May 21 , 2016

Who Owns the Data in Your EHR?


The concept of healthcare and EHR data ownership carries many implications for patients, providers, and medical practices. While experts agree that EHR vendors do not own the data, this has not prevented vendors from winning court disputes that resulted in serious financial losses for medical providers.

Because of this, practices can often feel as though vendors are holding their data hostage for ransom. These considerations make the discussion of data ownership critical for any physician or medical practice that utilizes electronic health records.


 Defining Data and Data Ownership

Healthcare data comes from a variety of sources. One is the patient themselves, who individually provide data to platforms such as patient portals. Another is the physician or healthcare team in the form of examination findings and clinical observations. Results from laboratory studies or radiology, along with data from other external healthcare providers or practices, also contribute to EHRs.

The number of parties who lay claim to healthcare data makes grappling with EHR data ownership even more complicated. Patients, providers, vendors, and the medical practice itself all have an investment in healthcare data, and there is often uncertainty over EHR data ownership. According to the Journal of Medical Internet Research, over 53% of patients believe that they own their healthcare data, compared to 43% of providers. Amazingly both of these groups report that 20% simply don’t know who owns the data.


Establishing Data Ownership

The best method of minimizing disputes over EHR data ownership is prevention. Measures such as establishing data ownership early, defining terms, and enforcing guidelines are critical to minimizing trouble down the road. With EHR vendors, defining conditions of data exportation in the event the practice wishes to end a business relationship is critical.

For all parties, the concept of access must also be clearly defined. Terms include practice or provider access to data from the vendor’s servers, as well as patient access to healthcare data via portals or other mechanisms. The most common source of disputes is when a party wishes to leave the relationship; either the practice decides to select a different EHR vendor, or a patient wishes to port their data to a new provider.


Vendor Red Flags

For a medical practice, establishing terms of EHR data ownership must begin at the time of vendor selection. Identifying warning signs during this process can help providers avoid much larger issues in the future.

When choosing an EHR, keep an eye out for red flags such as unstructured data formatting (i.e. PDF instead of CCDA), an inability to meet the National Coordinator for Health Information Technology’s certification requirements,or restrictive contracts that demand exorbitant financial charges to port data in the event of a vendor switch.

Establishing productive EHR data ownership for a healthcare organization takes careful planning.

The ZH Healthcare HITaaS (Health IT as a Service) architecture is designed with the needs of medical professionals and their patients in mind, meaning, among other things, that you own your data, and have complete administrative control.

Explore how blueEHR can eliminate the worries associated with being locked out, and foster a better relationship to healthcare data. Contact us online or at +1-855-936-3367 to learn more.