Complete and accurate medical history information is critical to both patients and physicians. Knowledge of a patient's family history, medical conditions and procedures, social history and other important pieces of information critically informs diagnosis and treatment [1]. Unfortunately, not every patient is able to provide his or her clinician this information during a visit, nor do clinicians always have enough time during a visit to collect the information. Health records, broadly, are designed to store a patient's information in an organized and useful presentation. Such records have, traditionally, been maintained by physicians and other healthcare providers about their patients. Personal Health Records (PHRs) represent a departure from this traditional model of medical record keeping: with a PHR, a patient's health information is organized around (and perhaps maintained by) the patient. In this paper, we present an analysis of commercially available USB-based Personal Health Records (PHR).
In 2005 the International Standardization Organization (ISO) stated the “key features of the personal health record are that it is under control of the subject of care and that the information in it contains is at least partly entered by the subject (consumer, patient)” [2]. A widespread misconception about PHRs includes that they must be completely separate from the EHR, in fact the PHR can be considered in at least four different forms: “(a) a self-contained EHR, maintained and controlled by the patient/consumer, (b) [a self-contained EHR], maintained by a third party such as a web service provider, (c) a component of an integrated care EHR maintained by a health provider (e.g., general practitioner) and controlled at least partially (i.e. the PHR component as a minimum) by the patient/consumer, or (d) a component of an integrated care EHR but maintained and controlled by the patient/consumer” [2]. PHRs of the “self-contained EHR” form (the first two types in the ISO model) come in multiple formats, including be web-based (e.g., Google Health), personal computer (PC) based, or on portable devices (including USB devices) [3], [4]. All forms of PHRs carry many of the same benefits, including increased health communication between patient and clinician.
From November 2002 to May 2003 the Markle Foundation's Connecting for Health (CFH) conducted investigations examining the potential benefits of personal health records, how consumers perceive PHRs, and the concerns consumers have [1]. Consumer concerns towards personal health records were found to be focused on two major areas: privacy and security [1]. When 1000 Americans were asked the general question of “how concerned are you about the potential for invasion of your personal privacy in the U.S. today”, 61% responded with a 4 or a 5, on a scale of 1 (not at all concerned) to 5 (very concerned) [5]. While one study showed the majority of Americans concerned over privacy and security, a separate study found a relatively different set of concerns. The study asked a group of chronically ill patients their perceived concerns and benefits regarding patient-accessible electronic health records. Concerns the patients identified in the survey included: 16% believed lab data in a PHR would confuse them, 5% believed a PHR would make patients worried, and 3% believed patients would take offense after viewing a PHR [6].
Although they expressed some concerns, patients also perceived significant benefits to PHRs: 68% believed a PHR would increase trust in their physician, 89% believed a PHR would increase patient understanding, 85% believed a PHR would clarify patient instruction, 89% believed a PHR would reassure patients, and 76% believed a PHR would improve compliance [6]. Overall, there appears to be positive consumer attitudes toward PHRs.
Personal Health Records have also drawn the interest of the Certification Commission for Healthcare Information Technology (CCHIT), whose mission is to “accelerate the adoption of robust, interoperable health information technology by creating a credible, efficient certification process” [7]. In 2008, CCHIT designated an advisory task force to come up with recommendations for PHRs, and their final report regarding general principles for PHR certification was published on July 15, 2008. The number one goal outlined by the advisory task force for the PHR is privacy [8]. Key aspects for meeting potential certification requirements regarding privacy include ongoing monitoring and strong enforcement of privacy practices on behalf of consumers of PHRs [8]. A second recommendation from the task force is for a “collaboration to develop standards-based criteria that will ensure PHRs can send and receive data from as many potential sources as possible, including ambulatory electronic health records (EHRs), hospital EHRs, pharmacies, labs, etc.” [8]. Finally, the group recommends that all functionality of the device be designed with requirements for privacy, security, and interoperability in mind [8].
Two of the most widely recognized types of PHRs in ISO's “self-contained EHR” category are web-based PHRs and USB-based PHRs. In the last year, Google introduced the Google Health platform and Microsoft introduced its own HealthVault platform. Users of Google Health create an account protected by a username and password. Users can then input information including conditions, medications, allergies, procedures, test results, and immunizations. As medications are entered, they are checked for drug–drug interactions; if an interaction is detected the system immediately alerts the user, telling them at what level the danger is to them (low, medium or high). Each alert also displays pertinent, up to date information [4]. Google Health also allows users to directly import their medical records, laboratory results and medication history from various medical institutions such as the Cleveland Clinic, Beth Israel Deaconess Medical Center (Boston, MA), Blue Cross Blue Shield of Massachusetts, CVS Caremark, Quest Diagnostics and Medco. Finally, the service allows the user to either print a “read-only” version of their Google Health profile or put them onto iHealth, an online PHR and physician–patient communication service [4]. While this PHR does require an internet connection, it carries much more functionality than the USB-based PHRs. Microsoft's HealthVault platform is similar to Google Health, although it focuses more on being a secure repository of health data. A number of healthcare organizations, such as New York Presbyterian Hospital, have partnered with Microsoft to provide health information via the HealthVault platform.
The Google and Microsoft offerings fall into the “self-contained EHR” category of the ISO framework. They are not directly tied to an EHR system nor to a particular institution. “Component PHRs”, by contrast are linked to the patient's EHR as maintained by a particular healthcare provider organization. While the patient is still able to enter information, they do not have complete control over the record. While “component PHRs” are an attractive option, they have drawbacks as well. Many patients are seen at multiple facilities, thus information may only be up to date at one facility, or information may be split among facilities and thus neither has a full medical record for their patient. Secondly, while there are strides being made to implement EHRs throughout the country, currently only 13% of physicians are using an EHR [9]. Beyond this, few medical facilities have “component PHRs” in place, leaving a majority of the population without this as an option.
In contrast to web-based PHRs, where the patient's record is stored on the internet, USB-based PHRs are also available. The USB-based PHR is a self-contained record that bridges the old fashioned paper-based personal health record model, where a patient might either bring in a paper list of their medications or carry in a copy of their entire medical chart from the previous medical provider, and the newer web-based PHRs. The USB-based PHR appears to be designed for two purposes. First, they can be carried with individuals at all times and store all their critical health information that they have entered. In the case of an emergency, the USB-based device could then be plugged into any computer, at which time a member of an emergency team would have immediate access to their personal health record. The second purpose is that individuals can bring the PHR into their medical appointment, have their clinician open the device on the computer, and then review the information that the patient has previously entered.
Unlike some other PHR forms, a USB-based PHR provides some unique opportunities for breeches of security and privacy on both the patient and provider side. From the provider perspective, if a patient brings in a USB-based device and the provider connects it to his or her computer, this may pose a threat to any sensitive data stored on the provider's computer. This risk was described in a 2007 paper [10]. Another risk is in the case where the device falls into the wrong hands. Although many of the devices have encryption capabilities, these capabilities were shown to be very weak in another previous paper [11].
In order to better understand the current state of the market for USB-based personal health records, we set out to conduct an evaluation of the devices on the market today. Our goal was to learn what features and functions the devices have, how well they work and the extent to which their functionality vary.