients access to a wide range of health information sources, best medical practices, and health knowledge. All of an individual's medical records are stored in one place instead of paper-based files in various doctors’ offices. Upon encountering a medical condition, a patient can better access test results, communicate with their doctors, and share information with others suffering similarly.

Moreover, PHRs can benefit clinicians. PHRs offer patients the opportunity to submit their data to their clinicians' EHRs. This may help clinicians make better treatment decisions by providing more continuous data, resulting in improved efficiency in care. However, some physicians may have concerns about patient-entered information and its accuracy, as well as whether the added patient engagement creates more reimbursable work.


 * PHRs have the potential to help analyze an individual's health profile and identify health threats and improvement opportunities based on an analysis of drug interaction, current best medical practices, gaps in current medical care plans, and identification of medical errors.
 * Patient illnesses can be tracked in conjunction with healthcare providers, and early interventions can be promoted upon encountering deviation of health status. PHRs also make it easier for clinicians to care for their patients by facilitating continuous communication as opposed to episodic.
 * Eliminating communication barriers and allowing documentation flow between patients and clinicians in a timely fashion can save time consumed by face-to-face meetings and telephone communication. Improved communication can also ease the process for patients and caregivers to ask questions, to set up appointments, to request refills and referrals, and to report problems. Accessing their own records can also empower patients to actively manage their health conditions.
 * With the availability of healthcare data PHR enables health providers to response quickly.
 * Additionally, in the case of an emergency a PHR can quickly provide critical information to proper diagnosis or treatment.

Architecture
Like other health information technology, PHR architecture can be roughly organized into three main components:
 * Data
 * The information collected, stored, analyzed, and exchanged by the PHR.
 * Examples: medical history, laboratory results, imaging studies, medications


 * Infrastructure
 * The platform that handles data storage, processing, and exchange.
 * Examples: stand-alone software programs or websites, provider- or payer-connected (tethered) websites


 * Applications
 * The information exchange, data analysis, and content delivery capabilities of the system.
 * Examples: scheduling appointments, medication refill or renewal, decision aids, and patient education materials.

Architecture types remain various. However, in 2017, Roehrs et al. performed a systematic literature review of PHRs and were able to divide architecture types into two groups: model-based and coverage-based. Model architectures represent more traditional takes on PHRs, including health data that is still stored on paper. Coverage architectures represent more hybrid takes on the PHR, "with the PHR distributed inside and outside the health care organizations" based on the data's physical location. The associated architectural types have different costs and benefits. Likewise, stand-alone, provider-tethered, and payer-tethered PHRs have different advantages and disadvantages for patients related to their individual circumstances. Such differences are among the priority areas in PHR research. As PHRs may play a key role in advancing health information exchange, interoperability with other health IT systems is an important consideration for PHR architecture. Additionally, PHR systems requires users to put forth an "'ongoing' effort to keep their account up to date" (maintain an active role in managing their own health), which in turn requires further examination of PHR architecture and adoption models by developers.

Delivery platforms
One of the principal distinguishing features of a PHR is the platform by which it is delivered. The types of platforms include: paper, electronic device, and web.

Paper
Personal health information is recorded and stored in paper format. Printed laboratory reports, copies of clinic notes, and health histories created by the individual may be parts of a paper-based PHR. This method is low cost, reliable, and accessible without the need for a computer or any other hardware. Probably the most successful paper PHR is the hand-held pregnancy record, developed in Milton Keynes in the mid-1980s and now in use throughout the United Kingdom. These include the Scottish Woman-Held Maternity Record, All Wales Maternity Record, and Perinatal Institute notes. Paper-based PHRs may be difficult to locate, update, and share with others. Paper-based PHRs are subject to physical loss and damage, such as can occur during a natural disaster. Paper records can also be printed from most electronic PHRs. However, Fawdry et al. have shown that paper records are extremely flexible and do have distinct advantages over rigid electronic systems.

Electronic devices
Personal health information is recorded and stored in personal computer-based software that may have the capability to print, backup, encrypt, and import data from other sources such as a hospital laboratory. The most basic form of a PC-based PHR would be a health history created in a word-processing program. The health history compiled in computer based software can be printed, copied, and shared with anyone with a compatible word processor.

