Advice offered for safeguarding medical records
ST. PAUL — As the nation’s hospitals and medical clinics increasingly rely on electronic medical records, many patients may want to use smartphones to access their personal health information through phone apps that include Medicare blue button. But doing so carries security risks.
To help patients who use smartphone apps protect their information, Deven McGraw, director of the Health Privacy Project at the Center for Democracy and Technology, recommends the following:
Determine if cellphone app makers claim rights to patients’ data for marketing purposes.
Look for very general language that does not list in detail how your data will be used. Language such as "from time to time we will use your data...in order to improve the services we provide for you" may warrant further investigation. Graw said such language does not necessarily indicate a problem, but it does not tell consumers much.
Look for very clear statements about how the data is used.
Look for who owns the data, if the company will disclose it. Do you own and control your data? Or do you merely have the right to use the service, but that is the extent of your rights?
Look for commitments on security of the data. Is the data stored on your phone or on a server?
What are your rights to retrieve data if they cancel service? Are you permitted to have a copy of the data? What is the app provider’s right to use the data after service is cancelled?
Ideally, McGraw said, companies should return all your data and not have the right to subsequently use it.
You should use unusual passwords that employ varied symbols and numbers.
If possible, you should be able to remotely delete data from the device if it is stolen.
Security recommendations from Medicare Blue Button:
Download your data to a secure location. You may want to download your information to a CD or flash drive. Consider purchasing an encrypted flash drive for your information. You may also encrypt or require a password to access a CD.
If you want to send your information via email, you should encrypt the message.
Keep paper copies in a safe and secure place that you can control.
Article by By Elizabeth Stawicki for Miinesota Public Radio,