Some PHRs present themselves as a depository of health information under the control of the consumer. The suggestion is that the records have inherent privacy protections because the consumer has some choices or control over the record, including who may see, add to, or change the record. By contrast, covered entities under HIPAA can disclose health records to many institutions for many purposes without consumer consent. That is one of the controversial aspects of HIPAA. HIPAA allows many disclosures without the consent of – and indeed over the objections of – the consumer.

Some privacy protections exist because independent health care providers maintain separate records about consumers. A dentist has one set of records; a family doctor has another set. It will often be the case that the two sets of records are not linked or shared routinely. However, those who obtain health care from a single health maintenance organization may already have centralized records. Linkage of health records offers some advantages, but not all linkages are necessarily welcome to consumers.

Security is an important part of privacy. Are PHR records more secure? The answer depends on who maintains the PHR and whether the security of the PHR is sufficient. Information held by health care vendors and insurers is subject to the HIPAA health record security rule. For what it is worth, the HIPAA security rule has attracted less criticism than the HIPAA privacy rule. Whether any given health record keeper is actually doing a good job of complying is hard to say.

One basic privacy right is the right to seek correction of personal information that is incorrect or incomplete. This is a difficult area for health records because health care providers do not like to change records, and they strongly resist removing information from a record. Often, the resistance is reasonable. For example, a preliminary diagnosis may turn out to be wrong, but the record of the diagnosis must remain in the record to explain a particular test or treatment.

Under HIPAA, if a consumer wants to authorize a covered entity to disclose her records, she will usually be obliged to sign an authorization form. The HIPAA rule prescribes the content of the authorization form and its scope. That rule provides some protections because it makes it harder for a consumer to unknowingly sign a form authorizing the disclosure of health records. For example, if a consumer signs a one-sentence form authorizing anyone with records about the consumer to disclose the records to the bearer of the form, it is unlikely that any doctor or hospital would or should honor that form.