Text Size

Health Data Confidentiality Requires Health Information Literacy

Amanda Krupa, MSc
Director, AHIMA Foundation

The confidentiality of personal health information is an issue that profoundly affects every American. But how many are concerned about issues like health data privacy and security?

A new examination of patient perspectives from the American Medical Association found more than 92% of Americans believe health data privacy is a right and nearly 75% of Americans are concerned about protecting the privacy of their health data.

New findings on the heels of countless healthcare data breaches

In June 2022, the same month as the Dobbs v. Jackson ruling, there were 31 reported breaches of 10,000 or more healthcare records – the same number as May 2022  – two of which affected more than 1.2 million people, according to HIPAA Journal.

Despite stringent privacy laws intended to safeguard it, medical data breaches can lead to everything from identity theft to billing fraud to blackmail. And HIPAA doesn’t cover everything; many organizations that have health information about you do not have to follow these laws.

Meeting the public need for health information literacy

In 1978, the Nebraska Medical Records Association (now the Nebraska Health Information Management Association) conducted a public awareness campaign aimed at informing consumers about their patient rights to confidentiality of their medical record and access to that record.

While things have evolved quite a bit in the past 44 years, AHIMA Foundation, the philanthropic and consumer-focused arm of the American Health Information Management Association, continues to educate and empower people with health information literacy to achieve better health outcomes.

A big part of our work right now  ─ in the absence of a national privacy law ─ is providing education and resources on how you can protect your health data in non-HIPAA covered environments such as:

  • Health social media apps
  • Wearables such as FitBit
  • Personal Health Record (PHR) vendors
  • Personal record storage such as exercise and calorie intake log
  • Providers who don’t have any records in electronic forms, such as some counselors

While not-covered entities aren’t subject to HIPAA regulations, the law does request they ensure their products or services don’t compromise patient privacy.

Keeping your health data on your cell phone or tablet private

In June, the U.S. Department of Health & Human Services (HHS) Office for Civil Rights (OCR) released step-by-step guidance on how to keep data about your location and activity on your personal cell phone or tablet private. While it is not possible to eliminate your digital footprint entirely, as much as some of us may want to, HHS-OCR also recommends to:

  • Avoid downloading unnecessary or random apps, especially those that are “free.”
  • Avoid giving any app permission to access your device’s location data, other than those apps where the location is absolutely necessary (e.g., navigation and traffic apps). 
  • Turn off the location services on your personal cell phone or tablet to increase the privacy of information about your activities, your location, and the places you travel.

Better Health is in Your HandsTM 

About the Author