This blog post is a writing assignment for HIMT 1200: Legal Aspects of Healthcare, part of the Health Information Management Technology (HI13) Associate of Applied Science Degree program at Georgia Northwestern Technical College.


The electronic health record is a relatively recent phenomenon, and it continues to change and progress with time and technology advancements. The United States has regulations, like HIPAA, that address patient health data privacy and security. As this new environment continues to change and adapt, so should the rules and protections. Security breaches are valid security concerns. The electronic health record is mostly safe with safeguards in place, but complete security is not possible. Patients have easier access to their data, but the question exists as to whether they should have full control due to security risks. They should not have complete control of the data because the health record is a creation of a healthcare entity needed to provide health care to its patients, and the completeness and accuracy of these records are vital for this goal. If the patient has enough control to hinder the completeness or accuracy of the record, this lack of data could hinder physicians in providing safe or adequate healthcare.

HIPAA creates baseline protections for electronic health records with the Security Rule and Privacy Rule. Patients should have access to their records and better control. Care providers can give their patients the option to opt-in or opt-out of the electronic exchange of their records. Currently, such an agreement is not a requirement by HIPAA or other regulations but would benefit patients. The ability to restrict the electronic exchange of their record with other providers could improve its security (, 2018). Additional personalized options could improve security and personal control while maintaining the completeness of the record.

The United States should continue to address and improve the privacy and security of patient data as the electronic use of patient data increases and evolves. Local government and individual healthcare entities can address these issues with policies and procedures when federal law does not. If given unlimited freedom to erase or prevent data entry within a healthcare entity’s records, patients might eradicate information vital to their healthcare continuum even if not necessary to a current visit. Patient history can be just as crucial for making decisions for a patient’s care as current data. Doctors need access to accurate and complete information to give their patients quality care, improving their ability to diagnose and prevent errors (, 2019). A balance must exist between patient control and complete and accurate information for safe healthcare and privacy and security.


References (2018, Sept. 19). Health Information Privacy Law and Policy. (2019, June 4). Improved Diagnostics & Patient Outcomes.




Featured Image: Stock Photo, Photo Source: Metro