PHR software can provide more sophisticated features such as data encryption, data importation, and data sharing with health care providers. Some PHR products allow the copying of health records to a mass-storage device such as a CD-ROM, DVD, smart card, or USB flash drive.

PC-based PHRs are subject to physical loss and damage of the personal computer and the data that it contains. Some other methods of device solution may entail cards with embedded chips containing health information that may or may not be linked to a personal computer application or a web solution.

Web applications
Web-based PHR solutions are essentially the same as electronic device PHR solutions, however, web-based solutions have the advantage of being easily integrated with other services. For example, some solutions allow for import of medical data from external sources. Solutions including HealthVault, and PatientsLikeMe allow data to be shared with other applications or specific people. Mobile solutions often integrate themselves with web solutions and use the web-based solution as the platform.

A large number of companies have emerged to provide consumers the opportunity to develop online PHRs. Some have been developed by non-profit organizations, while others have been developed by commercial ventures. These web-based applications allow users to directly enter their information such as diagnosis, medications, laboratory tests, immunizations and other data associated with their health. They generate records that can be displayed for review or transmitted to authorized receivers.

Despite the need for PHRs and the availability of various online PHR providers, there has not been wide adoption of PHR services. E.g. Google discontinued its PHR service called Google Health on January 12, 2012. The reason cited for shutting down Google Health was that the service did not translate from its limited usage into widespread usage in the daily health routines of millions of people. Surveys of web-based services have found wide variations in functions between services and only limited data on efficacy and safety concerns. One analyst, describing the public's reluctance to adopt the services, called PHRs "a technology in search of a market."

An emerging standard from HL7, Fast Healthcare Interoperability Resources (FHIR), is designed to make it easier for developers of personal health record applications to access relevant medical records.

EHRs, PHRs, patient portals and UHRs
The terms electronic health records, personal health records, and patient portals are often used interchangeably. By definition and working they are different from each other. The generally agreed upon definition of these terms relates mainly to the ownership of the data. Once data is in a PHR it usually owned and controlled by the patient. Patient can edit, save or share this record with any one. Finally, PHRs are data that resides with the patient, in a system of the patient's choosing. This data may have been exported directly from an EMR, but the point is it now resides in a location of the patient's choosing. Access to that information is controlled entirely by the patient. While PHRs can help patients keep track of their personal health information, the value of PHRs to healthcare organizations is still unclear.

Electronic health records and electronic medical records contain clinical data created by and for health professionals in the course of providing care. The data is about the patient but the data resides in a health care provider's system. Most EHRs, however, are the property of the provider, although the content can be co-created by both the provider and patient. A patient has a legal right in most states to request their healthcare data and under recent USA legislation those providers using a certified EHR will be required to provide an electronic copy as well.

In the UK, according to the governments' information strategy for the NHS every primary care practice in England will have to offer patients online access to their care records by 2015. In 2012, only 1% did so.

The patient portal is typically defined as a view into the electronic medical records. In addition, ancillary functions that support a health care provider's interaction with a patient are also found in those systems e.g. prescription refill requests, appointment requests, electronic case management, etc.

A new concept being discussed is the UHR or "universal health record", which would be a patient-centered and patient-controlled body of information that could be shared in a granular way with particular health care providers at the patient's discretion in support of the patient's work with health care providers. This project would enlist open source contributions and enhancements from developers, with particular emphasis on supporting patient expectations of privacy and responsible patient control of private health information (PHI).

Barriers to adoption
Since the National Academy of Medicine (previously the Institute of Medicine) called for greater adoption of PHRs in 1999, the software has faced many barriers to adoption, including economic, technological, regulatory, behavioral, and organizational issues at both the environmental and individual levels. A study from 2002 was carried out in an effort to assess the functionality and utility of the budding online PHR. It found that most people did not keep record of minute details of their healthcare experiences and therefore made it difficult to get full value from web-based PHRs. The PHRs selected for evaluation offered limited functionality to the general public, with limitations in data entry, validation, and information display methods. A 2005 survey found that limited access to computers and the internet access, as well as low computer literacy levels, known as the digital divide, was a barrier for low-income and aged populations. A 2010–11 set of interviews of clinicians and patients found "that both usability concerns and socio-cultural influences are barriers to PHR adoption and use." More recent studies and reviews in the mid- to late 2010s have revealed other issues such as privacy and confidentiality concerns, lack of motivation, low health literacy, health- and disease-related disabilities, and even administrative burdens.

