Table 2.
Goals and policy recommendations to address gaps in the patient domain
| Domain | Goal | Policy recommendations |
|---|---|---|
| Patient | Improve patient access to clinical data | Clarify HIPAA to state that patients have a right to all data maintained by a covered entity’s designated record set or to a digital copy of their legal medical record through guidance by the Office for Civil Rights. |
| Include in EHR certification and provider accreditation that patient data is transmitted in a manner that preserves computability. | ||
| Improve patient access to data generated by mHealth and related technologies | Extend HIPAA or HIPAA-like requirements to noncovered entities. If not politically viable, convene industry stakeholders to develop coordinated “codes of conduct.” | |
| Monitor widespread and persistent market failures to address data inaccuracy and poor usability that put patients at risk. | ||
| Enable patient participation and contribution to care delivery and health management | As the market for mHealth and other consumer-facing applications matures, encourage multistakeholder coordination of standards within classes of patient-generated health data and eventually incorporate into health IT certification standards. | |
| More readily engage patients in research | Through public-private collaboration, pursue a digital infrastructure, including commercial EHRs, that enables machine-readable consent and specimen tracking and alerts clinicians and patients about available research opportunities. | |
| Incentivize clinicians and health care systems to partner with researchers to identify potential clinical research candidates using tools such as phenotyping algorithms. |