Healthcare Information Security

Patient Privacy News

Secure data, trust in physicians are conditions for PHR use

By Jennifer Bresnick

- Patients who received a personal endorsement from their physicians about the security, privacy, and usefulness of a patient portal were more likely to be interested and satisfied with the service, says a new study published this month in BMJ.  Patient engagement is becoming increasingly important ahead of Stage 2 of meaningful use, and some patients need convincing that health data stored online is relevant enough to their healthcare to make a personal health record (PHR), vulnerable to data breaches, worth the effort.

In the study, researchers conducted focus groups with Virginia patients across 28 family practices, including those already using a portal at their provider’s office and those who had not signed up for the service yet.  The patients were shown screenshots of an online patient portal and asked to comment on the different functionalities and features shown to them.  Three major themes emerged: patients want “novel content” that is immediately relevant and useful to their interactions with their physician, high functionality that provided a simple way to communicate with caregivers, and “a PHR they could trust for accuracy, security and privacy,” according to the article.

“A few participants in the non-user groups indicated discomfort with having any of their personal health information on the internet,” the study explains.  “However, most participants in all groups expressed the view that clinician endorsement of the PHR was an indication that their personal health data were secure.”

The high level of trust that patients placed in their physician’s judgment of a portal’s privacy shows just how important it is for practitioners to be familiar with the security of their health IT systems.  While the study didn’t address data breaches in particular, it is easy to see why patients express such betrayal and disbelief when information is compromised.  The bond of trust in data security is a personal one for patients, based on the promise of the professional they trust with the intimacies of their own heath.  The “word of honor” aspect of healthcare security is something to keep in mind post-breach.

Engaging patients goes beyond the interface design, and beyond a physician’s desire to meet engagement criteria for meaningful use.  The portal has to enhance the care experience for a patient, the study says, while ensuring customers that their sensitive information will remain private and secure.  In order to convince patients to engage, providers should first familiarize themselves with the security surrounding their patient portal of choice, so they can give it their unequivocal endorsement for unsure consumers, and provide a sound basis for patient trust in the online ecosystem.


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...