Promotion and usability
Additionally, how the PHR is promoted by healthcare organizations, how useful their features are, and how well the care provider uses it, particularly in the realm of patient communication, can influence adoption and usage rates. Promotion may occur at several steps of the development and implementation process, from developers talking with providers about a proposed system, clinics forming patient focus groups, and providers posting physical and digital news of the PHR to patients. The features and usability of the system also drive adoption, with groups such as Kaiser Permanente and Cleveland Clinic seeing substantial increases in PHR use when adding the features users want. Provider use and communication has also proved important; "[s]ecure communication with the physician is important because the patients will eventually leave (the PHR) if there is no conversation going on with the physician." Additional studies have also shown that when put to use, PHR's ability to enhance communication and collaboration can change patient patterns from sporadic visits to steady visits, and more significant PHR use.

Privacy and security
One of the most controversial issues for PHRs is how the technology could threaten the privacy of patient's protected health information (PHI). Network computer break-ins are becoming more common, thus storing medical information online can cause fear of the exposure of health information to unauthorized individuals. In addition to height, weight, blood pressure and other quantitative information about a patient's physical body, medical records can reveal very sensitive information. This includes fertility, surgical procedures, emotional and psychological disorders, and diseases, which many patients are reluctant to share even voluntarily.

Various threats exist to patient information confidentiality:


 * Accidental disclosure
 * During multiple electronic transfers of data to various entities, medical personnel can make innocent mistakes to cause disclosure of data.


 * Insider curiosity
 * Medical personnel may misuse their access to patient information out of curiosity or for another purpose.


 * Insider subordination
 * Medical personnel may leak out personal medical information for spite, profit, revenge, or other purposes.


 * Uncontrolled secondary usage
 * Those who are granted access to patient information solely for the purpose of supporting primary care can exploit that permission for reasons not listed in the contract, such as research.


 * Outsider intrusion
 * Former employees, network intruders, hackers, or others may access and steal information, steal hardware, damage systems, and disrupt operations.

Technological and regulatory issues play important roles in the privacy, security, and patient concerns surrounding PHI. On the technological side, failures occur at numerous points:


 * breach of a patient data server connected to other unsecure systems
 * phishing and hacks of company email accounts
 * breach of a misconfigured public-facing server
 * theft of unencrypted computing devices
 * malware intentionally or accidentally installed on a server

The state of PHR regulations are also worth mentioning. A 2018 review and comparison of five legislative jurisdictions around the world found "considerable variances with regards to legal terminology and the degree of compliance required from entities offering PHR services across various jurisdictions." Even in the European Union, which provides some of the most significant protections to PHR data through the General Data Protection Regulation (GDPR), the reviewers found "significant room for interpretation and a degree of ambiguity in key areas." With further questions arising about the security and privacy of PHI that makes its ways to expanding platforms such as smartphones and associated applications, clearer regulations and policies will likely be required.

In public health
PHRs have the potential to benefit the public health sector in areas such as health monitoring, outbreak monitoring, empowerment through information and resources, linking to services, and research. However, tapping into this potential has been a slow process due to both the public health sector not fully engaging with adopters and the adopters themselves exhibiting "reticence to share sensitive information." Several surveys of Americans in the twenty-first century have indicated that anywhere between 63 and 73% would be willing to share at least some personal health information with public health officials for detecting disease outbreaks and other purposes. However, caveats about retaining control of how the information is presented and used remain strong among respondents, with concerns about anonymity, government insensitivity, and discrimination. Given the questionable state of regulatory efforts to protect PHR data from these and other concerns, the standard use of health data from PHRs in public health may still be far away.

The U.S. Centers for Disease Control and Prevention has taken the idea of PHR integration with public health efforts a step further, in 2016 suggesting a framework for a community health record "for integrating and transforming multisector data into actionable information." Integration of EHR, PHR, and county health data would allow the integration and presentation of data across residential blocks to entire zip codes. However, like PHR, significant social approval would have to occur, and data use agreements would have to be established.